Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
File:                     0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft (raw, json)
Hash identifier:          NHE45unO4gWT3OTCha81hjODvFJgUhmO3SHiqlPCXlM=
Subject key identifier:   D3:4C:4B:26:3C:86:A0:AA:B7:DE:88:E7:DC:F0:06:6B:29:A4:98:53
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Certificate issuer:       /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial:       49D309C0C4B7BBA9C1EFF5CDD261DF1BEB4DBEDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
Manifest number:          F4
Signing time:             Fri 06 Jun 2025 16:07:30 +0000
Manifest this update:     Fri 06 Jun 2025 16:02:30 +0000
Manifest next update:     Sat 07 Jun 2025 16:51:30 +0000
Files and hashes:         1: 0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl (hash: 4i5bnrdfWrfK/5xQo/eTjNWhf5Q2gnlPr03S4i0yybM=)
                          2: 3139342e33342e3235342e302f32342d3234203d3e20313532363732.roa (hash: hBCTJH2VP/g2W82hp9JFwDkEQwn2f5ZxdgSFMedjM7Q=)
                          3: 38352e3131372e3232382e302f32342d3234203d3e20323135303236.roa (hash: WUrbTcKV2+qO0uflme+Vda37GmhrcRAgBhkN6Ok9SGQ=)
                          4: 3138352e3231332e3234382e302f32342d3234203d3e203239383032.roa (hash: TocpFgr3lw4Jm1vyRTcynQHMSP/aSZA84xcK/bfrENk=)
                          5: 3139342e33342e3235332e302f32342d3234203d3e2035303635.roa (hash: tD+eYvXQsGkCcpnz6s7EBRYpOf8Iu4vdb3Qy27wUI6g=)
                          6: 3139342e33342e3235352e302f32342d3234203d3e203536353934.roa (hash: x2RfjpSN3xicSqXOSngzYM3QyNU0bV4bA1DJ2SOK7nM=)
                          7: 38352e3131372e3232392e302f32342d3234203d3e20323132323338.roa (hash: qWG9h0hKE/+rc67V6b0QtNqJKNBV/dmrN+3owun/5GY=)
                          8: 38352e3131372e3233302e302f32342d3234203d3e2035303635.roa (hash: 8/mMTd8OI6hx+rEazKaA5i9flVTt9So8wwSfFF6xpVo=)
                          9: 3138352e3231332e3235312e302f32342d3234203d3e203632323430.roa (hash: r8RD1SHQl6OybEgdZXTaDzaRDBKJoFWuS6Yc77FVHmo=)
                          10: 38352e3131372e3233312e302f32342d3234203d3e20323133373234.roa (hash: ohyXGo6Fwg3029u2hdROae+jQf4VI2skgvLUXH3jI8w=)
                          11: 3138352e3231332e3234392e302f32342d3234203d3e20343030393039.roa (hash: 4O3foUV7f18NUYJQaeBYgK+aW1lr+7o+ea8CcQjVzCw=)
                          12: 3138352e3231332e3235302e302f32342d3234203d3e20323132323338.roa (hash: ygSJr7gJnzCgddZdASy6lFYbTZobnImgktqUZvda03k=)
                          13: 3139342e33342e3235322e302f32342d3234203d3e203239383032.roa (hash: MPp6Igfxvoo4H6VVtRMvz7wqXYqi9rOeS8G4+bL/Qls=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:d3:09:c0:c4:b7:bb:a9:c1:ef:f5:cd:d2:61:df:1b:eb:4d:be:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
        Validity
            Not Before: Jun  6 16:02:30 2025 GMT
            Not After : Jun  7 16:51:30 2025 GMT
        Subject: CN=D34C4B263C86A0AAB7DE88E7DCF0066B29A49853
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:90:6f:38:08:0f:07:d5:a4:af:28:5a:a7:4e:
                    44:55:e1:58:2b:1c:bc:51:90:20:9d:d0:0f:a0:23:
                    bd:3e:ca:70:ff:08:82:1c:bb:72:14:d9:2b:8a:60:
                    bb:45:46:34:3d:47:24:ab:d7:31:8d:04:0f:32:6b:
                    4d:f0:6e:69:a7:e2:1f:50:67:4d:fb:03:1e:6f:e5:
                    84:f5:83:85:7b:b1:ac:93:8e:81:24:ad:c4:90:10:
                    61:6a:14:5a:5f:e6:8d:47:5d:cb:c7:89:18:73:7d:
                    42:17:fd:52:ce:da:02:0b:58:2d:31:af:ef:a7:e1:
                    da:a3:37:77:fb:db:25:8f:b3:e3:c6:0d:34:e0:d1:
                    d3:0c:c9:2f:af:e3:c0:46:29:2d:94:de:02:5a:d4:
                    6c:3b:b8:64:38:70:71:60:02:7c:ed:c0:16:84:28:
                    9d:b8:c9:56:da:3c:e9:c8:3f:d6:96:92:a6:99:7c:
                    65:21:ff:47:f0:13:2e:52:cc:54:3a:56:b9:a4:f8:
                    5a:45:eb:1b:cb:4b:c8:15:92:b9:95:cb:ec:4b:81:
                    e6:88:38:97:bc:3a:f9:21:38:17:20:6f:ec:3d:cb:
                    48:c2:5e:41:ab:b5:4e:f0:e5:ee:5f:0f:64:46:90:
                    6d:21:89:d7:52:3a:9e:63:9f:77:16:de:98:bc:b4:
                    29:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:4C:4B:26:3C:86:A0:AA:B7:DE:88:E7:DC:F0:06:6B:29:A4:98:53
            X509v3 Authority Key Identifier:
                keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:17:b8:9f:ae:de:66:3e:57:4a:2f:7c:3f:79:3a:0d:57:80:
         78:81:e6:54:de:ca:04:18:a3:fe:0c:54:94:16:8d:c9:9b:0d:
         fd:74:06:db:de:d3:61:93:f9:2b:c6:84:3f:f9:47:17:16:36:
         7d:1c:3c:ab:65:3c:9b:5c:98:a7:13:48:18:3e:74:7e:85:77:
         2e:3d:57:33:2c:4e:65:fb:8f:ba:95:8d:65:5b:0b:11:1c:30:
         c3:a0:02:e0:c8:00:60:f5:b3:4f:a4:06:b8:be:d2:2c:d6:8f:
         25:ee:50:b5:3d:7b:ca:ef:fb:83:27:a5:3c:c0:85:d7:2a:df:
         47:b0:34:76:d2:6b:85:53:e8:18:70:96:94:24:00:7b:46:59:
         87:94:de:58:5a:3a:65:53:15:13:d5:33:d8:03:8d:75:44:81:
         de:5e:72:13:b5:48:5d:5e:a2:63:b7:28:5d:4b:60:68:18:dd:
         71:a3:04:00:19:17:13:1c:ca:1f:1a:cb:cc:00:88:aa:75:0e:
         a4:99:54:a1:8d:6c:ff:08:d8:e8:ff:50:3d:f5:8a:b2:ea:43:
         4d:14:be:b2:3b:fd:e2:21:d9:a5:23:d8:6b:e6:e0:46:d7:01:
         20:ef:13:d6:ae:53:c8:6e:36:9d:61:a2:0d:2e:cc:aa:a9:9c:
         2c:54:53:ef
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUSdMJwMS3u6nB7/XN0mHfG+tNvt8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTA2MDYxNjAyMzBaFw0yNTA2MDcxNjUxMzBaMDMxMTAvBgNV
BAMTKEQzNEM0QjI2M0M4NkEwQUFCN0RFODhFN0RDRjAwNjZCMjlBNDk4NTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFkG84CA8H1aSvKFqnTkRV4Vgr
HLxRkCCd0A+gI70+ynD/CIIcu3IU2SuKYLtFRjQ9RySr1zGNBA8ya03wbmmn4h9Q
Z037Ax5v5YT1g4V7sayTjoEkrcSQEGFqFFpf5o1HXcvHiRhzfUIX/VLO2gILWC0x
r++n4dqjN3f72yWPs+PGDTTg0dMMyS+v48BGKS2U3gJa1Gw7uGQ4cHFgAnztwBaE
KJ24yVbaPOnIP9aWkqaZfGUh/0fwEy5SzFQ6Vrmk+FpF6xvLS8gVkrmVy+xLgeaI
OJe8OvkhOBcgb+w9y0jCXkGrtU7w5e5fD2RGkG0hiddSOp5jn3cW3pi8tCmvAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU00xLJjyGoKq33ojn3PAGaymkmFMwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTEzZGRhNi03
YWRlLTQ0NWQtOGM2ZS00NDhhNzhlNDhjYTEvMS8wRDdGRkFFMzAwREVGMDg3NkJG
ODQ4OTBGQjZFQTE3QkU4NDFBNEQzLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIxe4n67eZj5XSi98P3k6
DVeAeIHmVN7KBBij/gxUlBaNyZsN/XQG297TYZP5K8aEP/lHFxY2fRw8q2U8m1yY
pxNIGD50foV3Lj1XMyxOZfuPupWNZVsLERwww6AC4MgAYPWzT6QGuL7SLNaPJe5Q
tT17yu/7gyelPMCF1yrfR7A0dtJrhVPoGHCWlCQAe0ZZh5TeWFo6ZVMVE9Uz2AON
dUSB3l5yE7VIXV6iY7coXUtgaBjdcaMEABkXExzKHxrLzACIqnUOpJlUoY1s/wjY
6P9QPfWKsupDTRS+sjv94iHZpSPYa+bgRtcBIO8T1q5TyG42nWGiDS7MqqmcLFRT
7w==
-----END CERTIFICATE-----