Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
File:                     bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft (raw, json)
Hash identifier:          z1lAGPBH0y7jEEVvBosDfh61fseD0xlUgfVOv/wCJSM=
Subject key identifier:   B2:8E:99:04:2E:48:12:80:FF:1E:3A:C6:30:6F:12:0D:5A:86:A9:63
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Certificate issuer:       /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial:       0198D4A7CD2716104F1505FA36415BC172F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
Manifest number:          11AD
Signing time:             Sat 23 Aug 2025 02:00:23 +0000
Manifest this update:     Sat 23 Aug 2025 02:00:23 +0000
Manifest next update:     Sun 24 Aug 2025 02:00:23 +0000
Files and hashes:         1: 1EX4kZ9vddyT4h_B81EN_YFgV7M.roa (hash: XM8DAjgQJT+88mG4SiUCaToZg6wqMumNcSNAzJ/xTfU=)
                          2: 2h4PGwruYpyJt3BQWtPQcsgNRNk.roa (hash: QCNnPqGHtxqVOnwq21xOk8gMIvhO2BuPOm8i0r/ZWwk=)
                          3: 46hN06yXwIiaUyO4jQff6zZnhAU.roa (hash: aNYu8EAm8eWZcJVLr7QXmQ0E7qnSqrdLmLCvu9US7UI=)
                          4: HlCBaMj51Dn2Tz2S41tW2Fk8xPQ.roa (hash: /7yi7Ya0XkfIBAe9xgobKAaFgeYKZaTXRYdjcvjut5s=)
                          5: P1aEjNsd0SJfPVikfoYHI7ubFMI.roa (hash: DuGgYnJ4n5Dj5BJqboFm/1FmaNs0vaXsoWw3QLn5rAo=)
                          6: PdmkiIr6IQZ3ECxIk-0ePUpgPiI.roa (hash: AJLw7PX9vrmJ9MfsvtzIEbi8E6wrzfkj3Y9s547jzYg=)
                          7: QhcLfBQpvZVLuK1kQFtEojUEYy4.roa (hash: d6rYjnzoACatM0sRStTcbFttb/8qH18KD7SiX3xQlR0=)
                          8: _8MCzl0l1tQuihsF_I64BRSs2tc.roa (hash: hgK1WfvVvkljiSPw5yBzGlfOpy6Z+LRSv3D2IqqcYQ4=)
                          9: bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl (hash: rsiXTp1KgAeyWkk5VoZo8cRuYV1M0kDyd4BTvSjO0rM=)
                          10: bsUIrzQIuHVcgyRag4qzWRgQ3QM.roa (hash: ccvI3EVZLHJLDdOmxYI5tR3qVbEw0UPa6xBpgJ4IUPE=)
                          11: dvBxJJqlGtZryzY3toj8ouVTkLU.roa (hash: eVjQO6sO3g8AfAqbAH1xc3TZsx59WAMu1L2LYGKpeik=)
                          12: k66OCRPIZR5zEdB2C8V_xNYPA2c.roa (hash: DQm3txtdpgZl+FxF0wFfrDwgi6tEP8sTE/yOMS6wtAU=)
                          13: kiwWFz0NoDfmogGyzMi0YU9jRAA.roa (hash: gnYS4uF1s0u5dRaD7UkJnFNCx2ghQj+jdKnUfu0aqw0=)
                          14: qV7gADGH5m02cohaDbKPUvE_iB4.roa (hash: g+5qryL5LQOY23wBpKhkkhBO1JR+H4We3huShu8yiss=)
                          15: uWWiJZN9G8HWUjyGGooehV4-7Xc.roa (hash: q5Hz0ZtxkWEyQZrVgIAnq1hk7/hz+CptQc1gUmdbpnY=)
                          16: zTpSEZJ7Zo6QLPyILMfhBZAVObw.roa (hash: ul2hDy0YChIkvGSgsedzwCF9Dt/iHwVDwCvFZg7da8o=)
                          17: zaK7g2klAtwCGQFnfe_zrOgOJdA.roa (hash: tBmARlQQAzmv3v9ImSbiUoVw1kndaC1qx7ql+RM5QpU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:a7:cd:27:16:10:4f:15:05:fa:36:41:5b:c1:72:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
        Validity
            Not Before: Aug 23 02:00:23 2025 GMT
            Not After : Aug 24 02:00:23 2025 GMT
        Subject: CN=b28e99042e481280ff1e3ac6306f120d5a86a963
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b5:d1:c1:75:c9:de:10:73:ca:5b:01:be:9a:
                    8d:86:01:72:56:ce:f1:04:03:95:f6:ac:d6:f9:d0:
                    67:44:91:0f:4b:34:43:7a:74:52:15:02:ed:91:8b:
                    f9:9a:db:ae:d4:48:c8:f4:a8:ab:12:f0:a1:f2:36:
                    92:6d:c9:6e:7d:0d:49:16:6e:9f:c1:34:c3:5d:be:
                    54:5a:00:51:3f:ac:bf:2f:af:c1:7e:4a:a4:de:64:
                    d3:66:b6:bf:b3:06:8d:35:8c:b9:be:52:df:fe:77:
                    f5:d7:00:75:52:12:88:a6:1a:3f:39:e5:6a:ea:81:
                    07:26:10:da:ed:20:a3:33:af:21:d0:b8:26:1a:ea:
                    12:4c:0a:6b:81:fb:38:db:ec:a9:59:ff:05:c6:34:
                    9a:7f:c7:26:23:d2:4c:31:15:a9:69:bd:6f:1a:7e:
                    1b:b9:fa:18:5d:db:2e:89:75:0e:db:06:15:97:26:
                    4c:22:c0:d2:f3:3a:0f:40:57:81:fa:b8:9a:f0:81:
                    06:c3:d6:8a:86:68:b5:bc:b0:94:6b:6e:8b:95:ce:
                    5c:ed:2d:52:d9:b1:68:2a:9a:38:af:13:67:bc:f9:
                    8e:b4:f2:5f:0d:77:b4:32:8f:32:d4:ce:a8:04:34:
                    0c:d0:69:3a:a8:f4:1f:a6:84:6d:ce:c7:33:b4:64:
                    d6:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:8E:99:04:2E:48:12:80:FF:1E:3A:C6:30:6F:12:0D:5A:86:A9:63
            X509v3 Authority Key Identifier:
                keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:ba:52:59:b7:25:06:d2:a6:43:bf:c2:d2:de:24:a5:9d:92:
         85:fc:32:6c:5b:ae:2a:61:70:70:f9:b1:e6:3d:95:c0:31:96:
         fb:ab:6d:c5:0e:0d:b7:ca:76:5c:85:d1:cf:36:fa:f9:1a:76:
         e5:8c:b8:f8:5c:98:83:eb:d0:52:5e:0b:91:09:7a:53:0f:2a:
         73:57:b3:40:aa:07:70:16:ad:2f:d8:67:78:b0:b5:94:84:e4:
         ef:ef:e8:ec:6e:1a:67:18:c9:b4:f0:dd:ca:ed:49:f4:0c:01:
         8b:5e:5a:bc:55:c8:63:60:25:81:9c:3b:34:a5:ee:65:55:34:
         60:62:0c:6f:94:7b:3f:cb:f3:50:94:b1:ad:d6:15:f2:27:5d:
         36:44:68:7c:d2:5e:a5:6d:a5:71:1d:56:a4:0f:74:2e:e6:47:
         67:09:1e:80:4b:48:3b:86:41:7f:27:4f:7c:91:0e:90:79:8e:
         1d:f3:3f:9b:66:ce:5c:53:76:a5:52:0f:a2:f8:15:1f:3f:04:
         ee:15:23:eb:f4:00:62:c0:93:6c:a6:81:81:9e:30:f9:15:32:
         7d:3f:27:af:6d:7c:97:5e:4e:25:11:f7:90:6e:11:ac:04:88:
         bd:04:6a:d6:35:d7:7e:ff:c8:91:ab:20:32:4a:ee:00:3f:a0:
         ef:90:d6:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUp80nFhBPFQX6NkFbwXL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwODIzMDIwMDIzWhcNMjUwODI0MDIwMDIzWjAzMTEwLwYDVQQD
EyhiMjhlOTkwNDJlNDgxMjgwZmYxZTNhYzYzMDZmMTIwZDVhODZhOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbXRwXXJ3hBzylsBvpqNhgFyVs7x
BAOV9qzW+dBnRJEPSzRDenRSFQLtkYv5mtuu1EjI9KirEvCh8jaSbclufQ1JFm6f
wTTDXb5UWgBRP6y/L6/Bfkqk3mTTZra/swaNNYy5vlLf/nf11wB1UhKIpho/OeVq
6oEHJhDa7SCjM68h0LgmGuoSTAprgfs42+ypWf8FxjSaf8cmI9JMMRWpab1vGn4b
ufoYXdsuiXUO2wYVlyZMIsDS8zoPQFeB+ria8IEGw9aKhmi1vLCUa26Llc5c7S1S
2bFoKpo4rxNnvPmOtPJfDXe0Mo8y1M6oBDQM0Gk6qPQfpoRtzscztGTWpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKOmQQuSBKA/x46xjBvEg1ahqljMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPLpSWbcl
BtKmQ7/C0t4kpZ2ShfwybFuuKmFwcPmx5j2VwDGW+6ttxQ4Nt8p2XIXRzzb6+Rp2
5Yy4+FyYg+vQUl4LkQl6Uw8qc1ezQKoHcBatL9hneLC1lITk7+/o7G4aZxjJtPDd
yu1J9AwBi15avFXIY2AlgZw7NKXuZVU0YGIMb5R7P8vzUJSxrdYV8iddNkRofNJe
pW2lcR1WpA90LuZHZwkegEtIO4ZBfydPfJEOkHmOHfM/m2bOXFN2pVIPovgVHz8E
7hUj6/QAYsCTbKaBgZ4w+RUyfT8nr218l15OJRH3kG4RrASIvQRq1jXXfv/Ikasg
MkruAD+g75DW/g==
-----END CERTIFICATE-----