Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.mft
File:                     5PFY7_xrOIKiWQweaQasoQjhjsI.mft (raw, json)
Hash identifier:          LZpXc5InCxCtWrhr+7vQfT9i63u8IzkUM7pWUKTZxJI=
Subject key identifier:   71:0A:27:10:90:01:49:43:99:97:C1:1A:8E:7B:72:5E:72:41:72:50
Authority key identifier: E4:F1:58:EF:FC:6B:38:82:A2:59:0C:1E:69:06:AC:A1:08:E1:8E:C2
Certificate issuer:       /CN=e4f158effc6b3882a2590c1e6906aca108e18ec2
Certificate serial:       0197B77CAD6B49D4446F07D0B8A97DE849FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5PFY7_xrOIKiWQweaQasoQjhjsI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.mft
Manifest number:          0BBC
Signing time:             Sat 28 Jun 2025 17:01:30 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:30 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:30 +0000
Files and hashes:         1: 5JIFCgXWGmsw1HA5JtADF-b1eJ4.roa (hash: kqtxwSPKoLsi1ph5t4VnO3iKewevISmebmIE1RpFWLg=)
                          2: 5PFY7_xrOIKiWQweaQasoQjhjsI.crl (hash: xRnqcxHs90Ai+md2AuTFMYBpR8DRqj0Iame7fDjGyZc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5PFY7_xrOIKiWQweaQasoQjhjsI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:ad:6b:49:d4:44:6f:07:d0:b8:a9:7d:e8:49:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4f158effc6b3882a2590c1e6906aca108e18ec2
        Validity
            Not Before: Jun 28 17:01:30 2025 GMT
            Not After : Jun 29 17:01:30 2025 GMT
        Subject: CN=710a2710900149439997c11a8e7b725e72417250
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:a7:6d:fa:40:b6:22:fa:b3:70:38:55:b3:d1:
                    91:9c:11:31:50:80:0b:30:c9:ee:40:37:1a:67:03:
                    49:c3:11:4c:35:67:12:bc:41:4e:35:1d:5f:a0:4f:
                    51:bf:56:44:50:82:a6:f8:b4:8b:6c:06:be:09:8a:
                    dd:1f:87:72:47:f4:15:65:81:b0:df:42:b2:ca:a8:
                    be:0f:0f:00:ac:4a:f3:78:6a:4c:56:21:95:56:8d:
                    fe:fb:f1:b0:52:cb:a9:f6:06:8a:9f:35:5d:7d:e3:
                    7e:ef:e0:c4:50:fe:2f:7a:c0:2f:7d:d3:6b:73:ec:
                    92:a2:93:21:c9:c1:62:1a:54:f6:63:fa:b3:94:85:
                    a1:c1:18:d3:2f:16:7e:23:e7:21:e9:75:85:d3:d7:
                    75:3c:84:1a:8e:ef:b5:2e:0d:f0:fc:8f:b5:ae:a9:
                    5b:1c:9f:46:3c:3e:f4:47:ce:ab:c1:96:cb:90:e0:
                    8b:1d:64:73:56:ca:62:57:c0:1a:db:eb:bc:93:c9:
                    4c:52:29:8b:b9:96:82:eb:89:7f:20:48:12:fd:c6:
                    55:dd:f4:58:46:9a:3c:72:d7:34:8e:e1:4d:4b:5c:
                    f1:7d:b3:d3:bf:80:db:e0:c8:10:5a:55:84:78:85:
                    62:2f:53:be:4f:44:7a:33:e7:db:38:7f:35:12:94:
                    c2:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:0A:27:10:90:01:49:43:99:97:C1:1A:8E:7B:72:5E:72:41:72:50
            X509v3 Authority Key Identifier:
                keyid:E4:F1:58:EF:FC:6B:38:82:A2:59:0C:1E:69:06:AC:A1:08:E1:8E:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5PFY7_xrOIKiWQweaQasoQjhjsI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/83c00e-f414-489d-9470-c693249651d5/1/5PFY7_xrOIKiWQweaQasoQjhjsI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:12:28:fd:9d:58:2b:b5:be:51:f6:98:1a:3e:48:c7:14:43:
         34:68:1e:b9:b2:a0:83:65:a1:2b:1e:8d:22:dd:64:0a:29:fe:
         d6:f4:01:74:5e:b8:e6:3b:f2:ae:d2:ca:18:ff:f9:93:5f:bb:
         87:84:67:ea:09:cf:1e:d1:b6:94:e0:83:25:7d:b5:fa:c4:d8:
         cd:e7:f8:a7:39:71:27:85:7f:69:4b:b3:41:80:c2:96:7d:de:
         bf:37:0d:57:f2:ad:6f:93:00:f5:39:a4:a5:a3:eb:6a:98:ce:
         2e:44:d2:3b:63:89:46:c9:4a:92:57:5b:bc:29:4f:85:07:81:
         b8:40:36:64:88:27:03:dd:97:23:44:c7:92:5b:e4:0d:cf:77:
         93:00:80:75:0f:07:17:d1:64:cd:57:45:0b:70:dd:29:ad:4e:
         e7:66:38:fa:be:3d:34:c6:0a:d8:1c:31:05:58:56:42:8e:7f:
         8e:28:11:44:5f:82:92:58:42:fb:02:49:6d:bc:8c:18:01:1a:
         82:3c:3b:3f:f4:34:5b:e0:47:a3:f3:12:3a:e9:a1:e3:fd:0d:
         f5:93:7f:47:19:71:04:9c:d3:a4:f4:d6:ef:88:6c:4b:99:8d:
         91:cb:5a:b3:37:ec:2c:09:83:44:cd:25:0a:d1:fd:dd:8c:ca:
         12:82:99:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fK1rSdREbwfQuKl96En8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZjE1OGVmZmM2YjM4ODJhMjU5MGMxZTY5MDZhY2ExMDhl
MThlYzIwHhcNMjUwNjI4MTcwMTMwWhcNMjUwNjI5MTcwMTMwWjAzMTEwLwYDVQQD
Eyg3MTBhMjcxMDkwMDE0OTQzOTk5N2MxMWE4ZTdiNzI1ZTcyNDE3MjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qdt+kC2IvqzcDhVs9GRnBExUIAL
MMnuQDcaZwNJwxFMNWcSvEFONR1foE9Rv1ZEUIKm+LSLbAa+CYrdH4dyR/QVZYGw
30Kyyqi+Dw8ArErzeGpMViGVVo3++/GwUsup9gaKnzVdfeN+7+DEUP4vesAvfdNr
c+ySopMhycFiGlT2Y/qzlIWhwRjTLxZ+I+ch6XWF09d1PIQaju+1Lg3w/I+1rqlb
HJ9GPD70R86rwZbLkOCLHWRzVspiV8Aa2+u8k8lMUimLuZaC64l/IEgS/cZV3fRY
Rpo8ctc0juFNS1zxfbPTv4Db4MgQWlWEeIViL1O+T0R6M+fbOH81EpTC3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEKJxCQAUlDmZfBGo57cl5yQXJQMB8GA1UdIwQY
MBaAFOTxWO/8aziColkMHmkGrKEI4Y7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVBGWTdfeHJPSUtpV1F3ZWFRYXNvUWpoanNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84M2MwMGUtZjQxNC00ODlkLTk0NzAt
YzY5MzI0OTY1MWQ1LzEvNVBGWTdfeHJPSUtpV1F3ZWFRYXNvUWpoanNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84M2MwMGUtZjQxNC00ODlkLTk0NzAtYzY5MzI0OTY1MWQ1
LzEvNVBGWTdfeHJPSUtpV1F3ZWFRYXNvUWpoanNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsBIo/Z1Y
K7W+UfaYGj5IxxRDNGgeubKgg2WhKx6NIt1kCin+1vQBdF645jvyrtLKGP/5k1+7
h4Rn6gnPHtG2lOCDJX21+sTYzef4pzlxJ4V/aUuzQYDCln3evzcNV/Ktb5MA9Tmk
paPrapjOLkTSO2OJRslKkldbvClPhQeBuEA2ZIgnA92XI0THklvkDc93kwCAdQ8H
F9FkzVdFC3DdKa1O52Y4+r49NMYK2BwxBVhWQo5/jigRRF+CklhC+wJJbbyMGAEa
gjw7P/Q0W+BHo/MSOumh4/0N9ZN/RxlxBJzTpPTW74hsS5mNkctaszfsLAmDRM0l
CtH93YzKEoKZqg==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:17:37 2025 by rpki-client