Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft
File:                     D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft (raw, json)
Hash identifier:          g3dziuYrrcmWQMKWf+ByJyvoHdrszwGbxw1bbqZyGI8=
Subject key identifier:   4F:80:EF:C7:8B:EB:F5:6D:71:15:3D:75:9F:9B:35:2A:32:9A:8B:59
Authority key identifier: D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD
Certificate issuer:       /CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead
Certificate serial:       02D053759125BC8676537B3A4DA5F12C8AA0D068
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft
Manifest number:          04A8
Signing time:             Sun 19 Oct 2025 07:17:19 +0000
Manifest this update:     Sun 19 Oct 2025 07:12:19 +0000
Manifest next update:     Mon 20 Oct 2025 07:43:19 +0000
Files and hashes:         1: D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl (hash: XYjGNy4k9seSSK3ZuBbtm+Cdr9Pdn50bvL92MLaJz6Y=)
                          2: AS51019.asa (hash: WryIkbk/NUiWkCGjmvwR10LorzE/G+iVXJIWS/l2CjI=)
                          3: 323030313a3637633a6264633a3a2f34382d3438203d3e203531303139.roa (hash: WwIB1vpX/Ksy3lM5t4KklPIgz20phM5/z2U20FASusY=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:d0:53:75:91:25:bc:86:76:53:7b:3a:4d:a5:f1:2c:8a:a0:d0:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2ff07932c3f4c1b3465ff4f0d96484733e02ead
        Validity
            Not Before: Oct 19 07:12:19 2025 GMT
            Not After : Oct 20 07:43:19 2025 GMT
        Subject: CN=4F80EFC78BEBF56D71153D759F9B352A329A8B59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:fd:99:f5:f5:d3:51:92:42:79:a7:ed:94:c2:
                    25:40:d6:56:dc:da:54:1a:96:7e:90:d2:12:53:d4:
                    49:84:bc:bd:38:bf:ec:53:6f:55:06:d7:5b:27:7c:
                    e2:75:98:d5:7f:cb:ce:b6:7a:d3:98:bf:c1:a4:d0:
                    43:20:d7:06:b0:9b:99:e4:3f:ea:86:97:d6:55:2a:
                    ac:d8:a4:e1:b0:4d:fe:fe:1f:1e:8e:dd:58:14:3d:
                    2f:4d:2c:52:5f:a2:5f:dc:b7:a4:4c:10:c2:80:f5:
                    fb:17:53:f4:69:4a:68:6b:72:1b:f0:40:64:cf:07:
                    e0:51:fa:1b:64:a9:a6:42:77:96:b4:8d:4f:e9:15:
                    9e:10:a5:ae:a8:b4:38:c8:88:d3:a5:87:6a:38:e4:
                    e1:e7:a5:4f:9d:e1:a3:76:e8:fb:fe:d6:90:97:0b:
                    e8:f7:fd:b4:ac:a8:ce:2a:a3:a1:18:4b:e8:45:3a:
                    03:6d:8e:4c:c4:bf:e6:ad:34:2e:e1:03:40:17:95:
                    6e:91:6b:6d:ca:94:1e:55:7e:28:ad:62:64:65:0c:
                    36:4a:fb:10:16:53:b0:74:cf:ba:1a:2c:63:f5:72:
                    64:73:c2:ca:99:ac:89:05:b2:80:0e:62:2b:fb:34:
                    5a:26:d3:a0:7f:86:3a:7a:ed:f2:6b:e5:08:0a:b0:
                    2e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:80:EF:C7:8B:EB:F5:6D:71:15:3D:75:9F:9B:35:2A:32:9A:8B:59
            X509v3 Authority Key Identifier:
                keyid:D2:FF:07:93:2C:3F:4C:1B:34:65:FF:4F:0D:96:48:47:33:E0:2E:AD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0v8Hkyw_TBs0Zf9PDZZIRzPgLq0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/2/D2FF07932C3F4C1B3465FF4F0D96484733E02EAD.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:79:8b:d9:10:9b:cc:eb:da:23:83:91:d3:4f:cf:0e:57:1f:
         f5:21:20:37:a6:ee:54:04:5a:6d:ec:a8:eb:2c:c7:59:ce:78:
         f2:2b:b6:d3:09:d9:f4:8a:23:ba:c9:45:de:99:e4:95:82:07:
         24:37:08:a8:5a:ea:e2:27:6b:83:d1:b6:6e:46:6a:10:fd:e8:
         e9:de:18:08:d8:e3:37:d1:e3:74:49:27:15:b5:f1:9c:6d:8d:
         4d:e7:32:42:7a:4a:46:2a:14:69:06:4a:6a:1b:ea:0e:c1:ff:
         01:99:d2:23:ba:15:1f:19:fe:c7:17:06:a6:9f:26:55:96:c0:
         b3:b3:cd:f0:de:03:c3:63:a6:b1:d9:86:30:25:a5:c3:2a:43:
         aa:86:c3:38:76:0a:a9:b0:79:1d:5a:05:61:8d:ad:a5:2e:b5:
         d3:b8:c4:a7:2f:c9:c7:00:06:4c:f2:c5:d5:50:a0:05:cc:9d:
         48:d7:10:2a:7c:5f:49:c7:50:35:e5:43:17:ea:01:6f:fd:81:
         c5:80:cb:78:e8:89:cd:f5:23:c5:5d:f4:76:9d:f2:54:2e:b1:
         bc:88:4a:93:e8:7f:78:bf:3e:3d:b5:ee:aa:00:41:e9:10:2c:
         f2:aa:61:ec:99:e5:d9:29:cc:60:9a:1e:84:77:6e:3a:28:e4:
         a0:c0:6f:48
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUAtBTdZElvIZ2U3s6TaXxLIqg0GgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDJmZjA3OTMyYzNmNGMxYjM0NjVmZjRmMGQ5NjQ4NDcz
M2UwMmVhZDAeFw0yNTEwMTkwNzEyMTlaFw0yNTEwMjAwNzQzMTlaMDMxMTAvBgNV
BAMTKDRGODBFRkM3OEJFQkY1NkQ3MTE1M0Q3NTlGOUIzNTJBMzI5QThCNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe/Zn19dNRkkJ5p+2UwiVA1lbc
2lQaln6Q0hJT1EmEvL04v+xTb1UG11snfOJ1mNV/y862etOYv8Gk0EMg1wawm5nk
P+qGl9ZVKqzYpOGwTf7+Hx6O3VgUPS9NLFJfol/ct6RMEMKA9fsXU/RpSmhrchvw
QGTPB+BR+htkqaZCd5a0jU/pFZ4Qpa6otDjIiNOlh2o45OHnpU+d4aN26Pv+1pCX
C+j3/bSsqM4qo6EYS+hFOgNtjkzEv+atNC7hA0AXlW6Ra23KlB5VfiitYmRlDDZK
+xAWU7B0z7oaLGP1cmRzwsqZrIkFsoAOYiv7NFom06B/hjp67fJr5QgKsC6XAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUT4Dvx4vr9W1xFT11n5s1KjKai1kwHwYDVR0j
BBgwFoAU0v8Hkyw/TBs0Zf9PDZZIRzPgLq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzIvRDJGRjA3OTMyQzNGNEMxQjM0NjVGRjRGMEQ5NjQ4NDczM0UwMkVBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzB2OEhreXdfVEJzMFpmOVBEWlpJUnpQ
Z0xxMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00
MTliLTRkYjUtYmJkMy01Y2NhNjMzY2FlM2YvMi9EMkZGMDc5MzJDM0Y0QzFCMzQ2
NUZGNEYwRDk2NDg0NzMzRTAyRUFELm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB3mL2RCbzOvaI4OR00/P
Dlcf9SEgN6buVARabeyo6yzHWc548iu20wnZ9IojuslF3pnklYIHJDcIqFrq4idr
g9G2bkZqEP3o6d4YCNjjN9HjdEknFbXxnG2NTecyQnpKRioUaQZKahvqDsH/AZnS
I7oVHxn+xxcGpp8mVZbAs7PN8N4Dw2OmsdmGMCWlwypDqobDOHYKqbB5HVoFYY2t
pS6107jEpy/JxwAGTPLF1VCgBcydSNcQKnxfScdQNeVDF+oBb/2BxYDLeOiJzfUj
xV30dp3yVC6xvIhKk+h/eL8+PbXuqgBB6RAs8qph7Jnl2SnMYJoehHduOijkoMBv
SA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:58 2025 by rpki-client