Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
File:                     98A87CAD5B710890A9528F166F4202393824E6B8.mft (raw, json)
Hash identifier:          zxqS51ViTu6J/t/fEzpHBu5w1RvDn0cc1VW9Uv1D2Rg=
Subject key identifier:   02:F2:FA:82:49:D7:7C:1C:D0:60:3E:25:00:91:1C:34:88:5F:32:D4
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Certificate issuer:       /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial:       65F057B9A5C355A37DBED7D567B106F939BD9E8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
Manifest number:          0462
Signing time:             Sun 19 Oct 2025 00:32:58 +0000
Manifest this update:     Sun 19 Oct 2025 00:27:58 +0000
Manifest next update:     Mon 20 Oct 2025 02:10:58 +0000
Files and hashes:         1: 39342e3132362e3233372e302f32342d3234203d3e203438303730.roa (hash: SY6OvQv9R/Ut8R5yFxdy0RVK/9dKsg8ZwmC3iNS9Rpw=)
                          2: 39342e3132362e3233342e302f32342d3234203d3e203438303730.roa (hash: wQ/YXS5V0WqyAz3I38Grxwtf2vC7Tnq0YU0pMolmNpk=)
                          3: 39342e3132362e3233382e302f32342d3234203d3e203438303730.roa (hash: EEtfGKQPQ42nFzzdsRfixi4zKQ5tTYPEdAQ1iAcmdE4=)
                          4: 98A87CAD5B710890A9528F166F4202393824E6B8.crl (hash: TsFovjEXHlBWio1G0WxsW6xyw/0v85psO98lNsi/6TA=)
                          5: 326131313a353730303a3a2f33322d3332203d3e203438303730.roa (hash: Fqs+xGh2wCPoRebx3WWGGz8gG+3wDYrzV+eGaABVra0=)
                          6: 326131313a353730373a61613a3a2f34382d3438203d3e203438303730.roa (hash: JswRhPyDtXHdt3LcnGr0rU+2WVgkSTrzy91w1+vHXG0=)
                          7: 39342e3132362e3233322e302f32342d3234203d3e203438303730.roa (hash: VIdYFIOIqW5zJ3T1LDGwWjmJ764XjM+ac+86S8Ja5hk=)
                          8: 326131313a353730373a3a2f33322d3332203d3e203438303730.roa (hash: 242POLRepYH713AUptOGvBkM/JpRNVCsIm5BodQGTyY=)
                          9: 39342e3132362e3233362e302f32342d3234203d3e203438303730.roa (hash: ma+wlMqMsb7J0TC2Gy822cEZS57hTDfS/GzCjZsgQ1k=)
                          10: 39342e3132362e3233392e302f32342d3234203d3e203438303730.roa (hash: NDHvIIcUiAk7uX5boyMA8yHxKUGe6BZWK+cptlXNnOA=)
                          11: 39342e3132362e3233352e302f32342d3234203d3e203438303730.roa (hash: S5WIAkzllTXfMiWpREUuucFgM0BSw7Pb5gT995rR5+k=)
                          12: 0E4EBC431E3513FC3F641DB880E2B2FE1D040A30.cer (hash: Pc4F216M/oD/fxZDUk8HLynWg8D1IQ0ANHs5N2ZC0VQ=)
                          13: 326131313a353730313a31303a3a2f34342d3434203d3e20323030313938.roa (hash: IiLsd5rWyRAEtPC2BRNztBwgXOWFkCLAq6FHsMnhQxg=)
                          14: 39342e3132362e3233332e302f32342d3234203d3e203438303730.roa (hash: /8dVa93viKNoM1pCJooeH0rtbsVAVvDJFpjlC3WNZyI=)
                          15: AS48070.asa (hash: g8nZ+0797JM2RRPSAMOVry4oQ3UIESPrss4OXPuwkjo=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 02:10:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:f0:57:b9:a5:c3:55:a3:7d:be:d7:d5:67:b1:06:f9:39:bd:9e:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
        Validity
            Not Before: Oct 19 00:27:58 2025 GMT
            Not After : Oct 20 02:10:58 2025 GMT
        Subject: CN=02F2FA8249D77C1CD0603E2500911C34885F32D4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:41:c5:5c:df:a1:e8:a7:e4:13:fa:84:ea:5f:
                    94:26:64:c4:a9:3c:a7:0a:1e:58:30:e9:b8:b7:6f:
                    c7:9a:70:00:ac:1e:cf:11:e1:73:b1:62:e4:03:85:
                    1d:46:11:b3:11:9a:0c:48:94:35:56:ea:23:ac:cc:
                    a3:f7:d8:04:4f:9b:cf:80:b4:d2:80:98:38:3a:e0:
                    73:3c:77:8f:ad:b7:ea:9f:42:29:47:8c:d2:94:14:
                    40:e0:42:8e:6d:79:08:84:04:d5:30:33:06:75:1c:
                    d6:35:cc:51:9d:29:9d:94:b6:5a:3d:e2:39:2a:c6:
                    88:30:ea:e2:88:f0:08:bc:ae:1b:2e:89:b6:57:fb:
                    c4:3c:04:17:e1:ee:ce:50:ac:ae:d2:0a:91:bc:f5:
                    e1:74:8d:14:cf:4e:31:b6:e5:7a:39:66:54:c8:cb:
                    38:65:fe:12:88:c8:45:04:f6:42:2d:cc:9b:41:27:
                    ae:4c:0f:ce:0c:df:8e:22:c6:3f:22:f8:40:5d:13:
                    2c:ab:d9:e8:71:00:e8:0e:40:02:46:b7:b9:e1:64:
                    ce:b2:a0:f8:b9:7e:0f:a9:57:74:58:bc:e4:24:09:
                    e0:cb:a0:aa:95:c4:05:91:9c:eb:0a:05:98:de:5e:
                    ab:30:9a:13:46:88:bd:e0:f6:8e:cc:e3:31:96:69:
                    99:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:F2:FA:82:49:D7:7C:1C:D0:60:3E:25:00:91:1C:34:88:5F:32:D4
            X509v3 Authority Key Identifier:
                keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:ae:8f:ce:e0:18:fc:25:73:fb:97:1f:77:be:c3:1b:7c:76:
         76:56:58:45:87:4e:d5:0c:ed:ce:0f:cc:a0:1a:d3:4a:c8:05:
         80:68:d1:c0:a4:e0:7a:ae:a9:83:d2:f9:5a:e0:f7:55:01:1d:
         c7:97:da:15:aa:ac:9a:5f:00:dc:42:03:e8:37:ff:8d:7e:35:
         04:0e:84:99:83:f0:1d:7d:56:da:9e:37:e1:62:b2:82:0b:20:
         3d:22:91:51:5c:96:1e:f6:6f:fd:b8:8e:d7:2e:60:58:69:15:
         66:cd:2f:ac:9b:a3:2a:66:b9:29:58:cd:55:53:9c:ce:10:6f:
         b7:88:b7:25:18:ab:10:8b:29:0f:4a:40:b3:d3:f0:42:e1:0c:
         ee:2c:bb:8a:1b:85:4f:1a:33:dc:88:b6:8f:db:62:04:1e:f2:
         2d:53:ae:af:c9:82:7d:c6:30:a8:9a:71:c9:6f:b5:4d:1c:58:
         2a:a8:f0:05:c5:67:ef:6a:3a:19:b8:6f:4a:9c:d0:03:8c:c7:
         5a:cc:33:ea:d5:a9:4b:e3:23:07:ec:35:79:27:d6:18:c9:1d:
         55:18:e6:23:0c:dd:c6:76:3f:be:cb:e7:8b:ae:f9:f0:a7:73:
         86:d0:cd:5a:23:01:6d:1c:b5:9b:28:95:74:20:95:59:64:6a:
         fb:47:6f:27
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUZfBXuaXDVaN9vtfVZ7EG+Tm9nowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNTEwMTkwMDI3NThaFw0yNTEwMjAwMjEwNThaMDMxMTAvBgNV
BAMTKDAyRjJGQTgyNDlENzdDMUNEMDYwM0UyNTAwOTExQzM0ODg1RjMyRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLQcVc36Hop+QT+oTqX5QmZMSp
PKcKHlgw6bi3b8eacACsHs8R4XOxYuQDhR1GEbMRmgxIlDVW6iOszKP32ARPm8+A
tNKAmDg64HM8d4+tt+qfQilHjNKUFEDgQo5teQiEBNUwMwZ1HNY1zFGdKZ2Utlo9
4jkqxogw6uKI8Ai8rhsuibZX+8Q8BBfh7s5QrK7SCpG89eF0jRTPTjG25Xo5ZlTI
yzhl/hKIyEUE9kItzJtBJ65MD84M344ixj8i+EBdEyyr2ehxAOgOQAJGt7nhZM6y
oPi5fg+pV3RYvOQkCeDLoKqVxAWRnOsKBZjeXqswmhNGiL3g9o7M4zGWaZkpAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUAvL6gknXfBzQYD4lAJEcNIhfMtQwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9kY2UxOTZmZS00
YjFhLTQ2ZWEtOWM5NS00YWYxMjk2NGE0OWQvMC85OEE4N0NBRDVCNzEwODkwQTk1
MjhGMTY2RjQyMDIzOTM4MjRFNkI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnK6PzuAY/CVz+5cfd77D
G3x2dlZYRYdO1Qztzg/MoBrTSsgFgGjRwKTgeq6pg9L5WuD3VQEdx5faFaqsml8A
3EID6Df/jX41BA6EmYPwHX1W2p434WKyggsgPSKRUVyWHvZv/biO1y5gWGkVZs0v
rJujKma5KVjNVVOczhBvt4i3JRirEIspD0pAs9PwQuEM7iy7ihuFTxoz3Ii2j9ti
BB7yLVOur8mCfcYwqJpxyW+1TRxYKqjwBcVn72o6GbhvSpzQA4zHWswz6tWpS+Mj
B+w1eSfWGMkdVRjmIwzdxnY/vsvni6758KdzhtDNWiMBbRy1myiVdCCVWWRq+0dv
Jw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:12:35 2025 by rpki-client