Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.mft
File:                     tJvYTaF5l8uyhq-QIqsuBboItEI.mft (raw, json)
Hash identifier:          IQuYVIWG4Pds497h46PxJiCkvgB3yvgwEmM7YqW1W1E=
Subject key identifier:   7B:B3:8D:76:47:7C:76:B2:8C:1A:2C:7E:5B:8B:BB:57:75:E7:74:B5
Authority key identifier: B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
Certificate issuer:       /CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Certificate serial:       019D0FD74B43FD43888C193EF7C28AB5E50D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.mft
Manifest number:          13DB
Signing time:             Sat 21 Mar 2026 10:01:00 +0000
Manifest this update:     Sat 21 Mar 2026 10:01:00 +0000
Manifest next update:     Sun 22 Mar 2026 10:01:00 +0000
Files and hashes:         1: PTqqtT4_tP0RAOhqpaeaV7qFsoM.roa (hash: gS+7X+RhiaD/Wpkqye3btlKeUsU6cdg4vX6kC9nPKmY=)
                          2: Zx8NV8g2SZTn17r6ny-ihGOw0zg.roa (hash: oDKvuRyprpCre1JRHHQFdko0hYMR6EjsyiF9Shy7Ous=)
                          3: o_4znoNuO2BlgKbgpDwRbvS5e9M.roa (hash: UG/yd3TL4Rh6gQUIGrMAEttNV+zSF20Hc2Z6UKPMWAc=)
                          4: tJvYTaF5l8uyhq-QIqsuBboItEI.crl (hash: xmHgFNjYeM6B5NE6vbI1uF3goI5ebtaNiY7EUCp/Zdc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 22 Mar 2026 10:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:0f:d7:4b:43:fd:43:88:8c:19:3e:f7:c2:8a:b5:e5:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b49bd84da17997cbb286af9022ab2e05ba08b442
        Validity
            Not Before: Mar 21 10:01:00 2026 GMT
            Not After : Mar 22 10:01:00 2026 GMT
        Subject: CN=7bb38d76477c76b28c1a2c7e5b8bbb5775e774b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:2b:1c:20:14:df:6d:45:89:73:2f:ef:d4:85:
                    5c:04:06:29:84:c3:bd:d0:6c:5d:96:35:88:ea:b3:
                    fe:cd:aa:62:50:13:38:6d:18:d5:4a:c7:1b:77:ce:
                    b8:5a:7e:e0:35:76:6f:af:51:33:57:b2:cf:a6:ee:
                    0f:f5:eb:36:32:04:c6:27:c2:8c:28:56:7a:ff:cf:
                    a1:a4:f2:5e:b0:66:c1:6f:73:aa:61:62:f3:71:23:
                    99:b2:d4:79:b9:be:43:b0:a0:fb:57:1d:ef:72:52:
                    64:74:c6:45:a4:f9:38:3a:ca:9e:47:b0:9a:bf:d0:
                    fd:42:09:99:4e:06:a1:16:2d:53:9c:54:2c:0a:70:
                    7b:6e:65:9f:8c:e2:8f:de:0d:7d:6a:16:6a:a2:24:
                    d3:90:37:a4:7f:ef:10:55:cd:d0:25:54:24:22:13:
                    4d:43:c7:8d:57:9b:2e:33:4b:7f:4d:07:aa:dd:7b:
                    6a:f8:e0:88:79:57:da:63:ae:7e:02:bc:f2:93:a9:
                    ab:16:0e:c3:04:b1:ff:5d:1d:1c:78:b7:6b:e5:41:
                    26:0c:b6:2f:5f:53:c4:27:8d:2b:e5:a2:f7:5f:99:
                    b0:e4:a0:0a:62:84:cc:73:d6:f0:9b:d0:08:57:73:
                    ba:56:d6:9b:89:23:36:23:23:ae:d9:bd:16:b0:36:
                    e8:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:B3:8D:76:47:7C:76:B2:8C:1A:2C:7E:5B:8B:BB:57:75:E7:74:B5
            X509v3 Authority Key Identifier:
                keyid:B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:79:f2:2c:b8:b0:08:cb:50:eb:cf:2c:58:f8:bf:dd:b9:23:
         54:1e:16:16:35:3a:3a:0c:f0:43:c0:72:28:3f:e3:fd:10:d0:
         88:9a:33:02:66:eb:50:63:ff:74:a3:b5:d9:cf:d3:9f:85:c5:
         57:6d:ba:96:c6:ab:12:6e:9b:0f:b6:f0:1a:d9:9b:6c:65:bb:
         44:02:4d:13:cd:7b:78:e0:c5:cb:ab:aa:68:3c:28:6e:3e:02:
         d7:87:c8:fe:7c:6d:6a:5c:81:a3:2e:06:34:06:21:41:ba:cc:
         bf:dd:c0:2e:9a:c9:b1:96:20:fb:7a:c0:dc:c6:19:b5:15:d3:
         a6:f8:99:a5:89:d5:8e:7a:66:f2:5b:82:d9:f4:e8:84:d8:92:
         81:76:8f:9e:45:41:e4:05:a1:45:cb:15:ac:66:ab:0e:a4:ec:
         30:a8:c0:2f:26:97:6a:1c:b4:23:17:20:e4:49:0a:b2:18:15:
         b3:e1:56:54:95:8b:b2:1d:23:da:e8:f6:81:e5:b9:0b:ec:79:
         b4:f1:bd:d5:dc:2e:b5:64:16:84:a2:af:61:3c:d5:07:d4:29:
         3e:73:be:3f:dc:74:1e:34:d9:c7:7b:b1:24:c8:e2:f1:2f:d8:
         4e:59:b8:34:57:8d:22:4b:a0:d3:56:90:f5:f0:b1:93:8d:ec:
         d9:70:e2:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0P10tD/UOIjBk+98KKteUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OWJkODRkYTE3OTk3Y2JiMjg2YWY5MDIyYWIyZTA1YmEw
OGI0NDIwHhcNMjYwMzIxMTAwMTAwWhcNMjYwMzIyMTAwMTAwWjAzMTEwLwYDVQQD
Eyg3YmIzOGQ3NjQ3N2M3NmIyOGMxYTJjN2U1YjhiYmI1Nzc1ZTc3NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyscIBTfbUWJcy/v1IVcBAYphMO9
0GxdljWI6rP+zapiUBM4bRjVSscbd864Wn7gNXZvr1EzV7LPpu4P9es2MgTGJ8KM
KFZ6/8+hpPJesGbBb3OqYWLzcSOZstR5ub5DsKD7Vx3vclJkdMZFpPk4OsqeR7Ca
v9D9QgmZTgahFi1TnFQsCnB7bmWfjOKP3g19ahZqoiTTkDekf+8QVc3QJVQkIhNN
Q8eNV5suM0t/TQeq3Xtq+OCIeVfaY65+Arzyk6mrFg7DBLH/XR0ceLdr5UEmDLYv
X1PEJ40r5aL3X5mw5KAKYoTMc9bwm9AIV3O6VtabiSM2IyOu2b0WsDbo5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHuzjXZHfHayjBosfluLu1d153S1MB8GA1UdIwQY
MBaAFLSb2E2heZfLsoavkCKrLgW6CLRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2It
MGM5MDliZjViZTRkLzEvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2ItMGM5MDliZjViZTRk
LzEvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALXnyLLiw
CMtQ688sWPi/3bkjVB4WFjU6OgzwQ8ByKD/j/RDQiJozAmbrUGP/dKO12c/Tn4XF
V226lsarEm6bD7bwGtmbbGW7RAJNE817eODFy6uqaDwobj4C14fI/nxtalyBoy4G
NAYhQbrMv93ALprJsZYg+3rA3MYZtRXTpviZpYnVjnpm8luC2fTohNiSgXaPnkVB
5AWhRcsVrGarDqTsMKjALyaXahy0Ixcg5EkKshgVs+FWVJWLsh0j2uj2geW5C+x5
tPG91dwutWQWhKKvYTzVB9QpPnO+P9x0HjTZx3uxJMji8S/YTlm4NFeNIkug01aQ
9fCxk43s2XDiAw==
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:25:26 2026 by rpki-client