Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e5c056-03b1-46a9-b214-78fc3bc28ba1/1/lJgy8CXL76HqG8oMOQtjwXaUjNI.mft
File:                     lJgy8CXL76HqG8oMOQtjwXaUjNI.mft (raw, json)
Hash identifier:          h0GgQVK6zcnsnDNuNufOJzxBpgCuntMtmT6pHvlZiYk=
Subject key identifier:   C5:A8:76:AC:15:B1:20:BA:68:36:F6:B4:53:2F:DA:A1:0D:1E:9B:F6
Authority key identifier: 94:98:32:F0:25:CB:EF:A1:EA:1B:CA:0C:39:0B:63:C1:76:94:8C:D2
Certificate issuer:       /CN=949832f025cbefa1ea1bca0c390b63c176948cd2
Certificate serial:       019D2439EFB7607E0113EB67E94225CD6357
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lJgy8CXL76HqG8oMOQtjwXaUjNI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/e5c056-03b1-46a9-b214-78fc3bc28ba1/1/lJgy8CXL76HqG8oMOQtjwXaUjNI.mft
Manifest number:          06FF
Signing time:             Wed 25 Mar 2026 09:01:09 +0000
Manifest this update:     Wed 25 Mar 2026 09:01:09 +0000
Manifest next update:     Thu 26 Mar 2026 09:01:09 +0000
Files and hashes:         1: cb-mqGrD9TdvPSnuiFKPTNSp4k0.roa (hash: 3D9GKzTfBklRbCdmXiO06QWtVtwBT318N1GZYxQn0ZA=)
                          2: lJgy8CXL76HqG8oMOQtjwXaUjNI.crl (hash: aVyGpj8qvvJp0Ee0O3yycmlhCzSq4otM1jq8+4B5EWg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/e5c056-03b1-46a9-b214-78fc3bc28ba1/1/lJgy8CXL76HqG8oMOQtjwXaUjNI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/e5c056-03b1-46a9-b214-78fc3bc28ba1/1/lJgy8CXL76HqG8oMOQtjwXaUjNI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lJgy8CXL76HqG8oMOQtjwXaUjNI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:24:39:ef:b7:60:7e:01:13:eb:67:e9:42:25:cd:63:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=949832f025cbefa1ea1bca0c390b63c176948cd2
        Validity
            Not Before: Mar 25 09:01:09 2026 GMT
            Not After : Mar 26 09:01:09 2026 GMT
        Subject: CN=c5a876ac15b120ba6836f6b4532fdaa10d1e9bf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:eb:36:67:b3:3f:ae:62:a5:0d:4a:bc:2c:ac:
                    86:c2:b6:49:56:0e:5d:26:7d:1a:fb:d7:1e:17:59:
                    2f:b4:42:89:f4:e9:e8:24:1a:37:94:07:4d:6b:ea:
                    fc:95:e1:5e:0c:55:b8:05:c1:df:92:26:1c:4e:f4:
                    54:1b:b3:fe:25:ab:7c:7e:e3:07:91:2b:26:dc:fa:
                    76:6c:fe:02:83:8b:e5:aa:11:83:86:3e:2e:95:43:
                    fc:12:a5:e5:dc:5e:e5:72:4e:b9:2a:a7:24:95:dc:
                    e2:66:ba:fe:9a:9f:85:4b:5f:a4:cf:03:bf:9f:d8:
                    bd:76:08:01:27:7d:f6:22:5c:6f:6c:93:8e:04:7f:
                    ca:9a:3a:fa:e5:94:ec:c3:e7:94:64:04:8f:e4:69:
                    d3:2a:94:6b:4c:e6:69:a6:f2:5d:c6:f4:1e:e7:08:
                    c5:02:69:a4:04:e4:81:6a:f0:5d:fa:9a:dd:65:cf:
                    54:a3:a2:71:2c:c3:d1:c8:cc:f6:d8:df:38:f6:9e:
                    c2:43:72:5f:20:a4:a6:63:33:59:d2:0e:12:77:51:
                    a7:89:c4:3d:99:18:bf:2a:58:89:89:12:c9:34:57:
                    0a:80:0d:0e:b1:c1:04:86:c6:1a:08:23:8d:e6:98:
                    59:9b:2f:11:c4:33:58:1f:b6:44:67:c6:ce:57:6e:
                    a9:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:A8:76:AC:15:B1:20:BA:68:36:F6:B4:53:2F:DA:A1:0D:1E:9B:F6
            X509v3 Authority Key Identifier:
                keyid:94:98:32:F0:25:CB:EF:A1:EA:1B:CA:0C:39:0B:63:C1:76:94:8C:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJgy8CXL76HqG8oMOQtjwXaUjNI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5c056-03b1-46a9-b214-78fc3bc28ba1/1/lJgy8CXL76HqG8oMOQtjwXaUjNI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5c056-03b1-46a9-b214-78fc3bc28ba1/1/lJgy8CXL76HqG8oMOQtjwXaUjNI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:4a:6d:80:d6:e6:c0:e3:1e:82:5f:2b:30:d1:ac:31:ac:da:
         4a:f9:97:7b:be:12:7e:61:60:3b:84:fb:c8:ca:23:5c:d4:da:
         d4:4b:da:d9:2d:ab:41:8e:1b:83:84:07:09:58:21:3a:9c:9a:
         d8:4e:71:0d:f0:c5:09:c9:79:a9:f2:31:44:24:5e:3e:d5:1d:
         39:df:bc:e3:83:5a:5c:6a:ad:25:5d:b2:f7:1b:98:f7:7e:c3:
         9b:95:b5:62:d1:d5:0d:80:58:f7:c0:86:c7:d9:71:2b:e5:a6:
         81:95:4c:df:7d:f2:f5:19:e5:b9:85:17:5f:83:c6:22:29:98:
         47:e5:6a:19:fa:31:30:0e:0b:ec:68:12:0e:79:22:0e:c5:f5:
         1f:67:4c:56:bb:78:51:bc:0d:5c:6b:96:a2:2b:42:20:74:5e:
         49:2c:66:25:a0:b3:02:7f:dd:7f:d6:9e:2e:47:72:94:97:e6:
         b3:18:a8:0c:8a:24:e3:72:9b:46:15:47:f5:ad:01:d1:c7:32:
         af:8e:b4:b3:9c:3d:c5:0f:1a:f6:05:7d:9f:19:66:04:13:96:
         15:2b:bb:f8:8f:ad:1c:75:28:ed:9a:a2:8c:29:7c:a8:19:ad:
         b3:22:fa:93:ae:6b:c7:dd:e2:5f:c4:61:1c:26:7b:87:c7:f5:
         a6:20:d4:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0kOe+3YH4BE+tn6UIlzWNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTgzMmYwMjVjYmVmYTFlYTFiY2EwYzM5MGI2M2MxNzY5
NDhjZDIwHhcNMjYwMzI1MDkwMTA5WhcNMjYwMzI2MDkwMTA5WjAzMTEwLwYDVQQD
EyhjNWE4NzZhYzE1YjEyMGJhNjgzNmY2YjQ1MzJmZGFhMTBkMWU5YmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAses2Z7M/rmKlDUq8LKyGwrZJVg5d
Jn0a+9ceF1kvtEKJ9OnoJBo3lAdNa+r8leFeDFW4BcHfkiYcTvRUG7P+Jat8fuMH
kSsm3Pp2bP4Cg4vlqhGDhj4ulUP8EqXl3F7lck65KqckldziZrr+mp+FS1+kzwO/
n9i9dggBJ332IlxvbJOOBH/Kmjr65ZTsw+eUZASP5GnTKpRrTOZppvJdxvQe5wjF
AmmkBOSBavBd+prdZc9Uo6JxLMPRyMz22N849p7CQ3JfIKSmYzNZ0g4Sd1GnicQ9
mRi/KliJiRLJNFcKgA0OscEEhsYaCCON5phZmy8RxDNYH7ZEZ8bOV26pMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMWodqwVsSC6aDb2tFMv2qENHpv2MB8GA1UdIwQY
MBaAFJSYMvAly++h6hvKDDkLY8F2lIzSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpneThDWEw3NkhxRzhvTU9RdGp3WGFVak5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNWMwNTYtMDNiMS00NmE5LWIyMTQt
NzhmYzNiYzI4YmExLzEvbEpneThDWEw3NkhxRzhvTU9RdGp3WGFVak5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNWMwNTYtMDNiMS00NmE5LWIyMTQtNzhmYzNiYzI4YmEx
LzEvbEpneThDWEw3NkhxRzhvTU9RdGp3WGFVak5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoEptgNbm
wOMegl8rMNGsMazaSvmXe74SfmFgO4T7yMojXNTa1Eva2S2rQY4bg4QHCVghOpya
2E5xDfDFCcl5qfIxRCRePtUdOd+844NaXGqtJV2y9xuY937Dm5W1YtHVDYBY98CG
x9lxK+WmgZVM333y9RnluYUXX4PGIimYR+VqGfoxMA4L7GgSDnkiDsX1H2dMVrt4
UbwNXGuWoitCIHReSSxmJaCzAn/df9aeLkdylJfmsxioDIok43KbRhVH9a0B0ccy
r460s5w9xQ8a9gV9nxlmBBOWFSu7+I+tHHUo7ZqijCl8qBmtsyL6k65rx93iX8Rh
HCZ7h8f1piDUhw==
-----END CERTIFICATE-----
Generated at Wed Mar 25 10:52:27 2026 by rpki-client