Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2898e6-0d79-454e-ab54-40be0c463b90/1/dHWiyViPxpXSdUKD3NPRI9H3eBE.mft
File:                     dHWiyViPxpXSdUKD3NPRI9H3eBE.mft (raw, json)
Hash identifier:          TBXYN5i5rVhPKnPxHqMnsmUguZjuMS8yOvtJ5B2Z3Sk=
Subject key identifier:   20:3A:D8:EA:B8:29:5C:B0:6B:DF:7A:43:34:60:F1:F1:DA:EB:EF:36
Authority key identifier: 74:75:A2:C9:58:8F:C6:95:D2:75:42:83:DC:D3:D1:23:D1:F7:78:11
Certificate issuer:       /CN=7475a2c9588fc695d2754283dcd3d123d1f77811
Certificate serial:       019F1AFABA5FE37F7AA18F7E49432354D898
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dHWiyViPxpXSdUKD3NPRI9H3eBE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/2898e6-0d79-454e-ab54-40be0c463b90/1/dHWiyViPxpXSdUKD3NPRI9H3eBE.mft
Manifest number:          198A
Signing time:             Wed 01 Jul 2026 00:01:07 +0000
Manifest this update:     Wed 01 Jul 2026 00:01:07 +0000
Manifest next update:     Thu 02 Jul 2026 00:01:07 +0000
Files and hashes:         1: B6KgFpwvViQTEk9Dmhs8MfS-w7s.roa (hash: OhVWCZDoCQizES2xkeCkzPUeD4jK/eG28KZNwsfJC3Y=)
                          2: dHWiyViPxpXSdUKD3NPRI9H3eBE.crl (hash: FjHcz7HKvQDdQch2TmnrrDCefOHyGRjTzpycllxOhjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/2898e6-0d79-454e-ab54-40be0c463b90/1/dHWiyViPxpXSdUKD3NPRI9H3eBE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/2898e6-0d79-454e-ab54-40be0c463b90/1/dHWiyViPxpXSdUKD3NPRI9H3eBE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dHWiyViPxpXSdUKD3NPRI9H3eBE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 20:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1a:fa:ba:5f:e3:7f:7a:a1:8f:7e:49:43:23:54:d8:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7475a2c9588fc695d2754283dcd3d123d1f77811
        Validity
            Not Before: Jul  1 00:01:07 2026 GMT
            Not After : Jul  2 00:01:07 2026 GMT
        Subject: CN=203ad8eab8295cb06bdf7a433460f1f1daebef36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:70:dc:16:33:51:b6:b2:04:a3:78:a1:28:b5:
                    3f:6c:63:ca:44:6e:c4:8a:77:08:ef:d3:9c:90:93:
                    ac:89:b0:3f:10:a0:96:2d:68:98:06:99:d7:78:c0:
                    8a:96:67:33:2e:8a:5c:51:43:ca:50:08:82:ca:94:
                    1e:4c:9f:dc:5e:8f:e6:d4:da:26:3e:69:d7:d2:90:
                    17:f0:c4:00:cf:9d:42:13:c1:60:73:bc:3a:4f:8a:
                    6e:4a:d8:4c:dc:23:2a:10:a0:40:35:3d:2c:f7:03:
                    f8:2d:aa:d1:f4:db:40:ea:e1:5f:48:02:e6:5f:f2:
                    4b:e1:56:98:83:d2:e4:a2:3d:d5:b0:00:86:c7:19:
                    ac:63:dc:0b:4c:9b:21:2e:76:ea:22:e9:60:fe:15:
                    7b:70:7f:fc:ba:c5:6a:ac:c7:bb:49:28:3a:25:52:
                    49:c8:a4:87:37:18:ca:92:c9:16:a1:04:65:33:4b:
                    b2:44:a5:c1:13:e1:28:a5:21:94:64:01:9d:22:65:
                    2b:c1:b8:3d:eb:73:92:fb:f6:53:f2:d4:3b:e3:03:
                    7b:ca:20:f9:6c:46:61:4a:96:e6:06:09:9f:e2:8d:
                    31:36:f5:59:37:2d:2a:c7:ce:c3:ad:c7:73:83:bc:
                    c7:d1:55:90:9b:17:84:a3:ed:da:b8:72:06:95:b5:
                    72:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:3A:D8:EA:B8:29:5C:B0:6B:DF:7A:43:34:60:F1:F1:DA:EB:EF:36
            X509v3 Authority Key Identifier:
                keyid:74:75:A2:C9:58:8F:C6:95:D2:75:42:83:DC:D3:D1:23:D1:F7:78:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHWiyViPxpXSdUKD3NPRI9H3eBE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2898e6-0d79-454e-ab54-40be0c463b90/1/dHWiyViPxpXSdUKD3NPRI9H3eBE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2898e6-0d79-454e-ab54-40be0c463b90/1/dHWiyViPxpXSdUKD3NPRI9H3eBE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:e7:2a:d8:d8:63:ce:a3:d8:a6:3f:08:b4:62:3a:81:4e:6f:
         90:6d:98:fd:54:43:0b:aa:89:5e:26:99:69:4f:cf:2a:a3:a5:
         05:30:d4:99:ac:1f:7d:bb:84:47:80:bd:ea:b7:b6:fd:5c:39:
         e5:46:8d:be:df:06:0f:78:72:48:63:c1:f3:0e:f5:a2:07:74:
         5a:65:b1:96:af:4b:88:48:fc:00:9a:d8:51:a9:5c:78:fa:61:
         7f:f4:d4:35:75:10:a5:3b:e9:1e:e1:18:bd:71:e3:53:10:d9:
         30:74:5f:13:83:13:30:9f:03:bc:2c:6c:e0:34:e9:ac:cd:9f:
         c9:44:df:33:7d:52:e7:b0:66:2d:f7:99:84:d3:66:4b:fd:36:
         41:4b:ff:8b:a7:cc:2f:98:cf:cc:2c:64:18:b7:a4:f2:1a:da:
         21:25:36:df:04:ec:f5:cf:f7:1e:d7:0c:06:15:dd:18:48:fc:
         c8:c5:b2:4d:98:56:c8:cf:e9:75:e3:68:02:09:61:86:56:cf:
         64:a5:21:d1:9f:76:4b:4c:67:e0:ec:a8:6e:51:c3:49:a0:c1:
         b0:f4:e9:f0:79:35:5f:9d:63:b7:04:6d:e3:dd:27:1d:85:76:
         e5:29:83:3b:9f:2b:6b:be:4f:20:ef:27:48:55:d6:37:43:43:
         22:c7:bb:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8a+rpf4396oY9+SUMjVNiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzVhMmM5NTg4ZmM2OTVkMjc1NDI4M2RjZDNkMTIzZDFm
Nzc4MTEwHhcNMjYwNzAxMDAwMTA3WhcNMjYwNzAyMDAwMTA3WjAzMTEwLwYDVQQD
EygyMDNhZDhlYWI4Mjk1Y2IwNmJkZjdhNDMzNDYwZjFmMWRhZWJlZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnDcFjNRtrIEo3ihKLU/bGPKRG7E
incI79OckJOsibA/EKCWLWiYBpnXeMCKlmczLopcUUPKUAiCypQeTJ/cXo/m1Nom
PmnX0pAX8MQAz51CE8Fgc7w6T4puSthM3CMqEKBANT0s9wP4LarR9NtA6uFfSALm
X/JL4VaYg9Lkoj3VsACGxxmsY9wLTJshLnbqIulg/hV7cH/8usVqrMe7SSg6JVJJ
yKSHNxjKkskWoQRlM0uyRKXBE+EopSGUZAGdImUrwbg963OS+/ZT8tQ74wN7yiD5
bEZhSpbmBgmf4o0xNvVZNy0qx87Drcdzg7zH0VWQmxeEo+3auHIGlbVySwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCA62Oq4KVywa996QzRg8fHa6+82MB8GA1UdIwQY
MBaAFHR1oslYj8aV0nVCg9zT0SPR93gRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhXaXlWaVB4cFhTZFVLRDNOUFJJOUgzZUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yODk4ZTYtMGQ3OS00NTRlLWFiNTQt
NDBiZTBjNDYzYjkwLzEvZEhXaXlWaVB4cFhTZFVLRDNOUFJJOUgzZUJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yODk4ZTYtMGQ3OS00NTRlLWFiNTQtNDBiZTBjNDYzYjkw
LzEvZEhXaXlWaVB4cFhTZFVLRDNOUFJJOUgzZUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATucq2Nhj
zqPYpj8ItGI6gU5vkG2Y/VRDC6qJXiaZaU/PKqOlBTDUmawffbuER4C96re2/Vw5
5UaNvt8GD3hySGPB8w71ogd0WmWxlq9LiEj8AJrYUalcePphf/TUNXUQpTvpHuEY
vXHjUxDZMHRfE4MTMJ8DvCxs4DTprM2fyUTfM31S57BmLfeZhNNmS/02QUv/i6fM
L5jPzCxkGLek8hraISU23wTs9c/3HtcMBhXdGEj8yMWyTZhWyM/pdeNoAglhhlbP
ZKUh0Z92S0xn4OyoblHDSaDBsPTp8Hk1X51jtwRt490nHYV25SmDO58ra75PIO8n
SFXWN0NDIse7Pg==
-----END CERTIFICATE-----
Generated at Wed Jul 1 02:17:36 2026 by rpki-client