Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
File:                     520NqzR6OOK4e1oiovfJ4hwYybw.mft (raw, json)
Hash identifier:          R2i7IbpuXCk6Fe3B3HjiUf9VmgKn5UuyFElZ2PqxYFc=
Subject key identifier:   09:EA:A6:61:29:F6:E1:F6:B1:0D:D9:91:4A:2A:E2:81:D6:01:1C:72
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Certificate issuer:       /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial:       019E98BAC230CAF3675B96BC13A116809016
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
Manifest number:          1433
Signing time:             Fri 05 Jun 2026 17:00:36 +0000
Manifest this update:     Fri 05 Jun 2026 17:00:36 +0000
Manifest next update:     Sat 06 Jun 2026 17:00:36 +0000
Files and hashes:         1: 1dfOhFGT4Rz19mHWVabW0kWxTss.roa (hash: Rjg1gNguWYpEwGKvfk1H+hd0eMsqKT2A4N+C2/8Q+uQ=)
                          2: 520NqzR6OOK4e1oiovfJ4hwYybw.crl (hash: UGYblm6uhjJDW+n6q16zSYxKT1QfUJ4dTHv0oAhvk+g=)
                          3: 7EPxlfzuNdNfziGNw3Hj7EoZj1Q.roa (hash: fYUfx118C/cw672kHDWSH3DD1Ik9WuMEeaQ/qAV9tYE=)
                          4: 9EzrkfCb3685-QENXXhTIl2uZz4.roa (hash: 4o0MB77YQKRQiZHQrZxR1nkb/HsRFN1Kq0iR4K53WZA=)
                          5: DVIKLwP8b0UVJE_X0Zz4hLCMFmU.roa (hash: 2ROrixfhF0UtgJihhtThPaEztRX+VVHt8WTM1ZfZQ1o=)
                          6: Fn3txwFOnsHfJqp3dmOvAMcvgHc.roa (hash: 0tFPd6mFP89u9IcgrQmVyEuYoDxe9S4zwwRr4qndNks=)
                          7: RqZv9lI-beWajs98dICrEK2DwUM.roa (hash: z0DWSEDfb+oWc/lkT9R9ehjWWb2y0A0CPcHglnAYRf8=)
                          8: Ud0XI3ub85_CL2l55YZW3cXrctA.roa (hash: 2gMJyy7om8/uY1IqvCz0ubvDeUV63nAu6cUom48+3U0=)
                          9: ao5k8aMHz2Rr-UFohnKN0Vsy0ts.roa (hash: qeXz8tDdKItxGK8qtWsvUAbM0Ooz+MmMiDN8cvBIyTQ=)
                          10: bbXWGNkALy-ajnXnVwsq6VcslC8.roa (hash: lOmBCerqz+GglurufDI5e+15DQVwzjxcTvAfkACkLYE=)
                          11: jTMEUhkl6sKPDlW6gGgXZsH4VwQ.roa (hash: bLe2Zk8IquF+7aI/fXPQxZklmLIeFhH3W5DkdYCydQA=)
                          12: r-NoE_XHTABnwPRM9GdFHoEeHJo.roa (hash: qsD5Rt9CKRxXFQG5JSeN7cqv7sQvsG2HbFGsWmdhdi8=)
                          13: rIIpXZCn7E3HgJjpCaYYUR4k6ZI.roa (hash: Vvylnj2QqF4AFfq4GCTBxANmDk4TfXB5W5GNlTLI/Qw=)
                          14: rp3l1DRMo7bxNlcekPEumkx_Cu4.roa (hash: cvH000yVT30CU4NGwC5k2pFAaWGJcYLG4wfqKOyLWIU=)
                          15: s9E0mrs6RE5G3diI6qJ2dNaQlCY.roa (hash: ALHEFczsxrK3P9zm6czuHQOWsz9Vxib3j6fIwRLXdsA=)
                          16: smuPovOHBHHaIAv32qcc0ZyhNkQ.roa (hash: HcQ/8p3eoCWjnnKfMtVzm8focRBIq46dCnVV7vdjMxQ=)
                          17: v94LL-qGGgahldRNvzQc-ZVS3KI.roa (hash: a3YAXYAGQiNiI/eRCe9RKvTaP1hHvgR2d27wk4bq6Cw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Jun 2026 17:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:98:ba:c2:30:ca:f3:67:5b:96:bc:13:a1:16:80:90:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
        Validity
            Not Before: Jun  5 17:00:36 2026 GMT
            Not After : Jun  6 17:00:36 2026 GMT
        Subject: CN=09eaa66129f6e1f6b10dd9914a2ae281d6011c72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:36:43:7f:68:c8:de:94:80:67:6f:d8:e7:dd:
                    87:bd:80:85:1a:62:32:fc:b0:8d:69:59:e6:5e:bc:
                    9f:ce:90:9c:58:3e:ee:6f:f4:b8:50:d0:8b:96:23:
                    2b:47:23:01:4d:9b:3b:fa:ab:ea:61:dd:b8:d9:46:
                    e6:9d:64:59:f0:50:64:97:57:ca:12:0a:d3:44:78:
                    fa:08:1e:88:db:cb:41:09:ab:5a:63:f7:8e:f6:11:
                    5a:20:65:a4:f4:42:ff:7c:ab:28:5d:ba:3b:74:09:
                    b2:d9:c5:ea:2a:a5:2b:fe:6e:7c:5f:32:42:5a:38:
                    09:55:da:e1:06:d2:51:72:e2:41:19:d8:b4:d8:58:
                    cb:8b:ba:23:68:ab:dc:be:f4:0b:52:46:4b:05:00:
                    be:8c:31:ed:e6:ed:63:3c:37:49:90:eb:68:a2:52:
                    e2:90:ce:57:b9:c4:3c:a8:19:37:05:70:95:da:d9:
                    01:d9:ca:c4:ff:50:81:17:f8:f2:ec:0c:fd:d6:57:
                    ea:d0:5a:41:8f:52:be:ed:50:62:23:46:ad:0a:a3:
                    15:da:1d:10:4b:e5:01:40:1e:f4:06:54:fe:72:88:
                    58:e5:22:71:d1:fb:37:5c:d9:23:9b:80:cd:33:28:
                    50:19:f7:ae:a1:b3:ee:b4:17:2c:0c:56:03:9f:5b:
                    fc:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:EA:A6:61:29:F6:E1:F6:B1:0D:D9:91:4A:2A:E2:81:D6:01:1C:72
            X509v3 Authority Key Identifier:
                keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:ad:37:78:be:06:6a:e0:68:14:c2:c3:ef:45:08:40:8f:0d:
         2d:67:d8:a1:61:bd:23:4c:69:cc:e5:9b:94:9f:60:9f:ce:77:
         b7:6b:ba:6e:58:fd:e5:90:cf:dd:f8:44:73:0e:b8:e4:68:6d:
         ea:d2:e9:a3:e1:8e:f5:1b:69:4e:45:88:6e:e5:93:83:56:0f:
         45:ce:45:48:fd:63:d0:57:44:8e:f1:ed:ae:e1:79:0d:8b:89:
         d7:76:de:97:4f:51:80:a4:23:31:3e:a9:1a:90:a7:56:a4:3d:
         15:21:b6:cd:93:aa:be:86:a0:3a:db:72:e3:63:3e:d0:40:62:
         e8:52:6c:90:b2:9b:7b:7e:54:48:e4:74:a0:37:42:0e:16:68:
         92:9e:fb:e3:f2:e4:ea:af:37:37:85:45:bb:4a:d4:0c:83:02:
         56:d3:b9:34:15:e2:65:08:0c:67:e2:bc:d2:9e:40:85:75:f2:
         d0:ab:32:a2:e1:f4:a2:b6:88:14:2b:ba:1b:59:ad:36:7d:f4:
         24:5c:70:27:74:ce:61:50:fe:9e:7f:1b:7f:82:ab:fd:2a:05:
         ba:0b:92:97:b7:f6:12:d5:21:b1:09:df:0d:7b:57:b8:fe:b0:
         42:79:12:6c:b7:92:07:46:61:d9:f3:a5:a5:dd:20:56:dc:81:
         6e:91:29:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6YusIwyvNnW5a8E6EWgJAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjYwNjA1MTcwMDM2WhcNMjYwNjA2MTcwMDM2WjAzMTEwLwYDVQQD
EygwOWVhYTY2MTI5ZjZlMWY2YjEwZGQ5OTE0YTJhZTI4MWQ2MDExYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzZDf2jI3pSAZ2/Y592HvYCFGmIy
/LCNaVnmXryfzpCcWD7ub/S4UNCLliMrRyMBTZs7+qvqYd242UbmnWRZ8FBkl1fK
EgrTRHj6CB6I28tBCataY/eO9hFaIGWk9EL/fKsoXbo7dAmy2cXqKqUr/m58XzJC
WjgJVdrhBtJRcuJBGdi02FjLi7ojaKvcvvQLUkZLBQC+jDHt5u1jPDdJkOtoolLi
kM5XucQ8qBk3BXCV2tkB2crE/1CBF/jy7Az91lfq0FpBj1K+7VBiI0atCqMV2h0Q
S+UBQB70BlT+cohY5SJx0fs3XNkjm4DNMyhQGfeuobPutBcsDFYDn1v8vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAnqpmEp9uH2sQ3ZkUoq4oHWARxyMB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAK03eL4G
auBoFMLD70UIQI8NLWfYoWG9I0xpzOWblJ9gn853t2u6blj95ZDP3fhEcw645Ght
6tLpo+GO9RtpTkWIbuWTg1YPRc5FSP1j0FdEjvHtruF5DYuJ13bel09RgKQjMT6p
GpCnVqQ9FSG2zZOqvoagOtty42M+0EBi6FJskLKbe35USOR0oDdCDhZokp774/Lk
6q83N4VFu0rUDIMCVtO5NBXiZQgMZ+K80p5AhXXy0KsyouH0oraIFCu6G1mtNn30
JFxwJ3TOYVD+nn8bf4Kr/SoFuguSl7f2EtUhsQnfDXtXuP6wQnkSbLeSB0Zh2fOl
pd0gVtyBbpEpIA==
-----END CERTIFICATE-----