Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
File:                     qltHHQugidnp9GwpExlnT6yBKNA.mft (raw, json)
Hash identifier:          5tC1/Skvz1VUdnvl3u7kpu+kI0sBs+9zWnOJvFb8+XE=
Subject key identifier:   68:67:4F:AE:7C:D1:1C:4B:A2:E3:A2:64:94:39:7B:FA:90:00:78:18
Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
Certificate issuer:       /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Certificate serial:       019F3F3DF47C03FBE407282F49B1C0B2442B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
Manifest number:          0FEE
Signing time:             Wed 08 Jul 2026 01:00:52 +0000
Manifest this update:     Wed 08 Jul 2026 01:00:52 +0000
Manifest next update:     Thu 09 Jul 2026 01:00:52 +0000
Files and hashes:         1: RGHMhabHZkPW5wXprVh6WUeUNEU.roa (hash: aWxpktwD4HwK4DqUq/i3jSDZlGsjYGbb6rrk+6zxpz0=)
                          2: hW9pmZmoOAPv4EQxUHQXTXDJr6s.roa (hash: mjwhxdNEgH8aH/IfZWkqyz4fW356i+YVNu/YE2e6m8A=)
                          3: qltHHQugidnp9GwpExlnT6yBKNA.crl (hash: 4FF3zzxDySmYJ64jGJly0ovbMFdpfQpjRDfWEHm7i/s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 08 Jul 2026 23:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:3f:3d:f4:7c:03:fb:e4:07:28:2f:49:b1:c0:b2:44:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
        Validity
            Not Before: Jul  8 01:00:52 2026 GMT
            Not After : Jul  9 01:00:52 2026 GMT
        Subject: CN=68674fae7cd11c4ba2e3a26494397bfa90007818
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:97:a6:21:b5:53:fa:6c:84:5a:0b:eb:47:92:
                    98:18:81:b7:ef:73:3c:f7:00:8c:85:62:3c:d9:85:
                    a6:82:aa:3d:8b:24:b4:1a:e2:bd:f4:76:4b:ff:e7:
                    9b:24:4d:97:62:37:50:19:23:d3:bc:8c:90:9d:8a:
                    7c:27:85:64:33:74:f0:0e:60:85:23:78:3e:de:92:
                    4c:6a:6a:18:7b:35:60:78:fa:b2:02:bd:f9:a9:0c:
                    b3:17:28:0d:09:6e:a5:29:c7:8a:cd:74:ee:b6:ee:
                    c4:23:c3:1d:b1:44:14:f6:a2:ef:74:2b:44:50:66:
                    d5:6a:d3:32:ed:96:68:6e:24:a9:43:40:c6:a9:9a:
                    d3:81:bb:b3:5d:23:c2:16:aa:d6:63:60:f3:3f:f8:
                    ce:4f:da:f3:22:31:88:64:df:2e:e8:ad:21:5c:37:
                    c3:40:ba:7f:fa:0d:8b:cd:61:65:d5:2b:0d:51:5a:
                    df:7d:64:49:df:6a:92:a6:07:b8:e2:35:2c:3f:28:
                    7e:94:8f:0c:75:09:a1:9b:ca:71:03:be:73:20:82:
                    de:97:f5:af:d3:0b:6c:52:9d:ae:be:ed:77:a4:3f:
                    96:19:3a:1e:aa:04:de:ba:67:35:6f:1d:4d:f2:56:
                    e0:2e:f2:39:6f:6d:fc:be:d3:84:cb:12:51:e1:db:
                    22:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:67:4F:AE:7C:D1:1C:4B:A2:E3:A2:64:94:39:7B:FA:90:00:78:18
            X509v3 Authority Key Identifier:
                keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:f7:2b:5e:93:c2:52:bc:2c:67:be:0f:9c:28:35:b3:ef:f7:
         e4:e1:ae:f7:c1:cb:b3:7f:2a:bf:27:71:a4:49:a2:f6:49:3d:
         1d:91:33:c4:90:02:6f:1d:d7:1c:07:19:8c:f1:22:7f:94:d9:
         f9:47:05:95:c1:01:7c:aa:00:09:b8:d3:18:b8:de:d8:c7:b7:
         cb:0d:d4:46:e5:20:b5:72:24:e2:ca:00:1f:27:b5:f0:ed:8b:
         30:91:3c:28:35:91:80:22:b3:9e:61:31:f6:c7:8a:36:94:74:
         1e:5b:b5:4c:a2:62:43:23:28:2d:cf:50:e8:d6:06:21:04:3f:
         6d:99:f4:2d:9e:92:6b:72:9c:61:a5:46:20:2d:26:e5:92:c3:
         d7:2a:81:9c:99:a3:aa:dd:a7:83:11:c3:a7:0f:41:e8:2e:8b:
         a1:8f:63:04:19:0d:1c:10:0e:eb:42:be:65:0c:74:23:e3:cf:
         71:38:98:92:a1:05:2a:14:d3:da:2a:ef:33:e3:42:91:fa:11:
         73:12:8d:23:04:37:2d:b5:e0:d7:6c:a2:68:40:2d:87:c8:1b:
         df:99:4e:ff:d2:bb:14:1f:c5:b1:b4:42:37:77:40:88:60:33:
         64:dc:16:3d:b7:24:69:f0:ef:8c:13:05:ac:49:09:ed:28:bf:
         67:24:7d:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8/PfR8A/vkBygvSbHAskQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4
MTI4ZDAwHhcNMjYwNzA4MDEwMDUyWhcNMjYwNzA5MDEwMDUyWjAzMTEwLwYDVQQD
Eyg2ODY3NGZhZTdjZDExYzRiYTJlM2EyNjQ5NDM5N2JmYTkwMDA3ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspemIbVT+myEWgvrR5KYGIG373M8
9wCMhWI82YWmgqo9iyS0GuK99HZL/+ebJE2XYjdQGSPTvIyQnYp8J4VkM3TwDmCF
I3g+3pJMamoYezVgePqyAr35qQyzFygNCW6lKceKzXTutu7EI8MdsUQU9qLvdCtE
UGbVatMy7ZZobiSpQ0DGqZrTgbuzXSPCFqrWY2DzP/jOT9rzIjGIZN8u6K0hXDfD
QLp/+g2LzWFl1SsNUVrffWRJ32qSpge44jUsPyh+lI8MdQmhm8pxA75zIILel/Wv
0wtsUp2uvu13pD+WGToeqgTeumc1bx1N8lbgLvI5b238vtOEyxJR4dsi/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhnT6580RxLouOiZJQ5e/qQAHgYMB8GA1UdIwQY
MBaAFKpbRx0LoInZ6fRsKRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgt
NmYyZTI1MjliZTgyLzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgy
LzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY/crXpPC
UrwsZ74PnCg1s+/35OGu98HLs38qvydxpEmi9kk9HZEzxJACbx3XHAcZjPEif5TZ
+UcFlcEBfKoACbjTGLje2Me3yw3URuUgtXIk4soAHye18O2LMJE8KDWRgCKznmEx
9seKNpR0Hlu1TKJiQyMoLc9Q6NYGIQQ/bZn0LZ6Sa3KcYaVGIC0m5ZLD1yqBnJmj
qt2ngxHDpw9B6C6LoY9jBBkNHBAO60K+ZQx0I+PPcTiYkqEFKhTT2irvM+NCkfoR
cxKNIwQ3LbXg12yiaEAth8gb35lO/9K7FB/FsbRCN3dAiGAzZNwWPbckafDvjBMF
rEkJ7Si/ZyR9oQ==
-----END CERTIFICATE-----
Generated at Wed Jul 8 09:23:32 2026 by rpki-client