Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.mft
File:                     _XTetBhEJvpiIlthIMNnBvc3uOI.mft (raw, json)
Hash identifier:          qU/MhBKIFTLOLPY0gh9RsUUqrs+DuuXsXSzgr3b6SAY=
Subject key identifier:   CA:10:1A:F2:05:14:0F:59:FF:42:BF:D2:21:F9:33:43:0D:DC:B4:C4
Authority key identifier: FD:74:DE:B4:18:44:26:FA:62:22:5B:61:20:C3:67:06:F7:37:B8:E2
Certificate issuer:       /CN=fd74deb4184426fa62225b6120c36706f737b8e2
Certificate serial:       019F11C0412505DD6CE80FB1CC4A42256E61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_XTetBhEJvpiIlthIMNnBvc3uOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.mft
Manifest number:          1985
Signing time:             Mon 29 Jun 2026 05:00:39 +0000
Manifest this update:     Mon 29 Jun 2026 05:00:39 +0000
Manifest next update:     Tue 30 Jun 2026 05:00:39 +0000
Files and hashes:         1: 4H3kqbZKgvCRJ41TW2E8J1NDC88.roa (hash: ah0Wo037A9MM/sUCKBiJ/BqofxWUcKYL1Cq5STwAUy8=)
                          2: _XTetBhEJvpiIlthIMNnBvc3uOI.crl (hash: txqR6K6H+Tgg1IB6Dow5obdA3GNIdEdVA1BTHYrmTIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_XTetBhEJvpiIlthIMNnBvc3uOI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 30 Jun 2026 05:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:11:c0:41:25:05:dd:6c:e8:0f:b1:cc:4a:42:25:6e:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd74deb4184426fa62225b6120c36706f737b8e2
        Validity
            Not Before: Jun 29 05:00:39 2026 GMT
            Not After : Jun 30 05:00:39 2026 GMT
        Subject: CN=ca101af205140f59ff42bfd221f933430ddcb4c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:64:06:59:f9:c4:83:24:ee:2e:08:13:2f:3b:
                    fb:e1:5a:24:d1:fa:d5:69:e9:ff:31:cf:38:02:a4:
                    a1:fd:6f:c5:73:7a:24:39:83:42:1a:3b:81:43:02:
                    68:61:d8:ae:18:9c:67:97:50:8c:75:69:1b:db:52:
                    43:75:ed:fd:8c:53:73:39:4c:a8:28:e5:a8:37:79:
                    bf:3b:06:73:0e:01:3a:67:12:9f:30:70:ac:32:be:
                    ee:9a:bb:74:7b:95:14:8d:86:08:78:28:16:4e:b4:
                    ea:6c:b7:0a:98:0b:f6:45:b9:fe:d4:c3:08:60:d0:
                    99:d6:d0:30:d8:c2:3f:3f:c6:f5:8a:00:c6:82:85:
                    f2:6b:7c:56:b1:a9:a7:bb:24:fc:60:bf:ad:cf:a1:
                    8e:a1:a8:44:02:fb:9c:b8:66:78:59:d3:02:4f:93:
                    83:f4:7b:ed:a7:09:d9:fa:1f:a0:1c:cc:58:5e:ab:
                    b5:48:5a:a5:42:f4:68:7a:10:33:fe:62:f1:ed:9a:
                    31:af:6e:dc:1d:b0:83:e6:a2:73:62:a0:dc:4e:fc:
                    2a:b4:64:2d:86:73:e7:fb:a5:d0:90:fd:28:f9:7c:
                    89:6d:53:13:50:6f:ca:a0:1c:82:10:9e:3f:0b:4e:
                    77:e2:7f:5f:68:d2:30:71:56:2b:c1:1e:f5:d9:de:
                    7e:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:10:1A:F2:05:14:0F:59:FF:42:BF:D2:21:F9:33:43:0D:DC:B4:C4
            X509v3 Authority Key Identifier:
                keyid:FD:74:DE:B4:18:44:26:FA:62:22:5B:61:20:C3:67:06:F7:37:B8:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XTetBhEJvpiIlthIMNnBvc3uOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/18491f-b04d-4b0d-907b-d5705ae37014/1/_XTetBhEJvpiIlthIMNnBvc3uOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:d5:49:3d:0d:e1:a8:8d:57:38:9a:a6:eb:24:6a:26:de:60:
         48:45:f5:94:86:14:7d:29:d1:96:0c:5c:da:e3:49:63:ad:8b:
         89:8b:bc:3b:95:e0:ba:9d:6a:c6:93:4d:29:a2:77:07:77:7b:
         c1:5f:8d:38:3a:60:0b:94:77:1e:e4:c2:ae:4d:a7:e2:68:c4:
         28:04:c4:7b:7a:f0:4f:8c:93:0f:37:b3:eb:ae:2b:a0:7d:02:
         bc:62:9e:a1:7b:1e:80:1f:32:8d:81:da:3f:ab:5e:3b:9f:a3:
         43:13:fb:6b:33:bc:0e:bf:6a:7e:04:e3:b4:d9:b4:d7:25:1a:
         1c:a4:fe:9c:78:e6:5e:95:42:15:ca:2e:c3:85:bd:9f:75:3d:
         f8:47:a7:55:82:70:84:17:3a:d0:de:b8:7a:63:8a:f0:27:99:
         ad:15:1b:be:5e:53:4e:57:fb:d0:1d:3d:21:84:0e:03:cc:a7:
         d1:e9:4c:53:8a:30:f5:de:59:b1:41:30:fd:2b:c8:8b:60:9b:
         04:f0:dd:d0:42:69:63:e7:72:ab:53:f5:7d:58:56:29:56:92:
         4a:0e:5e:18:af:92:a6:69:00:76:fc:a8:61:a8:33:33:60:46:
         9d:19:ba:31:0c:fd:42:75:0d:58:a4:26:e1:81:b9:bf:db:d4:
         7a:4d:cd:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8RwEElBd1s6A+xzEpCJW5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzRkZWI0MTg0NDI2ZmE2MjIyNWI2MTIwYzM2NzA2Zjcz
N2I4ZTIwHhcNMjYwNjI5MDUwMDM5WhcNMjYwNjMwMDUwMDM5WjAzMTEwLwYDVQQD
EyhjYTEwMWFmMjA1MTQwZjU5ZmY0MmJmZDIyMWY5MzM0MzBkZGNiNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2QGWfnEgyTuLggTLzv74Vok0frV
aen/Mc84AqSh/W/Fc3okOYNCGjuBQwJoYdiuGJxnl1CMdWkb21JDde39jFNzOUyo
KOWoN3m/OwZzDgE6ZxKfMHCsMr7umrt0e5UUjYYIeCgWTrTqbLcKmAv2Rbn+1MMI
YNCZ1tAw2MI/P8b1igDGgoXya3xWsamnuyT8YL+tz6GOoahEAvucuGZ4WdMCT5OD
9HvtpwnZ+h+gHMxYXqu1SFqlQvRoehAz/mLx7Zoxr27cHbCD5qJzYqDcTvwqtGQt
hnPn+6XQkP0o+XyJbVMTUG/KoByCEJ4/C0534n9faNIwcVYrwR712d5+gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMoQGvIFFA9Z/0K/0iH5M0MN3LTEMB8GA1UdIwQY
MBaAFP103rQYRCb6YiJbYSDDZwb3N7jiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hUZXRCaEVKdnBpSWx0aElNTm5CdmMzdU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODQ5MWYtYjA0ZC00YjBkLTkwN2It
ZDU3MDVhZTM3MDE0LzEvX1hUZXRCaEVKdnBpSWx0aElNTm5CdmMzdU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODQ5MWYtYjA0ZC00YjBkLTkwN2ItZDU3MDVhZTM3MDE0
LzEvX1hUZXRCaEVKdnBpSWx0aElNTm5CdmMzdU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAotVJPQ3h
qI1XOJqm6yRqJt5gSEX1lIYUfSnRlgxc2uNJY62LiYu8O5Xgup1qxpNNKaJ3B3d7
wV+NODpgC5R3HuTCrk2n4mjEKATEe3rwT4yTDzez664roH0CvGKeoXsegB8yjYHa
P6teO5+jQxP7azO8Dr9qfgTjtNm01yUaHKT+nHjmXpVCFcouw4W9n3U9+EenVYJw
hBc60N64emOK8CeZrRUbvl5TTlf70B09IYQOA8yn0elMU4ow9d5ZsUEw/SvIi2Cb
BPDd0EJpY+dyq1P1fVhWKVaSSg5eGK+SpmkAdvyoYagzM2BGnRm6MQz9QnUNWKQm
4YG5v9vUek3Nfw==
-----END CERTIFICATE-----
Generated at Mon Jun 29 14:39:08 2026 by rpki-client