Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft
File:                     z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft (raw, json)
Hash identifier:          0y6PlDBPU7tiqJGzDkhsRHhWmNJzdMcWJouTOCThfOU=
Subject key identifier:   AB:39:C6:F3:03:A4:3C:ED:5B:41:CF:47:83:B1:79:69:2C:3B:30:0D
Authority key identifier: CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11
Certificate issuer:       /CN=cf66224bcfb8b82deaabac8c4ca250371b974611
Certificate serial:       019F1A8C875D1A7B5D1A60F83067C1BA6753
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft
Manifest number:          198A
Signing time:             Tue 30 Jun 2026 22:00:44 +0000
Manifest this update:     Tue 30 Jun 2026 22:00:44 +0000
Manifest next update:     Wed 01 Jul 2026 22:00:44 +0000
Files and hashes:         1: BVCNuyEI8Escb23UOBkojnAQ3uU.roa (hash: TpAVxATDxHC3mnDA/ZCfMM4mNI1Q7807T0lCqaxfnlA=)
                          2: z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl (hash: I9E8kV6dbIEKhavLN5ThdCwuEvNUu/uFQCXiihrcwVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 20:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1a:8c:87:5d:1a:7b:5d:1a:60:f8:30:67:c1:ba:67:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf66224bcfb8b82deaabac8c4ca250371b974611
        Validity
            Not Before: Jun 30 22:00:44 2026 GMT
            Not After : Jul  1 22:00:44 2026 GMT
        Subject: CN=ab39c6f303a43ced5b41cf4783b179692c3b300d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:2e:0b:e6:37:08:3f:64:4f:40:70:61:c1:9b:
                    3e:e4:a8:4c:92:57:4e:42:13:c1:ca:3a:cb:be:71:
                    e4:52:46:a2:6e:9a:d4:56:56:9d:df:e4:06:22:53:
                    62:85:cf:fd:e6:c1:0b:51:15:fe:a5:84:ab:a9:22:
                    c9:a3:9a:5f:e0:e3:91:3f:67:47:c1:9d:3e:b5:94:
                    3c:51:0a:88:58:de:a7:cf:2b:27:3c:64:b7:12:54:
                    a3:d3:6e:80:2c:44:08:ee:42:c5:b8:f6:fc:3b:7f:
                    ec:41:2c:f1:03:7f:96:58:d9:3c:eb:c8:9e:6f:db:
                    9a:9e:a9:6b:44:97:7b:73:20:d1:30:13:0c:da:de:
                    98:fd:21:4a:44:03:57:d0:42:be:bd:91:47:ad:91:
                    84:ac:fb:7b:c5:4c:51:75:6b:0d:fc:1c:a3:ea:0e:
                    6b:5e:b8:17:d7:df:a4:5e:e0:48:3c:fa:41:7b:66:
                    63:c7:76:5f:32:86:fa:d2:6f:4c:76:ef:fb:a9:9b:
                    d4:fa:01:e2:86:13:43:ac:a0:5e:9d:b0:44:6d:29:
                    81:35:55:81:49:8e:69:5f:ab:5e:82:2c:6e:05:67:
                    1c:1a:2f:06:16:fd:81:cc:e2:24:cf:3f:9c:d7:b4:
                    db:91:c6:43:71:51:ed:3d:5a:2f:b9:9e:36:34:6c:
                    65:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:39:C6:F3:03:A4:3C:ED:5B:41:CF:47:83:B1:79:69:2C:3B:30:0D
            X509v3 Authority Key Identifier:
                keyid:CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:f6:11:24:7f:fc:8e:07:18:9f:b3:ec:b5:c4:48:cb:bf:fa:
         64:67:7f:e2:a7:ef:24:f2:13:4c:42:de:8f:49:fa:4a:ee:99:
         15:a6:cb:7d:e8:50:a5:05:e2:eb:3e:5d:77:d5:92:45:b6:6b:
         8a:1d:9b:80:f6:13:48:17:25:5d:02:09:14:b0:b6:f6:07:dd:
         72:29:07:c7:02:cc:b4:48:fc:e0:6f:d9:a4:22:dc:4c:53:55:
         bc:e9:56:64:73:4a:4b:bd:a8:04:b6:61:74:60:c0:09:81:d1:
         7e:aa:dc:00:76:77:e0:47:85:c6:e2:cc:cf:16:13:c2:ac:24:
         65:c5:d3:b0:dd:cd:cb:49:7b:5b:37:c0:7f:09:6b:ff:ed:e9:
         72:19:de:40:f1:6d:fe:76:d4:00:5d:0f:f3:18:3b:57:8c:be:
         8f:11:1a:f3:e7:b2:58:1d:a2:2f:27:9b:9d:ad:75:59:ef:b4:
         dc:27:36:aa:10:86:f3:ff:6d:12:60:7f:97:c1:1c:a5:d1:73:
         e0:2b:0b:47:87:12:c2:c3:81:0e:39:06:13:8a:f9:7e:df:ae:
         67:0c:04:cb:fc:c6:dd:0b:ea:46:26:ab:b3:7e:39:e9:60:16:
         f4:dd:f4:7e:ce:b2:3b:a3:31:d8:dc:ff:45:1d:5c:98:49:ad:
         ce:5a:fe:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ajIddGntdGmD4MGfBumdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjYyMjRiY2ZiOGI4MmRlYWFiYWM4YzRjYTI1MDM3MWI5
NzQ2MTEwHhcNMjYwNjMwMjIwMDQ0WhcNMjYwNzAxMjIwMDQ0WjAzMTEwLwYDVQQD
EyhhYjM5YzZmMzAzYTQzY2VkNWI0MWNmNDc4M2IxNzk2OTJjM2IzMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjy4L5jcIP2RPQHBhwZs+5KhMkldO
QhPByjrLvnHkUkaibprUVlad3+QGIlNihc/95sELURX+pYSrqSLJo5pf4OORP2dH
wZ0+tZQ8UQqIWN6nzysnPGS3ElSj026ALEQI7kLFuPb8O3/sQSzxA3+WWNk868ie
b9uanqlrRJd7cyDRMBMM2t6Y/SFKRANX0EK+vZFHrZGErPt7xUxRdWsN/Byj6g5r
XrgX19+kXuBIPPpBe2Zjx3ZfMob60m9Mdu/7qZvU+gHihhNDrKBenbBEbSmBNVWB
SY5pX6tegixuBWccGi8GFv2BzOIkzz+c17TbkcZDcVHtPVovuZ42NGxlRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKs5xvMDpDztW0HPR4OxeWksOzANMB8GA1UdIwQY
MBaAFM9mIkvPuLgt6qusjEyiUDcbl0YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjIt
Yjk1NGM1MGZkYmIwLzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjItYjk1NGM1MGZkYmIw
LzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMfYRJH/8
jgcYn7PstcRIy7/6ZGd/4qfvJPITTELej0n6Su6ZFabLfehQpQXi6z5dd9WSRbZr
ih2bgPYTSBclXQIJFLC29gfdcikHxwLMtEj84G/ZpCLcTFNVvOlWZHNKS72oBLZh
dGDACYHRfqrcAHZ34EeFxuLMzxYTwqwkZcXTsN3Ny0l7WzfAfwlr/+3pchneQPFt
/nbUAF0P8xg7V4y+jxEa8+eyWB2iLyebna11We+03Cc2qhCG8/9tEmB/l8EcpdFz
4CsLR4cSwsOBDjkGE4r5ft+uZwwEy/zG3QvqRiars3456WAW9N30fs6yO6Mx2Nz/
RR1cmEmtzlr+3A==
-----END CERTIFICATE-----
Generated at Wed Jul 1 02:39:29 2026 by rpki-client