Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/c314f4-b1ac-426f-8f21-a5e850b6a1bc/1/QlbgyzjNYSXO4U5Jcii4SQodQOk.mft
File:                     QlbgyzjNYSXO4U5Jcii4SQodQOk.mft (raw, json)
Hash identifier:          DrJTNaOsErt/4KN4R9oD/lPj1NetKPmIJL9b87pltXM=
Subject key identifier:   6F:45:DC:8C:CF:FD:83:C9:F7:F4:C2:6F:84:2B:42:27:72:43:22:8D
Authority key identifier: 42:56:E0:CB:38:CD:61:25:CE:E1:4E:49:72:28:B8:49:0A:1D:40:E9
Certificate issuer:       /CN=4256e0cb38cd6125cee14e497228b8490a1d40e9
Certificate serial:       019F1A8D230E49FC8E0A55BF032F4D8FB91E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QlbgyzjNYSXO4U5Jcii4SQodQOk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/c314f4-b1ac-426f-8f21-a5e850b6a1bc/1/QlbgyzjNYSXO4U5Jcii4SQodQOk.mft
Manifest number:          08E5
Signing time:             Tue 30 Jun 2026 22:01:24 +0000
Manifest this update:     Tue 30 Jun 2026 22:01:24 +0000
Manifest next update:     Wed 01 Jul 2026 22:01:24 +0000
Files and hashes:         1: 1-Xi8qsCjZ_PQpe6NJ6-T2dzR4GM.roa (hash: zBTP7ZR26XJl8LaBef5EoQw5nxBQyUiQLy+rkLHHEk0=)
                          2: QlbgyzjNYSXO4U5Jcii4SQodQOk.crl (hash: gBEHGgUGM6K8kZTELw/WkfS0tU2erbZ2ngVPzquqhnc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/c314f4-b1ac-426f-8f21-a5e850b6a1bc/1/QlbgyzjNYSXO4U5Jcii4SQodQOk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/c314f4-b1ac-426f-8f21-a5e850b6a1bc/1/QlbgyzjNYSXO4U5Jcii4SQodQOk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QlbgyzjNYSXO4U5Jcii4SQodQOk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 20:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1a:8d:23:0e:49:fc:8e:0a:55:bf:03:2f:4d:8f:b9:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4256e0cb38cd6125cee14e497228b8490a1d40e9
        Validity
            Not Before: Jun 30 22:01:24 2026 GMT
            Not After : Jul  1 22:01:24 2026 GMT
        Subject: CN=6f45dc8ccffd83c9f7f4c26f842b42277243228d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:da:36:00:e3:d9:36:7b:ac:ca:72:6a:0c:c0:
                    1b:0a:ab:69:68:12:8b:ee:b8:19:a9:7a:e2:a4:8a:
                    f8:e9:a9:a4:21:a7:02:45:5c:5b:e2:68:4c:9e:d4:
                    28:15:2a:80:3f:e0:7f:8f:7d:f6:5a:1b:92:06:6e:
                    ac:56:6b:f0:84:e2:3d:9f:33:4d:9b:9b:1d:d0:47:
                    dd:db:b3:c7:1c:b9:87:33:d3:44:76:1f:e2:f9:bd:
                    e1:9a:99:2e:45:30:33:fe:a7:0a:14:69:5f:3b:14:
                    07:c7:13:87:f2:b6:8d:7d:77:3f:d7:e4:9d:8c:ab:
                    91:76:d4:93:69:2a:c0:12:ea:ef:db:e4:dd:ef:76:
                    6d:6b:18:65:2b:ea:72:f1:1c:7a:2d:65:9f:f6:5f:
                    ff:d5:08:23:3d:af:74:d1:60:ef:ab:cc:59:6f:f4:
                    b1:69:6b:1f:fb:5b:d7:60:ca:f9:ed:95:79:16:72:
                    dd:4e:bc:c6:73:93:49:e5:f9:94:e0:6f:49:50:eb:
                    7a:70:c0:0d:ce:9b:9a:72:51:2f:47:81:6f:f9:ea:
                    d8:f2:48:86:c2:dd:e7:f1:15:f2:ed:a1:15:98:df:
                    c7:d5:7e:af:8f:95:b7:ef:ee:f4:3c:4b:79:8b:57:
                    da:94:bd:af:f9:c2:fe:59:64:a8:f1:93:09:6a:b0:
                    6b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:45:DC:8C:CF:FD:83:C9:F7:F4:C2:6F:84:2B:42:27:72:43:22:8D
            X509v3 Authority Key Identifier:
                keyid:42:56:E0:CB:38:CD:61:25:CE:E1:4E:49:72:28:B8:49:0A:1D:40:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QlbgyzjNYSXO4U5Jcii4SQodQOk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/c314f4-b1ac-426f-8f21-a5e850b6a1bc/1/QlbgyzjNYSXO4U5Jcii4SQodQOk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/c314f4-b1ac-426f-8f21-a5e850b6a1bc/1/QlbgyzjNYSXO4U5Jcii4SQodQOk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:5c:7c:03:6b:e6:be:c7:dd:99:e6:1e:c9:96:a5:a7:d8:c5:
         e6:c2:55:57:fa:13:ac:eb:1f:f1:25:d4:ba:59:89:b1:a0:f9:
         7c:fa:4b:e8:1e:af:9d:9f:62:b2:5b:23:44:7e:be:1c:3a:02:
         2b:99:1b:24:23:0e:13:52:bc:71:fb:c0:14:49:5a:5a:da:88:
         2f:5e:52:17:e1:7b:b3:23:3d:e6:3b:47:09:7b:06:7a:25:20:
         e4:08:04:6d:83:05:0f:e7:ba:4c:d6:c9:72:31:6a:89:9b:87:
         ed:2a:b7:37:ee:24:2f:cf:5c:36:80:0e:a7:a9:65:0d:56:cf:
         b1:df:e7:a3:31:31:42:de:4b:1d:1d:a1:ba:3f:1b:26:54:7e:
         51:14:a0:07:c9:95:81:87:95:f3:38:bd:64:ca:5c:49:07:3b:
         23:e1:f7:94:1e:67:52:1d:a9:78:fe:ac:7a:d6:46:b2:3e:c9:
         35:8f:1e:c8:ec:c9:0c:57:f5:73:b6:f8:3c:d3:d1:2b:fd:b3:
         b8:7d:c0:e4:f0:f9:92:0e:4c:62:dc:7f:48:8a:99:92:51:85:
         32:73:0a:7d:35:50:6d:d8:3c:02:9e:a6:a5:1e:b4:8b:ae:08:
         e9:dc:56:24:81:3c:de:e7:58:98:5b:dd:25:30:b1:5f:e8:a5:
         eb:e0:a0:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ajSMOSfyOClW/Ay9Nj7keMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNTZlMGNiMzhjZDYxMjVjZWUxNGU0OTcyMjhiODQ5MGEx
ZDQwZTkwHhcNMjYwNjMwMjIwMTI0WhcNMjYwNzAxMjIwMTI0WjAzMTEwLwYDVQQD
Eyg2ZjQ1ZGM4Y2NmZmQ4M2M5ZjdmNGMyNmY4NDJiNDIyNzcyNDMyMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9o2AOPZNnusynJqDMAbCqtpaBKL
7rgZqXripIr46amkIacCRVxb4mhMntQoFSqAP+B/j332WhuSBm6sVmvwhOI9nzNN
m5sd0Efd27PHHLmHM9NEdh/i+b3hmpkuRTAz/qcKFGlfOxQHxxOH8raNfXc/1+Sd
jKuRdtSTaSrAEurv2+Td73ZtaxhlK+py8Rx6LWWf9l//1QgjPa900WDvq8xZb/Sx
aWsf+1vXYMr57ZV5FnLdTrzGc5NJ5fmU4G9JUOt6cMANzpuaclEvR4Fv+erY8kiG
wt3n8RXy7aEVmN/H1X6vj5W37+70PEt5i1falL2v+cL+WWSo8ZMJarBrbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG9F3IzP/YPJ9/TCb4QrQidyQyKNMB8GA1UdIwQY
MBaAFEJW4Ms4zWElzuFOSXIouEkKHUDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWxiZ3l6ak5ZU1hPNFU1SmNpaTRTUW9kUU9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9jMzE0ZjQtYjFhYy00MjZmLThmMjEt
YTVlODUwYjZhMWJjLzEvUWxiZ3l6ak5ZU1hPNFU1SmNpaTRTUW9kUU9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9jMzE0ZjQtYjFhYy00MjZmLThmMjEtYTVlODUwYjZhMWJj
LzEvUWxiZ3l6ak5ZU1hPNFU1SmNpaTRTUW9kUU9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaFx8A2vm
vsfdmeYeyZalp9jF5sJVV/oTrOsf8SXUulmJsaD5fPpL6B6vnZ9islsjRH6+HDoC
K5kbJCMOE1K8cfvAFElaWtqIL15SF+F7syM95jtHCXsGeiUg5AgEbYMFD+e6TNbJ
cjFqiZuH7Sq3N+4kL89cNoAOp6llDVbPsd/nozExQt5LHR2huj8bJlR+URSgB8mV
gYeV8zi9ZMpcSQc7I+H3lB5nUh2peP6setZGsj7JNY8eyOzJDFf1c7b4PNPRK/2z
uH3A5PD5kg5MYtx/SIqZklGFMnMKfTVQbdg8Ap6mpR60i64I6dxWJIE83udYmFvd
JTCxX+il6+Cgsg==
-----END CERTIFICATE-----
Generated at Wed Jul 1 02:41:33 2026 by rpki-client