Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33f1ab-6a35-4e63-8bdc-a25e14d539a2/1/hyj0ANg9Saqm6TIMosv6k9pb55s.mft
File:                     hyj0ANg9Saqm6TIMosv6k9pb55s.mft (raw, json)
Hash identifier:          gE6979ybEMNcvqhN5L1qN2F6+TuP4UpZ2K6Css2p5Bo=
Subject key identifier:   6E:3C:D4:9A:5E:0A:71:D2:01:8D:D5:F6:EE:EC:5F:70:77:F7:57:5C
Authority key identifier: 87:28:F4:00:D8:3D:49:AA:A6:E9:32:0C:A2:CB:FA:93:DA:5B:E7:9B
Certificate issuer:       /CN=8728f400d83d49aaa6e9320ca2cbfa93da5be79b
Certificate serial:       019F1C0D507974B069D53BC2F7BA4A2E77B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyj0ANg9Saqm6TIMosv6k9pb55s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33f1ab-6a35-4e63-8bdc-a25e14d539a2/1/hyj0ANg9Saqm6TIMosv6k9pb55s.mft
Manifest number:          0855
Signing time:             Wed 01 Jul 2026 05:01:02 +0000
Manifest this update:     Wed 01 Jul 2026 05:01:02 +0000
Manifest next update:     Thu 02 Jul 2026 05:01:02 +0000
Files and hashes:         1: BSwE4k_qFyqxMrdShjqvF4jnTL8.roa (hash: oMo6L40X4qe6QWPhrSHg9ULY1MyzZvPQEPrBk1VTYF0=)
                          2: hyj0ANg9Saqm6TIMosv6k9pb55s.crl (hash: XwIV7TUHAuPKtWi1BoZ+DR08+YCsmweN6DD/VOHhpOI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33f1ab-6a35-4e63-8bdc-a25e14d539a2/1/hyj0ANg9Saqm6TIMosv6k9pb55s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33f1ab-6a35-4e63-8bdc-a25e14d539a2/1/hyj0ANg9Saqm6TIMosv6k9pb55s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyj0ANg9Saqm6TIMosv6k9pb55s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 23:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1c:0d:50:79:74:b0:69:d5:3b:c2:f7:ba:4a:2e:77:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8728f400d83d49aaa6e9320ca2cbfa93da5be79b
        Validity
            Not Before: Jul  1 05:01:02 2026 GMT
            Not After : Jul  2 05:01:02 2026 GMT
        Subject: CN=6e3cd49a5e0a71d2018dd5f6eeec5f7077f7575c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e4:43:b3:42:a8:5e:87:8f:2c:95:f1:28:a2:
                    ad:a5:5a:44:fd:08:41:47:39:91:85:09:a3:66:7e:
                    7b:f6:b0:bf:19:3d:14:89:cc:28:8c:33:63:d0:a9:
                    68:fd:44:a6:ff:b9:19:fe:d2:81:06:ba:bd:a8:ff:
                    2f:e0:46:64:30:f3:43:82:60:0d:27:15:83:a6:20:
                    81:57:a5:38:df:92:28:20:bc:1e:6f:74:d3:61:6a:
                    02:8e:fa:b7:af:6b:7b:2f:52:cc:73:ea:09:65:77:
                    14:96:19:ee:e3:24:dc:7a:32:13:dc:57:b7:54:d7:
                    37:6f:6e:e8:2a:3e:5a:19:5c:d4:b7:fb:96:76:d4:
                    87:ed:fe:72:c0:23:14:01:5f:82:ad:f3:74:2d:c9:
                    93:7d:44:e8:35:cf:b3:ed:c6:fd:a1:2d:b6:fa:73:
                    28:ff:83:99:cc:0b:4c:33:8d:4c:a0:85:41:8a:dc:
                    b6:5b:6a:1a:5b:35:92:6c:18:a6:b4:15:69:3a:93:
                    17:f1:aa:fd:66:8d:43:d0:47:4b:24:f1:ce:a1:df:
                    25:cb:99:cf:95:80:1a:03:db:f4:06:7b:ea:50:06:
                    69:1b:09:31:df:95:c2:80:8f:c9:fa:df:c6:6e:27:
                    4f:24:e5:68:1f:fe:f5:87:5f:e3:1e:f3:9a:4f:b7:
                    44:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:3C:D4:9A:5E:0A:71:D2:01:8D:D5:F6:EE:EC:5F:70:77:F7:57:5C
            X509v3 Authority Key Identifier:
                keyid:87:28:F4:00:D8:3D:49:AA:A6:E9:32:0C:A2:CB:FA:93:DA:5B:E7:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyj0ANg9Saqm6TIMosv6k9pb55s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33f1ab-6a35-4e63-8bdc-a25e14d539a2/1/hyj0ANg9Saqm6TIMosv6k9pb55s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33f1ab-6a35-4e63-8bdc-a25e14d539a2/1/hyj0ANg9Saqm6TIMosv6k9pb55s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:f7:6d:74:8f:6b:b5:cb:79:1b:c2:36:d1:51:61:e2:51:c1:
         d0:02:84:dc:da:5a:3f:e5:11:f9:54:7c:06:74:00:fa:58:77:
         2c:ab:70:83:96:c4:74:82:cf:30:9a:58:48:7d:d8:59:d7:f0:
         13:27:68:ec:c7:12:81:19:a6:72:57:6f:9c:2c:b3:60:91:3b:
         f9:26:29:d4:b8:de:f9:ff:6d:e6:0b:55:3d:21:dd:86:94:e1:
         1e:ea:96:e4:1b:7b:56:eb:27:b7:c4:40:3e:5b:ca:8e:d6:d8:
         85:2e:74:1d:e6:e1:f5:77:6a:3b:a1:98:18:5d:86:49:a5:8f:
         91:64:bd:4e:86:41:11:6e:9e:c9:6a:f9:cb:3a:ed:c4:d7:0e:
         29:db:ff:bf:d4:6a:ea:ae:23:1a:92:ec:f7:fb:20:f4:30:7a:
         e2:89:c7:9a:f4:fc:fe:a0:59:24:9e:70:4d:72:95:7f:36:dc:
         36:52:74:e4:15:4e:69:7e:08:69:77:9c:75:b2:2d:cf:9a:2a:
         61:5e:33:b5:ce:92:06:49:b7:28:27:35:d9:bc:cf:03:97:d2:
         23:5d:6e:2c:b9:fb:e4:24:6f:93:86:0f:b7:86:ec:3c:8e:8d:
         67:ab:ea:0e:63:9b:38:54:0f:10:4c:d0:79:b1:20:3d:50:00:
         e3:0a:1a:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8cDVB5dLBp1TvC97pKLne5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjhmNDAwZDgzZDQ5YWFhNmU5MzIwY2EyY2JmYTkzZGE1
YmU3OWIwHhcNMjYwNzAxMDUwMTAyWhcNMjYwNzAyMDUwMTAyWjAzMTEwLwYDVQQD
Eyg2ZTNjZDQ5YTVlMGE3MWQyMDE4ZGQ1ZjZlZWVjNWY3MDc3Zjc1NzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuORDs0KoXoePLJXxKKKtpVpE/QhB
RzmRhQmjZn579rC/GT0UicwojDNj0Klo/USm/7kZ/tKBBrq9qP8v4EZkMPNDgmAN
JxWDpiCBV6U435IoILweb3TTYWoCjvq3r2t7L1LMc+oJZXcUlhnu4yTcejIT3Fe3
VNc3b27oKj5aGVzUt/uWdtSH7f5ywCMUAV+CrfN0LcmTfUToNc+z7cb9oS22+nMo
/4OZzAtMM41MoIVBity2W2oaWzWSbBimtBVpOpMX8ar9Zo1D0EdLJPHOod8ly5nP
lYAaA9v0BnvqUAZpGwkx35XCgI/J+t/GbidPJOVoH/71h1/jHvOaT7dEmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG481JpeCnHSAY3V9u7sX3B391dcMB8GA1UdIwQY
MBaAFIco9ADYPUmqpukyDKLL+pPaW+ebMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlqMEFOZzlTYXFtNlRJTW9zdjZrOXBiNTVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zM2YxYWItNmEzNS00ZTYzLThiZGMt
YTI1ZTE0ZDUzOWEyLzEvaHlqMEFOZzlTYXFtNlRJTW9zdjZrOXBiNTVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zM2YxYWItNmEzNS00ZTYzLThiZGMtYTI1ZTE0ZDUzOWEy
LzEvaHlqMEFOZzlTYXFtNlRJTW9zdjZrOXBiNTVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjPdtdI9r
tct5G8I20VFh4lHB0AKE3NpaP+UR+VR8BnQA+lh3LKtwg5bEdILPMJpYSH3YWdfw
Eydo7McSgRmmcldvnCyzYJE7+SYp1Lje+f9t5gtVPSHdhpThHuqW5Bt7Vusnt8RA
PlvKjtbYhS50Hebh9XdqO6GYGF2GSaWPkWS9ToZBEW6eyWr5yzrtxNcOKdv/v9Rq
6q4jGpLs9/sg9DB64onHmvT8/qBZJJ5wTXKVfzbcNlJ05BVOaX4IaXecdbItz5oq
YV4ztc6SBkm3KCc12bzPA5fSI11uLLn75CRvk4YPt4bsPI6NZ6vqDmObOFQPEEzQ
ebEgPVAA4woacw==
-----END CERTIFICATE-----
Generated at Wed Jul 1 08:27:08 2026 by rpki-client