Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
File:                     pCNxKB3-GQctEzndBIKyqvrVQs4.mft (raw, json)
Hash identifier:          S8L7Ix3P4wpuIjCdB1QLwKZzXcbrYO7imd7M2KEAkvU=
Subject key identifier:   38:7E:9F:66:8D:BE:AB:15:40:76:6B:59:E7:21:16:EE:AD:6D:B4:8E
Authority key identifier: A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
Certificate issuer:       /CN=a42371281dfe19072d1339dd0482b2aafad542ce
Certificate serial:       019F781A96B970E926D0BC5743FC719E65FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
Manifest number:          0C95
Signing time:             Sun 19 Jul 2026 02:00:36 +0000
Manifest this update:     Sun 19 Jul 2026 02:00:36 +0000
Manifest next update:     Mon 20 Jul 2026 02:00:36 +0000
Files and hashes:         1: 5-fSRldHA_TyCo0Af_n4H7VHHoo.roa (hash: n/VVjN3d2+A+fBj8+Kv149bG42PjdEV7GiSsjv6L+Uw=)
                          2: JjXi4XbAnV9bj8nE6_XGuu1V074.asa (hash: O90Cg0AUX3YziSsowsx54UsgUbqTnyh9MTtkhA73QD8=)
                          3: pCNxKB3-GQctEzndBIKyqvrVQs4.crl (hash: vejAaDS9xhyslvOTPJMJNjigD0CEpzkkImVrYBvceW4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Jul 2026 02:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:78:1a:96:b9:70:e9:26:d0:bc:57:43:fc:71:9e:65:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a42371281dfe19072d1339dd0482b2aafad542ce
        Validity
            Not Before: Jul 19 02:00:36 2026 GMT
            Not After : Jul 20 02:00:36 2026 GMT
        Subject: CN=387e9f668dbeab1540766b59e72116eead6db48e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:af:fb:0a:ad:34:46:39:67:38:44:2f:fd:49:
                    74:23:01:06:b9:79:3c:9a:70:aa:0f:86:c7:af:82:
                    98:54:43:d8:a8:b3:bd:bc:55:5f:1a:c0:81:cc:dc:
                    7f:f3:a1:b9:16:96:73:04:bb:83:d8:38:3f:b7:b3:
                    86:a2:8c:56:86:fd:48:da:b6:4b:00:72:76:bb:c1:
                    d1:34:1d:31:12:da:af:8e:9f:ff:a0:7a:1c:60:0c:
                    b7:9a:78:19:15:ba:01:7a:42:a2:ac:ef:dc:90:d7:
                    cb:b6:47:e2:de:4c:1e:0f:bc:ba:af:21:9c:a6:99:
                    51:36:39:32:b6:59:54:c9:e1:f1:3a:7f:19:2e:76:
                    56:b6:17:c0:e9:fa:67:4e:b6:ca:4c:c6:81:25:9f:
                    9c:ce:13:b9:9d:d3:46:31:76:e0:8a:c7:0e:c8:76:
                    46:ca:a9:c2:d6:81:a1:46:29:f7:49:40:de:54:a4:
                    3b:38:26:3f:da:29:6e:74:c6:0b:56:63:b2:40:21:
                    b1:fa:a6:75:dc:a3:55:0a:2f:67:ec:36:f0:fa:a0:
                    ab:23:8a:8b:98:ee:97:94:d0:9a:f7:e2:8b:ae:89:
                    8c:f9:20:f5:f4:51:65:3f:b1:34:62:4d:a6:0b:68:
                    f4:22:c9:7b:81:80:77:f9:16:62:32:ee:2c:30:08:
                    07:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:7E:9F:66:8D:BE:AB:15:40:76:6B:59:E7:21:16:EE:AD:6D:B4:8E
            X509v3 Authority Key Identifier:
                keyid:A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:bf:65:89:87:87:89:53:d5:7f:7e:5a:c5:ae:4c:de:ec:fd:
         55:0c:03:2b:43:bf:0a:5f:e2:78:18:ee:2c:0f:e1:ab:bd:f1:
         e7:6a:7a:39:81:c2:f8:80:29:a3:3b:d0:41:3e:5d:ed:30:5d:
         79:4a:0e:e3:1d:be:b7:bc:45:9a:bf:48:27:56:cd:83:14:b4:
         3b:ad:e2:f6:22:a5:2c:48:af:27:e5:9f:3c:fd:01:35:ef:65:
         dd:4c:9f:a0:fd:19:c5:a0:12:7d:98:1f:28:c2:dc:aa:32:1c:
         d7:6a:cd:51:0e:62:ac:ac:da:7c:5b:0d:b2:f5:26:1f:c0:85:
         af:3e:db:fa:c6:51:ce:d9:77:72:7c:62:08:85:bf:1a:76:f7:
         04:b5:a6:b5:3d:5d:79:94:ee:a8:7e:99:22:45:4b:7b:7f:79:
         ca:c2:1a:19:4c:89:f8:0b:3b:8e:25:96:80:06:02:8b:6f:74:
         f7:2a:b8:59:77:88:33:fb:8d:b6:29:db:3d:ee:86:0d:91:e0:
         79:3c:ae:7f:37:c5:bb:6a:9f:a1:36:17:5e:d6:ca:1b:69:eb:
         03:51:26:fd:d1:f6:90:a3:ff:51:79:6a:4c:f7:17:4f:da:3f:
         a6:22:0e:f1:fd:85:4b:84:6e:4d:aa:a5:43:d6:d5:c8:44:75:
         2b:08:39:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ94Gpa5cOkm0LxXQ/xxnmX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjM3MTI4MWRmZTE5MDcyZDEzMzlkZDA0ODJiMmFhZmFk
NTQyY2UwHhcNMjYwNzE5MDIwMDM2WhcNMjYwNzIwMDIwMDM2WjAzMTEwLwYDVQQD
EygzODdlOWY2NjhkYmVhYjE1NDA3NjZiNTllNzIxMTZlZWFkNmRiNDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK/7Cq00RjlnOEQv/Ul0IwEGuXk8
mnCqD4bHr4KYVEPYqLO9vFVfGsCBzNx/86G5FpZzBLuD2Dg/t7OGooxWhv1I2rZL
AHJ2u8HRNB0xEtqvjp//oHocYAy3mngZFboBekKirO/ckNfLtkfi3kweD7y6ryGc
pplRNjkytllUyeHxOn8ZLnZWthfA6fpnTrbKTMaBJZ+czhO5ndNGMXbgiscOyHZG
yqnC1oGhRin3SUDeVKQ7OCY/2iludMYLVmOyQCGx+qZ13KNVCi9n7Dbw+qCrI4qL
mO6XlNCa9+KLromM+SD19FFlP7E0Yk2mC2j0Isl7gYB3+RZiMu4sMAgHZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDh+n2aNvqsVQHZrWechFu6tbbSOMB8GA1UdIwQY
MBaAFKQjcSgd/hkHLRM53QSCsqr61ULOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgt
OTkwNjBlMjQ1OGVjLzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgtOTkwNjBlMjQ1OGVj
LzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs79liYeH
iVPVf35axa5M3uz9VQwDK0O/Cl/ieBjuLA/hq73x52p6OYHC+IApozvQQT5d7TBd
eUoO4x2+t7xFmr9IJ1bNgxS0O63i9iKlLEivJ+WfPP0BNe9l3UyfoP0ZxaASfZgf
KMLcqjIc12rNUQ5irKzafFsNsvUmH8CFrz7b+sZRztl3cnxiCIW/Gnb3BLWmtT1d
eZTuqH6ZIkVLe395ysIaGUyJ+As7jiWWgAYCi2909yq4WXeIM/uNtinbPe6GDZHg
eTyufzfFu2qfoTYXXtbKG2nrA1Em/dH2kKP/UXlqTPcXT9o/piIO8f2FS4RuTaql
Q9bVyER1Kwg5aw==
-----END CERTIFICATE-----
Generated at Sun Jul 19 09:54:25 2026 by rpki-client