Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
File:                     8zk0PMbVHduONjgpmhu0lfRYCSE.mft (raw, json)
Hash identifier:          vxtG9E3YCtxVJg/w2txAlZTiKG4mPvYhoN/L3BOlTls=
Subject key identifier:   5C:C7:70:FD:34:CF:0B:A1:16:A2:13:67:5A:D1:F5:7E:61:5F:DE:A2
Authority key identifier: F3:39:34:3C:C6:D5:1D:DB:8E:36:38:29:9A:1B:B4:95:F4:58:09:21
Certificate issuer:       /CN=f339343cc6d51ddb8e3638299a1bb495f4580921
Certificate serial:       019DCE2BAD8D7AB71D05F0549233BF5D97B8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
Manifest number:          18DC
Signing time:             Mon 27 Apr 2026 09:01:02 +0000
Manifest this update:     Mon 27 Apr 2026 09:01:02 +0000
Manifest next update:     Tue 28 Apr 2026 09:01:02 +0000
Files and hashes:         1: 3ZbP8D4oyhCe4u5mlugxkhUP_G4.roa (hash: mYQ4ggMgVLrFbz01ZBuOhgHTwYfwTmz0/Kv0k+37TBo=)
                          2: 8zk0PMbVHduONjgpmhu0lfRYCSE.crl (hash: Q5IJZzkg1b6nhQ/jry0leUpWBUJzUVzItWb3qJWyKj4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 Apr 2026 09:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:ce:2b:ad:8d:7a:b7:1d:05:f0:54:92:33:bf:5d:97:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f339343cc6d51ddb8e3638299a1bb495f4580921
        Validity
            Not Before: Apr 27 09:01:02 2026 GMT
            Not After : Apr 28 09:01:02 2026 GMT
        Subject: CN=5cc770fd34cf0ba116a213675ad1f57e615fdea2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:e6:37:e2:50:16:60:09:5f:75:ae:c7:12:66:
                    38:1a:08:a1:a9:0c:8d:4d:27:a3:3c:cf:ac:cc:1a:
                    63:c9:76:91:dc:ac:90:3c:98:ca:19:53:d8:44:b0:
                    9b:5a:85:6b:5d:15:28:23:76:89:ae:42:92:9c:49:
                    5d:4f:21:f7:48:ae:6a:3e:f9:c4:ce:ee:85:e0:3f:
                    cb:1e:cd:08:0c:13:d0:1c:c4:1e:2d:27:19:fa:18:
                    79:8c:03:32:74:34:4f:b4:05:c4:02:5a:3d:07:ad:
                    fc:87:ea:70:41:36:a3:67:36:39:00:2b:be:e2:d7:
                    69:12:a1:18:3b:56:bc:9f:8d:d1:65:e7:4e:8e:ed:
                    32:7b:60:19:ff:f5:47:54:a6:e9:79:b1:f5:e8:c7:
                    8e:66:d1:f7:10:fa:04:a4:1f:b2:72:b3:20:da:61:
                    71:d4:3d:fc:c9:24:79:3e:e6:92:c7:cd:d1:ca:53:
                    da:12:80:80:44:57:4e:39:a2:8a:30:4d:1d:87:87:
                    9a:58:be:d7:01:bb:f7:cc:89:ae:8e:ab:35:28:f6:
                    3f:11:81:5e:52:07:ff:04:07:d3:c8:67:4d:7c:af:
                    b9:fa:1e:85:f5:f8:0c:4b:89:b8:e7:6e:70:72:e9:
                    0d:ec:ab:d5:5d:70:6f:1c:77:af:88:18:fb:82:08:
                    de:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:C7:70:FD:34:CF:0B:A1:16:A2:13:67:5A:D1:F5:7E:61:5F:DE:A2
            X509v3 Authority Key Identifier:
                keyid:F3:39:34:3C:C6:D5:1D:DB:8E:36:38:29:9A:1B:B4:95:F4:58:09:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:63:63:84:74:a9:a9:55:40:e0:39:26:a1:9d:02:9f:a1:fb:
         68:4b:66:d7:50:f4:8c:a4:3e:4b:01:c3:04:97:b1:b8:a2:63:
         22:22:d8:c0:2a:ab:75:46:29:40:61:2c:23:c3:85:b6:c4:50:
         a8:3c:ff:87:87:5f:c4:25:37:40:37:21:cf:3d:fa:09:37:88:
         6b:f2:2e:cb:9b:67:d8:08:e7:2d:42:d0:5e:e1:e8:89:30:46:
         3c:81:51:e0:3e:30:86:d1:e1:81:13:2e:cb:87:5e:bd:ac:9a:
         d6:68:c1:67:f6:9f:2a:87:a9:91:59:b8:15:93:06:5d:4d:96:
         45:c1:0c:bc:8b:25:fc:35:fc:91:e4:f0:a3:a0:f0:e8:f6:de:
         56:fb:87:cf:2d:91:86:0f:8c:aa:bc:0d:55:89:a1:50:a2:36:
         c6:c0:ff:9d:18:bf:41:f9:42:42:f8:32:eb:27:c7:79:22:c5:
         27:77:b3:18:c0:dd:ec:bc:ce:a6:af:30:f6:68:1c:23:bd:4d:
         ec:23:55:af:b1:50:1e:e1:1d:79:b0:31:46:52:81:b6:98:85:
         5f:c4:de:dd:a2:8e:4e:f4:06:3a:41:9e:9f:9e:3b:a1:02:ff:
         5c:54:50:19:9d:33:ee:57:c5:dc:93:47:60:bb:dd:a0:e2:1e:
         f5:60:d7:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OK62NercdBfBUkjO/XZe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMzkzNDNjYzZkNTFkZGI4ZTM2MzgyOTlhMWJiNDk1ZjQ1
ODA5MjEwHhcNMjYwNDI3MDkwMTAyWhcNMjYwNDI4MDkwMTAyWjAzMTEwLwYDVQQD
Eyg1Y2M3NzBmZDM0Y2YwYmExMTZhMjEzNjc1YWQxZjU3ZTYxNWZkZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uY34lAWYAlfda7HEmY4GgihqQyN
TSejPM+szBpjyXaR3KyQPJjKGVPYRLCbWoVrXRUoI3aJrkKSnEldTyH3SK5qPvnE
zu6F4D/LHs0IDBPQHMQeLScZ+hh5jAMydDRPtAXEAlo9B638h+pwQTajZzY5ACu+
4tdpEqEYO1a8n43RZedOju0ye2AZ//VHVKbpebH16MeOZtH3EPoEpB+ycrMg2mFx
1D38ySR5PuaSx83RylPaEoCARFdOOaKKME0dh4eaWL7XAbv3zImujqs1KPY/EYFe
Ugf/BAfTyGdNfK+5+h6F9fgMS4m4525wcukN7KvVXXBvHHeviBj7ggjeRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzHcP00zwuhFqITZ1rR9X5hX96iMB8GA1UdIwQY
MBaAFPM5NDzG1R3bjjY4KZobtJX0WAkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81ZGU2ZGYtY2U0Zi00YjA5LTgyZDIt
Mzc3ZDI1YmU1OTRkLzEvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81ZGU2ZGYtY2U0Zi00YjA5LTgyZDItMzc3ZDI1YmU1OTRk
LzEvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb2NjhHSp
qVVA4DkmoZ0Cn6H7aEtm11D0jKQ+SwHDBJexuKJjIiLYwCqrdUYpQGEsI8OFtsRQ
qDz/h4dfxCU3QDchzz36CTeIa/Iuy5tn2AjnLULQXuHoiTBGPIFR4D4whtHhgRMu
y4devaya1mjBZ/afKoepkVm4FZMGXU2WRcEMvIsl/DX8keTwo6Dw6PbeVvuHzy2R
hg+MqrwNVYmhUKI2xsD/nRi/QflCQvgy6yfHeSLFJ3ezGMDd7LzOpq8w9mgcI71N
7CNVr7FQHuEdebAxRlKBtpiFX8Te3aKOTvQGOkGen547oQL/XFRQGZ0z7lfF3JNH
YLvdoOIe9WDXLw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:06:24 2026 by rpki-client