Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
File:                     SFk-QNpaUvMi21oEwg-0htThVQI.mft (raw, json)
Hash identifier:          HC4LRL5vV+uZgf7g0N+5QetCqteFpEcZfF6uaafOXeU=
Subject key identifier:   AC:6F:7C:5E:CA:FE:AD:09:31:D6:18:3C:C7:71:90:EA:E0:9A:CF:70
Authority key identifier: 48:59:3E:40:DA:5A:52:F3:22:DB:5A:04:C2:0F:B4:86:D4:E1:55:02
Certificate issuer:       /CN=48593e40da5a52f322db5a04c20fb486d4e15502
Certificate serial:       019F3904EFC3CE74A242E064D22EF20DE4D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
Manifest number:          1654
Signing time:             Mon 06 Jul 2026 20:00:52 +0000
Manifest this update:     Mon 06 Jul 2026 20:00:52 +0000
Manifest next update:     Tue 07 Jul 2026 20:00:52 +0000
Files and hashes:         1: SFk-QNpaUvMi21oEwg-0htThVQI.crl (hash: /W0AXaMktdb20et3Qocuulu4SkKba05eRZ1C8YFuwEM=)
                          2: VFzP0FGh0SQzSyAC9MEO9bnaqZU.roa (hash: DwjrXgZVVBQjvwjFMKe9t4mZj6kib5GRnctDIksFE5w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 Jul 2026 20:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:39:04:ef:c3:ce:74:a2:42:e0:64:d2:2e:f2:0d:e4:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48593e40da5a52f322db5a04c20fb486d4e15502
        Validity
            Not Before: Jul  6 20:00:52 2026 GMT
            Not After : Jul  7 20:00:52 2026 GMT
        Subject: CN=ac6f7c5ecafead0931d6183cc77190eae09acf70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:68:3b:57:8b:a4:c8:40:01:18:f8:2c:dc:d9:
                    13:e9:7a:45:2e:69:cc:b5:60:e3:ce:53:25:26:e0:
                    42:7e:3b:c7:f6:2e:1f:f8:8f:75:09:cb:76:07:ef:
                    2d:31:33:a4:3c:77:4f:95:59:23:19:b4:eb:b5:a8:
                    b7:d7:7b:37:36:3d:23:9b:6c:1d:a0:44:27:bc:a5:
                    33:15:67:c4:bc:54:70:f0:f3:19:a9:e9:74:df:ca:
                    70:bb:f7:ff:43:1c:96:84:5e:02:90:15:21:ce:5b:
                    9a:7e:89:eb:dd:a4:cc:d8:ba:e6:79:74:d3:fd:c0:
                    ee:35:76:9f:5c:0b:e5:ed:62:e1:8f:1c:3f:5b:60:
                    af:91:54:af:8a:8f:15:dd:22:20:a6:49:4a:b9:d5:
                    27:a3:86:e0:be:95:d3:bc:d5:2c:5a:5f:8c:d6:53:
                    9c:67:c4:a4:0c:73:76:22:50:db:de:2c:0f:1a:1d:
                    42:5b:59:c9:d1:88:25:e2:0d:a5:b0:f4:d3:51:9c:
                    c6:77:c0:81:b0:90:1e:f3:28:ef:5a:73:1b:93:7a:
                    31:9e:ef:20:1b:88:f4:db:87:81:28:62:10:99:0f:
                    22:46:d1:57:b0:b1:4c:ef:99:48:7f:d4:cf:2e:f6:
                    dc:0f:33:0d:9b:3c:c6:22:b3:e2:13:68:83:88:7a:
                    77:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:6F:7C:5E:CA:FE:AD:09:31:D6:18:3C:C7:71:90:EA:E0:9A:CF:70
            X509v3 Authority Key Identifier:
                keyid:48:59:3E:40:DA:5A:52:F3:22:DB:5A:04:C2:0F:B4:86:D4:E1:55:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:ec:af:0d:45:db:4f:4a:2f:17:e4:d5:16:09:fd:f9:12:d3:
         6a:33:e1:67:1e:01:ff:0f:30:4f:96:a8:e6:50:d6:38:d1:b0:
         e3:c7:9a:46:78:08:33:cd:fa:49:7f:93:6c:0d:c5:0e:1e:2d:
         36:93:fe:1c:bc:2e:05:f8:79:48:b6:e2:fa:a2:08:58:e1:28:
         e6:87:bb:eb:e5:c9:6d:40:a5:c4:c4:2b:45:95:95:a8:85:47:
         a2:d2:50:fe:01:70:e1:61:45:34:75:a3:12:db:32:bd:1a:e3:
         a1:33:7b:3c:c9:1f:2a:6b:87:51:b8:6d:03:8c:4d:62:49:1a:
         ac:e3:c3:4d:db:45:0b:f0:ad:fb:04:3f:5b:12:f0:a1:03:5e:
         e7:13:47:a6:db:79:82:d2:6b:c8:00:0b:98:03:14:93:32:16:
         c3:de:3f:3a:07:42:57:a0:84:6e:63:e9:cb:9e:f0:dc:9a:51:
         4f:7d:59:e5:bf:6b:8d:3e:a1:9f:b6:a1:b3:14:a6:0c:4b:f2:
         84:48:72:34:62:37:62:c4:67:31:67:b5:56:74:c9:38:1b:64:
         04:43:be:e5:bd:21:a9:69:be:14:3f:c4:ce:57:d8:fa:62:b7:
         17:87:53:02:06:5e:f0:8b:16:9b:2b:67:f9:f9:30:b5:b7:fd:
         4e:1a:88:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ85BO/DznSiQuBk0i7yDeTTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTkzZTQwZGE1YTUyZjMyMmRiNWEwNGMyMGZiNDg2ZDRl
MTU1MDIwHhcNMjYwNzA2MjAwMDUyWhcNMjYwNzA3MjAwMDUyWjAzMTEwLwYDVQQD
EyhhYzZmN2M1ZWNhZmVhZDA5MzFkNjE4M2NjNzcxOTBlYWUwOWFjZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmg7V4ukyEABGPgs3NkT6XpFLmnM
tWDjzlMlJuBCfjvH9i4f+I91Cct2B+8tMTOkPHdPlVkjGbTrtai313s3Nj0jm2wd
oEQnvKUzFWfEvFRw8PMZqel038pwu/f/QxyWhF4CkBUhzluafonr3aTM2LrmeXTT
/cDuNXafXAvl7WLhjxw/W2CvkVSvio8V3SIgpklKudUno4bgvpXTvNUsWl+M1lOc
Z8SkDHN2IlDb3iwPGh1CW1nJ0Ygl4g2lsPTTUZzGd8CBsJAe8yjvWnMbk3oxnu8g
G4j024eBKGIQmQ8iRtFXsLFM75lIf9TPLvbcDzMNmzzGIrPiE2iDiHp33wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxvfF7K/q0JMdYYPMdxkOrgms9wMB8GA1UdIwQY
MBaAFEhZPkDaWlLzIttaBMIPtIbU4VUCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NzAwYzgtZjlhYi00MmE3LWIxZmEt
ZTY4YTA4ZDllNTRmLzEvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NzAwYzgtZjlhYi00MmE3LWIxZmEtZTY4YTA4ZDllNTRm
LzEvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHeyvDUXb
T0ovF+TVFgn9+RLTajPhZx4B/w8wT5ao5lDWONGw48eaRngIM836SX+TbA3FDh4t
NpP+HLwuBfh5SLbi+qIIWOEo5oe76+XJbUClxMQrRZWVqIVHotJQ/gFw4WFFNHWj
EtsyvRrjoTN7PMkfKmuHUbhtA4xNYkkarOPDTdtFC/Ct+wQ/WxLwoQNe5xNHptt5
gtJryAALmAMUkzIWw94/OgdCV6CEbmPpy57w3JpRT31Z5b9rjT6hn7ahsxSmDEvy
hEhyNGI3YsRnMWe1VnTJOBtkBEO+5b0hqWm+FD/EzlfY+mK3F4dTAgZe8IsWmytn
+fkwtbf9ThqIhw==
-----END CERTIFICATE-----
Generated at Tue Jul 7 03:34:44 2026 by rpki-client