Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/74c76f-5d70-4eef-99f5-131cc48640dc/1/iWsznbz4QR1YQAjPAptHyIqzedU.mft
File:                     iWsznbz4QR1YQAjPAptHyIqzedU.mft (raw, json)
Hash identifier:          NHu3VmUqILqK7fV8Ua2Y7tbypr8hJ29fyrTJAYKZpt4=
Subject key identifier:   89:C8:26:19:21:68:6F:7C:AF:2A:E4:EE:10:5F:82:0C:35:3F:F7:42
Authority key identifier: 89:6B:33:9D:BC:F8:41:1D:58:40:08:CF:02:9B:47:C8:8A:B3:79:D5
Certificate issuer:       /CN=896b339dbcf8411d584008cf029b47c88ab379d5
Certificate serial:       019F1A1EFF58B8C3F2BBFF006F4E7687D824
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iWsznbz4QR1YQAjPAptHyIqzedU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/74c76f-5d70-4eef-99f5-131cc48640dc/1/iWsznbz4QR1YQAjPAptHyIqzedU.mft
Manifest number:          0165
Signing time:             Tue 30 Jun 2026 20:01:06 +0000
Manifest this update:     Tue 30 Jun 2026 20:01:06 +0000
Manifest next update:     Wed 01 Jul 2026 20:01:06 +0000
Files and hashes:         1: _01xdN9b6VGiDq8TdVfHkv4nsNA.roa (hash: cof+3EhtbeAEqNmK/OvBSq8ShRaGyYdb9JejvgRl8nA=)
                          2: iWsznbz4QR1YQAjPAptHyIqzedU.crl (hash: REcwRuw54hkRppQZmwsm52PQJi7gVy968RFrUp2IGv4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/74c76f-5d70-4eef-99f5-131cc48640dc/1/iWsznbz4QR1YQAjPAptHyIqzedU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/74c76f-5d70-4eef-99f5-131cc48640dc/1/iWsznbz4QR1YQAjPAptHyIqzedU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iWsznbz4QR1YQAjPAptHyIqzedU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 20:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1a:1e:ff:58:b8:c3:f2:bb:ff:00:6f:4e:76:87:d8:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=896b339dbcf8411d584008cf029b47c88ab379d5
        Validity
            Not Before: Jun 30 20:01:06 2026 GMT
            Not After : Jul  1 20:01:06 2026 GMT
        Subject: CN=89c8261921686f7caf2ae4ee105f820c353ff742
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:d0:c4:ab:f1:d6:ad:35:c9:b8:11:36:bc:f5:
                    6e:a8:f0:e8:03:fd:16:eb:2b:a0:50:03:12:34:05:
                    bb:6c:76:58:d1:06:74:2e:93:cd:43:d8:d9:8c:3c:
                    e5:f9:ed:c3:0e:1c:52:31:43:b2:9e:5e:5c:92:73:
                    f9:86:21:cb:73:f4:b9:3d:6e:bf:92:7c:fa:2a:2b:
                    ee:07:44:ae:f4:88:86:f6:76:50:d9:73:cb:33:04:
                    a8:5d:5a:d6:a1:dc:f9:ec:a1:82:d6:6a:04:33:12:
                    76:82:68:b0:a7:11:e1:b5:e4:0b:70:be:6b:14:78:
                    0f:6e:c0:9e:17:39:86:ef:ff:b7:7f:26:a7:4b:62:
                    b9:94:a1:62:2c:0c:25:e4:13:b9:25:8d:f0:5e:c7:
                    c0:c8:cd:bc:26:4b:ad:f4:db:60:46:d3:3b:fc:fb:
                    36:f9:c6:6d:1e:9f:a4:82:c5:03:5d:5f:80:b1:a4:
                    9a:84:a3:8b:67:63:ff:ce:11:9a:ff:d0:0d:10:dc:
                    fb:6b:91:96:1a:0f:83:4b:56:9f:b9:f7:58:9c:14:
                    3d:76:d6:f6:c6:c2:cb:f6:48:11:72:e8:f8:d9:01:
                    99:79:b1:c7:82:02:17:03:27:b8:7e:b7:40:99:b9:
                    ea:6e:eb:e5:fb:b0:da:23:d6:2a:ae:76:43:c7:8c:
                    16:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:C8:26:19:21:68:6F:7C:AF:2A:E4:EE:10:5F:82:0C:35:3F:F7:42
            X509v3 Authority Key Identifier:
                keyid:89:6B:33:9D:BC:F8:41:1D:58:40:08:CF:02:9B:47:C8:8A:B3:79:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWsznbz4QR1YQAjPAptHyIqzedU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74c76f-5d70-4eef-99f5-131cc48640dc/1/iWsznbz4QR1YQAjPAptHyIqzedU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74c76f-5d70-4eef-99f5-131cc48640dc/1/iWsznbz4QR1YQAjPAptHyIqzedU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:f3:58:77:90:0e:4a:10:a9:ee:e6:16:99:35:f1:b7:05:0f:
         ff:54:74:39:fa:29:73:5c:8a:1f:13:45:fb:f9:bb:e2:dd:12:
         17:8b:81:1d:c4:51:3e:28:3a:2c:26:58:58:d1:da:73:23:20:
         65:bd:ab:5a:9c:5e:18:b7:2b:f4:38:b9:fd:6d:64:56:85:ce:
         37:e1:c5:a9:d2:de:7f:fb:04:53:05:b8:5e:d5:1d:01:5f:41:
         d0:42:9c:39:bb:eb:c7:df:d0:51:52:bd:0c:72:83:7c:8e:06:
         b8:0c:2d:52:46:93:74:30:d3:6e:79:bc:57:99:96:4f:20:39:
         bc:c3:3e:8e:02:84:42:64:78:b0:02:dc:1e:a5:34:87:3e:fc:
         a6:96:8b:21:ab:5e:0d:95:33:34:de:f3:07:40:42:82:81:0d:
         8d:7e:82:03:87:d0:b0:5f:8a:78:18:b4:07:dc:8f:3b:58:b8:
         22:17:04:6c:98:45:46:b1:8d:32:f1:b7:ea:68:25:97:e4:10:
         8f:b4:03:8a:82:b4:05:ca:a4:b2:c5:7c:0c:85:4f:79:ad:64:
         d3:dd:2f:ae:e8:36:0d:ae:21:ec:1d:cc:63:36:59:99:5a:af:
         ab:32:37:ed:ad:fa:65:a0:a6:51:50:20:66:ea:47:70:73:32:
         fd:97:40:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8aHv9YuMPyu/8Ab052h9gkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmIzMzlkYmNmODQxMWQ1ODQwMDhjZjAyOWI0N2M4OGFi
Mzc5ZDUwHhcNMjYwNjMwMjAwMTA2WhcNMjYwNzAxMjAwMTA2WjAzMTEwLwYDVQQD
Eyg4OWM4MjYxOTIxNjg2ZjdjYWYyYWU0ZWUxMDVmODIwYzM1M2ZmNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNDEq/HWrTXJuBE2vPVuqPDoA/0W
6yugUAMSNAW7bHZY0QZ0LpPNQ9jZjDzl+e3DDhxSMUOynl5cknP5hiHLc/S5PW6/
knz6KivuB0Su9IiG9nZQ2XPLMwSoXVrWodz57KGC1moEMxJ2gmiwpxHhteQLcL5r
FHgPbsCeFzmG7/+3fyanS2K5lKFiLAwl5BO5JY3wXsfAyM28Jkut9NtgRtM7/Ps2
+cZtHp+kgsUDXV+AsaSahKOLZ2P/zhGa/9ANENz7a5GWGg+DS1afufdYnBQ9dtb2
xsLL9kgRcuj42QGZebHHggIXAye4frdAmbnqbuvl+7DaI9YqrnZDx4wWGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFInIJhkhaG98ryrk7hBfggw1P/dCMB8GA1UdIwQY
MBaAFIlrM528+EEdWEAIzwKbR8iKs3nVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdzem5iejRRUjFZUUFqUEFwdEh5SXF6ZWRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NGM3NmYtNWQ3MC00ZWVmLTk5ZjUt
MTMxY2M0ODY0MGRjLzEvaVdzem5iejRRUjFZUUFqUEFwdEh5SXF6ZWRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NGM3NmYtNWQ3MC00ZWVmLTk5ZjUtMTMxY2M0ODY0MGRj
LzEvaVdzem5iejRRUjFZUUFqUEFwdEh5SXF6ZWRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHPNYd5AO
ShCp7uYWmTXxtwUP/1R0Ofopc1yKHxNF+/m74t0SF4uBHcRRPig6LCZYWNHacyMg
Zb2rWpxeGLcr9Di5/W1kVoXON+HFqdLef/sEUwW4XtUdAV9B0EKcObvrx9/QUVK9
DHKDfI4GuAwtUkaTdDDTbnm8V5mWTyA5vMM+jgKEQmR4sALcHqU0hz78ppaLIate
DZUzNN7zB0BCgoENjX6CA4fQsF+KeBi0B9yPO1i4IhcEbJhFRrGNMvG36mgll+QQ
j7QDioK0BcqkssV8DIVPea1k090vrug2Da4h7B3MYzZZmVqvqzI37a36ZaCmUVAg
ZupHcHMy/ZdAiA==
-----END CERTIFICATE-----
Generated at Wed Jul 1 02:39:05 2026 by rpki-client