Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
File:                     KYm1iRINOeoU_1OWO_IxV9Mkleo.mft (raw, json)
Hash identifier:          PavC8lRDTGWZGCBMeyJxfaBRh9tS+nx1AG3gZ/Cb2JU=
Subject key identifier:   DB:DE:DF:E1:63:71:28:76:5D:79:8A:B7:0B:3E:A9:01:06:D3:26:49
Authority key identifier: 29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA
Certificate issuer:       /CN=2989b589120d39ea14ff53963bf23157d32495ea
Certificate serial:       019F2A374394478719A8AD0AB12209363671
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
Manifest number:          198F
Signing time:             Fri 03 Jul 2026 23:01:32 +0000
Manifest this update:     Fri 03 Jul 2026 23:01:32 +0000
Manifest next update:     Sat 04 Jul 2026 23:01:32 +0000
Files and hashes:         1: KYm1iRINOeoU_1OWO_IxV9Mkleo.crl (hash: 3bYRw8g4Giptvk5C7Pde5GE5oHB1fuHQdIl8NaF4QJY=)
                          2: Np8PkRIzq2H-mfEgyXXHLw4xA2o.roa (hash: kCme1YTSTXAyOTkajeANzDG66nwpOp5PNkNgd2m+u9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 20:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:2a:37:43:94:47:87:19:a8:ad:0a:b1:22:09:36:36:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2989b589120d39ea14ff53963bf23157d32495ea
        Validity
            Not Before: Jul  3 23:01:32 2026 GMT
            Not After : Jul  4 23:01:32 2026 GMT
        Subject: CN=dbdedfe1637128765d798ab70b3ea90106d32649
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:14:58:b7:50:80:5f:bf:a7:85:49:53:9c:50:
                    03:e0:05:90:10:ec:e2:f1:0e:86:43:33:23:09:05:
                    0c:20:13:9d:d8:a9:de:a0:e5:68:0d:51:e4:e7:d4:
                    5b:72:97:1d:a7:fd:c3:51:e9:43:09:b5:ed:bf:5d:
                    1c:5e:90:49:6d:d2:fe:8b:40:d5:4b:3b:08:a6:f2:
                    a6:97:d5:1f:65:36:19:2f:b3:2b:ca:29:ae:72:ca:
                    80:97:91:3c:03:5d:3a:20:6c:0b:68:fe:b7:75:a1:
                    34:8e:37:7f:b4:fd:38:18:59:9d:b9:bc:c2:bb:40:
                    56:48:70:c0:6f:76:a6:70:6e:b2:37:93:c5:88:8d:
                    a5:40:f9:8d:5e:a0:84:5e:5d:d5:d6:e7:1c:cc:35:
                    19:b1:3d:0f:1a:19:28:9b:ef:24:de:9c:1b:14:37:
                    68:29:16:e1:b6:1b:20:00:4d:dc:cf:ec:f2:d6:8b:
                    a7:9e:75:39:b7:a3:66:28:24:a0:72:39:70:1f:58:
                    17:95:37:53:86:fe:cf:e7:75:7c:1c:6d:c8:93:11:
                    39:87:a1:dc:ae:40:34:5e:c6:a3:4c:1c:2e:95:a4:
                    eb:61:d5:2a:52:a2:68:32:c2:0c:79:b9:bb:0c:a3:
                    45:e0:c8:44:82:2b:ec:74:b4:32:50:4a:e5:7c:29:
                    fa:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:DE:DF:E1:63:71:28:76:5D:79:8A:B7:0B:3E:A9:01:06:D3:26:49
            X509v3 Authority Key Identifier:
                keyid:29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:98:fc:f6:4a:48:80:a7:fa:dc:84:82:af:35:00:62:81:49:
         ad:43:17:3f:ca:db:fc:0a:80:ac:3a:47:83:c6:87:68:82:1a:
         66:0b:be:c8:31:e0:fc:3f:53:1d:ae:d3:a6:75:e9:04:8c:0d:
         f1:b8:00:23:52:08:35:74:49:f0:60:5b:7e:79:6d:54:c0:7f:
         de:bd:ac:8c:d4:ed:51:79:e6:2c:0e:d5:d2:9e:6c:6d:42:f2:
         1c:7c:46:90:0e:7e:a0:3b:6c:4b:e2:5b:1a:48:99:60:35:c8:
         a0:d6:da:59:49:83:05:d7:9b:67:ef:6e:64:6f:f2:76:2d:7a:
         1d:05:39:a0:ca:b0:e3:5e:f8:e6:ff:8f:62:ac:dd:48:1c:00:
         c9:99:78:8b:d5:9d:3e:15:68:a4:ce:77:3a:33:3c:81:fb:c3:
         72:70:0f:ba:f5:ca:6f:1c:bd:80:88:ff:9a:ab:5c:8f:78:22:
         9c:b2:d1:05:d0:ee:8f:aa:58:59:f1:12:57:8e:64:9c:24:3f:
         90:b7:8b:f4:16:50:88:b1:e6:7e:05:f4:23:b4:9c:f8:bb:a5:
         86:a8:00:a7:26:7b:8d:86:46:55:34:ed:0c:f5:70:24:d9:05:
         de:96:9d:c7:77:f3:1a:89:73:84:fb:23:08:fb:03:12:a0:cd:
         30:ac:35:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8qN0OUR4cZqK0KsSIJNjZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODliNTg5MTIwZDM5ZWExNGZmNTM5NjNiZjIzMTU3ZDMy
NDk1ZWEwHhcNMjYwNzAzMjMwMTMyWhcNMjYwNzA0MjMwMTMyWjAzMTEwLwYDVQQD
EyhkYmRlZGZlMTYzNzEyODc2NWQ3OThhYjcwYjNlYTkwMTA2ZDMyNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxRYt1CAX7+nhUlTnFAD4AWQEOzi
8Q6GQzMjCQUMIBOd2KneoOVoDVHk59Rbcpcdp/3DUelDCbXtv10cXpBJbdL+i0DV
SzsIpvKml9UfZTYZL7MryimucsqAl5E8A106IGwLaP63daE0jjd/tP04GFmdubzC
u0BWSHDAb3amcG6yN5PFiI2lQPmNXqCEXl3V1ucczDUZsT0PGhkom+8k3pwbFDdo
KRbhthsgAE3cz+zy1ounnnU5t6NmKCSgcjlwH1gXlTdThv7P53V8HG3IkxE5h6Hc
rkA0XsajTBwulaTrYdUqUqJoMsIMebm7DKNF4MhEgivsdLQyUErlfCn6oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNve3+FjcSh2XXmKtws+qQEG0yZJMB8GA1UdIwQY
MBaAFCmJtYkSDTnqFP9TljvyMVfTJJXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMt
ZmJkYmU1MTRkZjVhLzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMtZmJkYmU1MTRkZjVh
LzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMZj89kpI
gKf63ISCrzUAYoFJrUMXP8rb/AqArDpHg8aHaIIaZgu+yDHg/D9THa7TpnXpBIwN
8bgAI1IINXRJ8GBbfnltVMB/3r2sjNTtUXnmLA7V0p5sbULyHHxGkA5+oDtsS+Jb
GkiZYDXIoNbaWUmDBdebZ+9uZG/ydi16HQU5oMqw41745v+PYqzdSBwAyZl4i9Wd
PhVopM53OjM8gfvDcnAPuvXKbxy9gIj/mqtcj3ginLLRBdDuj6pYWfESV45knCQ/
kLeL9BZQiLHmfgX0I7Sc+LulhqgApyZ7jYZGVTTtDPVwJNkF3padx3fzGolzhPsj
CPsDEqDNMKw1eQ==
-----END CERTIFICATE-----
Generated at Sat Jul 4 01:28:16 2026 by rpki-client