Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.mft
File:                     IKf8vlkxTDcraPIyIjgoseM6A-w.mft (raw, json)
Hash identifier:          pNdhk/SISipnNOtCuypbGuBC96tjB/DkUsoRfEd7qnI=
Subject key identifier:   1C:B3:55:38:2B:66:BC:D4:EC:A3:C5:17:74:56:3F:CF:5F:56:0D:21
Authority key identifier: 20:A7:FC:BE:59:31:4C:37:2B:68:F2:32:22:38:28:B1:E3:3A:03:EC
Certificate issuer:       /CN=20a7fcbe59314c372b68f232223828b1e33a03ec
Certificate serial:       019F1B686AF1DA320A25197AF69B5B4EF4FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.mft
Manifest number:          15E9
Signing time:             Wed 01 Jul 2026 02:00:55 +0000
Manifest this update:     Wed 01 Jul 2026 02:00:55 +0000
Manifest next update:     Thu 02 Jul 2026 02:00:55 +0000
Files and hashes:         1: 4ad3Sx3tHCKPvoySsJwPEN1dqk0.roa (hash: 9KW5traDiZ8b8YIka+3LA3dxjZd+hGHcIvyVnNUiXKg=)
                          2: IKf8vlkxTDcraPIyIjgoseM6A-w.crl (hash: PnDvNAgDZkc8jsvp5d/ntW06RyfwxlQVrKx3NRxN0f8=)
                          3: k82VZQjPTfp29HOrsd4ebLlbLLQ.roa (hash: mCVrb2F3QQSAvERyzJs5ziCWnKSLVC3ur8XxDFUzHh0=)
                          4: w6ZIXPDpAeu5P7_mH6HZiqnkV9o.roa (hash: Yf1g7ljDU7te6N4XEGH4NkhfBi9rKgbfTnWehMLxzL8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 23:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1b:68:6a:f1:da:32:0a:25:19:7a:f6:9b:5b:4e:f4:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20a7fcbe59314c372b68f232223828b1e33a03ec
        Validity
            Not Before: Jul  1 02:00:55 2026 GMT
            Not After : Jul  2 02:00:55 2026 GMT
        Subject: CN=1cb355382b66bcd4eca3c51774563fcf5f560d21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:91:c3:25:1d:24:1d:9c:2e:df:57:80:1c:11:
                    c9:2a:53:77:31:27:7c:34:d2:15:64:f0:dc:2b:2a:
                    c5:8b:85:cb:f8:6e:95:ca:68:a4:f2:9d:cd:d5:b2:
                    8a:13:47:b3:c9:8b:02:bd:a0:ab:ba:bd:c2:25:c6:
                    90:2a:dc:8c:9d:33:17:9c:47:43:3f:99:51:bf:77:
                    c3:23:11:8b:8f:74:ba:e1:c6:57:20:d4:53:a3:f0:
                    72:00:7c:ed:45:49:0e:9e:33:82:64:56:e8:48:e8:
                    00:f4:a6:00:d7:d9:28:14:1d:67:b9:59:73:fe:3c:
                    b5:b2:af:17:63:5a:3a:92:6c:73:e6:c5:54:fc:ef:
                    d3:1e:ae:f8:c2:44:be:2f:63:34:b8:ab:3f:d8:88:
                    df:40:2c:6e:9c:36:94:d2:46:f6:68:07:85:e1:f4:
                    c0:17:2d:30:93:c2:b8:54:80:fa:11:6b:89:25:e0:
                    09:1d:c9:ca:d4:d1:e3:16:1c:e9:f0:4d:d2:8b:ff:
                    5c:26:51:87:bf:55:1f:2e:fc:40:10:b0:07:56:c0:
                    3b:b0:a0:59:41:4f:ea:91:44:d2:a1:e7:80:75:75:
                    7f:54:70:87:3d:9b:78:74:61:33:3d:15:a7:e0:92:
                    ab:cf:0a:f7:fa:bb:39:ae:5e:3b:ca:f1:a2:7d:ea:
                    05:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:B3:55:38:2B:66:BC:D4:EC:A3:C5:17:74:56:3F:CF:5F:56:0D:21
            X509v3 Authority Key Identifier:
                keyid:20:A7:FC:BE:59:31:4C:37:2B:68:F2:32:22:38:28:B1:E3:3A:03:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKf8vlkxTDcraPIyIjgoseM6A-w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/c3988e-8654-4311-8292-426039788919/1/IKf8vlkxTDcraPIyIjgoseM6A-w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:8c:42:3e:97:20:7e:3e:6f:72:e9:e9:5a:34:56:a8:23:f5:
         e9:8a:b3:be:d3:16:2b:a5:f1:ce:51:a4:71:6c:1b:3b:77:09:
         08:1d:bd:47:01:4f:f6:60:b1:ae:f1:38:e6:31:42:84:74:62:
         ff:5a:7e:37:04:13:06:b8:3c:c7:83:fb:76:58:27:a6:0c:2f:
         c7:07:4d:7a:7e:63:0b:cb:60:6c:e3:ab:cd:6b:5b:a1:8b:3f:
         f4:e9:58:95:37:fd:a2:42:8f:a5:1b:e1:55:41:27:47:bb:b5:
         ac:0e:00:16:d9:52:35:c5:09:d9:a0:e9:59:95:f0:f8:e0:79:
         87:87:2c:6b:42:9b:2a:5d:7f:e7:4d:f6:95:c5:f4:cc:69:c5:
         19:f2:a7:02:ce:4d:70:1f:bc:a3:4c:46:57:1b:48:62:0b:73:
         b4:9a:52:56:3b:66:ac:3d:ce:5e:30:0b:45:e3:e1:8e:de:bd:
         2f:dc:54:7c:33:cf:c3:6d:1a:9d:a1:56:26:31:e4:da:8d:ed:
         cc:48:de:91:97:56:db:b9:70:fa:14:66:fa:16:11:35:a6:db:
         9d:87:df:f5:82:66:09:77:1d:0d:df:46:b9:84:01:4c:61:5c:
         ce:19:18:dd:03:dc:da:f2:1e:e0:6e:fa:5f:ff:fc:91:73:61:
         27:44:12:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8baGrx2jIKJRl69ptbTvT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTdmY2JlNTkzMTRjMzcyYjY4ZjIzMjIyMzgyOGIxZTMz
YTAzZWMwHhcNMjYwNzAxMDIwMDU1WhcNMjYwNzAyMDIwMDU1WjAzMTEwLwYDVQQD
EygxY2IzNTUzODJiNjZiY2Q0ZWNhM2M1MTc3NDU2M2ZjZjVmNTYwZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZHDJR0kHZwu31eAHBHJKlN3MSd8
NNIVZPDcKyrFi4XL+G6Vymik8p3N1bKKE0ezyYsCvaCrur3CJcaQKtyMnTMXnEdD
P5lRv3fDIxGLj3S64cZXINRTo/ByAHztRUkOnjOCZFboSOgA9KYA19koFB1nuVlz
/jy1sq8XY1o6kmxz5sVU/O/THq74wkS+L2M0uKs/2IjfQCxunDaU0kb2aAeF4fTA
Fy0wk8K4VID6EWuJJeAJHcnK1NHjFhzp8E3Si/9cJlGHv1UfLvxAELAHVsA7sKBZ
QU/qkUTSoeeAdXV/VHCHPZt4dGEzPRWn4JKrzwr3+rs5rl47yvGifeoF9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFByzVTgrZrzU7KPFF3RWP89fVg0hMB8GA1UdIwQY
MBaAFCCn/L5ZMUw3K2jyMiI4KLHjOgPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtmOHZsa3hURGNyYVBJeUlqZ29zZU02QS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9jMzk4OGUtODY1NC00MzExLTgyOTIt
NDI2MDM5Nzg4OTE5LzEvSUtmOHZsa3hURGNyYVBJeUlqZ29zZU02QS13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9jMzk4OGUtODY1NC00MzExLTgyOTItNDI2MDM5Nzg4OTE5
LzEvSUtmOHZsa3hURGNyYVBJeUlqZ29zZU02QS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuIxCPpcg
fj5vcunpWjRWqCP16YqzvtMWK6XxzlGkcWwbO3cJCB29RwFP9mCxrvE45jFChHRi
/1p+NwQTBrg8x4P7dlgnpgwvxwdNen5jC8tgbOOrzWtboYs/9OlYlTf9okKPpRvh
VUEnR7u1rA4AFtlSNcUJ2aDpWZXw+OB5h4csa0KbKl1/5032lcX0zGnFGfKnAs5N
cB+8o0xGVxtIYgtztJpSVjtmrD3OXjALRePhjt69L9xUfDPPw20anaFWJjHk2o3t
zEjekZdW27lw+hRm+hYRNabbnYff9YJmCXcdDd9GuYQBTGFczhkY3QPc2vIe4G76
X//8kXNhJ0QSvA==
-----END CERTIFICATE-----
Generated at Wed Jul 1 09:02:52 2026 by rpki-client