Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
File:                     dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft (raw, json)
Hash identifier:          QMHvfZGo6ff5fsmzVq24iZek1y/dJ8+qHqOF+csl2nE=
Subject key identifier:   F2:0C:89:69:FB:37:47:6A:F9:60:56:E7:02:BD:EC:9B:C3:D3:41:A5
Authority key identifier: 74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9
Certificate issuer:       /CN=749d8a4328930b938fa86018b1e447ee4d8da8f9
Certificate serial:       019F1CB2DB0DF70DA2DCA1F62C2633F2A290
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
Manifest number:          0306
Signing time:             Wed 01 Jul 2026 08:01:51 +0000
Manifest this update:     Wed 01 Jul 2026 08:01:51 +0000
Manifest next update:     Thu 02 Jul 2026 08:01:51 +0000
Files and hashes:         1: 1-mmnoNOS11tga2Q29yD5BQAuFLE.roa (hash: GOq5nJwjD0VCVYVCda8zJe1uGhLFpPTQrRyVuZj7aM8=)
                          2: dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl (hash: 8uyH33tMfsSNRocbte5g00pdWMy7cmXKYqjbz7JBprE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 Jul 2026 08:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1c:b2:db:0d:f7:0d:a2:dc:a1:f6:2c:26:33:f2:a2:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=749d8a4328930b938fa86018b1e447ee4d8da8f9
        Validity
            Not Before: Jul  1 08:01:51 2026 GMT
            Not After : Jul  2 08:01:51 2026 GMT
        Subject: CN=f20c8969fb37476af96056e702bdec9bc3d341a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:2e:5d:e7:5f:d8:e7:58:0f:91:42:7c:82:2c:
                    33:a7:6e:48:89:88:e2:71:f6:32:9a:9d:1e:ab:cd:
                    ef:54:1d:52:0f:9a:ae:8e:21:42:e2:e3:b2:d0:bb:
                    cf:ad:eb:88:81:8f:de:59:66:56:9e:ef:d9:3d:b0:
                    10:70:0a:3f:32:b6:88:eb:20:04:d9:87:e1:69:d1:
                    81:c2:d2:c0:9d:f7:c6:7d:da:0b:c5:f8:29:15:46:
                    be:6b:3a:1d:5a:c2:75:ff:ae:66:3e:ed:7e:ba:4e:
                    8a:30:62:7b:9a:ca:31:2b:bf:73:5e:ce:2b:9f:15:
                    71:94:d0:dc:b2:22:69:ca:10:1c:67:6b:80:6e:9b:
                    50:fd:b2:95:b7:6c:ad:4c:68:0e:6b:01:a8:25:08:
                    df:79:6f:ba:59:56:13:4e:b7:be:62:7a:66:31:f8:
                    22:21:e9:c4:20:e0:41:99:01:43:67:36:a8:2e:b6:
                    75:6a:2e:f7:8b:69:1f:db:90:70:79:04:14:93:67:
                    56:87:6e:bb:c0:2a:65:1e:c3:4c:42:32:1b:92:d7:
                    8f:a2:9a:2b:3f:58:3b:53:b1:c3:57:65:6a:b6:eb:
                    a1:b5:c1:d1:4e:89:3e:59:e1:e0:b2:c7:9d:a7:7d:
                    35:40:b7:99:c0:ec:65:57:6b:32:29:b2:bd:37:16:
                    de:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:0C:89:69:FB:37:47:6A:F9:60:56:E7:02:BD:EC:9B:C3:D3:41:A5
            X509v3 Authority Key Identifier:
                keyid:74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:f4:15:8d:c8:ac:c3:ac:c7:a1:0d:c0:a9:83:ba:5c:8b:a2:
         ba:98:1f:19:41:0f:25:67:a5:eb:0f:da:71:39:8e:34:f6:40:
         72:34:ed:b9:d5:37:c5:fc:c7:52:8f:87:e2:13:a2:5c:ac:b7:
         ae:45:31:a9:c4:66:43:cf:c4:53:f6:df:67:d5:28:6f:7e:f0:
         06:6f:02:21:0e:2f:9e:37:f0:a1:85:1c:0d:00:2c:5b:92:44:
         52:f6:ce:89:f8:01:3d:01:c7:d3:6b:4b:ef:b1:e5:52:01:d6:
         d6:64:07:4b:03:7b:a2:90:0e:be:1f:d6:ce:eb:94:d9:af:d6:
         c8:91:62:b9:0f:3f:f2:1a:a7:81:39:8d:fc:4d:f8:a9:82:e0:
         82:c7:ee:22:03:28:b4:f8:7b:d6:0c:ed:a9:bf:3b:11:06:36:
         04:8e:a0:b3:d8:ad:0e:f8:14:8c:c9:6d:f3:e4:fd:72:42:88:
         ad:33:12:a0:02:8d:21:77:61:04:96:8b:48:23:63:b9:e3:63:
         c5:02:27:f0:57:56:9d:f2:f8:9a:24:43:07:b7:2e:6f:de:10:
         1a:f5:51:80:83:55:ed:27:8e:d3:e3:df:82:22:3a:d0:2f:12:
         c3:b6:a2:9f:8f:dc:72:8c:dd:07:15:e8:10:c6:33:72:50:53:
         40:e4:07:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8cstsN9w2i3KH2LCYz8qKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OWQ4YTQzMjg5MzBiOTM4ZmE4NjAxOGIxZTQ0N2VlNGQ4
ZGE4ZjkwHhcNMjYwNzAxMDgwMTUxWhcNMjYwNzAyMDgwMTUxWjAzMTEwLwYDVQQD
EyhmMjBjODk2OWZiMzc0NzZhZjk2MDU2ZTcwMmJkZWM5YmMzZDM0MWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwC5d51/Y51gPkUJ8giwzp25IiYji
cfYymp0eq83vVB1SD5qujiFC4uOy0LvPreuIgY/eWWZWnu/ZPbAQcAo/MraI6yAE
2YfhadGBwtLAnffGfdoLxfgpFUa+azodWsJ1/65mPu1+uk6KMGJ7msoxK79zXs4r
nxVxlNDcsiJpyhAcZ2uAbptQ/bKVt2ytTGgOawGoJQjfeW+6WVYTTre+YnpmMfgi
IenEIOBBmQFDZzaoLrZ1ai73i2kf25BweQQUk2dWh267wCplHsNMQjIbktePopor
P1g7U7HDV2VqtuuhtcHRTok+WeHgssedp301QLeZwOxlV2syKbK9NxbeyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIMiWn7N0dq+WBW5wK97JvD00GlMB8GA1UdIwQY
MBaAFHSdikMokwuTj6hgGLHkR+5Njaj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUt
MDg4OWUzZWNkMWY2LzEvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUtMDg4OWUzZWNkMWY2
LzEvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATPQVjcis
w6zHoQ3AqYO6XIuiupgfGUEPJWel6w/acTmONPZAcjTtudU3xfzHUo+H4hOiXKy3
rkUxqcRmQ8/EU/bfZ9Uob37wBm8CIQ4vnjfwoYUcDQAsW5JEUvbOifgBPQHH02tL
77HlUgHW1mQHSwN7opAOvh/WzuuU2a/WyJFiuQ8/8hqngTmN/E34qYLggsfuIgMo
tPh71gztqb87EQY2BI6gs9itDvgUjMlt8+T9ckKIrTMSoAKNIXdhBJaLSCNjueNj
xQIn8FdWnfL4miRDB7cub94QGvVRgINV7SeO0+PfgiI60C8Sw7ain4/ccozdBxXo
EMYzclBTQOQHlw==
-----END CERTIFICATE-----
Generated at Wed Jul 1 13:52:58 2026 by rpki-client