Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
File:                     tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json)
Hash identifier:          f/JOUAu4RPLFKyR98jYqZJU6WperBcpGXiCHUxVa0X0=
Subject key identifier:   45:80:DC:E9:DE:B7:69:CB:1D:9A:09:C2:01:3B:9D:BE:0E:F1:23:4D
Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40
Certificate issuer:       /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
Certificate serial:       019F29248AE4D12F0212E00C9040BE2053B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
Manifest number:          06C1
Signing time:             Fri 03 Jul 2026 18:01:28 +0000
Manifest this update:     Fri 03 Jul 2026 18:01:28 +0000
Manifest next update:     Sat 04 Jul 2026 18:01:28 +0000
Files and hashes:         1: 0lwIzPsGn14owxvXy7_61u8zBPk.roa (hash: RHYNuusrfwoS7Vg7kp1EMywIH/hGj3OELuZX6uFgB7Q=)
                          2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: ROqP8qyfanEqpw3b2/CFchMXRfRSigWtURdqYIGThgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 18:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:29:24:8a:e4:d1:2f:02:12:e0:0c:90:40:be:20:53:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40
        Validity
            Not Before: Jul  3 18:01:28 2026 GMT
            Not After : Jul  4 18:01:28 2026 GMT
        Subject: CN=4580dce9deb769cb1d9a09c2013b9dbe0ef1234d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:bc:75:7d:30:6c:81:1c:a3:6a:dc:be:e0:f3:
                    78:f8:fd:bb:57:27:38:de:79:46:2b:c6:8f:ed:9f:
                    d1:5c:05:9a:c1:9f:62:c0:7c:cd:46:e2:2a:dc:c2:
                    02:77:6c:5b:24:af:c4:f6:61:3f:c1:fb:6e:51:81:
                    6f:e9:a5:03:10:16:a0:12:20:7e:3e:1d:6d:05:cd:
                    e9:db:b7:f2:4c:ee:41:b2:1e:a0:46:69:7d:3f:5c:
                    11:03:96:05:99:48:d2:f6:76:34:3c:45:25:a1:9d:
                    58:82:7c:98:82:7b:b0:fd:3c:54:df:06:76:5c:42:
                    c0:b6:e8:5e:60:d7:dc:b5:80:2f:9e:bf:c5:f7:05:
                    33:75:15:ee:08:72:9d:94:7d:0c:7d:d5:e5:11:a4:
                    0a:e9:65:83:d5:5e:55:8c:a4:8a:62:79:cf:88:32:
                    27:2b:89:a9:85:94:b7:c0:89:d5:dc:98:30:0c:e5:
                    74:08:cb:af:18:d9:ec:7e:aa:59:8c:89:a4:22:0e:
                    33:a1:3a:60:73:02:c8:58:7f:56:21:fb:88:74:65:
                    33:a0:5b:b2:21:12:ce:84:9b:ca:ca:e2:8a:6a:a0:
                    36:29:76:d9:65:93:db:a7:f2:ab:cf:de:59:b3:3f:
                    29:c8:52:46:05:76:67:a8:49:8e:d8:d1:cf:91:c4:
                    2b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:80:DC:E9:DE:B7:69:CB:1D:9A:09:C2:01:3B:9D:BE:0E:F1:23:4D
            X509v3 Authority Key Identifier:
                keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:42:0d:d9:b8:0e:b9:eb:42:2e:6a:70:60:bc:69:6d:11:c0:
         70:be:d8:cc:0e:c2:38:04:9b:2f:c4:5d:c3:d2:38:b1:68:d1:
         0d:f5:05:5f:42:29:2c:92:71:d3:fd:bf:e9:6d:21:ba:ef:2a:
         b6:4e:71:69:c8:14:5f:b1:56:b0:73:88:a1:99:57:79:58:2e:
         65:ab:cc:52:6a:85:20:a4:21:e0:cf:a9:65:49:3b:95:06:9b:
         b0:cf:5c:eb:5d:91:30:b5:2b:16:5d:84:48:78:46:1f:d5:26:
         01:cd:0d:b5:a9:13:d9:2a:74:04:c1:22:39:f6:41:f6:dd:af:
         97:83:eb:61:77:26:19:28:a9:d8:69:e7:f9:51:5d:2e:80:e6:
         35:77:5b:2c:e1:a0:29:54:21:d2:0e:98:49:f8:85:f1:ed:3b:
         ac:62:0d:8d:f6:03:e4:6e:70:71:b5:0d:65:84:84:e3:0a:6a:
         53:5a:fe:67:6f:cd:89:53:b7:e8:b1:b0:48:99:f0:f7:a5:5a:
         bb:ae:d0:9c:15:f4:61:a1:e4:fe:28:a4:b9:51:e0:ab:26:4d:
         d9:c9:91:03:ec:c2:05:4b:1c:2a:ec:c7:52:0a:9f:09:0a:b1:
         58:8c:49:d5:f4:4f:bf:bd:49:83:bb:dc:01:76:3d:f7:bd:d2:
         b7:11:7f:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8pJIrk0S8CEuAMkEC+IFO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5
YTRiNDAwHhcNMjYwNzAzMTgwMTI4WhcNMjYwNzA0MTgwMTI4WjAzMTEwLwYDVQQD
Eyg0NTgwZGNlOWRlYjc2OWNiMWQ5YTA5YzIwMTNiOWRiZTBlZjEyMzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLx1fTBsgRyjaty+4PN4+P27Vyc4
3nlGK8aP7Z/RXAWawZ9iwHzNRuIq3MICd2xbJK/E9mE/wftuUYFv6aUDEBagEiB+
Ph1tBc3p27fyTO5Bsh6gRml9P1wRA5YFmUjS9nY0PEUloZ1YgnyYgnuw/TxU3wZ2
XELAtuheYNfctYAvnr/F9wUzdRXuCHKdlH0MfdXlEaQK6WWD1V5VjKSKYnnPiDIn
K4mphZS3wInV3JgwDOV0CMuvGNnsfqpZjImkIg4zoTpgcwLIWH9WIfuIdGUzoFuy
IRLOhJvKyuKKaqA2KXbZZZPbp/Krz95Zsz8pyFJGBXZnqEmO2NHPkcQrQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWA3Onet2nLHZoJwgE7nb4O8SNNMB8GA1UdIwQY
MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt
ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi
LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALUIN2bgO
uetCLmpwYLxpbRHAcL7YzA7COASbL8Rdw9I4sWjRDfUFX0IpLJJx0/2/6W0huu8q
tk5xacgUX7FWsHOIoZlXeVguZavMUmqFIKQh4M+pZUk7lQabsM9c612RMLUrFl2E
SHhGH9UmAc0NtakT2Sp0BMEiOfZB9t2vl4PrYXcmGSip2Gnn+VFdLoDmNXdbLOGg
KVQh0g6YSfiF8e07rGINjfYD5G5wcbUNZYSE4wpqU1r+Z2/NiVO36LGwSJnw96Va
u67QnBX0YaHk/iikuVHgqyZN2cmRA+zCBUscKuzHUgqfCQqxWIxJ1fRPv71Jg7vc
AXY9973StxF/rg==
-----END CERTIFICATE-----
Generated at Fri Jul 3 22:33:50 2026 by rpki-client