Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
File:                     Kfp91j8uLYe194UAk8dDu_vhTkQ.mft (raw, json)
Hash identifier:          rJMO/LJ5tGY9Jm8wYIGgPiq0AWSZuZkQKLHoENxmapI=
Subject key identifier:   F2:69:C7:95:4F:F6:36:61:FC:16:5C:15:EF:24:68:1A:81:65:9A:26
Authority key identifier: 29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44
Certificate issuer:       /CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
Certificate serial:       019CDAD722531E303D0FC9637D47F10F710B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
Manifest number:          0710
Signing time:             Wed 11 Mar 2026 03:00:57 +0000
Manifest this update:     Wed 11 Mar 2026 03:00:57 +0000
Manifest next update:     Thu 12 Mar 2026 03:00:57 +0000
Files and hashes:         1: 1FTeokhUADkYbgvOTwGp40m_BPE.roa (hash: PPoy3S4bKc1j/djL6NTv+eGLXSL7GZ17YwI5tAXRtDM=)
                          2: 59s8eNqYwVH5ydf7xyV2eJR3_TU.roa (hash: xFhHztukLroKSICySsgp6ifCMDIbrBfwaaKjTAvv1Gw=)
                          3: 9c4kttevmySnfkQUW_qfNzaHphg.roa (hash: /cAqDalO1CeZ8c8IzYLpRoSc0JDQhBthLLFNZ86hRlw=)
                          4: FZeGgU2IawBK8YA4BwTM_e6x5Mo.roa (hash: 4nQMnYqmNvBAGhwCS2lyqUc1bPr2XdXqGh923cUp0bQ=)
                          5: FhQiMY_Y2B9WuZvyCd_uaF0M5dI.roa (hash: fZfKiY8vxqzWF+WGF85vLsOO0yrQwq1azfxlL3m6ht4=)
                          6: GrgWTPWfiMj8FwdKYhn8zJ6Z7e8.roa (hash: IO94toPK6/Wits1irHXbrZl6wNHfS6p+U483COk6R2Y=)
                          7: KNWwGCklL3zKbMsgIOCdcNGo2tI.roa (hash: 5rF454gnBcOMqEez62ErUsCgENLRW0isAHz0go80+Fs=)
                          8: Kfp91j8uLYe194UAk8dDu_vhTkQ.crl (hash: uBNiZdBIydhEI/zKqbuHQZblNCPcxvHGph76EJBER4E=)
                          9: Pjq2usg2Ddr0jCim-rnljjUP2xg.roa (hash: 5RL0lX+XVqmkdynoA/ZI5Ffknvw/dGR/1FpAcrG1JiE=)
                          10: WrWpDNw0abEoNedClZIQXtxLaNM.roa (hash: gCZS2khmjJiGzLXjdqtdk6eKzbLBYpiu89Bi9tphMq4=)
                          11: aSoz0nTSHVKxl1w-_tXDaUBfI_U.roa (hash: 3H/725peI0ylJlXSnX6sTF3RBFyOHCBWf0zA//LWaS4=)
                          12: aqUiuM7FSwO0jQrVAdkkACyulNU.roa (hash: QJoSdYm5s8mfEJjbCj5VhQz2H0KAbaPDRRmLmgZWht0=)
                          13: hTJEftSpqDKpAn62ncVILyiUIA4.roa (hash: CgeSiN+wMYpnSUEh7oWmMa8OtknjA6ZGJ6sq3RGzTFw=)
                          14: nBxToIyQbLD03aHgRpkeeNieOPw.roa (hash: +npXv56cRJNf6jJA2m2/8FRk/EXL/cvT8hUJka5s2Lk=)
                          15: yBrC20joWzPYJC2p3ASrdCZ0wzk.roa (hash: xZei5bNpfbVHrnCyo7DX6ea+rnn9Va9LPl3q+efKuDg=)
                          16: yINiCi-fcEAzzbT8ry3F24_HnBw.roa (hash: DTnC3s+dTYZX9VNSoLxZjlybV3sMyllGW6D2HGEmUQ8=)
                          17: y_Cp0Ost5PqmlG4Hk_lC2iR2YZ8.roa (hash: x+U/bdDPmhe7n+Wg1yqeuhWGZvsQ5Fcm1ldpfk9dBgs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Mar 2026 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:da:d7:22:53:1e:30:3d:0f:c9:63:7d:47:f1:0f:71:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
        Validity
            Not Before: Mar 11 03:00:57 2026 GMT
            Not After : Mar 12 03:00:57 2026 GMT
        Subject: CN=f269c7954ff63661fc165c15ef24681a81659a26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:33:83:01:41:a7:ef:5e:5f:7d:27:4e:6b:ae:
                    1f:61:ea:6b:bb:5a:91:a3:53:2d:6d:07:3f:a4:c1:
                    f9:6d:76:cb:32:18:0b:31:75:ec:60:27:6b:2d:00:
                    d3:1c:8c:1a:9c:ac:40:56:ce:d0:54:aa:09:4b:db:
                    97:5b:ba:68:1b:cc:63:f5:47:0a:4f:61:8f:8c:05:
                    07:4d:c6:f6:83:70:07:27:e4:90:46:9d:91:c3:36:
                    e8:8c:da:25:c1:41:cd:6b:4f:fd:79:8b:72:7f:02:
                    33:02:dd:3f:96:35:30:7e:71:38:9d:eb:9c:f3:5f:
                    09:db:5d:a2:14:d5:0f:6a:fa:bb:c5:4b:0d:96:af:
                    a4:ab:5e:1b:f1:71:0f:6c:65:17:d4:7d:c3:a5:bc:
                    03:c2:a9:95:76:7c:c9:f7:41:9d:f8:fb:ce:b6:63:
                    b1:a6:9e:44:9d:2a:14:e3:ff:2e:ac:eb:ce:4d:f8:
                    af:18:1f:69:75:17:52:38:82:63:3b:29:2d:9a:00:
                    fe:da:9a:42:2c:ed:52:5d:53:af:13:6b:c9:e6:ad:
                    f0:db:f9:49:72:d1:f5:b3:84:84:5a:f1:85:0f:ce:
                    c9:cd:dd:7a:57:f6:a0:4a:d4:8e:d5:e5:82:ef:f4:
                    5c:32:eb:ef:01:27:1d:86:b6:26:9b:a5:df:2d:8f:
                    b6:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:69:C7:95:4F:F6:36:61:FC:16:5C:15:EF:24:68:1A:81:65:9A:26
            X509v3 Authority Key Identifier:
                keyid:29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:ca:a8:19:aa:5f:84:14:c6:e8:4f:c6:aa:ac:18:12:a8:11:
         fe:57:38:31:76:09:4f:59:72:c0:a3:d2:bf:26:be:3a:58:88:
         76:15:68:9b:18:e9:a0:bb:0a:4b:c3:7d:66:7c:e5:08:3a:9d:
         71:dc:20:c9:5c:21:4e:64:32:00:32:5e:d3:a5:aa:c4:62:e5:
         95:55:fc:9e:00:9e:c7:4f:95:77:db:ed:95:de:65:75:a3:0a:
         14:f1:c0:e3:4d:e0:c7:fb:a8:41:03:ab:f2:52:67:5e:86:85:
         28:5d:5b:61:9b:13:89:96:cf:2a:4f:8d:d5:f4:f3:47:4c:d6:
         1f:23:90:a0:8d:09:fe:8c:47:61:6a:1b:8e:c5:14:bd:3d:90:
         8e:aa:a2:c1:52:ec:6a:c1:e2:e3:56:aa:fa:68:ae:ac:da:56:
         c6:70:0c:df:14:dc:bb:70:c2:59:d7:64:b8:55:49:01:dd:70:
         25:c7:65:73:26:46:88:5e:85:c2:66:04:47:b6:59:e8:51:09:
         42:1e:ec:09:2a:03:b8:fa:42:87:1f:98:17:ba:c0:8e:be:4c:
         76:72:57:76:80:8f:ff:8c:45:64:c2:52:69:40:58:07:17:bf:
         eb:a6:38:56:ce:0c:ae:53:9d:b0:6c:be:d5:6a:e8:95:82:c7:
         e2:8e:77:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZza1yJTHjA9D8ljfUfxD3ELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmE3ZGQ2M2YyZTJkODdiNWY3ODUwMDkzYzc0M2JiZmJl
MTRlNDQwHhcNMjYwMzExMDMwMDU3WhcNMjYwMzEyMDMwMDU3WjAzMTEwLwYDVQQD
EyhmMjY5Yzc5NTRmZjYzNjYxZmMxNjVjMTVlZjI0NjgxYTgxNjU5YTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TODAUGn715ffSdOa64fYepru1qR
o1MtbQc/pMH5bXbLMhgLMXXsYCdrLQDTHIwanKxAVs7QVKoJS9uXW7poG8xj9UcK
T2GPjAUHTcb2g3AHJ+SQRp2RwzbojNolwUHNa0/9eYtyfwIzAt0/ljUwfnE4neuc
818J212iFNUPavq7xUsNlq+kq14b8XEPbGUX1H3DpbwDwqmVdnzJ90Gd+PvOtmOx
pp5EnSoU4/8urOvOTfivGB9pdRdSOIJjOyktmgD+2ppCLO1SXVOvE2vJ5q3w2/lJ
ctH1s4SEWvGFD87Jzd16V/agStSO1eWC7/RcMuvvAScdhrYmm6XfLY+2DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJpx5VP9jZh/BZcFe8kaBqBZZomMB8GA1UdIwQY
MBaAFCn6fdY/Li2HtfeFAJPHQ7v74U5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUt
NzlmN2I2ZWE3YzE0LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUtNzlmN2I2ZWE3YzE0
LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoMqoGapf
hBTG6E/GqqwYEqgR/lc4MXYJT1lywKPSvya+OliIdhVomxjpoLsKS8N9ZnzlCDqd
cdwgyVwhTmQyADJe06WqxGLllVX8ngCex0+Vd9vtld5ldaMKFPHA403gx/uoQQOr
8lJnXoaFKF1bYZsTiZbPKk+N1fTzR0zWHyOQoI0J/oxHYWobjsUUvT2QjqqiwVLs
asHi41aq+miurNpWxnAM3xTcu3DCWddkuFVJAd1wJcdlcyZGiF6FwmYER7ZZ6FEJ
Qh7sCSoDuPpChx+YF7rAjr5MdnJXdoCP/4xFZMJSaUBYBxe/66Y4Vs4MrlOdsGy+
1WrolYLH4o53Aw==
-----END CERTIFICATE-----