Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
File:                     Kfp91j8uLYe194UAk8dDu_vhTkQ.mft (raw, json)
Hash identifier:          72YWxWLtijSTF9vBuetcyWdonfkUKUyn1fTzz/vx6E0=
Subject key identifier:   37:EF:34:E8:D3:7C:38:FE:5C:02:73:67:64:6C:4B:22:8D:85:02:02
Authority key identifier: 29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44
Certificate issuer:       /CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
Certificate serial:       019EB5E95A1C8E0271078106AFCF22CA8A45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
Manifest number:          0806
Signing time:             Thu 11 Jun 2026 09:00:29 +0000
Manifest this update:     Thu 11 Jun 2026 09:00:29 +0000
Manifest next update:     Fri 12 Jun 2026 09:00:29 +0000
Files and hashes:         1: 1FTeokhUADkYbgvOTwGp40m_BPE.roa (hash: PPoy3S4bKc1j/djL6NTv+eGLXSL7GZ17YwI5tAXRtDM=)
                          2: 59s8eNqYwVH5ydf7xyV2eJR3_TU.roa (hash: xFhHztukLroKSICySsgp6ifCMDIbrBfwaaKjTAvv1Gw=)
                          3: 9c4kttevmySnfkQUW_qfNzaHphg.roa (hash: /cAqDalO1CeZ8c8IzYLpRoSc0JDQhBthLLFNZ86hRlw=)
                          4: FZeGgU2IawBK8YA4BwTM_e6x5Mo.roa (hash: 4nQMnYqmNvBAGhwCS2lyqUc1bPr2XdXqGh923cUp0bQ=)
                          5: FhQiMY_Y2B9WuZvyCd_uaF0M5dI.roa (hash: fZfKiY8vxqzWF+WGF85vLsOO0yrQwq1azfxlL3m6ht4=)
                          6: GrgWTPWfiMj8FwdKYhn8zJ6Z7e8.roa (hash: IO94toPK6/Wits1irHXbrZl6wNHfS6p+U483COk6R2Y=)
                          7: KNWwGCklL3zKbMsgIOCdcNGo2tI.roa (hash: 5rF454gnBcOMqEez62ErUsCgENLRW0isAHz0go80+Fs=)
                          8: Kfp91j8uLYe194UAk8dDu_vhTkQ.crl (hash: 7IYVOtFNzwZiD+GeUBFlQ/33zTGfYZLpTpN/avht40k=)
                          9: Pjq2usg2Ddr0jCim-rnljjUP2xg.roa (hash: 5RL0lX+XVqmkdynoA/ZI5Ffknvw/dGR/1FpAcrG1JiE=)
                          10: WrWpDNw0abEoNedClZIQXtxLaNM.roa (hash: gCZS2khmjJiGzLXjdqtdk6eKzbLBYpiu89Bi9tphMq4=)
                          11: aSoz0nTSHVKxl1w-_tXDaUBfI_U.roa (hash: 3H/725peI0ylJlXSnX6sTF3RBFyOHCBWf0zA//LWaS4=)
                          12: aqUiuM7FSwO0jQrVAdkkACyulNU.roa (hash: QJoSdYm5s8mfEJjbCj5VhQz2H0KAbaPDRRmLmgZWht0=)
                          13: hTJEftSpqDKpAn62ncVILyiUIA4.roa (hash: CgeSiN+wMYpnSUEh7oWmMa8OtknjA6ZGJ6sq3RGzTFw=)
                          14: nBxToIyQbLD03aHgRpkeeNieOPw.roa (hash: +npXv56cRJNf6jJA2m2/8FRk/EXL/cvT8hUJka5s2Lk=)
                          15: yBrC20joWzPYJC2p3ASrdCZ0wzk.roa (hash: xZei5bNpfbVHrnCyo7DX6ea+rnn9Va9LPl3q+efKuDg=)
                          16: yINiCi-fcEAzzbT8ry3F24_HnBw.roa (hash: DTnC3s+dTYZX9VNSoLxZjlybV3sMyllGW6D2HGEmUQ8=)
                          17: y_Cp0Ost5PqmlG4Hk_lC2iR2YZ8.roa (hash: x+U/bdDPmhe7n+Wg1yqeuhWGZvsQ5Fcm1ldpfk9dBgs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 09:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b5:e9:5a:1c:8e:02:71:07:81:06:af:cf:22:ca:8a:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fa7dd63f2e2d87b5f7850093c743bbfbe14e44
        Validity
            Not Before: Jun 11 09:00:29 2026 GMT
            Not After : Jun 12 09:00:29 2026 GMT
        Subject: CN=37ef34e8d37c38fe5c027367646c4b228d850202
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:0c:20:c6:48:a0:09:a5:6f:91:03:61:38:53:
                    96:c5:25:2b:4b:59:7f:d2:6d:41:b0:be:eb:a3:e8:
                    21:ab:08:0e:44:12:9c:0c:d2:12:eb:db:c4:70:ba:
                    47:e5:30:6e:dd:bc:80:9f:3b:1f:30:d3:ce:d3:49:
                    c0:31:5d:f2:13:5b:2c:1a:57:9d:c8:36:80:97:27:
                    a2:2b:3e:18:4b:6c:55:53:bf:af:2f:0c:6d:94:0a:
                    8e:b0:31:5d:ed:43:dd:bc:30:35:f9:0a:b7:6b:0b:
                    c3:0f:79:66:79:98:28:17:c3:1e:f5:b8:b1:f5:9f:
                    15:d9:66:20:93:c5:31:a3:aa:fe:cb:e0:bb:c5:4d:
                    1a:55:30:fc:d9:d9:22:3f:e1:79:5d:cd:16:97:fb:
                    ae:29:de:c2:45:14:cb:c3:d3:9d:65:9d:bb:e2:80:
                    c8:0c:51:fa:b4:40:c4:1e:03:75:a9:6a:9e:04:ed:
                    21:e4:92:1b:ce:c5:5e:de:10:54:a6:00:a9:56:bb:
                    19:f8:1a:26:7c:ec:30:c9:ef:45:ad:f2:66:36:fb:
                    3e:ce:9e:b4:ac:19:32:96:e8:f7:13:c5:4f:2c:46:
                    c2:43:66:a3:6c:fc:84:4c:9f:fd:d6:79:aa:20:4f:
                    0e:8a:a2:c9:b5:50:ab:fd:e6:b9:d8:ba:48:33:8c:
                    77:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:EF:34:E8:D3:7C:38:FE:5C:02:73:67:64:6C:4B:22:8D:85:02:02
            X509v3 Authority Key Identifier:
                keyid:29:FA:7D:D6:3F:2E:2D:87:B5:F7:85:00:93:C7:43:BB:FB:E1:4E:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kfp91j8uLYe194UAk8dDu_vhTkQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2c0cbf-11f7-4b6d-b88e-79f7b6ea7c14/1/Kfp91j8uLYe194UAk8dDu_vhTkQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:87:0f:c9:ca:ba:3f:03:b9:50:bc:61:94:5d:8a:21:b9:a3:
         4a:43:bb:df:ca:11:b5:20:f9:bb:7e:48:b2:0d:02:72:ea:e4:
         20:ec:00:2e:19:bb:a6:ca:f3:f0:89:8f:2c:76:4f:5f:56:c0:
         81:22:ba:87:66:3a:00:3b:84:85:d6:1d:36:96:01:ca:b5:60:
         a5:c8:95:49:35:6e:03:83:f8:6c:53:a2:30:a6:2a:2b:92:33:
         31:9a:c8:6b:3e:f0:24:2e:e0:fa:82:80:30:75:73:8a:07:4b:
         ec:eb:5e:cb:34:b9:01:a8:7f:23:73:97:8f:01:b7:fe:53:7e:
         4a:6c:4d:f5:80:6b:9b:d2:36:2a:9d:45:23:e0:f7:7d:b7:6c:
         5a:bf:d0:ea:59:7d:c0:ab:69:6c:8e:2b:6f:65:30:7c:bf:74:
         a2:9f:5a:09:c4:20:35:f9:83:3f:8f:94:23:d6:3d:ba:b7:a9:
         21:1a:6b:42:da:6c:9c:39:57:80:e0:16:88:24:90:51:d4:13:
         6a:c9:6c:fc:60:cd:59:c1:f2:56:68:6e:09:24:4a:55:97:3d:
         55:b5:63:74:46:ee:cb:e5:2e:cc:fb:af:43:19:4c:42:16:3b:
         2a:84:d4:d5:9a:21:b8:b0:74:ed:15:97:37:b2:a1:5f:17:3e:
         2f:b3:7c:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ616VocjgJxB4EGr88iyopFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmE3ZGQ2M2YyZTJkODdiNWY3ODUwMDkzYzc0M2JiZmJl
MTRlNDQwHhcNMjYwNjExMDkwMDI5WhcNMjYwNjEyMDkwMDI5WjAzMTEwLwYDVQQD
EygzN2VmMzRlOGQzN2MzOGZlNWMwMjczNjc2NDZjNGIyMjhkODUwMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wwgxkigCaVvkQNhOFOWxSUrS1l/
0m1BsL7ro+ghqwgORBKcDNIS69vEcLpH5TBu3byAnzsfMNPO00nAMV3yE1ssGled
yDaAlyeiKz4YS2xVU7+vLwxtlAqOsDFd7UPdvDA1+Qq3awvDD3lmeZgoF8Me9bix
9Z8V2WYgk8Uxo6r+y+C7xU0aVTD82dkiP+F5Xc0Wl/uuKd7CRRTLw9OdZZ274oDI
DFH6tEDEHgN1qWqeBO0h5JIbzsVe3hBUpgCpVrsZ+BomfOwwye9FrfJmNvs+zp60
rBkyluj3E8VPLEbCQ2ajbPyETJ/91nmqIE8OiqLJtVCr/ea52LpIM4x30QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfvNOjTfDj+XAJzZ2RsSyKNhQICMB8GA1UdIwQY
MBaAFCn6fdY/Li2HtfeFAJPHQ7v74U5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUt
NzlmN2I2ZWE3YzE0LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yYzBjYmYtMTFmNy00YjZkLWI4OGUtNzlmN2I2ZWE3YzE0
LzEvS2ZwOTFqOHVMWWUxOTRVQWs4ZER1X3ZoVGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbocPycq6
PwO5ULxhlF2KIbmjSkO738oRtSD5u35Isg0CcurkIOwALhm7psrz8ImPLHZPX1bA
gSK6h2Y6ADuEhdYdNpYByrVgpciVSTVuA4P4bFOiMKYqK5IzMZrIaz7wJC7g+oKA
MHVzigdL7OteyzS5Aah/I3OXjwG3/lN+SmxN9YBrm9I2Kp1FI+D3fbdsWr/Q6ll9
wKtpbI4rb2UwfL90op9aCcQgNfmDP4+UI9Y9urepIRprQtpsnDlXgOAWiCSQUdQT
asls/GDNWcHyVmhuCSRKVZc9VbVjdEbuy+UuzPuvQxlMQhY7KoTU1ZohuLB07RWX
N7KhXxc+L7N8lw==
-----END CERTIFICATE-----