Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.mft
File:                     fQtE5JJUnht9pTLIDDSIUMWkToA.mft (raw, json)
Hash identifier:          0+175uPNbl/JKq2pn6uzTN4vldLtu+KZAqpVF0xzl5Q=
Subject key identifier:   61:79:77:EF:5D:F4:BF:DF:9E:2F:A9:1F:0F:40:56:17:AF:3C:AB:EC
Authority key identifier: 7D:0B:44:E4:92:54:9E:1B:7D:A5:32:C8:0C:34:88:50:C5:A4:4E:80
Certificate issuer:       /CN=7d0b44e492549e1b7da532c80c348850c5a44e80
Certificate serial:       019F337143203DB5807371107815558FD91D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.mft
Manifest number:          1997
Signing time:             Sun 05 Jul 2026 18:01:28 +0000
Manifest this update:     Sun 05 Jul 2026 18:01:28 +0000
Manifest next update:     Mon 06 Jul 2026 18:01:28 +0000
Files and hashes:         1: fQtE5JJUnht9pTLIDDSIUMWkToA.crl (hash: HW6qa7LNRkpG4iYPxma9VvYf0784OcAmtwXqv+tUdAE=)
                          2: uTfCO2CQvjnwzxgvmE8a-0Q3PkE.roa (hash: uXLhOjnuwZec+7he1bSLRYP9Be1CjyK6Z98Hp44cEVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 Jul 2026 15:46:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:33:71:43:20:3d:b5:80:73:71:10:78:15:55:8f:d9:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d0b44e492549e1b7da532c80c348850c5a44e80
        Validity
            Not Before: Jul  5 18:01:28 2026 GMT
            Not After : Jul  6 18:01:28 2026 GMT
        Subject: CN=617977ef5df4bfdf9e2fa91f0f405617af3cabec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e3:39:ba:6f:31:b5:5d:0c:de:1c:35:f6:9f:
                    46:16:58:4b:c9:ad:00:6e:6b:35:23:83:fe:9b:89:
                    f0:05:63:5f:24:81:e5:83:71:19:82:01:45:0d:ae:
                    49:4e:e7:06:80:34:a1:3c:46:cd:de:91:89:d5:4a:
                    98:84:f5:5c:cc:84:a3:59:a8:19:d8:a7:a6:75:29:
                    2c:90:d7:58:0d:58:51:cc:de:18:db:6d:5e:ab:c7:
                    7b:47:32:95:75:70:04:32:4d:dd:d0:18:db:54:dd:
                    4c:9c:a3:c3:60:d1:17:72:31:5e:88:d4:12:4d:a1:
                    85:b9:2e:ca:cc:32:b7:97:45:0d:29:34:85:87:d5:
                    79:da:bf:fa:e1:d0:5d:14:dd:45:41:9e:ce:ca:16:
                    f4:cb:22:18:47:4d:a8:18:0d:88:fc:00:82:3b:91:
                    96:c2:48:ab:38:83:64:12:6e:2a:87:8f:59:a0:03:
                    6e:45:f5:66:26:44:7a:f4:0b:39:8a:a3:14:90:38:
                    b2:3d:61:2e:10:c8:66:3b:4b:2e:d8:ac:4f:49:6c:
                    36:62:ed:8f:8a:d8:14:e2:b1:59:d5:54:e9:62:66:
                    9b:fe:ab:5e:fd:fb:b4:ba:ac:b6:c7:8c:05:0a:4c:
                    d8:99:0d:dc:a8:35:6e:86:f6:90:e9:85:a1:8e:cd:
                    ea:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:79:77:EF:5D:F4:BF:DF:9E:2F:A9:1F:0F:40:56:17:AF:3C:AB:EC
            X509v3 Authority Key Identifier:
                keyid:7D:0B:44:E4:92:54:9E:1B:7D:A5:32:C8:0C:34:88:50:C5:A4:4E:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQtE5JJUnht9pTLIDDSIUMWkToA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b9231f-b3df-4012-96d7-7204b811250f/1/fQtE5JJUnht9pTLIDDSIUMWkToA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:26:e5:1c:20:15:88:fa:77:db:f2:e3:b2:c4:db:f8:b7:62:
         bc:29:ae:2d:2c:23:51:29:ad:35:bd:3c:f4:6c:f6:10:5a:37:
         a2:58:7f:45:f0:9f:54:72:ab:c1:15:21:55:79:80:7c:40:07:
         46:da:55:5f:c4:ac:fb:4c:ae:0d:56:99:0e:3f:b2:4f:38:51:
         63:ba:9a:82:a7:dc:7a:52:12:a7:0f:2d:7e:5d:09:8a:f6:21:
         22:d8:17:4b:36:19:74:9f:b3:8f:26:63:8f:0a:61:8d:2f:5c:
         a2:28:90:67:eb:2c:7f:13:bc:ca:ad:31:54:ab:ec:ba:04:08:
         b5:4b:b8:25:28:87:af:61:56:ca:d4:c8:9b:14:cb:6c:6c:ed:
         4e:f6:f3:bd:2c:57:eb:6e:6e:90:b7:91:52:60:a5:68:c4:a7:
         4d:49:e1:85:9f:92:8a:b7:76:de:53:e9:18:f6:fb:c7:37:73:
         e5:19:b9:f6:1b:29:14:3e:07:ae:ee:99:12:35:d7:54:0f:0e:
         70:37:52:35:2c:aa:cb:16:b6:51:37:bf:83:4b:e6:eb:53:8f:
         22:60:db:ce:19:a9:c7:a4:d7:89:69:c6:dd:49:51:7a:2a:97:
         cd:d3:26:6b:f3:b5:10:bf:87:ca:40:e5:1c:65:a0:9e:3a:d6:
         82:4c:48:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8zcUMgPbWAc3EQeBVVj9kdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMGI0NGU0OTI1NDllMWI3ZGE1MzJjODBjMzQ4ODUwYzVh
NDRlODAwHhcNMjYwNzA1MTgwMTI4WhcNMjYwNzA2MTgwMTI4WjAzMTEwLwYDVQQD
Eyg2MTc5NzdlZjVkZjRiZmRmOWUyZmE5MWYwZjQwNTYxN2FmM2NhYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruM5um8xtV0M3hw19p9GFlhLya0A
bms1I4P+m4nwBWNfJIHlg3EZggFFDa5JTucGgDShPEbN3pGJ1UqYhPVczISjWagZ
2KemdSkskNdYDVhRzN4Y221eq8d7RzKVdXAEMk3d0BjbVN1MnKPDYNEXcjFeiNQS
TaGFuS7KzDK3l0UNKTSFh9V52r/64dBdFN1FQZ7Oyhb0yyIYR02oGA2I/ACCO5GW
wkirOINkEm4qh49ZoANuRfVmJkR69As5iqMUkDiyPWEuEMhmO0su2KxPSWw2Yu2P
itgU4rFZ1VTpYmab/qte/fu0uqy2x4wFCkzYmQ3cqDVuhvaQ6YWhjs3qewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGF5d+9d9L/fni+pHw9AVhevPKvsMB8GA1UdIwQY
MBaAFH0LROSSVJ4bfaUyyAw0iFDFpE6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlF0RTVKSlVuaHQ5cFRMSUREU0lVTVdrVG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iOTIzMWYtYjNkZi00MDEyLTk2ZDct
NzIwNGI4MTEyNTBmLzEvZlF0RTVKSlVuaHQ5cFRMSUREU0lVTVdrVG9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iOTIzMWYtYjNkZi00MDEyLTk2ZDctNzIwNGI4MTEyNTBm
LzEvZlF0RTVKSlVuaHQ5cFRMSUREU0lVTVdrVG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkCblHCAV
iPp32/LjssTb+LdivCmuLSwjUSmtNb089Gz2EFo3olh/RfCfVHKrwRUhVXmAfEAH
RtpVX8Ss+0yuDVaZDj+yTzhRY7qagqfcelISpw8tfl0JivYhItgXSzYZdJ+zjyZj
jwphjS9coiiQZ+ssfxO8yq0xVKvsugQItUu4JSiHr2FWytTImxTLbGztTvbzvSxX
625ukLeRUmClaMSnTUnhhZ+Sird23lPpGPb7xzdz5Rm59hspFD4Hru6ZEjXXVA8O
cDdSNSyqyxa2UTe/g0vm61OPImDbzhmpx6TXiWnG3UlReiqXzdMma/O1EL+HykDl
HGWgnjrWgkxIKw==
-----END CERTIFICATE-----
Generated at Sun Jul 5 19:57:54 2026 by rpki-client