Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft
File:                     Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft (raw, json)
Hash identifier:          Xc5PYkiavX2Wx+l8R+FPjCZ4CGLnHQXTlcURPOkH2Kc=
Subject key identifier:   0C:BE:CC:3B:D0:FA:A3:42:1F:10:CA:5A:8B:C4:13:6C:82:71:6F:EC
Authority key identifier: 63:53:82:9C:06:1A:8A:F2:6D:E9:46:FC:9E:81:88:5C:74:C1:74:C7
Certificate issuer:       /CN=6353829c061a8af26de946fc9e81885c74c174c7
Certificate serial:       019F111BFB927A020D57DC89AE54834C105D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y1OCnAYaivJt6Ub8noGIXHTBdMc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft
Manifest number:          0B86
Signing time:             Mon 29 Jun 2026 02:01:14 +0000
Manifest this update:     Mon 29 Jun 2026 02:01:14 +0000
Manifest next update:     Tue 30 Jun 2026 02:01:14 +0000
Files and hashes:         1: Y1OCnAYaivJt6Ub8noGIXHTBdMc.crl (hash: acswpqY6IrMk/vMNM5OvFefB14JkE9rBvwhAmUykQmY=)
                          2: vvXDEA3-oSwvWKl3m20Q9UrS6wI.roa (hash: mQvtqYD2eC+84hVmHavb+1UIl2NHrV+2/J+tCnR9oyI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y1OCnAYaivJt6Ub8noGIXHTBdMc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 30 Jun 2026 02:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:11:1b:fb:92:7a:02:0d:57:dc:89:ae:54:83:4c:10:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6353829c061a8af26de946fc9e81885c74c174c7
        Validity
            Not Before: Jun 29 02:01:14 2026 GMT
            Not After : Jun 30 02:01:14 2026 GMT
        Subject: CN=0cbecc3bd0faa3421f10ca5a8bc4136c82716fec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:80:22:89:b6:db:50:44:8b:fd:0e:37:22:da:
                    93:22:cd:c3:d1:2e:81:fb:ad:e6:3d:35:28:e6:bb:
                    58:5c:8c:ca:b0:8d:d8:04:25:8a:be:4a:93:d6:02:
                    1b:d2:2b:17:63:b1:d7:08:b5:c3:55:ad:f1:44:f8:
                    5e:7c:95:41:d9:6f:2f:af:aa:4f:d8:68:7a:15:ba:
                    75:2a:50:d5:7f:ea:9d:cd:6d:44:f1:6d:fd:49:6c:
                    91:6f:dc:17:38:c3:df:cd:98:da:09:7f:98:4c:35:
                    84:76:74:8e:2e:66:aa:d8:1d:f1:a8:2a:13:68:81:
                    17:96:ec:78:85:c2:aa:e7:94:64:46:86:bb:45:0d:
                    c6:18:09:8a:a9:63:ae:23:4a:66:3c:c2:66:57:a7:
                    b6:d7:1b:f8:85:eb:6b:aa:d7:4b:5e:c6:75:62:d4:
                    ff:d8:5b:2f:73:d6:05:90:26:cd:bd:0b:68:69:b0:
                    08:53:45:cc:05:c8:19:37:ee:bf:ce:b1:09:12:f0:
                    01:aa:71:ae:b9:86:bf:d5:e1:03:42:52:b7:f2:3e:
                    de:64:c5:f6:21:02:7b:09:89:a0:ab:a7:fe:bc:5b:
                    fe:49:0b:3c:13:f5:29:77:88:3c:c3:94:ae:d8:52:
                    cc:ce:4e:d7:c4:d5:c7:26:5a:f2:6e:22:c3:f7:3c:
                    d2:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:BE:CC:3B:D0:FA:A3:42:1F:10:CA:5A:8B:C4:13:6C:82:71:6F:EC
            X509v3 Authority Key Identifier:
                keyid:63:53:82:9C:06:1A:8A:F2:6D:E9:46:FC:9E:81:88:5C:74:C1:74:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y1OCnAYaivJt6Ub8noGIXHTBdMc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/8cf962-074f-41ac-ae2a-816203d21d12/1/Y1OCnAYaivJt6Ub8noGIXHTBdMc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:b8:d9:99:c5:f5:b5:a1:ab:29:b2:50:4b:24:f2:a7:74:cf:
         6c:21:1f:ab:f0:38:d5:ee:f2:ba:a1:e7:20:cb:58:ff:01:f4:
         7a:c1:8d:30:57:7d:60:43:14:e8:e3:d7:ad:1b:8e:d0:9e:85:
         e7:fa:78:45:7d:6b:2b:cc:ca:bb:f0:01:2f:7f:a5:36:94:94:
         4a:bc:1f:19:b5:e6:12:c9:8d:6d:f9:60:8e:43:1a:df:0b:94:
         8a:e6:07:9a:22:e8:79:ac:2e:f4:e9:e9:21:1c:ef:4b:43:fd:
         d5:e1:15:07:3d:6e:85:48:5c:1d:b5:dc:a4:6f:45:d7:20:44:
         2e:8c:9f:86:2c:a9:11:dd:e4:ec:d0:57:02:35:ed:89:64:c6:
         44:1e:e3:74:91:81:f3:64:ec:27:55:6a:bf:50:f5:83:59:ba:
         3e:c8:43:b0:20:27:d7:74:6a:95:ce:b5:ea:bf:8d:8b:76:fc:
         47:16:54:35:a5:fc:1c:39:5a:b2:cf:8b:1b:c1:fa:d9:44:aa:
         eb:cd:75:3f:9c:f3:48:c7:95:3f:3b:96:69:f9:5c:d1:88:a7:
         0c:f3:79:5b:36:70:26:3c:3d:15:aa:53:56:52:cc:ff:eb:76:
         62:9b:1e:a1:36:de:ee:33:10:b4:44:95:0d:63:3a:0f:1d:a1:
         45:13:c7:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8RG/uSegINV9yJrlSDTBBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNTM4MjljMDYxYThhZjI2ZGU5NDZmYzllODE4ODVjNzRj
MTc0YzcwHhcNMjYwNjI5MDIwMTE0WhcNMjYwNjMwMDIwMTE0WjAzMTEwLwYDVQQD
EygwY2JlY2MzYmQwZmFhMzQyMWYxMGNhNWE4YmM0MTM2YzgyNzE2ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroAiibbbUESL/Q43ItqTIs3D0S6B
+63mPTUo5rtYXIzKsI3YBCWKvkqT1gIb0isXY7HXCLXDVa3xRPhefJVB2W8vr6pP
2Gh6Fbp1KlDVf+qdzW1E8W39SWyRb9wXOMPfzZjaCX+YTDWEdnSOLmaq2B3xqCoT
aIEXlux4hcKq55RkRoa7RQ3GGAmKqWOuI0pmPMJmV6e21xv4hetrqtdLXsZ1YtT/
2Fsvc9YFkCbNvQtoabAIU0XMBcgZN+6/zrEJEvABqnGuuYa/1eEDQlK38j7eZMX2
IQJ7CYmgq6f+vFv+SQs8E/Upd4g8w5Su2FLMzk7XxNXHJlrybiLD9zzSswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAy+zDvQ+qNCHxDKWovEE2yCcW/sMB8GA1UdIwQY
MBaAFGNTgpwGGorybelG/J6BiFx0wXTHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTFPQ25BWWFpdkp0NlViOG5vR0lYSFRCZE1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS84Y2Y5NjItMDc0Zi00MWFjLWFlMmEt
ODE2MjAzZDIxZDEyLzEvWTFPQ25BWWFpdkp0NlViOG5vR0lYSFRCZE1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS84Y2Y5NjItMDc0Zi00MWFjLWFlMmEtODE2MjAzZDIxZDEy
LzEvWTFPQ25BWWFpdkp0NlViOG5vR0lYSFRCZE1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADrjZmcX1
taGrKbJQSyTyp3TPbCEfq/A41e7yuqHnIMtY/wH0esGNMFd9YEMU6OPXrRuO0J6F
5/p4RX1rK8zKu/ABL3+lNpSUSrwfGbXmEsmNbflgjkMa3wuUiuYHmiLoeawu9Onp
IRzvS0P91eEVBz1uhUhcHbXcpG9F1yBELoyfhiypEd3k7NBXAjXtiWTGRB7jdJGB
82TsJ1Vqv1D1g1m6PshDsCAn13Rqlc616r+Ni3b8RxZUNaX8HDlass+LG8H62USq
6811P5zzSMeVPzuWaflc0YinDPN5WzZwJjw9FapTVlLM/+t2YpseoTbe7jMQtESV
DWM6Dx2hRRPHLg==
-----END CERTIFICATE-----
Generated at Mon Jun 29 11:36:10 2026 by rpki-client