Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft
File:                     HRxS8VUvbqDwZNejt521wc8Wa9A.mft (raw, json)
Hash identifier:          QIUq+S8stO+EZIHymjhhJIKNH+g/P01eOmg4yvt6BrE=
Subject key identifier:   D6:78:66:DD:74:CD:95:18:53:47:8D:77:C8:EA:88:17:50:F2:A7:1D
Authority key identifier: 1D:1C:52:F1:55:2F:6E:A0:F0:64:D7:A3:B7:9D:B5:C1:CF:16:6B:D0
Certificate issuer:       /CN=1d1c52f1552f6ea0f064d7a3b79db5c1cf166bd0
Certificate serial:       019F1A8CEE0F231AF43BF60FF974AC7866ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft
Manifest number:          191D
Signing time:             Tue 30 Jun 2026 22:01:11 +0000
Manifest this update:     Tue 30 Jun 2026 22:01:11 +0000
Manifest next update:     Wed 01 Jul 2026 22:01:11 +0000
Files and hashes:         1: HGJ3ZEnNk3YpVjp51uFW7fVRLgc.roa (hash: cUV79+nq1UfEgnpECvrj1jXV8gIvKA75fQt4Y8wK7Xg=)
                          2: HRxS8VUvbqDwZNejt521wc8Wa9A.crl (hash: odiJjT2y2Y+Y9H/AdIMDxvgohT/cDQOT0GqcacycWLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 20:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1a:8c:ee:0f:23:1a:f4:3b:f6:0f:f9:74:ac:78:66:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1c52f1552f6ea0f064d7a3b79db5c1cf166bd0
        Validity
            Not Before: Jun 30 22:01:11 2026 GMT
            Not After : Jul  1 22:01:11 2026 GMT
        Subject: CN=d67866dd74cd951853478d77c8ea881750f2a71d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:48:f2:8f:0d:bb:f5:e0:56:e5:38:9e:69:f8:
                    e1:79:50:e1:32:2e:2b:48:1d:6a:79:30:e2:f4:f7:
                    69:4d:8d:05:db:c7:89:4a:a2:4e:64:64:7b:60:3c:
                    3c:6e:e1:90:6e:75:91:9c:98:ee:23:c5:51:5e:b2:
                    0e:f9:a9:25:61:51:f7:ec:aa:48:0d:df:93:dd:01:
                    f2:ad:12:82:06:c7:b9:b2:3e:42:62:ec:ea:9a:bf:
                    47:1d:68:e6:9a:3d:ac:88:af:27:28:c3:5d:d2:69:
                    86:d7:c4:eb:2f:66:41:f4:a2:b8:57:5c:f3:dc:c9:
                    96:55:99:2c:0a:14:b2:ad:63:d5:1f:d4:fb:b6:5a:
                    ef:35:89:4a:7b:51:2e:cb:ac:69:5c:7e:69:70:36:
                    f5:6b:55:67:8c:0f:9c:1a:ab:c7:dc:42:44:67:bf:
                    c6:0d:16:12:da:ba:7c:dd:7b:25:63:4a:80:61:cd:
                    31:78:a9:30:40:d1:3b:02:1a:a1:43:49:0e:21:05:
                    e8:06:e8:a1:63:33:4a:ed:3a:29:4f:f7:e4:d1:da:
                    cd:98:e3:43:be:ca:0f:42:10:e0:af:c6:98:d6:6b:
                    3a:d4:8f:5b:c8:ad:b3:3c:f0:cb:fb:4d:25:7c:8d:
                    a4:60:11:ad:15:fc:d3:9b:9b:da:97:b6:ab:5b:5d:
                    c3:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:78:66:DD:74:CD:95:18:53:47:8D:77:C8:EA:88:17:50:F2:A7:1D
            X509v3 Authority Key Identifier:
                keyid:1D:1C:52:F1:55:2F:6E:A0:F0:64:D7:A3:B7:9D:B5:C1:CF:16:6B:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HRxS8VUvbqDwZNejt521wc8Wa9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/64f539-feda-49fc-a922-201d5a9bb8aa/1/HRxS8VUvbqDwZNejt521wc8Wa9A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:0e:10:69:5c:79:12:f2:84:d6:8c:41:44:67:f4:73:68:f2:
         a2:6b:ef:c7:ca:05:d3:9c:41:76:6c:b7:6a:44:5a:41:32:85:
         9b:f6:65:c2:9b:be:9f:89:cf:6d:5e:26:c4:20:06:c0:1f:42:
         e9:28:5d:79:64:d5:2b:08:ed:62:96:92:0a:05:06:a3:8c:b8:
         6b:c2:19:72:c2:5e:26:65:2b:d8:41:5a:7a:df:ae:92:be:f7:
         eb:2c:f4:90:1f:36:5d:9b:51:bd:69:a2:39:10:88:00:dc:d4:
         6f:72:ce:24:98:43:ce:b4:16:47:27:d8:ac:7f:51:6c:b7:60:
         24:93:0c:ae:5d:89:1b:37:10:6c:08:5a:b4:03:9e:01:99:7d:
         d8:db:e9:29:aa:6c:75:b5:88:54:cb:b4:b5:0e:fd:10:57:dd:
         46:59:2a:48:86:b3:d3:70:5b:e4:0c:35:1c:08:06:f3:77:b0:
         e8:08:62:af:e6:0c:61:28:8f:15:85:4e:e1:85:84:4a:43:1d:
         af:27:b9:b6:4d:e7:48:6b:76:f5:f2:41:d7:62:1e:92:e7:48:
         a1:d1:20:c4:f2:c7:53:cb:db:70:23:e0:a6:6a:4f:ef:b7:f5:
         f7:e0:aa:84:6a:b2:8f:60:04:cc:ad:a3:85:93:c2:b4:5e:79:
         6f:32:11:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ajO4PIxr0O/YP+XSseGbtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWM1MmYxNTUyZjZlYTBmMDY0ZDdhM2I3OWRiNWMxY2Yx
NjZiZDAwHhcNMjYwNjMwMjIwMTExWhcNMjYwNzAxMjIwMTExWjAzMTEwLwYDVQQD
EyhkNjc4NjZkZDc0Y2Q5NTE4NTM0NzhkNzdjOGVhODgxNzUwZjJhNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0jyjw279eBW5TieafjheVDhMi4r
SB1qeTDi9PdpTY0F28eJSqJOZGR7YDw8buGQbnWRnJjuI8VRXrIO+aklYVH37KpI
Dd+T3QHyrRKCBse5sj5CYuzqmr9HHWjmmj2siK8nKMNd0mmG18TrL2ZB9KK4V1zz
3MmWVZksChSyrWPVH9T7tlrvNYlKe1Euy6xpXH5pcDb1a1VnjA+cGqvH3EJEZ7/G
DRYS2rp83XslY0qAYc0xeKkwQNE7AhqhQ0kOIQXoBuihYzNK7TopT/fk0drNmOND
vsoPQhDgr8aY1ms61I9byK2zPPDL+00lfI2kYBGtFfzTm5val7arW13DuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNZ4Zt10zZUYU0eNd8jqiBdQ8qcdMB8GA1UdIwQY
MBaAFB0cUvFVL26g8GTXo7edtcHPFmvQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82NGY1MzktZmVkYS00OWZjLWE5MjIt
MjAxZDVhOWJiOGFhLzEvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS82NGY1MzktZmVkYS00OWZjLWE5MjItMjAxZDVhOWJiOGFh
LzEvSFJ4UzhWVXZicUR3Wk5lanQ1MjF3YzhXYTlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqQ4QaVx5
EvKE1oxBRGf0c2jyomvvx8oF05xBdmy3akRaQTKFm/Zlwpu+n4nPbV4mxCAGwB9C
6ShdeWTVKwjtYpaSCgUGo4y4a8IZcsJeJmUr2EFaet+ukr736yz0kB82XZtRvWmi
ORCIANzUb3LOJJhDzrQWRyfYrH9RbLdgJJMMrl2JGzcQbAhatAOeAZl92NvpKaps
dbWIVMu0tQ79EFfdRlkqSIaz03Bb5Aw1HAgG83ew6Ahir+YMYSiPFYVO4YWESkMd
rye5tk3nSGt29fJB12IekudIodEgxPLHU8vbcCPgpmpP77f19+CqhGqyj2AEzK2j
hZPCtF55bzIROQ==
-----END CERTIFICATE-----
Generated at Wed Jul 1 04:37:38 2026 by rpki-client