Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
File:                     aMXwmzqQOVDz_NGyVQhu3kh26xE.mft (raw, json)
Hash identifier:          68+qf6FJm49aOn5H02XpeYSIJrsAMWchrFObmxmbBJQ=
Subject key identifier:   5C:02:B7:60:0C:8E:DC:F4:CB:27:BB:9A:10:EA:62:F5:26:38:D9:46
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Certificate issuer:       /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial:       019F33DF60DC6A2282901D15C4F281F4B531
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
Manifest number:          18EA
Signing time:             Sun 05 Jul 2026 20:01:45 +0000
Manifest this update:     Sun 05 Jul 2026 20:01:45 +0000
Manifest next update:     Mon 06 Jul 2026 20:01:45 +0000
Files and hashes:         1: HqknbCtl1Axe3TPw1P6jDONpLVc.roa (hash: ZnfnJYZ+e5B0J97RREAVHfbNjcFtOONy33iXAx75Pag=)
                          2: XUSo3Kod1tZHWF61VODjOx3wrpM.roa (hash: QhGQD15vAX85W4GYn0mpZU7ZappGzzCqkYs2qWxrAto=)
                          3: aMXwmzqQOVDz_NGyVQhu3kh26xE.crl (hash: dWA4Xg8N7Uo5BNlO5W8qkXO2/GCi2T2SlLtZpw8DEPs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 Jul 2026 20:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:33:df:60:dc:6a:22:82:90:1d:15:c4:f2:81:f4:b5:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
        Validity
            Not Before: Jul  5 20:01:45 2026 GMT
            Not After : Jul  6 20:01:45 2026 GMT
        Subject: CN=5c02b7600c8edcf4cb27bb9a10ea62f52638d946
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f3:98:8a:ff:ec:e9:2b:d7:1c:bd:71:dc:ff:
                    bc:df:47:a9:05:0a:b2:9c:7e:89:03:5a:8a:96:32:
                    f8:1c:63:dc:9c:fc:c9:d5:62:e6:6d:d0:e4:5c:fe:
                    35:0f:da:7d:f9:eb:43:0e:49:65:0e:8d:1d:5e:8f:
                    c6:64:28:50:30:4a:6c:38:aa:d0:94:34:9e:1c:82:
                    4e:bf:d8:f8:0f:62:c2:3d:2c:6b:0d:73:4a:13:99:
                    5a:7a:d7:e9:37:81:2b:2e:a6:df:91:fe:23:90:d8:
                    4b:ec:67:7a:a2:69:fc:70:3d:1d:64:5d:1e:fa:58:
                    2a:cf:a9:6f:39:dd:af:06:2b:6c:68:47:55:74:f0:
                    2e:7d:03:8f:b1:1e:a7:04:cf:82:c5:90:4e:d5:8f:
                    96:a9:c4:4e:d7:50:f3:5e:4b:b2:23:8e:0c:21:84:
                    60:3f:0c:72:d5:57:8c:c8:f5:9d:a5:50:52:94:c8:
                    7e:fa:9f:32:49:b7:5a:91:bf:6a:16:c7:9b:33:5c:
                    21:68:ca:94:76:b0:4b:00:19:4a:4b:b4:86:05:5b:
                    fd:59:9b:99:a0:12:ae:41:e6:77:fd:eb:b3:1f:96:
                    ab:df:90:e6:b9:e9:98:15:d4:fa:81:6c:43:7f:e0:
                    9a:41:42:4c:ed:8d:ef:82:33:c3:4a:a1:03:74:92:
                    b3:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:02:B7:60:0C:8E:DC:F4:CB:27:BB:9A:10:EA:62:F5:26:38:D9:46
            X509v3 Authority Key Identifier:
                keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:3c:2a:fc:92:08:d2:bf:70:88:18:6f:02:0d:29:98:2e:01:
         88:84:43:19:b3:fa:3a:d1:61:23:86:74:d1:08:ae:5d:eb:05:
         8f:4b:1f:39:97:d1:62:88:89:31:3b:68:43:63:6a:0f:70:ee:
         8a:35:d3:bd:df:d5:2e:bb:30:73:8e:aa:36:dc:e2:ac:c1:dc:
         57:88:ca:aa:4c:9c:7f:7e:07:29:7f:ab:9a:36:c8:66:21:8c:
         ab:c6:04:b4:17:82:cf:1b:72:58:67:9d:3d:c0:89:44:e4:22:
         73:30:50:6b:fc:94:75:4e:10:80:63:12:ab:64:00:ec:f7:3b:
         32:47:c0:cf:c8:43:14:28:ab:ad:f4:16:58:38:85:29:c3:98:
         7e:20:d6:61:28:a6:bd:55:08:6e:89:54:18:56:26:61:1b:ec:
         8e:2b:37:7f:2f:fc:20:b2:a1:d7:26:79:d4:36:0a:9f:b3:a1:
         e8:ed:45:89:93:b4:68:a8:af:6e:c1:62:4b:0a:55:2f:06:c3:
         2e:8c:f8:cd:18:74:8e:22:4a:37:33:e4:9c:2e:1b:d7:83:b4:
         26:3e:26:a2:a6:49:92:dc:b7:44:14:66:46:88:8e:bd:f0:c8:
         a3:c6:c1:eb:6a:a5:13:f1:3f:fd:89:aa:33:b6:b1:a1:8b:7f:
         fa:8d:a8:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8z32DcaiKCkB0VxPKB9LUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjYwNzA1MjAwMTQ1WhcNMjYwNzA2MjAwMTQ1WjAzMTEwLwYDVQQD
Eyg1YzAyYjc2MDBjOGVkY2Y0Y2IyN2JiOWExMGVhNjJmNTI2MzhkOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfOYiv/s6SvXHL1x3P+830epBQqy
nH6JA1qKljL4HGPcnPzJ1WLmbdDkXP41D9p9+etDDkllDo0dXo/GZChQMEpsOKrQ
lDSeHIJOv9j4D2LCPSxrDXNKE5laetfpN4ErLqbfkf4jkNhL7Gd6omn8cD0dZF0e
+lgqz6lvOd2vBitsaEdVdPAufQOPsR6nBM+CxZBO1Y+WqcRO11DzXkuyI44MIYRg
Pwxy1VeMyPWdpVBSlMh++p8ySbdakb9qFsebM1whaMqUdrBLABlKS7SGBVv9WZuZ
oBKuQeZ3/euzH5ar35DmuemYFdT6gWxDf+CaQUJM7Y3vgjPDSqEDdJKz0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwCt2AMjtz0yye7mhDqYvUmONlGMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdTwq/JII
0r9wiBhvAg0pmC4BiIRDGbP6OtFhI4Z00QiuXesFj0sfOZfRYoiJMTtoQ2NqD3Du
ijXTvd/VLrswc46qNtzirMHcV4jKqkycf34HKX+rmjbIZiGMq8YEtBeCzxtyWGed
PcCJROQiczBQa/yUdU4QgGMSq2QA7Pc7MkfAz8hDFCirrfQWWDiFKcOYfiDWYSim
vVUIbolUGFYmYRvsjis3fy/8ILKh1yZ51DYKn7Oh6O1FiZO0aKivbsFiSwpVLwbD
Loz4zRh0jiJKNzPknC4b14O0Jj4moqZJkty3RBRmRoiOvfDIo8bB62qlE/E//Ymq
M7axoYt/+o2olg==
-----END CERTIFICATE-----
Generated at Mon Jul 6 03:07:37 2026 by rpki-client