Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.mft
File:                     O4_iRlhDAxt3i7jYt701oJT8z0g.mft (raw, json)
Hash identifier:          vJqDe418N0YqkcpqJZSps40gqfgYhPap9da979k1AUQ=
Subject key identifier:   0E:63:FC:C8:E9:00:20:B8:51:9D:C9:49:3D:1B:B5:81:9A:32:DE:0F
Authority key identifier: 3B:8F:E2:46:58:43:03:1B:77:8B:B8:D8:B7:BD:35:A0:94:FC:CF:48
Certificate issuer:       /CN=3b8fe2465843031b778bb8d8b7bd35a094fccf48
Certificate serial:       019F3717883084E801EB385611D2F36BE067
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.mft
Manifest number:          13FF
Signing time:             Mon 06 Jul 2026 11:01:56 +0000
Manifest this update:     Mon 06 Jul 2026 11:01:56 +0000
Manifest next update:     Tue 07 Jul 2026 11:01:56 +0000
Files and hashes:         1: 6J5zq7acHeCorGt2Kz1SRI8TBxw.roa (hash: QUb/O/uGMs7lP+6gaahFi67OYlrRZUT6YWqd/feI1TU=)
                          2: O4_iRlhDAxt3i7jYt701oJT8z0g.crl (hash: rWNhgCdzPADYjcQNjpCpo3IQwzAePKjjp9adr3RrkJA=)
                          3: SAEHlpuu2VHfT1gYOBIDmp8YrI0.roa (hash: f+Ly+ugjS2e2LTdlARUIcZJrF9Q/kNyEBJzeeNxkntA=)
                          4: l8nJcuD4rGZxCdIYInml3vohntk.roa (hash: eU3RnT3IPn87hTAFydZwwQYkYydG1vHyM8wmqGF1vjs=)
                          5: n7VSYaUgna6BrvfvQJiTcoRPzQk.roa (hash: M0u1q9q0trXFDUH6vNkVVYgYyDRJLjrO4qxwE6RvEOA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 Jul 2026 11:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:37:17:88:30:84:e8:01:eb:38:56:11:d2:f3:6b:e0:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b8fe2465843031b778bb8d8b7bd35a094fccf48
        Validity
            Not Before: Jul  6 11:01:56 2026 GMT
            Not After : Jul  7 11:01:56 2026 GMT
        Subject: CN=0e63fcc8e90020b8519dc9493d1bb5819a32de0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:80:c2:be:1f:f1:29:6c:11:e7:91:22:5d:9c:
                    ac:61:91:b6:3a:e9:25:04:f2:18:1f:17:bb:01:4f:
                    3d:d2:c6:73:52:04:a6:ce:ef:e3:d6:22:f1:0c:63:
                    33:bb:71:62:79:cf:2b:b8:59:d5:02:67:bd:b7:31:
                    8d:2c:49:a3:d2:60:06:7c:48:62:66:5a:f8:99:d0:
                    e9:db:18:ac:d6:4b:e0:f8:6c:a8:a8:62:0a:23:17:
                    5a:56:09:df:46:c2:f7:6c:93:1b:f8:b1:cd:80:51:
                    8a:d9:6c:1a:43:31:76:3f:8a:22:9f:68:d2:bd:2a:
                    81:1a:67:71:d0:5c:d0:c5:10:f4:e6:b4:27:55:ef:
                    18:2b:c5:a8:4f:b3:78:75:41:e8:a9:67:f6:34:4c:
                    e2:df:58:42:8d:a2:0d:1c:8c:13:ea:1d:de:5a:7a:
                    a8:17:17:fa:3d:20:92:25:db:2b:67:e9:7d:20:76:
                    9e:29:45:df:6d:f9:94:f1:34:82:31:ce:17:14:6b:
                    6c:75:6d:e0:41:e1:30:90:96:57:12:19:0a:ca:75:
                    b0:b1:47:f4:4d:4a:26:c3:f0:4a:fc:b5:d0:52:9e:
                    85:6c:88:19:c0:f2:02:88:f1:c3:33:2b:b3:c0:b3:
                    fe:c1:0d:4e:a3:a6:19:d1:90:91:8e:e1:cb:4a:9a:
                    a0:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:63:FC:C8:E9:00:20:B8:51:9D:C9:49:3D:1B:B5:81:9A:32:DE:0F
            X509v3 Authority Key Identifier:
                keyid:3B:8F:E2:46:58:43:03:1B:77:8B:B8:D8:B7:BD:35:A0:94:FC:CF:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4_iRlhDAxt3i7jYt701oJT8z0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef20cf-4c39-4707-857c-7c35006e07a1/1/O4_iRlhDAxt3i7jYt701oJT8z0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:85:2b:d0:59:fe:85:ff:39:1c:f9:40:d6:03:fd:80:92:a3:
         d6:e9:cf:80:4c:c1:88:46:82:2b:1d:43:60:02:b0:fa:69:f4:
         81:54:3e:13:66:3b:fc:11:11:a7:8a:3d:7d:ab:e4:29:77:d2:
         e7:b1:0f:c5:16:21:d9:07:7f:05:03:2f:61:ed:91:0d:1a:a3:
         4c:15:f5:7d:76:b8:af:b5:21:c1:e8:40:58:a0:61:df:b8:34:
         cf:28:f8:eb:ea:e7:f2:9d:c8:bf:8e:3d:d3:61:4b:69:0b:71:
         46:1f:81:92:9d:5b:e6:9b:eb:d5:61:ce:42:95:53:b7:6f:e9:
         83:e1:dc:74:10:67:f1:48:55:15:56:ad:cc:e9:f2:9c:e8:52:
         9b:e6:3e:8b:27:4f:9c:8b:f1:c0:71:8e:ea:e3:46:e5:40:d4:
         8d:d4:30:94:e1:12:f9:ee:b0:88:47:56:7a:c9:9c:e2:83:9d:
         8b:5e:14:72:a3:6f:2d:03:03:da:c8:22:86:f0:fc:5c:0c:8c:
         4d:96:0e:57:1c:16:12:7a:b0:3d:b6:fc:a6:42:fc:f6:ee:38:
         c3:23:a7:57:a6:70:0f:ad:2b:ae:b4:8c:e1:d6:4e:9f:1c:0a:
         33:71:65:e8:32:4b:aa:c5:71:f2:87:21:b5:1f:3d:18:45:4f:
         5b:a9:4e:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ83F4gwhOgB6zhWEdLza+BnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOGZlMjQ2NTg0MzAzMWI3NzhiYjhkOGI3YmQzNWEwOTRm
Y2NmNDgwHhcNMjYwNzA2MTEwMTU2WhcNMjYwNzA3MTEwMTU2WjAzMTEwLwYDVQQD
EygwZTYzZmNjOGU5MDAyMGI4NTE5ZGM5NDkzZDFiYjU4MTlhMzJkZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYDCvh/xKWwR55EiXZysYZG2Oukl
BPIYHxe7AU890sZzUgSmzu/j1iLxDGMzu3Fiec8ruFnVAme9tzGNLEmj0mAGfEhi
Zlr4mdDp2xis1kvg+GyoqGIKIxdaVgnfRsL3bJMb+LHNgFGK2WwaQzF2P4oin2jS
vSqBGmdx0FzQxRD05rQnVe8YK8WoT7N4dUHoqWf2NEzi31hCjaINHIwT6h3eWnqo
Fxf6PSCSJdsrZ+l9IHaeKUXfbfmU8TSCMc4XFGtsdW3gQeEwkJZXEhkKynWwsUf0
TUomw/BK/LXQUp6FbIgZwPICiPHDMyuzwLP+wQ1Oo6YZ0ZCRjuHLSpqgqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5j/MjpACC4UZ3JST0btYGaMt4PMB8GA1UdIwQY
MBaAFDuP4kZYQwMbd4u42Le9NaCU/M9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjIwY2YtNGMzOS00NzA3LTg1N2Mt
N2MzNTAwNmUwN2ExLzEvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZjIwY2YtNGMzOS00NzA3LTg1N2MtN2MzNTAwNmUwN2Ex
LzEvTzRfaVJsaERBeHQzaTdqWXQ3MDFvSlQ4ejBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtIUr0Fn+
hf85HPlA1gP9gJKj1unPgEzBiEaCKx1DYAKw+mn0gVQ+E2Y7/BERp4o9favkKXfS
57EPxRYh2Qd/BQMvYe2RDRqjTBX1fXa4r7UhwehAWKBh37g0zyj46+rn8p3Iv449
02FLaQtxRh+Bkp1b5pvr1WHOQpVTt2/pg+HcdBBn8UhVFVatzOnynOhSm+Y+iydP
nIvxwHGO6uNG5UDUjdQwlOES+e6wiEdWesmc4oOdi14UcqNvLQMD2sgihvD8XAyM
TZYOVxwWEnqwPbb8pkL89u44wyOnV6ZwD60rrrSM4dZOnxwKM3Fl6DJLqsVx8och
tR89GEVPW6lOMA==
-----END CERTIFICATE-----
Generated at Mon Jul 6 19:20:58 2026 by rpki-client