Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
File:                     CgIUob8dOv0t1msjqZcxBrXTFso.mft (raw, json)
Hash identifier:          Hri5byuain4T8MLx9oocgX3NZZ8EUJUlN0uHFMH693E=
Subject key identifier:   65:A5:74:DE:19:7C:CF:39:9B:C3:CE:91:54:E9:EA:37:B7:37:F6:47
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Certificate issuer:       /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial:       019DA6B0524F496B1145A4B7D9EF23CB2124
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
Manifest number:          13AA
Signing time:             Sun 19 Apr 2026 17:01:06 +0000
Manifest this update:     Sun 19 Apr 2026 17:01:06 +0000
Manifest next update:     Mon 20 Apr 2026 17:01:06 +0000
Files and hashes:         1: CgIUob8dOv0t1msjqZcxBrXTFso.crl (hash: 627ED9UQ2WF1DSo2n/UGhQcv7vRHRkLP+axbARnkV/M=)
                          2: Kr82PzCvD4Fk7jNwoZ0-iCZtxTE.roa (hash: XM1J6jO/D+cqiYMXDlDXyv/SlFsPZ20nk+XVsCUihVk=)
                          3: cENwAzhw60-ikgeBP0Wk-X-TPRQ.roa (hash: WKFy5CgMQiAy0y2WtEt+U7yH6EI/ABaKojXrx+8izJQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 17:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a6:b0:52:4f:49:6b:11:45:a4:b7:d9:ef:23:cb:21:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
        Validity
            Not Before: Apr 19 17:01:06 2026 GMT
            Not After : Apr 20 17:01:06 2026 GMT
        Subject: CN=65a574de197ccf399bc3ce9154e9ea37b737f647
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:88:4e:9a:39:0d:7b:f9:83:11:96:88:eb:71:
                    c3:93:ee:54:ec:0b:f8:ed:76:47:f5:cd:23:e7:1b:
                    24:27:3c:4f:40:bb:9b:f5:6c:b9:1d:03:8a:e6:bc:
                    b6:97:2a:85:38:93:39:0b:e5:18:af:2a:38:39:65:
                    46:06:ce:5a:5c:78:11:7a:3d:1b:b9:df:a7:8a:b4:
                    c2:2d:f3:24:40:d6:6a:ca:a3:a1:55:ce:e0:f0:8b:
                    1f:8b:49:07:9c:2f:ae:75:58:f9:39:64:02:be:4d:
                    f2:3a:db:e3:c0:e8:d7:49:c3:db:3b:b5:75:fa:3d:
                    d3:81:d2:c0:89:22:46:73:23:36:f2:6e:5d:0c:0e:
                    5e:66:7f:44:11:15:59:52:b6:ea:2e:c7:ed:25:5d:
                    38:41:76:a6:ef:e9:d3:87:a5:65:60:d2:60:ef:e5:
                    db:65:65:dc:39:21:65:9a:f4:50:f4:77:e6:b2:99:
                    cc:8d:58:1e:a6:f5:8a:69:5e:3d:ec:d5:04:aa:76:
                    10:77:68:a5:20:cb:3b:68:ad:18:d6:c7:53:5a:93:
                    f5:40:e9:2b:61:2f:71:d9:93:13:d4:0b:64:59:b9:
                    53:f7:4f:1c:2f:8f:34:5f:b2:8c:46:0e:19:5a:34:
                    b4:69:bb:54:de:6b:28:1a:c5:0f:f9:56:9f:d8:8c:
                    07:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:A5:74:DE:19:7C:CF:39:9B:C3:CE:91:54:E9:EA:37:B7:37:F6:47
            X509v3 Authority Key Identifier:
                keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:08:23:28:55:2b:c0:47:ee:59:79:0e:d2:dc:71:e7:ff:b5:
         84:e6:36:0e:06:14:51:33:64:7b:7e:9b:2d:f1:d6:22:42:4e:
         de:79:f1:98:5b:c7:53:1b:33:69:8b:e8:26:fd:ba:b8:29:90:
         43:67:df:37:2d:f3:94:b8:a4:95:22:44:a0:2b:b9:06:6f:27:
         f2:df:c4:e3:e6:be:30:6b:5a:50:7d:08:55:f8:3d:1e:30:ae:
         c9:3e:af:50:40:8f:14:00:40:7c:98:b3:1e:ab:66:ed:8d:89:
         22:f5:70:69:57:5e:98:cf:90:d3:b6:a1:d2:45:0f:c7:b9:86:
         a0:d8:cf:7c:43:19:9f:90:7e:27:a3:6b:57:af:5b:0a:bb:23:
         62:4e:de:53:6b:0f:2d:f8:d1:72:5c:50:58:99:7e:3f:8a:3f:
         87:a5:69:00:52:7e:80:cc:7b:f3:1f:54:9b:a1:0f:1d:e6:bf:
         12:bc:35:29:56:a3:dd:b0:94:b0:f0:85:d9:88:d6:99:46:31:
         45:6d:13:98:d8:1f:2b:cd:89:7c:27:86:ff:e0:39:d8:6d:d6:
         09:93:d5:ed:ff:ae:33:2a:6f:3f:de:c0:3d:c0:dc:ae:61:da:
         86:86:85:88:08:ad:f1:9a:dc:a4:bc:2c:68:04:70:76:d1:f4:
         b5:4e:b1:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2msFJPSWsRRaS32e8jyyEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjYwNDE5MTcwMTA2WhcNMjYwNDIwMTcwMTA2WjAzMTEwLwYDVQQD
Eyg2NWE1NzRkZTE5N2NjZjM5OWJjM2NlOTE1NGU5ZWEzN2I3MzdmNjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIhOmjkNe/mDEZaI63HDk+5U7Av4
7XZH9c0j5xskJzxPQLub9Wy5HQOK5ry2lyqFOJM5C+UYryo4OWVGBs5aXHgRej0b
ud+nirTCLfMkQNZqyqOhVc7g8Isfi0kHnC+udVj5OWQCvk3yOtvjwOjXScPbO7V1
+j3TgdLAiSJGcyM28m5dDA5eZn9EERVZUrbqLsftJV04QXam7+nTh6VlYNJg7+Xb
ZWXcOSFlmvRQ9HfmspnMjVgepvWKaV497NUEqnYQd2ilIMs7aK0Y1sdTWpP1QOkr
YS9x2ZMT1AtkWblT908cL480X7KMRg4ZWjS0abtU3msoGsUP+Vaf2IwHUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGWldN4ZfM85m8POkVTp6je3N/ZHMB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZggjKFUr
wEfuWXkO0txx5/+1hOY2DgYUUTNke36bLfHWIkJO3nnxmFvHUxszaYvoJv26uCmQ
Q2ffNy3zlLiklSJEoCu5Bm8n8t/E4+a+MGtaUH0IVfg9HjCuyT6vUECPFABAfJiz
Hqtm7Y2JIvVwaVdemM+Q07ah0kUPx7mGoNjPfEMZn5B+J6NrV69bCrsjYk7eU2sP
LfjRclxQWJl+P4o/h6VpAFJ+gMx78x9Um6EPHea/Erw1KVaj3bCUsPCF2YjWmUYx
RW0TmNgfK82JfCeG/+A52G3WCZPV7f+uMypvP97APcDcrmHahoaFiAit8ZrcpLws
aARwdtH0tU6xdw==
-----END CERTIFICATE-----
Generated at Mon Apr 20 03:28:44 2026 by rpki-client