Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
File:                     siDZG06dcPA0-hahaoh9QlV5Kt4.mft (raw, json)
Hash identifier:          h336aAYiARzlPbIjTfi3KZLdMeD4T83UNTHN7RCqPGY=
Subject key identifier:   C8:66:F6:AB:C9:3D:EF:8B:A7:4B:63:DB:68:06:8D:00:D2:5B:18:C3
Authority key identifier: B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE
Certificate issuer:       /CN=b220d91b4e9d70f034fa16a16a887d4255792ade
Certificate serial:       019F29245940D22B6CE559F89810D2AF7AF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
Manifest number:          1992
Signing time:             Fri 03 Jul 2026 18:01:15 +0000
Manifest this update:     Fri 03 Jul 2026 18:01:15 +0000
Manifest next update:     Sat 04 Jul 2026 18:01:15 +0000
Files and hashes:         1: 9qwf6-Dqoc3yJJecKnCaJyAyhZ4.roa (hash: /C2CSaK00NB+/TpXiHAeWUhtWjQTZ45pzq0LkkZy9eA=)
                          2: siDZG06dcPA0-hahaoh9QlV5Kt4.crl (hash: CpVFGb6mn+Gwo4uQZN1YNWi7cCEBeXTAvZdqGRtroTk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 18:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:29:24:59:40:d2:2b:6c:e5:59:f8:98:10:d2:af:7a:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b220d91b4e9d70f034fa16a16a887d4255792ade
        Validity
            Not Before: Jul  3 18:01:15 2026 GMT
            Not After : Jul  4 18:01:15 2026 GMT
        Subject: CN=c866f6abc93def8ba74b63db68068d00d25b18c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:4e:b4:80:bc:f4:04:b4:cc:4f:92:53:a3:9e:
                    a3:cd:9a:d8:f7:16:fd:4c:e7:59:45:03:ff:15:21:
                    2c:55:16:fb:e8:f0:4c:12:ab:1b:91:a9:30:e0:60:
                    4c:75:0b:1c:48:50:8c:fd:8c:8d:4d:2e:af:d8:f9:
                    58:7a:14:12:67:af:78:a0:41:72:46:30:c5:91:3c:
                    6a:31:66:a7:81:95:45:57:d0:9a:ff:ec:43:73:ed:
                    6f:f7:41:01:55:ee:09:ab:0f:bc:eb:87:20:fa:ec:
                    60:37:8a:b4:e2:59:f7:1d:a9:9e:e7:b9:fe:d1:0c:
                    93:f9:1c:92:ec:72:1d:ef:b0:8f:89:79:83:64:0c:
                    3f:1b:d6:6e:7a:c4:a6:66:42:89:cc:3d:12:57:36:
                    58:88:a5:17:81:0c:2f:e3:74:61:1e:a4:1c:6d:05:
                    b5:a2:c3:3e:8f:a3:cd:2d:b6:83:b3:aa:0e:9b:8e:
                    67:a3:a4:c1:83:5b:8e:ca:b2:14:42:8c:f8:a0:2b:
                    dd:da:34:b7:3d:3e:7b:ab:b9:d7:b4:fb:63:15:3d:
                    67:f9:bc:55:43:12:d4:96:5a:a0:54:06:e1:da:12:
                    15:68:e1:d0:ed:d3:13:f3:c0:31:57:a6:e9:e8:2d:
                    50:5d:00:c7:52:c4:a1:a8:99:13:98:67:e2:31:13:
                    38:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:66:F6:AB:C9:3D:EF:8B:A7:4B:63:DB:68:06:8D:00:D2:5B:18:C3
            X509v3 Authority Key Identifier:
                keyid:B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:85:78:ec:1e:77:ba:a4:5f:5d:88:13:a3:50:02:92:2e:9e:
         03:c2:0e:2c:f6:5c:09:ae:9d:12:90:be:f5:a1:f3:80:19:1a:
         ca:64:c7:a5:e3:9a:8c:d7:98:fd:a5:48:20:fb:0a:82:3e:61:
         12:f5:f9:85:85:3d:96:58:ae:37:26:a3:27:eb:21:37:7c:5b:
         6e:fc:47:2a:47:b2:23:90:69:0e:53:cd:50:f4:e1:e4:dd:45:
         3f:13:f9:32:02:47:eb:8c:e0:52:a0:6b:cf:77:75:3f:03:ca:
         96:2e:21:58:c0:b3:2e:fe:ea:0f:8a:3f:18:02:9a:4b:74:20:
         0f:48:2f:50:8d:b8:32:f3:cf:66:3c:98:ee:f9:bf:84:31:a3:
         57:2f:e5:ad:c7:42:5c:e8:16:8b:25:a9:3e:b1:70:33:aa:da:
         d9:c2:8d:7e:48:19:ae:73:81:91:77:cf:ee:d8:68:29:4c:8a:
         c8:9c:b2:ed:34:8a:2a:b6:42:9a:ed:33:f0:cd:b6:9a:93:e5:
         e5:15:91:aa:e4:75:ac:a9:4f:37:af:5d:3e:ad:0f:13:79:ac:
         e0:52:aa:70:a7:dc:f2:8d:a9:ed:66:22:63:dd:b7:87:99:cc:
         6f:73:bc:4d:60:96:74:9d:0e:e3:83:ad:69:2c:0b:aa:7e:c8:
         d1:b8:71:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8pJFlA0its5Vn4mBDSr3r4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMjBkOTFiNGU5ZDcwZjAzNGZhMTZhMTZhODg3ZDQyNTU3
OTJhZGUwHhcNMjYwNzAzMTgwMTE1WhcNMjYwNzA0MTgwMTE1WjAzMTEwLwYDVQQD
EyhjODY2ZjZhYmM5M2RlZjhiYTc0YjYzZGI2ODA2OGQwMGQyNWIxOGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4k60gLz0BLTMT5JTo56jzZrY9xb9
TOdZRQP/FSEsVRb76PBMEqsbkakw4GBMdQscSFCM/YyNTS6v2PlYehQSZ694oEFy
RjDFkTxqMWangZVFV9Ca/+xDc+1v90EBVe4Jqw+864cg+uxgN4q04ln3Hame57n+
0QyT+RyS7HId77CPiXmDZAw/G9ZuesSmZkKJzD0SVzZYiKUXgQwv43RhHqQcbQW1
osM+j6PNLbaDs6oOm45no6TBg1uOyrIUQoz4oCvd2jS3PT57q7nXtPtjFT1n+bxV
QxLUllqgVAbh2hIVaOHQ7dMT88AxV6bp6C1QXQDHUsShqJkTmGfiMRM4QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMhm9qvJPe+Lp0tj22gGjQDSWxjDMB8GA1UdIwQY
MBaAFLIg2RtOnXDwNPoWoWqIfUJVeSreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQt
OTg3MTczYjllOTg3LzEvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQtOTg3MTczYjllOTg3
LzEvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkYV47B53
uqRfXYgTo1ACki6eA8IOLPZcCa6dEpC+9aHzgBkaymTHpeOajNeY/aVIIPsKgj5h
EvX5hYU9lliuNyajJ+shN3xbbvxHKkeyI5BpDlPNUPTh5N1FPxP5MgJH64zgUqBr
z3d1PwPKli4hWMCzLv7qD4o/GAKaS3QgD0gvUI24MvPPZjyY7vm/hDGjVy/lrcdC
XOgWiyWpPrFwM6ra2cKNfkgZrnOBkXfP7thoKUyKyJyy7TSKKrZCmu0z8M22mpPl
5RWRquR1rKlPN69dPq0PE3ms4FKqcKfc8o2p7WYiY923h5nMb3O8TWCWdJ0O44Ot
aSwLqn7I0bhxlw==
-----END CERTIFICATE-----
Generated at Sat Jul 4 01:32:37 2026 by rpki-client