Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
File:                     dfGnY3RcJdrSj0qBFmiOgs4SAos.mft (raw, json)
Hash identifier:          DOJmpxzQBKjlIhobiaFfnbdZXpthtAnPNEx16qN/xBk=
Subject key identifier:   65:D8:4A:10:0A:78:43:49:93:99:AA:E8:CF:78:92:B2:B9:9E:31:BC
Authority key identifier: 75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
Certificate issuer:       /CN=75f1a763745c25dad28f4a8116688e82ce12028b
Certificate serial:       019D115818F643D8A09D128E4760EF7859E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
Manifest number:          16A2
Signing time:             Sat 21 Mar 2026 17:01:19 +0000
Manifest this update:     Sat 21 Mar 2026 17:01:19 +0000
Manifest next update:     Sun 22 Mar 2026 17:01:19 +0000
Files and hashes:         1: dfGnY3RcJdrSj0qBFmiOgs4SAos.crl (hash: CQz4YCl5Qa61992h2XWkgF0MyLMxLSKE6ypHxoYstfg=)
                          2: r51G36-SetuHZD_3jiNwB4dx7Wo.roa (hash: V4MD7ZgRQakaXzVvC+xHIbnQN7EcZaGY5X7pj9GMtGk=)
                          3: z9mvcCRCkYuHKKd00BlCEYA9eQU.roa (hash: mRPfZgnI9elFYBzB1KqCj8Oo2adMJczMgSykoYWKKi4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 22 Mar 2026 14:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:11:58:18:f6:43:d8:a0:9d:12:8e:47:60:ef:78:59:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75f1a763745c25dad28f4a8116688e82ce12028b
        Validity
            Not Before: Mar 21 17:01:19 2026 GMT
            Not After : Mar 22 17:01:19 2026 GMT
        Subject: CN=65d84a100a7843499399aae8cf7892b2b99e31bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ae:99:b7:c6:68:2a:e9:f6:f1:ee:3a:12:45:
                    1c:18:98:d4:cc:a2:c9:94:af:15:a3:8c:38:17:79:
                    eb:4c:3d:57:d0:1d:6f:50:1f:27:be:c7:f9:f9:35:
                    3c:35:60:77:cf:e8:c5:6f:60:5d:6e:7c:ea:79:fb:
                    41:b1:70:d7:67:94:b6:08:d0:d4:5a:ae:df:f1:74:
                    93:64:8b:60:04:5b:7a:fb:6b:e1:a2:7a:88:ac:5f:
                    5b:74:ab:a5:81:d2:d6:71:fa:49:9e:fa:8c:74:56:
                    00:b4:08:ba:df:0f:38:2c:eb:11:7e:6e:6d:6d:38:
                    dd:da:44:b4:57:01:76:b3:ad:4d:c7:70:ee:ab:ff:
                    4c:dd:48:e7:b4:4a:57:37:1c:08:fe:cc:c8:2f:c1:
                    2f:82:e4:82:12:77:37:c9:6e:96:e6:55:ed:ce:4f:
                    d4:a0:bf:53:4f:c4:34:3e:88:29:39:6c:2b:5f:a0:
                    42:e4:02:4c:1f:dc:38:89:30:90:fc:85:a1:64:6b:
                    cb:09:aa:30:fe:bf:63:32:f5:f9:bc:2a:bc:de:10:
                    fc:5f:d3:1d:af:cb:c1:da:16:ad:5f:bf:47:c6:d1:
                    a7:41:2d:57:27:bd:a4:c8:4c:43:89:25:0a:96:a0:
                    23:d3:b9:35:1a:c0:66:f9:f9:2a:40:47:23:25:e8:
                    f6:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:D8:4A:10:0A:78:43:49:93:99:AA:E8:CF:78:92:B2:B9:9E:31:BC
            X509v3 Authority Key Identifier:
                keyid:75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:fb:35:40:31:04:5e:57:b2:7f:b7:86:d7:36:86:9c:c9:96:
         1b:f5:85:a9:9b:a2:21:16:4b:c5:4c:1d:78:80:1b:aa:a2:27:
         23:ed:7b:ab:77:d5:06:ea:e2:b0:e4:24:8a:5b:d7:dc:0a:60:
         8d:8b:4f:37:52:56:c8:20:00:8f:aa:1d:6c:7a:70:67:31:67:
         21:d4:d3:c9:93:b1:2f:e3:38:3b:9b:0e:72:4e:aa:c0:ad:9b:
         d1:e9:5c:c0:23:f4:e8:74:18:a5:4b:f7:5c:3b:94:57:3e:21:
         2b:ae:9b:9b:a9:91:3e:42:b5:d9:06:9e:f0:0d:71:76:95:b8:
         b0:a2:09:6c:04:e8:e0:d5:29:6d:4a:91:4e:b4:ca:64:11:ba:
         68:c8:de:77:e0:d1:f6:5a:98:8c:af:a8:b5:5e:6f:dc:0d:72:
         f2:83:19:e8:42:03:6d:a0:fb:fc:2b:bd:60:64:b2:5e:97:9e:
         97:5d:86:2b:17:74:d7:05:b7:0c:ee:2d:e3:c5:d6:bb:1f:2d:
         5b:41:b7:c5:b3:e6:7f:1d:41:b4:ac:8f:a8:f2:a2:24:55:a1:
         38:65:a8:6d:ea:cd:82:75:52:d2:6f:a5:55:5e:ac:32:b1:48:
         d5:49:71:2e:b2:d6:c7:5f:53:17:3c:16:02:62:8c:c9:de:4a:
         6e:d3:38:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0RWBj2Q9ignRKOR2DveFniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZjFhNzYzNzQ1YzI1ZGFkMjhmNGE4MTE2Njg4ZTgyY2Ux
MjAyOGIwHhcNMjYwMzIxMTcwMTE5WhcNMjYwMzIyMTcwMTE5WjAzMTEwLwYDVQQD
Eyg2NWQ4NGExMDBhNzg0MzQ5OTM5OWFhZThjZjc4OTJiMmI5OWUzMWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta6Zt8ZoKun28e46EkUcGJjUzKLJ
lK8Vo4w4F3nrTD1X0B1vUB8nvsf5+TU8NWB3z+jFb2BdbnzqeftBsXDXZ5S2CNDU
Wq7f8XSTZItgBFt6+2vhonqIrF9bdKulgdLWcfpJnvqMdFYAtAi63w84LOsRfm5t
bTjd2kS0VwF2s61Nx3Duq/9M3UjntEpXNxwI/szIL8EvguSCEnc3yW6W5lXtzk/U
oL9TT8Q0PogpOWwrX6BC5AJMH9w4iTCQ/IWhZGvLCaow/r9jMvX5vCq83hD8X9Md
r8vB2hatX79HxtGnQS1XJ72kyExDiSUKlqAj07k1GsBm+fkqQEcjJej2DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXYShAKeENJk5mq6M94krK5njG8MB8GA1UdIwQY
MBaAFHXxp2N0XCXa0o9KgRZojoLOEgKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQt
Yzg0OWJjMGYzNTliLzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQtYzg0OWJjMGYzNTli
LzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT/s1QDEE
Xleyf7eG1zaGnMmWG/WFqZuiIRZLxUwdeIAbqqInI+17q3fVBurisOQkilvX3Apg
jYtPN1JWyCAAj6odbHpwZzFnIdTTyZOxL+M4O5sOck6qwK2b0elcwCP06HQYpUv3
XDuUVz4hK66bm6mRPkK12Qae8A1xdpW4sKIJbATo4NUpbUqRTrTKZBG6aMjed+DR
9lqYjK+otV5v3A1y8oMZ6EIDbaD7/Cu9YGSyXpeel12GKxd01wW3DO4t48XWux8t
W0G3xbPmfx1BtKyPqPKiJFWhOGWoberNgnVS0m+lVV6sMrFI1UlxLrLWx19TFzwW
AmKMyd5KbtM4UA==
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:02:47 2026 by rpki-client