Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
File:                     pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft (raw, json)
Hash identifier:          /ye2zn/9SiozRlXR9SJ75Fwhe67G0h6cdkReql4BDQI=
Subject key identifier:   E0:22:B0:ED:16:3F:09:06:C6:0A:A7:E0:C1:FF:58:9D:47:77:24:D5
Authority key identifier: A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0
Certificate issuer:       /CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
Certificate serial:       019F66F0D51FE5B38B0C2170056DCF2F920E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
Manifest number:          0F33
Signing time:             Wed 15 Jul 2026 18:01:26 +0000
Manifest this update:     Wed 15 Jul 2026 18:01:26 +0000
Manifest next update:     Thu 16 Jul 2026 18:01:26 +0000
Files and hashes:         1: Z8sIth2fuLtbZU5YZYofujl3N3Q.roa (hash: OuZ+DZI7vPFF2f+5cYLFAwbQ08o0C2E+Uzidod1oA7I=)
                          2: pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl (hash: zSTyPk1hBUesdQ79C7wWm9mvDWF8fZGgC3uciH1M+8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 Jul 2026 14:13:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:66:f0:d5:1f:e5:b3:8b:0c:21:70:05:6d:cf:2f:92:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a408fc9246042751110d2ec5065d0c47d1d43cd0
        Validity
            Not Before: Jul 15 18:01:26 2026 GMT
            Not After : Jul 16 18:01:26 2026 GMT
        Subject: CN=e022b0ed163f0906c60aa7e0c1ff589d477724d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:bc:cb:0e:75:6f:6f:11:2d:af:ee:a2:b4:d0:
                    82:07:6f:c9:e9:4c:24:ec:44:19:5c:cf:a4:b1:3f:
                    b3:2d:41:9d:dc:6d:47:f4:52:68:83:24:c8:04:32:
                    d2:3e:2a:5f:e7:31:ea:66:73:60:06:93:35:9d:5c:
                    85:80:49:f3:e1:05:d4:b4:95:59:9a:ac:26:3f:2b:
                    a5:bc:f0:db:96:ef:40:f1:f9:0e:a1:d6:0f:74:93:
                    da:53:29:e8:a4:f4:04:ef:f3:04:f3:7d:68:70:d8:
                    d8:87:86:62:d9:28:12:b4:89:65:2f:6b:f5:77:13:
                    3d:e6:4b:9d:8a:1c:27:0b:a7:32:c6:7e:4c:43:c6:
                    c1:7f:54:d2:47:4d:14:6e:fc:cc:88:a5:80:60:92:
                    fd:cf:a2:28:b6:0f:40:b4:0f:54:ae:8e:2c:75:9a:
                    a2:78:ad:0d:70:e2:44:3d:5e:9d:41:58:ee:ea:1c:
                    9a:5d:14:9c:40:66:4b:be:7d:28:75:36:8d:04:c8:
                    fa:40:dd:2d:5d:6e:06:15:af:5e:ab:cb:6b:cb:7d:
                    a1:c8:fa:84:eb:d6:ac:9f:4b:68:7c:a0:b1:9b:8c:
                    cc:8c:33:dc:6e:fd:1c:cb:ea:01:4d:22:e0:ee:8b:
                    51:77:ec:eb:1b:c1:bb:1e:9f:cc:ce:14:d6:4c:25:
                    2b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:22:B0:ED:16:3F:09:06:C6:0A:A7:E0:C1:FF:58:9D:47:77:24:D5
            X509v3 Authority Key Identifier:
                keyid:A4:08:FC:92:46:04:27:51:11:0D:2E:C5:06:5D:0C:47:D1:D4:3C:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a597c5-3ec4-4b46-8c7b-d92248aabe2d/1/pAj8kkYEJ1ERDS7FBl0MR9HUPNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:d8:17:e9:37:fc:3c:6f:97:4a:76:a5:4a:2f:f5:d2:96:05:
         ef:ac:e8:d6:ba:a9:79:b9:64:02:82:55:fe:7d:77:f2:56:e4:
         ee:08:3e:b7:63:c2:92:6c:b0:b2:bd:c1:83:d7:38:cd:e2:a3:
         9a:39:c6:fb:f2:86:d4:11:1f:2a:21:16:37:77:51:d4:b7:a5:
         a2:e7:4b:91:b1:a5:73:6f:b7:4c:d9:38:a9:1d:07:4c:46:0e:
         b7:50:46:8c:68:43:d2:24:9c:34:93:9b:27:a6:4b:f2:88:3f:
         39:7c:82:15:5f:06:8b:5f:59:5a:6c:d4:2f:97:f2:1e:91:f4:
         a6:6b:8c:96:c2:bf:78:6a:38:cf:36:50:e9:16:03:99:b9:3b:
         68:bc:04:18:a7:5a:c5:de:81:17:22:7a:44:58:06:28:9d:af:
         5d:d1:0b:04:20:f0:87:81:a7:be:bd:1f:46:51:9c:3c:b6:0c:
         e1:bc:7e:4a:82:65:7c:54:bb:58:ee:06:0c:da:38:d3:3e:57:
         e7:5b:c7:55:7a:c5:11:d9:c7:a0:3a:57:9b:4a:e5:04:98:cf:
         bb:82:8b:47:37:66:d8:fd:27:40:8a:7c:4a:d3:6e:55:57:db:
         85:df:4d:6d:37:2f:ff:a5:c4:8d:c4:64:55:a0:84:61:ed:b3:
         23:fe:fc:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ9m8NUf5bOLDCFwBW3PL5IOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDhmYzkyNDYwNDI3NTExMTBkMmVjNTA2NWQwYzQ3ZDFk
NDNjZDAwHhcNMjYwNzE1MTgwMTI2WhcNMjYwNzE2MTgwMTI2WjAzMTEwLwYDVQQD
EyhlMDIyYjBlZDE2M2YwOTA2YzYwYWE3ZTBjMWZmNTg5ZDQ3NzcyNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbzLDnVvbxEtr+6itNCCB2/J6Uwk
7EQZXM+ksT+zLUGd3G1H9FJogyTIBDLSPipf5zHqZnNgBpM1nVyFgEnz4QXUtJVZ
mqwmPyulvPDblu9A8fkOodYPdJPaUynopPQE7/ME831ocNjYh4Zi2SgStIllL2v1
dxM95kudihwnC6cyxn5MQ8bBf1TSR00UbvzMiKWAYJL9z6Iotg9AtA9Uro4sdZqi
eK0NcOJEPV6dQVju6hyaXRScQGZLvn0odTaNBMj6QN0tXW4GFa9eq8try32hyPqE
69asn0tofKCxm4zMjDPcbv0cy+oBTSLg7otRd+zrG8G7Hp/MzhTWTCUrKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOAisO0WPwkGxgqn4MH/WJ1HdyTVMB8GA1UdIwQY
MBaAFKQI/JJGBCdREQ0uxQZdDEfR1DzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2It
ZDkyMjQ4YWFiZTJkLzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNTk3YzUtM2VjNC00YjQ2LThjN2ItZDkyMjQ4YWFiZTJk
LzEvcEFqOGtrWUVKMUVSRFM3RkJsME1SOUhVUE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHNgX6Tf8
PG+XSnalSi/10pYF76zo1rqpeblkAoJV/n138lbk7gg+t2PCkmywsr3Bg9c4zeKj
mjnG+/KG1BEfKiEWN3dR1LeloudLkbGlc2+3TNk4qR0HTEYOt1BGjGhD0iScNJOb
J6ZL8og/OXyCFV8Gi19ZWmzUL5fyHpH0pmuMlsK/eGo4zzZQ6RYDmbk7aLwEGKda
xd6BFyJ6RFgGKJ2vXdELBCDwh4Gnvr0fRlGcPLYM4bx+SoJlfFS7WO4GDNo40z5X
51vHVXrFEdnHoDpXm0rlBJjPu4KLRzdm2P0nQIp8StNuVVfbhd9NbTcv/6XEjcRk
VaCEYe2zI/780A==
-----END CERTIFICATE-----
Generated at Wed Jul 15 22:30:52 2026 by rpki-client