Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/5ded6c-b469-420c-b15e-52b3f68dc0c2/1/i7dzgYUSSQpQCthD6irnF-8hsUw.mft
File:                     i7dzgYUSSQpQCthD6irnF-8hsUw.mft (raw, json)
Hash identifier:          uKEJrKFNYVQFqJREQwPXsSyRjVUxGDzUNtBVkm/OT6o=
Subject key identifier:   8A:01:83:64:C5:85:3C:1F:88:08:94:CB:CD:ED:4D:C3:B5:0F:38:57
Authority key identifier: 8B:B7:73:81:85:12:49:0A:50:0A:D8:43:EA:2A:E7:17:EF:21:B1:4C
Certificate issuer:       /CN=8bb773818512490a500ad843ea2ae717ef21b14c
Certificate serial:       019F3CE2FA41992FBAF0821D32EE97C6F684
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i7dzgYUSSQpQCthD6irnF-8hsUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/5ded6c-b469-420c-b15e-52b3f68dc0c2/1/i7dzgYUSSQpQCthD6irnF-8hsUw.mft
Manifest number:          199A
Signing time:             Tue 07 Jul 2026 14:02:15 +0000
Manifest this update:     Tue 07 Jul 2026 14:02:15 +0000
Manifest next update:     Wed 08 Jul 2026 14:02:15 +0000
Files and hashes:         1: Ra13SMTFBvpWhxXrpfFnFw-OimM.roa (hash: b0Za2pBFcrD4LJ53MzUO0gNJytzhPTrcz+l8K+RFsRM=)
                          2: i7dzgYUSSQpQCthD6irnF-8hsUw.crl (hash: krv75259phZevoU2o6dMD5lVE0d0X5i+i0UIj0MzwF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/5ded6c-b469-420c-b15e-52b3f68dc0c2/1/i7dzgYUSSQpQCthD6irnF-8hsUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/5ded6c-b469-420c-b15e-52b3f68dc0c2/1/i7dzgYUSSQpQCthD6irnF-8hsUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i7dzgYUSSQpQCthD6irnF-8hsUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 08 Jul 2026 14:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:3c:e2:fa:41:99:2f:ba:f0:82:1d:32:ee:97:c6:f6:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bb773818512490a500ad843ea2ae717ef21b14c
        Validity
            Not Before: Jul  7 14:02:15 2026 GMT
            Not After : Jul  8 14:02:15 2026 GMT
        Subject: CN=8a018364c5853c1f880894cbcded4dc3b50f3857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e6:ce:d7:88:68:d6:6c:05:fc:c9:8d:4d:30:
                    72:b4:36:ea:a6:19:36:3b:2e:be:8e:54:94:62:2e:
                    4c:e9:6b:d1:24:0a:18:56:06:9f:64:6c:09:af:d1:
                    22:53:49:9c:57:84:16:23:84:23:e1:9f:c6:2f:fd:
                    53:e6:ef:cf:46:ef:7e:0e:cd:fc:72:23:2f:64:37:
                    36:64:dc:c0:0c:a5:89:c0:35:de:92:32:44:11:dc:
                    3f:45:7c:71:c1:f0:45:fc:f2:b2:b1:65:28:6b:9e:
                    d1:79:8a:7a:fd:33:cc:a5:2b:ef:13:b0:cf:7c:73:
                    15:24:73:c7:df:64:c6:01:96:1a:f7:7a:75:b7:42:
                    f1:f6:df:bb:bf:30:ec:f8:f9:77:3f:bf:77:ac:05:
                    9e:6a:12:a1:e8:4a:bb:c9:de:9e:94:ae:5f:6d:26:
                    15:ee:d9:9c:25:8a:bb:77:1f:f1:f7:f3:13:3e:3d:
                    45:72:71:7e:3d:a1:10:4a:2a:bc:c2:c2:ed:78:0a:
                    3d:96:56:ba:c4:85:d3:13:a9:9a:ba:a9:af:ff:d6:
                    6d:9e:57:60:ed:21:fe:a0:54:db:f3:17:7f:28:00:
                    ee:02:c2:69:e9:5f:1b:ae:8d:c1:fc:15:f8:ff:86:
                    07:57:e3:20:b0:45:40:d7:cf:86:27:0d:e9:0e:25:
                    15:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:01:83:64:C5:85:3C:1F:88:08:94:CB:CD:ED:4D:C3:B5:0F:38:57
            X509v3 Authority Key Identifier:
                keyid:8B:B7:73:81:85:12:49:0A:50:0A:D8:43:EA:2A:E7:17:EF:21:B1:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7dzgYUSSQpQCthD6irnF-8hsUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ded6c-b469-420c-b15e-52b3f68dc0c2/1/i7dzgYUSSQpQCthD6irnF-8hsUw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/5ded6c-b469-420c-b15e-52b3f68dc0c2/1/i7dzgYUSSQpQCthD6irnF-8hsUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:a6:1d:2d:6e:d2:5b:9a:b3:28:7b:35:b1:2a:c7:09:a2:80:
         4b:3d:de:28:4a:e8:ce:4d:d0:aa:11:9c:25:9f:ba:5f:eb:e9:
         2b:27:f4:ba:ff:c3:82:21:b1:d1:ca:06:89:6e:bc:4b:73:c3:
         61:87:be:d4:42:29:cb:45:b8:1a:64:48:da:3b:94:e4:19:38:
         30:12:ab:10:97:61:1f:59:0f:3c:67:ad:f9:f9:24:16:e3:f2:
         d1:90:80:18:f9:29:a8:a2:e8:a7:08:ea:29:95:b7:54:57:ae:
         bf:cf:e6:17:6a:bb:bd:1a:76:c3:5f:29:ee:9d:10:c8:a1:0d:
         df:0d:0b:73:84:96:3b:5c:ba:81:93:5b:8c:7a:42:e0:6c:cb:
         66:86:32:96:cd:2c:4e:52:a0:07:e1:75:ad:0a:35:3b:6b:13:
         b2:77:fb:c7:8a:95:ac:2c:4a:67:71:b0:49:de:c3:f4:d2:0a:
         af:f9:6f:a0:ac:c8:ce:29:8d:0c:92:15:93:66:03:07:9e:47:
         96:66:97:ee:63:42:c7:ec:c3:ce:71:aa:2d:92:ec:ac:42:36:
         a2:bd:a5:bc:e7:03:6f:aa:86:59:ce:a2:dd:ca:8c:1b:f3:e5:
         9f:72:83:96:c6:49:64:0b:e1:28:97:7a:4e:08:b7:31:44:4c:
         7b:a3:e9:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ884vpBmS+68IIdMu6XxvaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjc3MzgxODUxMjQ5MGE1MDBhZDg0M2VhMmFlNzE3ZWYy
MWIxNGMwHhcNMjYwNzA3MTQwMjE1WhcNMjYwNzA4MTQwMjE1WjAzMTEwLwYDVQQD
Eyg4YTAxODM2NGM1ODUzYzFmODgwODk0Y2JjZGVkNGRjM2I1MGYzODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApebO14ho1mwF/MmNTTBytDbqphk2
Oy6+jlSUYi5M6WvRJAoYVgafZGwJr9EiU0mcV4QWI4Qj4Z/GL/1T5u/PRu9+Ds38
ciMvZDc2ZNzADKWJwDXekjJEEdw/RXxxwfBF/PKysWUoa57ReYp6/TPMpSvvE7DP
fHMVJHPH32TGAZYa93p1t0Lx9t+7vzDs+Pl3P793rAWeahKh6Eq7yd6elK5fbSYV
7tmcJYq7dx/x9/MTPj1FcnF+PaEQSiq8wsLteAo9lla6xIXTE6mauqmv/9Ztnldg
7SH+oFTb8xd/KADuAsJp6V8bro3B/BX4/4YHV+MgsEVA18+GJw3pDiUV9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoBg2TFhTwfiAiUy83tTcO1DzhXMB8GA1UdIwQY
MBaAFIu3c4GFEkkKUArYQ+oq5xfvIbFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdkemdZVVNTUXBRQ3RoRDZpcm5GLThoc1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS81ZGVkNmMtYjQ2OS00MjBjLWIxNWUt
NTJiM2Y2OGRjMGMyLzEvaTdkemdZVVNTUXBRQ3RoRDZpcm5GLThoc1V3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS81ZGVkNmMtYjQ2OS00MjBjLWIxNWUtNTJiM2Y2OGRjMGMy
LzEvaTdkemdZVVNTUXBRQ3RoRDZpcm5GLThoc1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGqYdLW7S
W5qzKHs1sSrHCaKASz3eKErozk3QqhGcJZ+6X+vpKyf0uv/DgiGx0coGiW68S3PD
YYe+1EIpy0W4GmRI2juU5Bk4MBKrEJdhH1kPPGet+fkkFuPy0ZCAGPkpqKLopwjq
KZW3VFeuv8/mF2q7vRp2w18p7p0QyKEN3w0Lc4SWO1y6gZNbjHpC4GzLZoYyls0s
TlKgB+F1rQo1O2sTsnf7x4qVrCxKZ3GwSd7D9NIKr/lvoKzIzimNDJIVk2YDB55H
lmaX7mNCx+zDznGqLZLsrEI2or2lvOcDb6qGWc6i3cqMG/Pln3KDlsZJZAvhKJd6
Tgi3MURMe6PpCw==
-----END CERTIFICATE-----
Generated at Tue Jul 7 23:11:58 2026 by rpki-client