Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.mft
File:                     U8DiB45PPrpfh5UD_dgJw4O7dig.mft (raw, json)
Hash identifier:          Fk+ZxCavzhKejlr5T15rwwga5K3vdDPYkjNfnBgLI9o=
Subject key identifier:   D8:48:5A:5B:E4:41:B1:46:C7:9E:F8:84:71:B2:4C:4B:4B:8D:4A:44
Authority key identifier: 53:C0:E2:07:8E:4F:3E:BA:5F:87:95:03:FD:D8:09:C3:83:BB:76:28
Certificate issuer:       /CN=53c0e2078e4f3eba5f879503fdd809c383bb7628
Certificate serial:       019F41638A1BFB5AC772872DE921FA6905D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U8DiB45PPrpfh5UD_dgJw4O7dig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.mft
Manifest number:          139A
Signing time:             Wed 08 Jul 2026 11:01:10 +0000
Manifest this update:     Wed 08 Jul 2026 11:01:10 +0000
Manifest next update:     Thu 09 Jul 2026 11:01:10 +0000
Files and hashes:         1: 1-GMVzwMDxSiYZaD7figfVQ0BMo8.roa (hash: 6cucZyQkv8Clqp8Dmj2mB2zHAVxhCmtUwPlqKFCqEpw=)
                          2: U8DiB45PPrpfh5UD_dgJw4O7dig.crl (hash: dVQxdZis5w6CtV29uTp3Vl9CIhbQvM1FezmKuS71Jyw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U8DiB45PPrpfh5UD_dgJw4O7dig.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 09 Jul 2026 11:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:41:63:8a:1b:fb:5a:c7:72:87:2d:e9:21:fa:69:05:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53c0e2078e4f3eba5f879503fdd809c383bb7628
        Validity
            Not Before: Jul  8 11:01:10 2026 GMT
            Not After : Jul  9 11:01:10 2026 GMT
        Subject: CN=d8485a5be441b146c79ef88471b24c4b4b8d4a44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:64:d5:4a:9d:15:05:b6:4b:30:ae:c1:c8:ef:
                    87:d6:ef:bc:0c:67:1b:d0:43:63:94:68:24:7f:52:
                    5e:85:4d:63:3c:9a:39:9f:78:44:31:53:13:3d:44:
                    ac:47:cc:4a:df:73:c1:ca:1f:d2:a2:92:64:c0:86:
                    52:2f:3e:e3:cc:d2:22:85:11:87:f7:67:1a:b0:86:
                    9d:76:9a:81:a0:57:65:0e:b8:22:28:e1:6f:c2:5d:
                    12:b3:7a:17:30:84:ac:dc:0f:46:27:80:12:5d:c4:
                    00:60:2b:e8:a5:24:5b:2f:8f:54:5b:5c:c0:2b:7b:
                    16:ad:32:b3:7b:d7:bb:92:bf:d2:c3:45:ca:92:1b:
                    34:2d:4a:86:d2:05:f9:1a:bc:47:83:d9:0c:3b:c1:
                    5b:73:ef:13:4a:5e:2f:c7:69:69:a0:42:27:3f:75:
                    df:a0:4a:84:9a:0f:f1:a2:64:f4:58:69:d0:fc:ec:
                    10:31:56:f5:92:c2:6c:c9:9a:7b:c2:73:8b:70:f9:
                    a4:ad:fb:c1:3a:8a:a5:d6:0d:df:33:92:35:5b:b9:
                    b9:1a:e9:32:bb:dc:78:b8:05:0d:a8:25:d3:4a:41:
                    19:15:9a:d2:55:dc:78:45:e5:51:c1:f3:08:de:5b:
                    b7:bc:0d:63:75:9b:52:af:37:ca:15:a9:64:50:c7:
                    1c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:48:5A:5B:E4:41:B1:46:C7:9E:F8:84:71:B2:4C:4B:4B:8D:4A:44
            X509v3 Authority Key Identifier:
                keyid:53:C0:E2:07:8E:4F:3E:BA:5F:87:95:03:FD:D8:09:C3:83:BB:76:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U8DiB45PPrpfh5UD_dgJw4O7dig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b36636-3306-448f-8ecf-56482b390678/1/U8DiB45PPrpfh5UD_dgJw4O7dig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:d3:88:8c:45:12:74:30:8c:90:6f:09:1d:ad:7e:68:a9:d1:
         3f:38:ae:53:c1:d1:db:e7:b8:87:e1:5d:12:ba:ee:7f:c1:b3:
         8b:07:76:a7:5d:11:5e:a5:25:19:f1:6f:42:03:b1:e2:9f:06:
         f2:69:df:b7:bb:df:f4:d8:40:5d:5d:25:fc:82:2a:e3:4e:c4:
         e9:bb:f0:e7:8c:c9:a2:60:4d:6d:c6:c2:df:af:c0:91:cb:ce:
         66:5b:32:9f:03:71:ae:92:4c:41:13:92:fc:13:7b:e7:f0:8f:
         98:6d:2d:c5:ad:3d:2b:ec:13:3f:d0:93:c1:dd:96:24:59:46:
         2c:11:87:43:5b:26:f9:40:d3:22:82:98:1b:42:66:75:18:8b:
         a2:0f:2f:bb:7f:4e:9d:0e:21:39:54:63:fb:5e:07:bf:3e:3f:
         60:ee:54:c1:f0:14:e0:07:d5:a8:ba:6a:77:2f:87:be:f5:9c:
         15:2e:06:40:fb:b0:e8:75:f6:ee:1c:04:77:62:be:cf:03:cb:
         cb:c1:5e:4a:0d:08:9c:bd:17:a7:70:b7:48:70:f1:64:5f:c2:
         6b:3c:93:8c:4d:12:51:10:e4:b6:16:29:61:76:5f:72:ba:1a:
         bf:44:d5:af:40:88:fd:cc:a3:b2:ba:9a:a3:b6:97:91:62:4f:
         43:af:83:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ9BY4ob+1rHcoct6SH6aQXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYzBlMjA3OGU0ZjNlYmE1Zjg3OTUwM2ZkZDgwOWMzODNi
Yjc2MjgwHhcNMjYwNzA4MTEwMTEwWhcNMjYwNzA5MTEwMTEwWjAzMTEwLwYDVQQD
EyhkODQ4NWE1YmU0NDFiMTQ2Yzc5ZWY4ODQ3MWIyNGM0YjRiOGQ0YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmTVSp0VBbZLMK7ByO+H1u+8DGcb
0ENjlGgkf1JehU1jPJo5n3hEMVMTPUSsR8xK33PByh/SopJkwIZSLz7jzNIihRGH
92casIaddpqBoFdlDrgiKOFvwl0Ss3oXMISs3A9GJ4ASXcQAYCvopSRbL49UW1zA
K3sWrTKze9e7kr/Sw0XKkhs0LUqG0gX5GrxHg9kMO8Fbc+8TSl4vx2lpoEInP3Xf
oEqEmg/xomT0WGnQ/OwQMVb1ksJsyZp7wnOLcPmkrfvBOoql1g3fM5I1W7m5Guky
u9x4uAUNqCXTSkEZFZrSVdx4ReVRwfMI3lu3vA1jdZtSrzfKFalkUMccHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhIWlvkQbFGx574hHGyTEtLjUpEMB8GA1UdIwQY
MBaAFFPA4geOTz66X4eVA/3YCcODu3YoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVThEaUI0NVBQcnBmaDVVRF9kZ0p3NE83ZGlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iMzY2MzYtMzMwNi00NDhmLThlY2Yt
NTY0ODJiMzkwNjc4LzEvVThEaUI0NVBQcnBmaDVVRF9kZ0p3NE83ZGlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iMzY2MzYtMzMwNi00NDhmLThlY2YtNTY0ODJiMzkwNjc4
LzEvVThEaUI0NVBQcnBmaDVVRF9kZ0p3NE83ZGlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAidOIjEUS
dDCMkG8JHa1+aKnRPziuU8HR2+e4h+FdErruf8Gziwd2p10RXqUlGfFvQgOx4p8G
8mnft7vf9NhAXV0l/IIq407E6bvw54zJomBNbcbC36/AkcvOZlsynwNxrpJMQROS
/BN75/CPmG0txa09K+wTP9CTwd2WJFlGLBGHQ1sm+UDTIoKYG0JmdRiLog8vu39O
nQ4hOVRj+14Hvz4/YO5UwfAU4AfVqLpqdy+HvvWcFS4GQPuw6HX27hwEd2K+zwPL
y8FeSg0InL0Xp3C3SHDxZF/CazyTjE0SURDkthYpYXZfcroav0TVr0CI/cyjsrqa
o7aXkWJPQ6+DBQ==
-----END CERTIFICATE-----
Generated at Wed Jul 8 18:34:24 2026 by rpki-client