Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/091841-02fe-44db-ba16-a5e13b4fb12b/1/RoZEuS85TK82Z722rz44aZxU8xU.mft
File:                     RoZEuS85TK82Z722rz44aZxU8xU.mft (raw, json)
Hash identifier:          TaMdR1kWkLTXmVk/m2japYGHsnzOtxK1D4HXmYQPi70=
Subject key identifier:   4D:08:29:D3:7C:E5:7A:53:D3:B4:BA:DD:AF:45:DC:92:CC:AC:E6:71
Authority key identifier: 46:86:44:B9:2F:39:4C:AF:36:67:BD:B6:AF:3E:38:69:9C:54:F3:15
Certificate issuer:       /CN=468644b92f394caf3667bdb6af3e38699c54f315
Certificate serial:       019D3AF866B59E01525428A7303429182E88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RoZEuS85TK82Z722rz44aZxU8xU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/091841-02fe-44db-ba16-a5e13b4fb12b/1/RoZEuS85TK82Z722rz44aZxU8xU.mft
Manifest number:          0898
Signing time:             Sun 29 Mar 2026 19:00:50 +0000
Manifest this update:     Sun 29 Mar 2026 19:00:50 +0000
Manifest next update:     Mon 30 Mar 2026 19:00:50 +0000
Files and hashes:         1: J1Sd-NZM-sjm3Ga5_YhVMtDs0Iw.roa (hash: 5skkO0VA2fXKD8mx8GGrzwshnvuHDY9J9MdJAaUhV/8=)
                          2: RoZEuS85TK82Z722rz44aZxU8xU.crl (hash: uDbSSEm0PokAxD1SblT5oYK2s2lJ5OPmYDcjgtHsaDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/091841-02fe-44db-ba16-a5e13b4fb12b/1/RoZEuS85TK82Z722rz44aZxU8xU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/091841-02fe-44db-ba16-a5e13b4fb12b/1/RoZEuS85TK82Z722rz44aZxU8xU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RoZEuS85TK82Z722rz44aZxU8xU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:f8:66:b5:9e:01:52:54:28:a7:30:34:29:18:2e:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468644b92f394caf3667bdb6af3e38699c54f315
        Validity
            Not Before: Mar 29 19:00:50 2026 GMT
            Not After : Mar 30 19:00:50 2026 GMT
        Subject: CN=4d0829d37ce57a53d3b4baddaf45dc92ccace671
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:b5:39:31:d2:39:0c:1a:13:a1:e7:b5:87:19:
                    6e:a1:33:e7:13:39:f1:a6:c7:9b:b0:54:34:1e:02:
                    9a:44:83:de:04:94:a8:f0:6f:13:00:9c:7d:70:31:
                    d0:df:bb:24:0d:59:1c:6c:0c:e8:c6:41:ad:7d:a4:
                    65:c5:9c:6b:e4:20:44:ed:a2:f4:16:8c:cb:93:46:
                    07:b0:16:de:de:15:45:e9:75:19:3e:9f:8c:2d:1f:
                    e9:83:0d:28:8d:1c:bb:53:4e:d5:7a:f6:ee:b1:fb:
                    09:ec:b3:ca:7d:b5:d4:96:5f:ce:b1:90:35:e1:04:
                    4a:85:cf:be:01:5c:56:41:12:e8:f0:a8:d7:a2:78:
                    51:49:e7:9a:38:a0:b5:58:e3:9d:c5:4f:06:71:12:
                    26:02:03:f6:91:99:27:78:af:e5:e4:0d:74:b9:32:
                    1d:0a:2b:76:7c:db:2d:45:c3:a4:bb:1f:6c:e6:02:
                    c4:74:d7:87:2a:a7:f6:9e:3c:d4:49:0a:1b:e5:8f:
                    be:de:a9:7f:ef:8a:3a:1b:bb:b8:33:1d:e3:55:cd:
                    43:a0:27:5f:ce:07:b1:dc:e9:f2:e3:f5:fc:9c:f7:
                    ec:14:1c:24:f0:4d:5f:32:c7:32:53:58:fa:26:eb:
                    f8:6c:41:c9:42:0c:6b:41:d4:db:b8:80:06:ff:86:
                    a3:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:08:29:D3:7C:E5:7A:53:D3:B4:BA:DD:AF:45:DC:92:CC:AC:E6:71
            X509v3 Authority Key Identifier:
                keyid:46:86:44:B9:2F:39:4C:AF:36:67:BD:B6:AF:3E:38:69:9C:54:F3:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RoZEuS85TK82Z722rz44aZxU8xU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/091841-02fe-44db-ba16-a5e13b4fb12b/1/RoZEuS85TK82Z722rz44aZxU8xU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/091841-02fe-44db-ba16-a5e13b4fb12b/1/RoZEuS85TK82Z722rz44aZxU8xU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:45:3a:6e:9c:3d:d3:af:64:5b:a1:b5:28:37:ce:4c:f2:66:
         9b:da:b2:08:93:b7:7f:1e:06:e8:59:43:0f:2d:0a:a5:2b:54:
         5d:1a:18:84:9c:8e:66:53:ba:25:4c:43:94:e5:c5:35:d2:ab:
         15:4f:6a:f7:84:36:12:8f:57:dc:26:27:e0:39:d0:6c:0e:48:
         7e:2c:d3:03:3c:d6:ef:04:f3:20:e8:09:0a:39:dc:ae:4d:80:
         93:a9:df:98:bf:f4:3a:fc:39:af:f3:9d:63:be:30:e4:b3:ca:
         f7:7c:94:fd:4d:53:90:86:59:ea:1b:ff:c5:f0:06:b7:49:67:
         b2:1f:dd:47:3d:03:e2:e2:de:c2:a2:9a:83:5b:8e:ca:c2:51:
         ce:fe:88:e7:50:92:8c:04:64:e7:9a:d0:f6:4e:cb:4e:5f:c6:
         78:1c:fb:55:e4:be:8b:a8:d4:2f:3a:1e:a0:9f:b7:32:62:a7:
         72:d0:0e:14:20:56:47:3b:ee:3f:30:57:3c:a5:70:dc:a1:be:
         44:45:45:e3:c3:56:c9:61:09:f6:2d:cb:62:da:65:3f:76:9b:
         25:88:3e:6f:6b:e1:da:be:3d:af:3e:a1:f3:6c:b9:a0:31:9b:
         48:49:8a:71:10:dc:9f:55:a7:aa:76:b8:dd:84:67:2b:4b:74:
         a6:ed:e0:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06+Ga1ngFSVCinMDQpGC6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ODY0NGI5MmYzOTRjYWYzNjY3YmRiNmFmM2UzODY5OWM1
NGYzMTUwHhcNMjYwMzI5MTkwMDUwWhcNMjYwMzMwMTkwMDUwWjAzMTEwLwYDVQQD
Eyg0ZDA4MjlkMzdjZTU3YTUzZDNiNGJhZGRhZjQ1ZGM5MmNjYWNlNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77U5MdI5DBoToee1hxluoTPnEznx
psebsFQ0HgKaRIPeBJSo8G8TAJx9cDHQ37skDVkcbAzoxkGtfaRlxZxr5CBE7aL0
FozLk0YHsBbe3hVF6XUZPp+MLR/pgw0ojRy7U07VevbusfsJ7LPKfbXUll/OsZA1
4QRKhc++AVxWQRLo8KjXonhRSeeaOKC1WOOdxU8GcRImAgP2kZkneK/l5A10uTId
Cit2fNstRcOkux9s5gLEdNeHKqf2njzUSQob5Y++3ql/74o6G7u4Mx3jVc1DoCdf
zgex3Ony4/X8nPfsFBwk8E1fMscyU1j6Juv4bEHJQgxrQdTbuIAG/4ajQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0IKdN85XpT07S63a9F3JLMrOZxMB8GA1UdIwQY
MBaAFEaGRLkvOUyvNme9tq8+OGmcVPMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm9aRXVTODVUSzgyWjcyMnJ6NDRhWnhVOHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8wOTE4NDEtMDJmZS00NGRiLWJhMTYt
YTVlMTNiNGZiMTJiLzEvUm9aRXVTODVUSzgyWjcyMnJ6NDRhWnhVOHhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8wOTE4NDEtMDJmZS00NGRiLWJhMTYtYTVlMTNiNGZiMTJi
LzEvUm9aRXVTODVUSzgyWjcyMnJ6NDRhWnhVOHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACkU6bpw9
069kW6G1KDfOTPJmm9qyCJO3fx4G6FlDDy0KpStUXRoYhJyOZlO6JUxDlOXFNdKr
FU9q94Q2Eo9X3CYn4DnQbA5IfizTAzzW7wTzIOgJCjncrk2Ak6nfmL/0Ovw5r/Od
Y74w5LPK93yU/U1TkIZZ6hv/xfAGt0lnsh/dRz0D4uLewqKag1uOysJRzv6I51CS
jARk55rQ9k7LTl/GeBz7VeS+i6jULzoeoJ+3MmKnctAOFCBWRzvuPzBXPKVw3KG+
REVF48NWyWEJ9i3LYtplP3abJYg+b2vh2r49rz6h82y5oDGbSEmKcRDcn1Wnqna4
3YRnK0t0pu3gOA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:16:00 2026 by rpki-client