Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft
File:                     tYaoZDYz6YdBEai881GKCQXyhgk.mft (raw, json)
Hash identifier:          5o2DhnEobAoMl83+8LLpZ+GfBNg+J12P2v+FBO/1MgQ=
Subject key identifier:   74:3C:4C:23:D1:7D:67:8A:3D:57:AA:F9:C1:0E:B1:73:F0:7E:10:ED
Authority key identifier: B5:86:A8:64:36:33:E9:87:41:11:A8:BC:F3:51:8A:09:05:F2:86:09
Certificate issuer:       /CN=b586a8643633e9874111a8bcf3518a0905f28609
Certificate serial:       019F1BD67BEA608F9D4C3775B30DBB7E813A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tYaoZDYz6YdBEai881GKCQXyhgk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft
Manifest number:          1533
Signing time:             Wed 01 Jul 2026 04:01:08 +0000
Manifest this update:     Wed 01 Jul 2026 04:01:08 +0000
Manifest next update:     Thu 02 Jul 2026 04:01:08 +0000
Files and hashes:         1: R_zL9EhetPG627p64jnL_1AQk_k.roa (hash: /ASm15I9YtFuL/r1IrLrMNiCv/23kZabo3hMsyygvPM=)
                          2: Zx2Ej29t4Sy3ugAdSAEr8wgh-eI.roa (hash: 6qePl3E6/9bWQI3GzNjE+NBTWrA6JE82fp1zkkf+j8o=)
                          3: gPytstS2H2DCx0G35K4nAVksneE.roa (hash: I34ZNFgqBn6ft829pIhUL9qJ7ZwAtJssKpKV0YYtJmI=)
                          4: hL4U-26oJ-d8CY7a6r3Udux4pFM.roa (hash: 8nT0Nid1k0WCSq4dufjGbFyrf1TbKzMQQr3veAEfmRs=)
                          5: jJ74mpm8B1pyvT1MNhCtSe0cxRk.roa (hash: OKs2X6l4NJ7txPZTz3RUzDrNyB2I3km6f/sNQFkFGUQ=)
                          6: tYaoZDYz6YdBEai881GKCQXyhgk.crl (hash: WvJwd1T13LMz5Cib0xBaa9oV4wOWQxTkBo3l87EIKhA=)
                          7: v_CzW-gEtbdZtpCnpKHVty7BP7s.roa (hash: FK1HiNTHGuvdh1/S7hYfIVoOC1e1CT6RxRS6KDmNYRQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tYaoZDYz6YdBEai881GKCQXyhgk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 23:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1b:d6:7b:ea:60:8f:9d:4c:37:75:b3:0d:bb:7e:81:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b586a8643633e9874111a8bcf3518a0905f28609
        Validity
            Not Before: Jul  1 04:01:08 2026 GMT
            Not After : Jul  2 04:01:08 2026 GMT
        Subject: CN=743c4c23d17d678a3d57aaf9c10eb173f07e10ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:b5:d7:a3:01:8d:8f:1a:9d:f5:d6:00:1d:c8:
                    d9:dc:e4:d5:7e:90:85:4c:13:81:ef:17:be:25:dc:
                    5a:6b:e7:cb:ba:15:08:80:45:76:54:04:1a:f1:cf:
                    90:ed:86:7e:94:50:c7:23:d8:4b:e8:6e:1e:43:6d:
                    cf:eb:6e:0b:3b:b2:92:9e:50:1d:09:d7:53:d5:e0:
                    8d:a2:2d:d5:e0:f1:f2:9b:f1:ff:f2:ab:ed:b3:9e:
                    a8:3b:98:c2:98:f2:47:c0:1a:9c:31:90:a6:5f:d2:
                    d6:13:f7:cd:89:b6:ff:09:cb:6d:3e:0a:e3:33:fe:
                    37:c0:b3:26:98:4a:41:86:be:93:4f:28:27:61:61:
                    72:54:77:e5:63:68:3e:7e:f4:e7:8b:c2:06:95:16:
                    98:34:da:7c:ed:d4:d2:17:d5:a9:14:38:2b:dd:f8:
                    1d:7f:4a:d2:e7:13:12:86:e7:0e:7d:b1:3a:cb:d1:
                    2f:26:50:06:9f:7b:5d:3e:2e:a3:ed:8f:e3:14:20:
                    fe:1c:59:18:23:b6:c2:62:a9:3a:d4:4e:23:e6:e8:
                    9c:3d:60:bf:8a:11:b5:5d:d8:60:82:be:9c:03:9d:
                    95:62:9f:b1:45:bb:b2:ab:aa:85:4f:f7:ad:c3:3d:
                    58:11:a0:3a:e5:9a:c5:fc:95:3b:c7:f2:5d:84:a8:
                    07:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:3C:4C:23:D1:7D:67:8A:3D:57:AA:F9:C1:0E:B1:73:F0:7E:10:ED
            X509v3 Authority Key Identifier:
                keyid:B5:86:A8:64:36:33:E9:87:41:11:A8:BC:F3:51:8A:09:05:F2:86:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tYaoZDYz6YdBEai881GKCQXyhgk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:ce:e4:45:f6:8d:97:ca:ea:eb:dd:ba:74:b3:ae:e7:69:d3:
         7b:67:52:4b:70:15:15:60:c9:ad:9e:ee:39:c4:7b:b9:d7:8f:
         27:95:52:30:9e:62:37:e6:a6:44:e0:0f:49:91:8a:b4:59:68:
         81:ca:69:40:d2:6f:7f:e1:58:74:9c:96:2e:67:63:c8:17:b3:
         14:5f:b5:f9:29:aa:fd:7e:c9:c4:aa:f7:2a:c3:ba:b7:fa:7e:
         7f:c4:b2:0a:34:14:1e:96:16:06:85:bb:09:17:8f:f6:71:9c:
         7d:00:91:bf:8b:50:83:30:7d:e1:6d:21:31:31:fc:ba:7b:66:
         46:d2:b6:5e:1c:7f:93:dd:5e:5d:36:b3:6f:b1:ec:52:a3:cc:
         50:70:7a:c0:06:16:a9:59:c0:d2:6f:59:54:52:78:d4:16:a3:
         74:7f:10:d8:8c:15:e1:55:96:4d:65:be:3c:3e:32:b3:5b:37:
         b2:b3:81:1f:c8:17:eb:71:9e:ee:95:86:b4:a8:7f:da:f7:f3:
         90:be:ad:5c:67:e7:ce:af:da:e8:40:45:80:b9:88:b6:d1:8c:
         1d:78:85:9d:59:5b:4d:26:37:8b:8a:6c:fc:f0:6f:e3:ee:f4:
         d4:2d:93:54:fb:40:e8:0d:4c:ee:04:4c:0c:d8:ac:cf:49:65:
         c9:c8:ff:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8b1nvqYI+dTDd1sw27foE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ODZhODY0MzYzM2U5ODc0MTExYThiY2YzNTE4YTA5MDVm
Mjg2MDkwHhcNMjYwNzAxMDQwMTA4WhcNMjYwNzAyMDQwMTA4WjAzMTEwLwYDVQQD
Eyg3NDNjNGMyM2QxN2Q2NzhhM2Q1N2FhZjljMTBlYjE3M2YwN2UxMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9bXXowGNjxqd9dYAHcjZ3OTVfpCF
TBOB7xe+Jdxaa+fLuhUIgEV2VAQa8c+Q7YZ+lFDHI9hL6G4eQ23P624LO7KSnlAd
CddT1eCNoi3V4PHym/H/8qvts56oO5jCmPJHwBqcMZCmX9LWE/fNibb/CcttPgrj
M/43wLMmmEpBhr6TTygnYWFyVHflY2g+fvTni8IGlRaYNNp87dTSF9WpFDgr3fgd
f0rS5xMShucOfbE6y9EvJlAGn3tdPi6j7Y/jFCD+HFkYI7bCYqk61E4j5uicPWC/
ihG1Xdhggr6cA52VYp+xRbuyq6qFT/etwz1YEaA65ZrF/JU7x/JdhKgHIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQ8TCPRfWeKPVeq+cEOsXPwfhDtMB8GA1UdIwQY
MBaAFLWGqGQ2M+mHQRGovPNRigkF8oYJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFlhb1pEWXo2WWRCRWFpODgxR0tDUVh5aGdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8yMGNjYWMtMzNlZS00NWRjLWJjOWMt
NDQ5OWUzMjM5ZjFmLzEvdFlhb1pEWXo2WWRCRWFpODgxR0tDUVh5aGdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8yMGNjYWMtMzNlZS00NWRjLWJjOWMtNDQ5OWUzMjM5ZjFm
LzEvdFlhb1pEWXo2WWRCRWFpODgxR0tDUVh5aGdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq87kRfaN
l8rq6926dLOu52nTe2dSS3AVFWDJrZ7uOcR7udePJ5VSMJ5iN+amROAPSZGKtFlo
gcppQNJvf+FYdJyWLmdjyBezFF+1+Smq/X7JxKr3KsO6t/p+f8SyCjQUHpYWBoW7
CReP9nGcfQCRv4tQgzB94W0hMTH8untmRtK2Xhx/k91eXTazb7HsUqPMUHB6wAYW
qVnA0m9ZVFJ41BajdH8Q2IwV4VWWTWW+PD4ys1s3srOBH8gX63Ge7pWGtKh/2vfz
kL6tXGfnzq/a6EBFgLmIttGMHXiFnVlbTSY3i4ps/PBv4+701C2TVPtA6A1M7gRM
DNisz0llycj/sA==
-----END CERTIFICATE-----
Generated at Wed Jul 1 09:02:50 2026 by rpki-client