Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
File:                     CY97o0vGVnvTYW1XT3KF3XVW2_0.mft (raw, json)
Hash identifier:          CClre2xgUl9KZwe3yT4tLJz2hyNajkd3+ilYc/6rPPI=
Subject key identifier:   22:4A:06:C8:74:13:09:E0:20:B3:47:66:16:DC:C0:D5:D1:DA:84:E3
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Certificate issuer:       /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial:       019F276CF2A836D4DE9D6C5EE057557C59DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
Manifest number:          0DBD
Signing time:             Fri 03 Jul 2026 10:01:18 +0000
Manifest this update:     Fri 03 Jul 2026 10:01:18 +0000
Manifest next update:     Sat 04 Jul 2026 10:01:18 +0000
Files and hashes:         1: CY97o0vGVnvTYW1XT3KF3XVW2_0.crl (hash: PwBo1yF9MJMSXwHcXOfo5xidcaEDjpyKWCG9//oVqac=)
                          2: IP0aVLnaY0te3-WRrsi7DFaXO_4.roa (hash: Xxny1qG2mRhaeS5oj19RU/vhLPgA+jSoozjn6tTTwWo=)
                          3: StKopN7mKY_G686fwWfLGQIs1ZE.roa (hash: Lt0qVcoh5gF6hn1K+QcayMd775gMjWFzF0XYTOVMzcE=)
                          4: earkCFjIv2or5fVmfCpyFBzbJ_0.roa (hash: dftgCu9tVXj4WgdmgDTiT0Fq8ps61PTLkvPOyslNpyo=)
                          5: fnggY0IhO9mDzoeT1t0WuzkAzWI.roa (hash: 9e6IMcnEkPPF9sv33WqexenQbytaWL15Ul9zWEcxcQo=)
                          6: kT1MhOs2pjWPveWnnzpZvLwHE8I.roa (hash: PObzTeTNqjikv/tj+DTeCD2L5aW2W4bJwFPcLIU6GHY=)
                          7: vv0I_9PClUpsKdM3Ws5mpj_Dbv0.roa (hash: Adx+Z7kMAGiZBllXqmWexxHoAMFVLGtlGl9lUzeKx9M=)
                          8: z5VJJncILn8SiX_0PBUpwSIBZR4.roa (hash: Ob/d4htJ7+Y8sve6AbDZ63e9bI8Fjky35VjD4Z3kSis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 10:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:27:6c:f2:a8:36:d4:de:9d:6c:5e:e0:57:55:7c:59:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
        Validity
            Not Before: Jul  3 10:01:18 2026 GMT
            Not After : Jul  4 10:01:18 2026 GMT
        Subject: CN=224a06c8741309e020b3476616dcc0d5d1da84e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:98:bf:6d:f4:54:44:e9:fe:6b:7a:9c:56:3e:
                    08:9c:52:3b:9e:2f:21:17:e5:a2:0d:0a:7e:bb:6c:
                    75:d0:b1:87:8a:05:0e:94:7b:2f:b1:74:f8:e8:83:
                    36:d6:88:b2:66:8a:68:b5:88:33:22:1d:41:de:6b:
                    e5:de:15:c5:de:32:3f:f1:7a:ec:b1:48:97:ce:14:
                    f8:16:94:ef:54:31:b4:a8:6a:bd:1b:66:75:e9:c7:
                    75:9c:2e:aa:52:3e:74:25:10:b4:dd:60:c0:78:97:
                    2d:4c:e6:8b:2d:f5:62:2e:95:43:69:f0:b6:53:fe:
                    53:df:23:cd:ea:72:bc:22:36:53:38:cf:c7:3e:e8:
                    d3:36:88:86:0d:5f:1d:1e:27:34:35:ef:ce:bb:51:
                    23:06:76:99:ef:12:68:b7:d4:70:d3:06:a0:ca:09:
                    bc:93:f8:2a:b1:fd:88:b4:62:e6:4c:3c:5a:85:d3:
                    54:43:7d:c1:a2:a8:4c:8f:8c:ac:50:30:77:8b:33:
                    36:2a:e0:ed:bb:86:15:84:6a:76:77:81:45:da:f7:
                    99:c8:e7:b8:9e:f6:ab:76:40:b2:e2:46:97:f3:bb:
                    9a:6b:47:4a:53:c7:c0:c4:88:1d:b6:57:6d:7b:e5:
                    1f:0f:87:6c:ff:52:04:85:4e:4a:33:fa:9e:a5:a9:
                    68:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:4A:06:C8:74:13:09:E0:20:B3:47:66:16:DC:C0:D5:D1:DA:84:E3
            X509v3 Authority Key Identifier:
                keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:f6:92:61:2b:f9:0f:ed:fc:86:9a:18:fb:6c:28:58:e2:e5:
         9e:75:21:12:9b:f8:75:c9:18:08:68:67:40:f5:f3:28:6d:0d:
         0e:66:15:d9:75:8e:07:af:96:70:5d:59:24:a8:47:d2:87:ac:
         04:d4:d5:c0:be:8f:4a:7b:0a:b8:04:16:78:5a:f1:0f:68:6b:
         76:32:61:6b:12:81:15:91:c4:75:a7:79:a7:13:5a:0e:e0:d2:
         d2:9a:c4:c4:f2:b6:63:d0:26:9f:b3:4d:1a:d2:db:4a:3c:dc:
         6c:14:6a:09:48:73:24:85:9a:47:57:9b:a7:6b:9a:88:07:c3:
         47:c8:de:03:6e:a3:86:f0:c6:e4:c7:a3:35:a1:24:4c:ad:97:
         da:e2:62:55:40:3d:a7:90:28:40:58:17:d6:3d:53:2b:f5:1c:
         a7:6d:7b:44:0b:fb:3b:92:b0:ad:74:c6:aa:61:49:1f:62:da:
         17:48:74:fa:89:c5:78:e4:63:1d:66:0c:70:3b:11:29:35:27:
         f3:b1:6f:46:a0:e7:2e:63:37:79:e4:2c:44:61:d9:72:8d:5a:
         73:e3:aa:4d:e8:d7:0a:3f:ab:69:c9:8d:32:98:e4:2e:f7:d5:
         98:c1:12:12:c2:8d:8b:83:3c:e4:74:46:79:b4:26:c4:af:1e:
         8e:f8:f0:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8nbPKoNtTenWxe4FdVfFnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjYwNzAzMTAwMTE4WhcNMjYwNzA0MTAwMTE4WjAzMTEwLwYDVQQD
EygyMjRhMDZjODc0MTMwOWUwMjBiMzQ3NjYxNmRjYzBkNWQxZGE4NGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Zi/bfRUROn+a3qcVj4InFI7ni8h
F+WiDQp+u2x10LGHigUOlHsvsXT46IM21oiyZopotYgzIh1B3mvl3hXF3jI/8Xrs
sUiXzhT4FpTvVDG0qGq9G2Z16cd1nC6qUj50JRC03WDAeJctTOaLLfViLpVDafC2
U/5T3yPN6nK8IjZTOM/HPujTNoiGDV8dHic0Ne/Ou1EjBnaZ7xJot9Rw0wagygm8
k/gqsf2ItGLmTDxahdNUQ33BoqhMj4ysUDB3izM2KuDtu4YVhGp2d4FF2veZyOe4
nvardkCy4kaX87uaa0dKU8fAxIgdtldte+UfD4ds/1IEhU5KM/qepalowwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJKBsh0EwngILNHZhbcwNXR2oTjMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfaSYSv5
D+38hpoY+2woWOLlnnUhEpv4dckYCGhnQPXzKG0NDmYV2XWOB6+WcF1ZJKhH0oes
BNTVwL6PSnsKuAQWeFrxD2hrdjJhaxKBFZHEdad5pxNaDuDS0prExPK2Y9Amn7NN
GtLbSjzcbBRqCUhzJIWaR1ebp2uaiAfDR8jeA26jhvDG5MejNaEkTK2X2uJiVUA9
p5AoQFgX1j1TK/Ucp217RAv7O5KwrXTGqmFJH2LaF0h0+onFeORjHWYMcDsRKTUn
87FvRqDnLmM3eeQsRGHZco1ac+OqTejXCj+racmNMpjkLvfVmMESEsKNi4M85HRG
ebQmxK8ejvjwhg==
-----END CERTIFICATE-----
Generated at Fri Jul 3 16:53:34 2026 by rpki-client