Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
File:                     CY97o0vGVnvTYW1XT3KF3XVW2_0.mft (raw, json)
Hash identifier:          MTaWmDP9slc/Z604DzfapJY+CUWFcmHdCr0NHJy+p1w=
Subject key identifier:   2B:43:B8:90:D2:07:58:D0:67:FE:A1:A4:41:A6:76:16:BC:B4:62:8D
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Certificate issuer:       /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial:       019F36E04E12F6D1BBBEA76E8A5816EF27C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
Manifest number:          0DC5
Signing time:             Mon 06 Jul 2026 10:01:37 +0000
Manifest this update:     Mon 06 Jul 2026 10:01:37 +0000
Manifest next update:     Tue 07 Jul 2026 10:01:37 +0000
Files and hashes:         1: CY97o0vGVnvTYW1XT3KF3XVW2_0.crl (hash: CJFWLGkbbQGfd8iHigUnfEFY2ncD6iEUdvSE9/7OQ/Q=)
                          2: IP0aVLnaY0te3-WRrsi7DFaXO_4.roa (hash: Xxny1qG2mRhaeS5oj19RU/vhLPgA+jSoozjn6tTTwWo=)
                          3: StKopN7mKY_G686fwWfLGQIs1ZE.roa (hash: Lt0qVcoh5gF6hn1K+QcayMd775gMjWFzF0XYTOVMzcE=)
                          4: earkCFjIv2or5fVmfCpyFBzbJ_0.roa (hash: dftgCu9tVXj4WgdmgDTiT0Fq8ps61PTLkvPOyslNpyo=)
                          5: fnggY0IhO9mDzoeT1t0WuzkAzWI.roa (hash: 9e6IMcnEkPPF9sv33WqexenQbytaWL15Ul9zWEcxcQo=)
                          6: kT1MhOs2pjWPveWnnzpZvLwHE8I.roa (hash: PObzTeTNqjikv/tj+DTeCD2L5aW2W4bJwFPcLIU6GHY=)
                          7: vv0I_9PClUpsKdM3Ws5mpj_Dbv0.roa (hash: Adx+Z7kMAGiZBllXqmWexxHoAMFVLGtlGl9lUzeKx9M=)
                          8: z5VJJncILn8SiX_0PBUpwSIBZR4.roa (hash: Ob/d4htJ7+Y8sve6AbDZ63e9bI8Fjky35VjD4Z3kSis=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 Jul 2026 10:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:36:e0:4e:12:f6:d1:bb:be:a7:6e:8a:58:16:ef:27:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
        Validity
            Not Before: Jul  6 10:01:37 2026 GMT
            Not After : Jul  7 10:01:37 2026 GMT
        Subject: CN=2b43b890d20758d067fea1a441a67616bcb4628d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:81:4c:31:f5:ba:9f:98:7c:14:05:be:9f:46:
                    fd:30:11:21:4a:b3:13:fe:24:ef:09:df:9e:bf:73:
                    6b:58:76:36:8d:9d:27:0f:22:2c:58:33:de:8a:10:
                    34:cc:19:78:d0:2a:c4:8d:b4:43:52:5b:d5:df:26:
                    8d:4e:4f:ec:c0:2f:c9:98:a8:1c:82:50:2a:df:76:
                    d8:8c:53:c5:33:3e:d3:c2:0e:99:ec:bf:d9:b1:8c:
                    ae:fa:f1:04:3a:64:2f:51:41:5b:c7:78:55:e7:24:
                    30:40:8a:3e:a1:72:80:cf:c2:27:e2:f3:4c:91:73:
                    43:67:2a:c7:45:3d:1b:2a:63:80:72:a2:05:f6:1a:
                    d0:f5:d4:f9:fc:cc:4d:ca:8a:26:64:1c:a1:2b:f1:
                    10:c6:b6:64:a1:fe:0f:b9:c6:40:2d:b9:aa:98:2c:
                    81:2f:b6:7a:5f:38:ab:d4:6a:f9:49:5a:34:9e:fc:
                    23:82:00:bd:f3:11:77:d8:84:5a:eb:2a:16:aa:f8:
                    cb:3c:87:81:d9:c4:dc:44:17:f4:53:c9:c6:9f:2d:
                    e1:96:94:b1:b0:67:39:4a:c1:c4:11:04:7a:a3:ff:
                    b8:2a:62:5f:8b:c5:b5:a9:2d:d8:83:a3:af:63:3f:
                    57:5f:9b:f0:ad:51:2f:08:fa:19:98:a4:92:2c:b4:
                    57:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:43:B8:90:D2:07:58:D0:67:FE:A1:A4:41:A6:76:16:BC:B4:62:8D
            X509v3 Authority Key Identifier:
                keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:e1:e9:44:a6:02:df:e0:e5:12:c3:2a:60:88:72:4a:77:b2:
         43:fd:62:3b:3f:dd:a9:13:e1:9b:b1:22:d2:c4:47:d9:45:1c:
         b6:35:c1:8c:e8:2a:df:be:55:91:de:fd:25:9f:4e:b9:80:5e:
         a1:35:de:58:f7:b2:70:32:e3:a0:35:77:95:3b:62:68:36:9c:
         50:4c:37:5c:ea:6e:7c:5e:a0:14:14:2c:e5:8c:20:1d:16:2b:
         68:34:0d:96:41:d5:f3:b3:f4:ab:5b:a5:9e:08:b9:7f:d8:20:
         63:ce:02:f3:fe:36:4f:a2:87:91:ca:fa:ab:ab:b8:40:07:a6:
         ab:dd:c7:60:3c:56:34:b7:b8:93:c9:79:d2:9d:86:c5:d7:c2:
         50:45:64:e7:15:0a:30:fd:3a:af:97:df:4d:fb:4b:9e:4e:f3:
         ef:49:e5:65:69:3a:15:81:0b:d9:ec:d5:6e:9d:d9:d1:a2:68:
         63:fd:7f:bc:37:85:ca:b0:e1:b7:dc:be:39:f3:37:70:02:c1:
         d8:a8:fd:db:04:b4:d4:45:05:4e:c9:eb:a2:c1:9e:70:68:df:
         5e:a5:6a:43:70:b5:e9:f1:1d:b9:09:d6:02:0f:f2:e7:cf:9e:
         09:e7:89:68:a5:9e:0f:a8:cb:e2:7f:f6:7d:48:4d:cd:97:2b:
         8f:0e:42:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ824E4S9tG7vqduilgW7yfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjYwNzA2MTAwMTM3WhcNMjYwNzA3MTAwMTM3WjAzMTEwLwYDVQQD
EygyYjQzYjg5MGQyMDc1OGQwNjdmZWExYTQ0MWE2NzYxNmJjYjQ2MjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIFMMfW6n5h8FAW+n0b9MBEhSrMT
/iTvCd+ev3NrWHY2jZ0nDyIsWDPeihA0zBl40CrEjbRDUlvV3yaNTk/swC/JmKgc
glAq33bYjFPFMz7Twg6Z7L/ZsYyu+vEEOmQvUUFbx3hV5yQwQIo+oXKAz8In4vNM
kXNDZyrHRT0bKmOAcqIF9hrQ9dT5/MxNyoomZByhK/EQxrZkof4PucZALbmqmCyB
L7Z6Xzir1Gr5SVo0nvwjggC98xF32IRa6yoWqvjLPIeB2cTcRBf0U8nGny3hlpSx
sGc5SsHEEQR6o/+4KmJfi8W1qS3Yg6OvYz9XX5vwrVEvCPoZmKSSLLRXaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtDuJDSB1jQZ/6hpEGmdha8tGKNMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA+HpRKYC
3+DlEsMqYIhySneyQ/1iOz/dqRPhm7Ei0sRH2UUctjXBjOgq375Vkd79JZ9OuYBe
oTXeWPeycDLjoDV3lTtiaDacUEw3XOpufF6gFBQs5YwgHRYraDQNlkHV87P0q1ul
ngi5f9ggY84C8/42T6KHkcr6q6u4QAemq93HYDxWNLe4k8l50p2GxdfCUEVk5xUK
MP06r5ffTftLnk7z70nlZWk6FYEL2ezVbp3Z0aJoY/1/vDeFyrDht9y+OfM3cALB
2Kj92wS01EUFTsnrosGecGjfXqVqQ3C16fEduQnWAg/y58+eCeeJaKWeD6jL4n/2
fUhNzZcrjw5CBQ==
-----END CERTIFICATE-----
Generated at Mon Jul 6 17:24:43 2026 by rpki-client