Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft
File:                     CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft (raw, json)
Hash identifier:          FQQ5bndWOLw2xQCgx5QFppWcskDXg71MsfAvgmWL/no=
Subject key identifier:   3A:04:4B:C1:D1:5A:B2:56:7A:46:A3:6E:E6:D7:4F:89:47:62:97:9D
Authority key identifier: 08:D1:F1:F8:B4:1D:74:F7:D8:66:B1:E5:AD:FD:18:AF:E2:02:71:08
Certificate issuer:       /CN=08d1f1f8b41d74f7d866b1e5adfd18afe2027108
Certificate serial:       019F664B73ECC6A5BCAD11911446A62CCCEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft
Manifest number:          15B4
Signing time:             Wed 15 Jul 2026 15:00:48 +0000
Manifest this update:     Wed 15 Jul 2026 15:00:48 +0000
Manifest next update:     Thu 16 Jul 2026 15:00:48 +0000
Files and hashes:         1: CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl (hash: 0l99Ysjrb1Q4WYnSTJxdUWaEeMbkZsCAaNhGzUexm2g=)
                          2: t_3KExq4t288IjtqVXAOQe_Eba8.roa (hash: ChTQhqA/DHUVGryflG/Am/U8Pp4mklmr4RiBocThAjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 Jul 2026 14:13:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:66:4b:73:ec:c6:a5:bc:ad:11:91:14:46:a6:2c:cc:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08d1f1f8b41d74f7d866b1e5adfd18afe2027108
        Validity
            Not Before: Jul 15 15:00:48 2026 GMT
            Not After : Jul 16 15:00:48 2026 GMT
        Subject: CN=3a044bc1d15ab2567a46a36ee6d74f894762979d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:25:04:5e:60:29:60:0e:7b:5d:aa:a8:9d:cd:
                    41:b4:eb:2b:44:ba:75:83:f3:44:5d:ce:32:81:0e:
                    32:32:63:df:70:e5:d6:28:50:a8:ae:fd:e8:fb:9c:
                    7a:4d:ba:dd:39:e3:58:15:67:52:fe:d1:12:a3:ed:
                    e3:43:60:ac:5f:17:28:78:af:fd:e0:1b:59:d0:a7:
                    bd:0b:c3:4a:64:56:16:7c:67:23:ea:fb:7a:37:d7:
                    b2:c3:44:1a:eb:9e:bb:36:af:79:a4:9c:31:26:4d:
                    ad:3c:1e:a9:43:e4:1f:9e:35:d9:70:36:41:4b:b5:
                    d7:7c:7f:35:70:6f:30:0a:c1:a5:45:a4:e1:eb:bc:
                    1f:47:28:b1:6a:83:6f:10:09:4d:d0:7c:a6:3d:0b:
                    6b:58:d4:a7:5b:b4:53:c8:70:3c:99:0e:04:1b:2a:
                    ef:ad:b8:8e:fa:95:1a:00:7f:28:63:88:21:72:1f:
                    2f:11:8f:24:81:fd:0e:16:74:d8:6b:c5:38:28:e9:
                    6b:f7:9f:55:f6:f8:e3:41:8b:fc:4d:d3:56:81:96:
                    65:88:71:9e:a9:a4:28:0e:7f:4e:05:0b:ae:40:29:
                    e9:eb:f4:24:74:4b:7b:08:a6:dd:95:de:ed:b1:32:
                    31:44:be:a7:12:8a:88:8f:dc:ac:02:06:1e:d9:bc:
                    0f:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:04:4B:C1:D1:5A:B2:56:7A:46:A3:6E:E6:D7:4F:89:47:62:97:9D
            X509v3 Authority Key Identifier:
                keyid:08:D1:F1:F8:B4:1D:74:F7:D8:66:B1:E5:AD:FD:18:AF:E2:02:71:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNHx-LQddPfYZrHlrf0Yr-ICcQg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/29c015-d747-4fc7-932b-df5cb9f0e3a4/1/CNHx-LQddPfYZrHlrf0Yr-ICcQg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:34:cf:f1:7f:54:61:63:30:dc:83:86:37:0d:5b:7b:fc:16:
         13:8f:ef:09:e8:16:de:39:f0:ef:da:dc:a0:37:1f:96:72:b1:
         62:dd:d3:5c:bf:15:d5:9a:92:a3:50:3f:b6:48:9d:e4:33:9e:
         b6:04:ca:c8:b5:24:45:99:80:35:5d:ca:37:e7:b9:56:06:aa:
         aa:fe:83:2e:5b:21:7d:8d:66:89:9d:cf:6c:b3:77:82:01:39:
         8d:f5:26:a9:b7:44:f7:ef:ab:16:27:4e:92:5b:c6:e3:db:3a:
         55:91:77:00:c5:93:34:a0:9b:0c:6e:0d:46:61:31:5e:76:11:
         42:64:a5:ac:9e:e8:ee:58:2f:1c:71:7d:a7:9f:a7:7e:ff:f5:
         89:17:31:ad:3a:05:8e:1e:1e:ca:96:a9:21:8d:ca:eb:42:08:
         8d:70:82:d4:e8:ba:9c:dd:6f:92:49:77:54:70:d5:34:85:f0:
         8e:3f:13:2e:ee:a1:49:cc:b1:fe:c9:35:18:6b:b5:a3:be:78:
         f4:0c:2b:bd:ea:40:cb:4a:1c:91:b8:cc:57:c6:4c:84:20:b1:
         b4:17:d3:d4:ec:0e:84:03:db:d1:23:b9:92:4e:2a:49:b2:bd:
         e3:2d:91:48:38:03:67:3c:5a:e2:29:b5:cf:55:6c:bb:cb:f8:
         72:fb:d9:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ9mS3PsxqW8rRGRFEamLMzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDFmMWY4YjQxZDc0ZjdkODY2YjFlNWFkZmQxOGFmZTIw
MjcxMDgwHhcNMjYwNzE1MTUwMDQ4WhcNMjYwNzE2MTUwMDQ4WjAzMTEwLwYDVQQD
EygzYTA0NGJjMWQxNWFiMjU2N2E0NmEzNmVlNmQ3NGY4OTQ3NjI5NzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySUEXmApYA57Xaqonc1BtOsrRLp1
g/NEXc4ygQ4yMmPfcOXWKFCorv3o+5x6TbrdOeNYFWdS/tESo+3jQ2CsXxcoeK/9
4BtZ0Ke9C8NKZFYWfGcj6vt6N9eyw0Qa6567Nq95pJwxJk2tPB6pQ+QfnjXZcDZB
S7XXfH81cG8wCsGlRaTh67wfRyixaoNvEAlN0HymPQtrWNSnW7RTyHA8mQ4EGyrv
rbiO+pUaAH8oY4ghch8vEY8kgf0OFnTYa8U4KOlr959V9vjjQYv8TdNWgZZliHGe
qaQoDn9OBQuuQCnp6/QkdEt7CKbdld7tsTIxRL6nEoqIj9ysAgYe2bwPeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoES8HRWrJWekajbubXT4lHYpedMB8GA1UdIwQY
MBaAFAjR8fi0HXT32Gax5a39GK/iAnEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8yOWMwMTUtZDc0Ny00ZmM3LTkzMmIt
ZGY1Y2I5ZjBlM2E0LzEvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8yOWMwMTUtZDc0Ny00ZmM3LTkzMmItZGY1Y2I5ZjBlM2E0
LzEvQ05IeC1MUWRkUGZZWnJIbHJmMFlyLUlDY1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApDTP8X9U
YWMw3IOGNw1be/wWE4/vCegW3jnw79rcoDcflnKxYt3TXL8V1ZqSo1A/tkid5DOe
tgTKyLUkRZmANV3KN+e5Vgaqqv6DLlshfY1miZ3PbLN3ggE5jfUmqbdE9++rFidO
klvG49s6VZF3AMWTNKCbDG4NRmExXnYRQmSlrJ7o7lgvHHF9p5+nfv/1iRcxrToF
jh4eypapIY3K60IIjXCC1Oi6nN1vkkl3VHDVNIXwjj8TLu6hScyx/sk1GGu1o754
9AwrvepAy0ockbjMV8ZMhCCxtBfT1OwOhAPb0SO5kk4qSbK94y2RSDgDZzxa4im1
z1Vsu8v4cvvZGg==
-----END CERTIFICATE-----
Generated at Wed Jul 15 19:06:42 2026 by rpki-client