Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
File:                     pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft (raw, json)
Hash identifier:          2T4x+A2wEky6DR52THSTdFuhAkiVi+ctMrq12NEMfLY=
Subject key identifier:   7D:A9:07:22:93:50:5B:4F:14:F1:BA:CA:87:EA:EC:C9:1D:70:98:C1
Authority key identifier: A4:F5:53:3A:52:7B:26:4C:A2:E8:37:32:85:D7:80:D3:3A:2B:D0:A1
Certificate issuer:       /CN=a4f5533a527b264ca2e8373285d780d33a2bd0a1
Certificate serial:       019F292470D9B0C4257FFB39BCBA560FBDD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
Manifest number:          0624
Signing time:             Fri 03 Jul 2026 18:01:21 +0000
Manifest this update:     Fri 03 Jul 2026 18:01:21 +0000
Manifest next update:     Sat 04 Jul 2026 18:01:21 +0000
Files and hashes:         1: pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl (hash: scoSF/Cjk08zGf/OiaA3RHrQMHW6ZC6RtrSX7rLAsCc=)
                          2: t83QwmnsF94N1e2quVeWFqxv3Q4.roa (hash: S00r80MkvAcmYicBdHFKql/0j/7ix5B+Lwxl0Q6uMXI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 Jul 2026 18:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:29:24:70:d9:b0:c4:25:7f:fb:39:bc:ba:56:0f:bd:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4f5533a527b264ca2e8373285d780d33a2bd0a1
        Validity
            Not Before: Jul  3 18:01:21 2026 GMT
            Not After : Jul  4 18:01:21 2026 GMT
        Subject: CN=7da9072293505b4f14f1baca87eaecc91d7098c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7a:37:c0:39:f3:8f:87:c3:4d:8c:0c:54:73:
                    81:79:fd:96:92:e3:d3:6a:ca:b4:07:03:ed:16:a1:
                    16:23:fb:4c:6e:3b:f5:dd:33:2f:c5:fc:4d:9f:15:
                    87:48:74:3f:93:fa:50:fd:a8:2c:41:32:7c:71:6c:
                    4b:d2:21:0e:21:e9:3a:34:0f:70:c7:9a:1b:68:c2:
                    25:3f:82:b8:87:70:bb:7d:98:d9:b4:ba:53:f1:1d:
                    15:11:cb:21:6f:a9:0e:1b:e5:a5:87:d8:d8:dd:44:
                    c9:d6:73:01:a8:31:d5:1a:32:16:3d:03:9b:4e:65:
                    9c:44:62:87:60:ac:b5:a5:49:c7:2a:62:02:01:5b:
                    f3:3d:27:0e:60:36:07:51:b9:89:dc:16:52:fd:6c:
                    43:14:62:f3:67:92:92:a9:62:d4:0a:87:ba:de:1b:
                    43:69:b9:2e:f9:61:f3:50:f0:71:94:d5:e1:ba:ff:
                    e6:e1:9f:94:0c:a6:54:d2:65:c2:74:e0:11:8c:2a:
                    14:bb:ae:07:2f:2b:28:d0:9d:c9:dc:6d:48:15:b2:
                    8a:47:e1:69:61:6e:a2:7f:e9:37:37:90:c9:3d:43:
                    8f:3e:b1:8b:39:f4:75:61:b2:b4:6f:2b:6b:21:09:
                    4a:aa:4a:1c:bd:f5:0c:d0:72:5c:1f:b5:36:13:67:
                    11:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:A9:07:22:93:50:5B:4F:14:F1:BA:CA:87:EA:EC:C9:1D:70:98:C1
            X509v3 Authority Key Identifier:
                keyid:A4:F5:53:3A:52:7B:26:4C:A2:E8:37:32:85:D7:80:D3:3A:2B:D0:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/afc3c8-e952-4070-a546-424462bc949b/1/pPVTOlJ7Jkyi6DcyhdeA0zor0KE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:78:41:8d:c4:d0:f7:28:7f:e7:52:62:6b:36:a2:30:37:b5:
         1a:dc:8b:d4:0c:ee:67:47:98:0e:f3:05:12:0a:77:c8:9a:fc:
         0b:5b:64:c4:41:36:63:80:a5:e7:0b:66:3d:7d:85:15:da:8d:
         1d:ee:0b:0a:a3:7f:34:f8:9c:9f:b6:38:d8:b7:80:10:3c:8a:
         15:6c:ab:a9:1d:33:31:ed:ec:f1:2f:ca:73:dc:0b:df:6d:e1:
         43:c5:87:61:a9:65:0a:ef:7a:5b:ac:7e:e9:21:78:81:12:a2:
         87:cc:05:12:d9:64:9a:93:21:75:53:0d:8c:9c:06:bb:4c:a8:
         3d:25:43:0c:13:a5:de:fa:c6:a7:57:be:70:c1:1c:c2:9a:fb:
         cb:ff:e1:96:7d:2a:e2:29:48:e2:78:a7:5a:68:86:0a:6a:90:
         00:91:e0:96:e7:06:e6:ce:85:83:3e:dc:2a:47:bd:49:3c:27:
         b5:d5:2f:74:4a:8e:cc:f6:93:0e:8e:c0:7d:61:e5:5f:d7:13:
         b4:57:ac:a4:7a:f8:f7:96:b4:c7:2f:61:63:07:48:eb:fe:f3:
         a9:6b:73:50:7d:5e:ff:95:77:de:d3:1f:5f:61:76:f2:6b:c2:
         8b:bb:2d:38:e4:b8:27:78:62:22:86:46:f8:1c:f4:d7:22:da:
         e2:48:0b:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8pJHDZsMQlf/s5vLpWD73XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjU1MzNhNTI3YjI2NGNhMmU4MzczMjg1ZDc4MGQzM2Ey
YmQwYTEwHhcNMjYwNzAzMTgwMTIxWhcNMjYwNzA0MTgwMTIxWjAzMTEwLwYDVQQD
Eyg3ZGE5MDcyMjkzNTA1YjRmMTRmMWJhY2E4N2VhZWNjOTFkNzA5OGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHo3wDnzj4fDTYwMVHOBef2WkuPT
asq0BwPtFqEWI/tMbjv13TMvxfxNnxWHSHQ/k/pQ/agsQTJ8cWxL0iEOIek6NA9w
x5obaMIlP4K4h3C7fZjZtLpT8R0VEcshb6kOG+Wlh9jY3UTJ1nMBqDHVGjIWPQOb
TmWcRGKHYKy1pUnHKmICAVvzPScOYDYHUbmJ3BZS/WxDFGLzZ5KSqWLUCoe63htD
abku+WHzUPBxlNXhuv/m4Z+UDKZU0mXCdOARjCoUu64HLyso0J3J3G1IFbKKR+Fp
YW6if+k3N5DJPUOPPrGLOfR1YbK0bytrIQlKqkocvfUM0HJcH7U2E2cRkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH2pByKTUFtPFPG6yofq7MkdcJjBMB8GA1UdIwQY
MBaAFKT1UzpSeyZMoug3MoXXgNM6K9ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hZmMzYzgtZTk1Mi00MDcwLWE1NDYt
NDI0NDYyYmM5NDliLzEvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hZmMzYzgtZTk1Mi00MDcwLWE1NDYtNDI0NDYyYmM5NDli
LzEvcFBWVE9sSjdKa3lpNkRjeWhkZUEwem9yMEtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdnhBjcTQ
9yh/51JiazaiMDe1GtyL1AzuZ0eYDvMFEgp3yJr8C1tkxEE2Y4Cl5wtmPX2FFdqN
He4LCqN/NPicn7Y42LeAEDyKFWyrqR0zMe3s8S/Kc9wL323hQ8WHYallCu96W6x+
6SF4gRKih8wFEtlkmpMhdVMNjJwGu0yoPSVDDBOl3vrGp1e+cMEcwpr7y//hln0q
4ilI4ninWmiGCmqQAJHglucG5s6Fgz7cKke9STwntdUvdEqOzPaTDo7AfWHlX9cT
tFespHr495a0xy9hYwdI6/7zqWtzUH1e/5V33tMfX2F28mvCi7stOOS4J3hiIoZG
+Bz01yLa4kgLuA==
-----END CERTIFICATE-----
Generated at Fri Jul 3 21:46:27 2026 by rpki-client