Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
File:                     mlCFOiSox2IjTokTpKWymFwzHa0.mft (raw, json)
Hash identifier:          L0bmnfkjTavG2gl0msIN25nYZyIbZquVTeRtGn6PpMI=
Subject key identifier:   3B:FC:6D:95:CA:27:05:8D:68:2D:94:C5:B1:06:E8:3E:D7:FA:61:62
Authority key identifier: 9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD
Certificate issuer:       /CN=9a50853a24a8c762234e8913a4a5b2985c331dad
Certificate serial:       019F1C0E0549A78F1247CA46EFD25CDB4209
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
Manifest number:          174A
Signing time:             Wed 01 Jul 2026 05:01:48 +0000
Manifest this update:     Wed 01 Jul 2026 05:01:48 +0000
Manifest next update:     Thu 02 Jul 2026 05:01:48 +0000
Files and hashes:         1: 8fdsNHAoxPgGvUJ1-IIbNzs4kR8.roa (hash: oToJ7/CBn32SApKsPhftng2rCZIvh8kkblOHjghDJj8=)
                          2: mlCFOiSox2IjTokTpKWymFwzHa0.crl (hash: xacfiMP65DLNVfeATOBSMdM0lD66igKZ6MDlz2OHrWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 Jul 2026 05:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:1c:0e:05:49:a7:8f:12:47:ca:46:ef:d2:5c:db:42:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a50853a24a8c762234e8913a4a5b2985c331dad
        Validity
            Not Before: Jul  1 05:01:48 2026 GMT
            Not After : Jul  2 05:01:48 2026 GMT
        Subject: CN=3bfc6d95ca27058d682d94c5b106e83ed7fa6162
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e9:4c:5d:05:8f:dc:0b:b8:ae:b8:fa:09:fe:
                    cb:99:33:25:ef:89:a3:20:bc:69:77:bb:00:27:e6:
                    7e:2b:a9:1f:43:19:6a:a9:7d:57:6c:4c:4d:d6:83:
                    2b:9e:3f:af:7b:e3:45:12:8c:8f:d4:aa:0f:77:bd:
                    b6:bc:c2:66:d6:6e:17:bd:6a:c6:f5:1e:f2:13:e4:
                    d8:c4:33:d2:c9:2b:00:26:d3:75:08:f0:ad:81:a8:
                    02:04:68:76:1d:ee:96:9a:0f:42:03:97:a9:1b:27:
                    22:1e:a5:57:4a:85:4d:2f:c5:65:ae:2e:12:80:ca:
                    07:39:a2:a9:d4:34:fe:2f:5b:b9:3f:8b:c6:c5:79:
                    34:65:b4:ca:2c:73:16:2d:25:ca:e0:4b:c1:47:1d:
                    2c:bc:36:6f:bb:f0:df:12:d3:b9:89:ef:e3:3a:14:
                    10:d2:32:8b:11:aa:18:a7:cc:55:c1:63:3b:99:7a:
                    92:65:d5:b1:eb:ba:7c:07:eb:2a:6f:78:34:8e:b5:
                    a2:88:2e:17:c0:2d:15:e4:ce:41:b3:b0:3b:ce:9e:
                    ef:a7:5e:f6:01:c6:66:b3:22:ce:a3:e7:05:84:28:
                    e8:73:64:88:15:15:cf:21:66:54:89:ae:0a:ed:33:
                    69:7f:32:55:51:96:e7:23:60:08:7f:29:9f:15:e0:
                    4a:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:FC:6D:95:CA:27:05:8D:68:2D:94:C5:B1:06:E8:3E:D7:FA:61:62
            X509v3 Authority Key Identifier:
                keyid:9A:50:85:3A:24:A8:C7:62:23:4E:89:13:A4:A5:B2:98:5C:33:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlCFOiSox2IjTokTpKWymFwzHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a429b-a454-428b-bb88-88b58d02b2a1/1/mlCFOiSox2IjTokTpKWymFwzHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:4c:a3:6c:2f:e2:1c:d4:74:c8:10:75:d0:5f:89:4d:b9:70:
         72:29:a2:bc:85:1d:7c:a0:3f:8c:99:a0:a0:af:bf:60:e9:88:
         5f:28:1c:0f:31:a5:dc:f6:96:b0:59:74:bb:75:6c:7e:a8:bd:
         5e:44:b1:b2:f5:be:ff:d6:4b:0d:43:52:8f:72:e7:f9:9e:3d:
         4c:74:77:a8:60:33:36:b2:7c:d8:d1:6b:5a:a5:80:7e:07:1b:
         07:37:13:95:85:06:42:16:86:c6:c0:cd:e1:d9:bb:e9:96:25:
         17:6d:e0:6c:1a:fd:09:bd:b3:25:2f:f4:1d:b2:6d:2f:87:2e:
         1a:5d:5d:bc:d5:2a:e7:fe:48:35:1e:4c:61:42:2f:94:7b:59:
         66:b4:a7:81:00:29:b8:23:58:ae:26:9c:4b:ae:f8:66:e0:dc:
         bb:94:2e:43:e0:89:27:e6:e9:62:14:26:8b:28:3c:aa:86:60:
         91:66:6a:65:0a:b7:88:59:3a:5f:28:c4:30:d4:14:5a:35:5b:
         2c:08:59:09:3f:a2:96:69:24:66:ed:4a:6d:d2:f7:17:4a:3f:
         c6:72:bd:5c:0d:e4:29:a3:ba:00:44:59:d5:2a:70:62:bd:9e:
         18:06:41:a9:24:05:b5:3e:56:8c:3b:b9:7d:bc:aa:1e:74:05:
         ec:d9:5c:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8cDgVJp48SR8pG79Jc20IJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTA4NTNhMjRhOGM3NjIyMzRlODkxM2E0YTViMjk4NWMz
MzFkYWQwHhcNMjYwNzAxMDUwMTQ4WhcNMjYwNzAyMDUwMTQ4WjAzMTEwLwYDVQQD
EygzYmZjNmQ5NWNhMjcwNThkNjgyZDk0YzViMTA2ZTgzZWQ3ZmE2MTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOlMXQWP3Au4rrj6Cf7LmTMl74mj
ILxpd7sAJ+Z+K6kfQxlqqX1XbExN1oMrnj+ve+NFEoyP1KoPd722vMJm1m4XvWrG
9R7yE+TYxDPSySsAJtN1CPCtgagCBGh2He6Wmg9CA5epGyciHqVXSoVNL8Vlri4S
gMoHOaKp1DT+L1u5P4vGxXk0ZbTKLHMWLSXK4EvBRx0svDZvu/DfEtO5ie/jOhQQ
0jKLEaoYp8xVwWM7mXqSZdWx67p8B+sqb3g0jrWiiC4XwC0V5M5Bs7A7zp7vp172
AcZmsyLOo+cFhCjoc2SIFRXPIWZUia4K7TNpfzJVUZbnI2AIfymfFeBKZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDv8bZXKJwWNaC2UxbEG6D7X+mFiMB8GA1UdIwQY
MBaAFJpQhTokqMdiI06JE6SlsphcMx2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wYTQyOWItYTQ1NC00MjhiLWJiODgt
ODhiNThkMDJiMmExLzEvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wYTQyOWItYTQ1NC00MjhiLWJiODgtODhiNThkMDJiMmEx
LzEvbWxDRk9pU294MklqVG9rVHBLV3ltRnd6SGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnUyjbC/i
HNR0yBB10F+JTblwcimivIUdfKA/jJmgoK+/YOmIXygcDzGl3PaWsFl0u3Vsfqi9
XkSxsvW+/9ZLDUNSj3Ln+Z49THR3qGAzNrJ82NFrWqWAfgcbBzcTlYUGQhaGxsDN
4dm76ZYlF23gbBr9Cb2zJS/0HbJtL4cuGl1dvNUq5/5INR5MYUIvlHtZZrSngQAp
uCNYriacS674ZuDcu5QuQ+CJJ+bpYhQmiyg8qoZgkWZqZQq3iFk6XyjEMNQUWjVb
LAhZCT+ilmkkZu1KbdL3F0o/xnK9XA3kKaO6AERZ1SpwYr2eGAZBqSQFtT5WjDu5
fbyqHnQF7NlceQ==
-----END CERTIFICATE-----
Generated at Wed Jul 1 10:47:53 2026 by rpki-client