Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft
File:                     hugNGBwlPRTaHgupwdVmb1Ym1YE.mft (raw, json)
Hash identifier:          MsbQwFqcTIUlrtQXcAJf9t3fFwvq/8UMWvSlr9+xEAE=
Subject key identifier:   00:D0:53:2A:4D:B2:61:37:90:06:B6:7C:9E:A2:BA:B7:19:A7:18:90
Authority key identifier: 86:E8:0D:18:1C:25:3D:14:DA:1E:0B:A9:C1:D5:66:6F:56:26:D5:81
Certificate issuer:       /CN=86e80d181c253d14da1e0ba9c1d5666f5626d581
Certificate serial:       019F78F6725E86CF918D23F633DD2EEB98DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hugNGBwlPRTaHgupwdVmb1Ym1YE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft
Manifest number:          03DF
Signing time:             Sun 19 Jul 2026 06:00:44 +0000
Manifest this update:     Sun 19 Jul 2026 06:00:44 +0000
Manifest next update:     Mon 20 Jul 2026 06:00:44 +0000
Files and hashes:         1: Q0BAQv9Y2KCGzUH12IIJCejGo9E.roa (hash: ZXRjv/WoTKdvC9GZzFdW6WbAOuxyKMhJM7y9cqTP30I=)
                          2: hugNGBwlPRTaHgupwdVmb1Ym1YE.crl (hash: CHiE4E9B4BDOmpYQ07o/Z9B406Uv7FPSun/QdS2w1EY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hugNGBwlPRTaHgupwdVmb1Ym1YE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Jul 2026 05:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:78:f6:72:5e:86:cf:91:8d:23:f6:33:dd:2e:eb:98:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86e80d181c253d14da1e0ba9c1d5666f5626d581
        Validity
            Not Before: Jul 19 06:00:44 2026 GMT
            Not After : Jul 20 06:00:44 2026 GMT
        Subject: CN=00d0532a4db261379006b67c9ea2bab719a71890
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cd:24:60:50:b1:aa:3d:bb:34:f1:bc:76:ad:
                    30:85:60:3b:e7:31:e7:97:84:da:86:86:49:cc:ad:
                    68:e7:ba:f0:5f:bb:c4:7c:44:04:53:61:b2:19:b3:
                    11:29:07:73:17:0b:90:a6:66:df:1d:30:cc:eb:b7:
                    b5:04:82:cd:11:62:28:05:89:9d:fa:4d:08:17:a0:
                    68:9c:bc:a3:fc:a0:ec:65:95:41:c4:85:c3:be:0a:
                    bc:24:37:8c:e7:aa:39:f5:24:ac:ad:e0:62:12:e2:
                    31:ec:8c:69:91:56:60:27:85:93:0b:c2:0e:06:96:
                    e1:32:98:44:dc:a1:61:d3:36:45:a1:77:7a:b9:bf:
                    70:83:26:b4:40:b9:01:ff:d8:de:b9:1c:77:89:ec:
                    75:e3:07:65:87:ed:a3:7a:54:86:5f:3a:fe:1e:5e:
                    65:cd:19:6d:04:ed:8f:00:d5:d0:71:3c:ce:d5:dc:
                    03:a5:81:e4:18:fe:6c:02:22:f2:c0:58:d0:1c:98:
                    e4:30:22:66:81:02:51:7a:8d:ef:41:4e:9e:0f:7c:
                    f8:f2:df:cd:f3:03:f4:8b:c4:29:6b:80:16:c3:d1:
                    6b:56:57:56:35:97:d6:e9:b5:5f:06:ce:0e:39:59:
                    da:25:28:a8:68:fe:c2:22:d5:71:47:60:a8:10:2e:
                    09:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:D0:53:2A:4D:B2:61:37:90:06:B6:7C:9E:A2:BA:B7:19:A7:18:90
            X509v3 Authority Key Identifier:
                keyid:86:E8:0D:18:1C:25:3D:14:DA:1E:0B:A9:C1:D5:66:6F:56:26:D5:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hugNGBwlPRTaHgupwdVmb1Ym1YE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/ea609e-6538-4723-8259-73f54348823c/1/hugNGBwlPRTaHgupwdVmb1Ym1YE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:e9:d2:a4:24:d5:8c:b6:e1:69:5f:58:f5:2d:f4:99:fc:45:
         f8:9a:bc:dd:20:02:92:81:8a:6d:2c:a2:6c:97:38:c2:03:86:
         4c:9f:99:31:44:02:7d:6b:28:c6:45:13:07:21:43:b7:5c:75:
         e2:cf:2a:f3:05:61:73:29:8a:f7:8a:78:ba:68:4d:eb:98:5b:
         89:99:7a:fb:6c:ea:f3:ee:03:49:5d:09:66:1e:39:d7:b9:e4:
         dd:2a:35:23:f5:4c:c7:7b:f3:78:0d:0c:12:96:ec:e1:b4:0e:
         09:59:0f:2b:79:7e:d4:b6:86:6b:30:26:f5:51:99:bb:72:6d:
         3f:97:6f:6f:03:3c:f7:e1:fc:4e:47:6e:f4:46:3c:ce:62:d8:
         4b:26:b1:b9:ad:db:53:79:7c:e5:1c:91:f6:c1:7a:62:a4:42:
         ec:03:77:4b:e0:9c:f7:01:d4:5f:50:72:c1:36:56:44:2b:0f:
         7b:c7:85:0c:a2:72:c0:c2:fe:44:a4:e0:11:d3:32:52:e8:d9:
         cf:a7:08:4d:17:9c:12:78:5b:e7:ba:f0:62:43:ef:98:69:3c:
         06:24:e6:79:70:02:84:bd:52:45:d9:65:ed:83:88:10:f0:65:
         4e:07:e6:53:ea:85:ed:18:1d:38:b5:cc:ef:30:70:5c:0a:8d:
         4a:02:1f:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ949nJehs+RjSP2M90u65jbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZTgwZDE4MWMyNTNkMTRkYTFlMGJhOWMxZDU2NjZmNTYy
NmQ1ODEwHhcNMjYwNzE5MDYwMDQ0WhcNMjYwNzIwMDYwMDQ0WjAzMTEwLwYDVQQD
EygwMGQwNTMyYTRkYjI2MTM3OTAwNmI2N2M5ZWEyYmFiNzE5YTcxODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu80kYFCxqj27NPG8dq0whWA75zHn
l4TahoZJzK1o57rwX7vEfEQEU2GyGbMRKQdzFwuQpmbfHTDM67e1BILNEWIoBYmd
+k0IF6BonLyj/KDsZZVBxIXDvgq8JDeM56o59SSsreBiEuIx7IxpkVZgJ4WTC8IO
BpbhMphE3KFh0zZFoXd6ub9wgya0QLkB/9jeuRx3iex14wdlh+2jelSGXzr+Hl5l
zRltBO2PANXQcTzO1dwDpYHkGP5sAiLywFjQHJjkMCJmgQJReo3vQU6eD3z48t/N
8wP0i8Qpa4AWw9FrVldWNZfW6bVfBs4OOVnaJSioaP7CItVxR2CoEC4JpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFADQUypNsmE3kAa2fJ6iurcZpxiQMB8GA1UdIwQY
MBaAFIboDRgcJT0U2h4LqcHVZm9WJtWBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHVnTkdCd2xQUlRhSGd1cHdkVm1iMVltMVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lYTYwOWUtNjUzOC00NzIzLTgyNTkt
NzNmNTQzNDg4MjNjLzEvaHVnTkdCd2xQUlRhSGd1cHdkVm1iMVltMVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lYTYwOWUtNjUzOC00NzIzLTgyNTktNzNmNTQzNDg4MjNj
LzEvaHVnTkdCd2xQUlRhSGd1cHdkVm1iMVltMVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo+nSpCTV
jLbhaV9Y9S30mfxF+Jq83SACkoGKbSyibJc4wgOGTJ+ZMUQCfWsoxkUTByFDt1x1
4s8q8wVhcymK94p4umhN65hbiZl6+2zq8+4DSV0JZh4517nk3So1I/VMx3vzeA0M
Epbs4bQOCVkPK3l+1LaGazAm9VGZu3JtP5dvbwM89+H8Tkdu9EY8zmLYSyaxua3b
U3l85RyR9sF6YqRC7AN3S+Cc9wHUX1BywTZWRCsPe8eFDKJywML+RKTgEdMyUujZ
z6cITRecEnhb57rwYkPvmGk8BiTmeXAChL1SRdll7YOIEPBlTgfmU+qF7RgdOLXM
7zBwXAqNSgIfUw==
-----END CERTIFICATE-----
Generated at Sun Jul 19 09:06:32 2026 by rpki-client