Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
File:                     F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json)
Hash identifier:          ub8cqQXkiW7IS1wUp4tnZtWz3GaRMi9ZdLWTH9bsLzE=
Subject key identifier:   C2:A6:A4:02:63:35:3E:1C:A6:9F:46:8E:26:12:70:B4:34:5E:C7:C4
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer:       /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial:       0CC43B26F670B91468CCFCA7410AC1CAC8093E53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
Manifest number:          03B8
Signing time:             Thu 25 Jun 2026 03:31:11 +0000
Manifest this update:     Thu 25 Jun 2026 03:26:11 +0000
Manifest next update:     Fri 26 Jun 2026 06:06:11 +0000
Files and hashes:         1: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 1pHR4AP9OeOn8mZ4HoLlr2czW4fmRlqzyRv8x8zwk8A=)
                          2: 326131333a393634323a3130303a3a2f34382d3438203d3e203438323830.roa (hash: Hzx6dqgk5VbAzguBV4HZyt3Vsd0Nsl/R+Zel28Ftt2o=)
                          3: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: dUdgsqEsXhjpFbCXjEAOMcgmvSkHr/B9yKj+ko9WRB0=)
                          4: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: iHiHYqsWlJeVORCjaRILfNxM4kvwvM5K91j5Ek4sw54=)
                          5: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: yP18kVyfV7/LPSJK/VwAQHRl/fMfjt7LVVAsv9PVQVA=)
                          6: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=)
                          7: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: HvvXHcb+W+5HBFJKf1QLCy/60NSa6ZDrL0Z//tXBT34=)
                          8: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: J0QhgaG2DBLz0VWJBsMQZu2ZF7QhSkF6tH/nntQ7TZY=)
                          9: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: Nz2k0o2IS41o55idTp4HvK3uNxIMYgMNKvrr57G+kIE=)
                          10: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: 8tyoyj+D28jxGt0bfhaInNIU03+b0IVBKpUjzTXuyE4=)
                          11: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: 55K704u0CSR1H8gbRHKofiBTrVbrlViI8IfSELQiTbk=)
                          12: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: aN0l+seOjIzBWiIpg74ha3XMl613ui3F5BnuU6cUgOI=)
                          13: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: 6gAaSNoSaIXWUFqKICIjSMVZbz2O5860M6viimhJQSo=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 25 Jun 2026 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:c4:3b:26:f6:70:b9:14:68:cc:fc:a7:41:0a:c1:ca:c8:09:3e:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
        Validity
            Not Before: Jun 25 03:26:11 2026 GMT
            Not After : Jun 26 06:06:11 2026 GMT
        Subject: CN=C2A6A40263353E1CA69F468E261270B4345EC7C4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:18:12:1f:ba:71:96:0c:02:48:c6:93:e6:8f:
                    bf:ec:c2:5d:b6:43:04:bc:3f:22:e3:7a:8c:80:28:
                    57:1d:ff:2d:6c:4b:93:09:13:46:d3:e9:47:29:95:
                    81:fa:93:1f:6d:a0:ae:2d:f6:1d:8b:b9:b0:20:8b:
                    97:9d:d5:ca:f6:5c:e1:f3:05:68:c4:c7:c9:b9:02:
                    1c:80:55:bc:75:23:e9:e5:ab:55:fa:81:2b:fd:bd:
                    e2:33:3e:e9:6b:1e:b3:56:fd:a9:a9:1c:30:c7:97:
                    04:4f:2a:d4:1a:33:90:05:b6:76:0b:fe:f5:52:7e:
                    ec:ba:c6:d9:89:85:b8:4a:22:f9:3f:4e:f5:10:7b:
                    a6:77:60:6c:6e:58:69:49:3b:60:c2:dc:5c:30:21:
                    c5:82:9d:88:30:9b:6e:67:78:96:ed:0e:66:e8:d8:
                    99:f3:ed:0c:81:34:06:19:7c:3e:dd:31:e0:f4:95:
                    98:52:e3:8c:57:bf:0d:e3:77:f7:4a:9c:0c:b7:b7:
                    12:a9:13:f8:5d:73:57:86:d9:eb:29:1a:7a:2b:ae:
                    f6:d1:1c:a7:4a:e9:1a:47:13:9c:88:16:47:24:e4:
                    59:70:6d:c2:94:1c:69:0c:32:97:a5:6d:1e:f7:16:
                    23:a6:27:fc:8f:73:20:c3:c7:12:15:b1:a3:ca:ee:
                    47:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:A6:A4:02:63:35:3E:1C:A6:9F:46:8E:26:12:70:B4:34:5E:C7:C4
            X509v3 Authority Key Identifier:
                keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d5:07:4e:b3:3e:bc:52:cb:06:90:9f:64:6c:6a:8c:e7:a6:cd:
         09:0a:1d:e7:7f:ba:98:6d:f1:66:bb:e4:cd:c6:34:ec:c2:ca:
         9d:0b:a8:e2:c7:a7:4c:95:95:ee:db:05:29:67:d8:a8:53:0a:
         1c:32:d9:00:03:44:e5:ad:9a:68:c6:29:0d:9b:c7:ce:c9:76:
         ad:20:e4:74:a9:b2:5d:b5:81:c7:eb:40:04:a3:66:8c:7e:28:
         4c:f6:7a:68:45:e0:b1:2b:d7:12:35:98:6d:a8:21:e1:96:c8:
         41:1a:68:c5:da:3f:4f:e4:f4:85:50:19:07:03:15:31:bf:e4:
         d8:44:90:a8:d3:c8:6b:d4:d1:18:20:35:9a:c9:67:13:08:4b:
         43:85:b0:35:77:68:56:a8:72:69:f5:2c:08:66:5e:b6:80:0f:
         9b:66:b5:5f:03:07:ec:7d:1a:b8:5a:af:62:03:40:92:f2:4c:
         ac:23:6f:c1:9d:16:46:15:7e:0b:d9:93:4d:1e:e2:0e:56:78:
         8b:32:eb:a2:c1:3d:10:7c:70:ec:06:d7:02:78:1a:66:56:67:
         8f:2b:52:7f:46:40:d1:4a:f8:45:90:ec:02:c9:ad:3d:af:42:
         10:ff:62:80:dc:db:f9:d9:09:96:ff:f1:ad:6f:3b:49:9f:46:
         7e:69:6f:49
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUDMQ7JvZwuRRozPynQQrBysgJPlMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjA2MjUwMzI2MTFaFw0yNjA2MjYwNjA2MTFaMDMxMTAvBgNV
BAMTKEMyQTZBNDAyNjMzNTNFMUNBNjlGNDY4RTI2MTI3MEI0MzQ1RUM3QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJGBIfunGWDAJIxpPmj7/swl22
QwS8PyLjeoyAKFcd/y1sS5MJE0bT6UcplYH6kx9toK4t9h2LubAgi5ed1cr2XOHz
BWjEx8m5AhyAVbx1I+nlq1X6gSv9veIzPulrHrNW/ampHDDHlwRPKtQaM5AFtnYL
/vVSfuy6xtmJhbhKIvk/TvUQe6Z3YGxuWGlJO2DC3FwwIcWCnYgwm25neJbtDmbo
2Jnz7QyBNAYZfD7dMeD0lZhS44xXvw3jd/dKnAy3txKpE/hdc1eG2espGnorrvbR
HKdK6RpHE5yIFkck5FlwbcKUHGkMMpelbR73FiOmJ/yPcyDDxxIVsaPK7kfjAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUwqakAmM1Phymn0aOJhJwtDRex8QwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00
MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4
NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1QdOsz68UssGkJ9kbGqM
56bNCQod53+6mG3xZrvkzcY07MLKnQuo4senTJWV7tsFKWfYqFMKHDLZAANE5a2a
aMYpDZvHzsl2rSDkdKmyXbWBx+tABKNmjH4oTPZ6aEXgsSvXEjWYbagh4ZbIQRpo
xdo/T+T0hVAZBwMVMb/k2ESQqNPIa9TRGCA1mslnEwhLQ4WwNXdoVqhyafUsCGZe
toAPm2a1XwMH7H0auFqvYgNAkvJMrCNvwZ0WRhV+C9mTTR7iDlZ4izLrosE9EHxw
7AbXAngaZlZnjytSf0ZA0Ur4RZDsAsmtPa9CEP9igNzb+dkJlv/xrW87SZ9Gfmlv
SQ==
-----END CERTIFICATE-----