Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
File:                     F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json)
Hash identifier:          k+/s9J00pvVVtGuKKNJkzXX7oIhO7pGq+ZpDmgCCa7I=
Subject key identifier:   FA:07:88:C0:47:B9:A9:A6:18:33:45:74:66:01:F1:53:B2:86:EC:92
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer:       /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial:       43FD1EAE4BD059F7EB4DB0610CEEEE75A7A2BC21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
Manifest number:          037C
Signing time:             Wed 06 May 2026 17:16:39 +0000
Manifest this update:     Wed 06 May 2026 17:11:39 +0000
Manifest next update:     Thu 07 May 2026 19:28:39 +0000
Files and hashes:         1: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=)
                          2: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=)
                          3: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 894RTKAEh4ciZZOdefpuTBSaNDM2TQpQSdGle6pgy08=)
                          4: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=)
                          5: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=)
                          6: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: DDBKGLOay0ETlRkkd+ZGuz8/q4wtGaLppxLYYnPMDTM=)
                          7: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=)
                          8: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=)
                          9: 326131333a393634313a3a2f34382d3438203d3e203532313132.roa (hash: 5o2ZOradY5DoOPidcJ775vbaNLbxYZsPfZS6MPweSnY=)
                          10: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: yQlOhxPKnOo2YCDiOSSEUCjD162oohaueugbnvsMYog=)
                          11: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: YRttKbBVKmVFJCLqXVNyqXBZwi5ZooomBxSDP4Gl2m4=)
                          12: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=)
                          13: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: 3m2Z/mjozERlCSY+vSBpPSC7mc1wNvFz/UzxCrw2jy0=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 May 2026 19:28:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:fd:1e:ae:4b:d0:59:f7:eb:4d:b0:61:0c:ee:ee:75:a7:a2:bc:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
        Validity
            Not Before: May  6 17:11:39 2026 GMT
            Not After : May  7 19:28:39 2026 GMT
        Subject: CN=FA0788C047B9A9A6183345746601F153B286EC92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:48:18:d5:1a:14:2b:83:3f:c9:15:aa:5b:1d:
                    1b:cd:ad:f8:c7:a2:c8:a8:12:8f:58:40:c5:09:65:
                    e4:e0:c2:45:0e:ae:2a:bd:a7:c4:b4:ca:33:84:ba:
                    c2:1f:d8:16:6b:d3:ca:6c:70:a1:39:10:99:03:d2:
                    18:e0:d8:fd:77:20:6a:79:12:63:3b:00:c6:f5:b5:
                    ce:9f:4e:a2:49:cd:69:d5:47:18:3e:89:74:f4:d2:
                    b5:a0:b5:7e:8c:e6:01:fa:08:8e:e5:74:76:09:e6:
                    ed:36:61:a4:5b:62:7b:a8:57:c0:50:f0:32:bd:76:
                    5d:5b:24:02:63:67:7a:da:e7:b9:c4:ad:69:24:d1:
                    32:87:a7:70:c0:48:38:07:6f:03:33:ad:a7:c2:8b:
                    ac:54:5b:60:33:73:8e:4d:f4:81:d0:17:b9:0c:02:
                    13:2d:b9:27:3e:22:12:fd:56:68:e3:b8:c6:08:19:
                    92:e9:64:f6:c3:d0:81:a2:19:2e:c2:ac:fb:9a:b9:
                    8c:2b:6c:e7:ec:98:c6:d6:57:03:dd:81:86:c2:ce:
                    c9:93:81:d0:78:7f:1e:c5:26:a1:f8:6a:70:0e:fd:
                    e0:8d:b7:11:5e:94:75:9f:d2:e3:e5:5e:4f:32:85:
                    26:8a:bf:2b:96:10:ba:b1:da:29:05:1f:1e:dd:c7:
                    bf:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:07:88:C0:47:B9:A9:A6:18:33:45:74:66:01:F1:53:B2:86:EC:92
            X509v3 Authority Key Identifier:
                keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:57:5d:d9:f8:11:ad:be:02:2c:2d:81:8b:c1:2c:81:ef:2b:
         e7:73:34:93:c7:02:4f:83:27:91:e5:3f:70:2e:7e:bc:de:81:
         ad:14:ac:84:f2:95:5b:d6:24:eb:47:da:96:79:8d:a5:6a:6c:
         29:04:3e:cc:33:7e:dd:39:32:53:01:d1:86:82:45:cf:c2:b9:
         c4:fb:4b:c3:78:f0:39:6c:4a:09:b4:20:42:4d:6d:f0:e7:70:
         a7:3d:40:e3:31:73:d6:77:08:d4:ac:7d:c5:0a:fe:34:bb:28:
         f8:0f:dd:cb:a8:0d:e7:74:1e:1a:dd:4e:09:93:a2:b9:36:62:
         d1:54:31:9f:f6:ac:30:11:a4:e1:46:30:e4:b9:d5:51:98:cb:
         43:17:6a:34:5c:a0:75:d9:43:a9:9a:91:91:ba:43:b6:42:7b:
         44:da:16:50:1e:46:38:af:18:fe:c3:cb:f6:fb:1f:a2:89:ed:
         99:ce:11:5b:63:ac:d9:b3:57:12:f5:c0:f8:89:1f:71:19:ee:
         fa:58:4c:ea:9a:27:2b:8a:10:81:26:4b:ce:54:9d:b8:e2:70:
         82:2b:c1:a0:b8:b5:36:49:01:11:31:93:ce:c9:17:46:ec:6e:
         7f:dd:35:6e:b7:d5:e9:d3:b2:50:ff:d4:51:50:75:e6:20:9a:
         b9:46:44:cf
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUQ/0erkvQWffrTbBhDO7udaeivCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjA1MDYxNzExMzlaFw0yNjA1MDcxOTI4MzlaMDMxMTAvBgNV
BAMTKEZBMDc4OEMwNDdCOUE5QTYxODMzNDU3NDY2MDFGMTUzQjI4NkVDOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqSBjVGhQrgz/JFapbHRvNrfjH
osioEo9YQMUJZeTgwkUOriq9p8S0yjOEusIf2BZr08pscKE5EJkD0hjg2P13IGp5
EmM7AMb1tc6fTqJJzWnVRxg+iXT00rWgtX6M5gH6CI7ldHYJ5u02YaRbYnuoV8BQ
8DK9dl1bJAJjZ3ra57nErWkk0TKHp3DASDgHbwMzrafCi6xUW2Azc45N9IHQF7kM
AhMtuSc+IhL9VmjjuMYIGZLpZPbD0IGiGS7CrPuauYwrbOfsmMbWVwPdgYbCzsmT
gdB4fx7FJqH4anAO/eCNtxFelHWf0uPlXk8yhSaKvyuWELqx2ikFHx7dx79TAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU+geIwEe5qaYYM0V0ZgHxU7KG7JIwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00
MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4
NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH1dd2fgRrb4CLC2Bi8Es
ge8r53M0k8cCT4MnkeU/cC5+vN6BrRSshPKVW9Yk60falnmNpWpsKQQ+zDN+3Tky
UwHRhoJFz8K5xPtLw3jwOWxKCbQgQk1t8Odwpz1A4zFz1ncI1Kx9xQr+NLso+A/d
y6gN53QeGt1OCZOiuTZi0VQxn/asMBGk4UYw5LnVUZjLQxdqNFygddlDqZqRkbpD
tkJ7RNoWUB5GOK8Y/sPL9vsfoontmc4RW2Os2bNXEvXA+IkfcRnu+lhM6ponK4oQ
gSZLzlSduOJwgivBoLi1NkkBETGTzskXRuxuf901brfV6dOyUP/UUVB15iCauUZE
zw==
-----END CERTIFICATE-----