Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
File:                     hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft (raw, json)
Hash identifier:          C2ZaGt/NlciABJ68sc2GJilypoKCGn4SH34tjGcliHc=
Subject key identifier:   1B:9F:C1:1D:CC:42:B7:FE:C7:C0:D6:59:14:1A:38:9C:DA:7E:19:C0
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       019EBFC8F0E5D6B5FB3FEADA94A3B8D87952
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
Manifest number:          171F
Signing time:             Sat 13 Jun 2026 07:01:17 +0000
Manifest this update:     Sat 13 Jun 2026 07:01:17 +0000
Manifest next update:     Sun 14 Jun 2026 07:01:17 +0000
Files and hashes:         1: 1u23_XHmiJhjqy9S76sw3BzP9Ww.roa (hash: qDjQXmy6brh3hQItl8JxTdLVuqnZ3WF2FKz/Ualn8KI=)
                          2: 4KkUHNuHp_WUlcLV7ZmT-IELGLs.roa (hash: X02pU+wDvS97rZ0D42UQvqF9JhNnpzwkrnlhuhnewxY=)
                          3: An-h4kooPrBUGMT-6Nj0QudqGKE.roa (hash: 4VG1kUHyYf9yb01HKQwY97RZCAJU3VqeDAxr07wG4w0=)
                          4: DKJJrcnX3RnXlCDTnb0QnF9ph1c.roa (hash: FBpHgtUQjl2CKc1kAMv5YEG4ocTTbuqpzf8/LW2ex4k=)
                          5: GOgAejJFsLbsIoSjyXa89DsOln0.roa (hash: n61wmUPLOUsceRZoHaDl1wjd6NYSJP+7XllQ62IBWVA=)
                          6: JVIsfJ3DVyq9OG-AbEDRx8a3Bto.roa (hash: J8o+5Ee3eNiQKRGdXJdghD9ZXv8Izb9VeieBzPJF1ak=)
                          7: L3AHD1nIaJn-Qkxqjxi4waU1okM.roa (hash: MqsTHnRn4vzlkUHWrFaXq9Uo9UAjzsK7URiYSvcgf8k=)
                          8: NY2MX1mgk76QbEK78KfRCv9HXlc.roa (hash: n052UQO+ldLs19+3y0B7Wj4/DIUQ0nHDh3aGl0cSB9U=)
                          9: NgMsux-odmw_2otfxo6fwQPz6nk.roa (hash: acZbMbI5ZnLhauOT05TvSrJPxsUogE9hJcD3gMOAgYQ=)
                          10: SUe4J3Et3KgT01K3Zx9sbKaSGM0.roa (hash: LwIG+mDSylEHKB/dZoPmrJsG/6vCNLIoKeokQAgcByE=)
                          11: XdIic6TtMnHLSFKPt0NIgYA3BZE.roa (hash: Hz8Dp4xvPL6d1SZb+xVGL2Fnk7Ii6zPdDdS2xRff/c8=)
                          12: bFtTO9kUoK7V5nLLHjzqVj2iOcU.roa (hash: jJC/VOkqkEwdX7ejcOTbfcTesLG6OI5LMSL4JFJb9Ek=)
                          13: hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl (hash: qJB7ezVXRQUmwaD98yhhvOmiiWvy9RDez59W3MZobgQ=)
                          14: mDj4POXBo_BA8ao0TEZHTmOo46s.roa (hash: Y2b4Ei43NJZ9dDiKlYc7gN5osX878buWXGf115YzawI=)
                          15: nFYGg4ZIP1H9kzcY434jAerp2kU.roa (hash: Y/IgWysEh1nmKw0nLD81dJWu3QFpKM+9pnP+lyeoZXo=)
                          16: obFwaT_4MZtX-dKod3UGli-Mmuo.roa (hash: S1tcUGtkx7R83UYo2rACVKW3cgPV5XEnzrmsW37TA/Q=)
                          17: y2mTo6HHgH1hIKjXLEt22HvPvrw.roa (hash: YRXm/TWE2LnDq+SOmryX5rTG96P5ANXEnONR2xUrL80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:c8:f0:e5:d6:b5:fb:3f:ea:da:94:a3:b8:d8:79:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Jun 13 07:01:17 2026 GMT
            Not After : Jun 14 07:01:17 2026 GMT
        Subject: CN=1b9fc11dcc42b7fec7c0d659141a389cda7e19c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b4:3c:8f:62:d0:26:60:38:d1:61:f7:5b:25:
                    55:8f:7d:1d:12:91:8b:ee:ea:80:e1:62:ad:71:62:
                    7f:e2:96:ff:76:15:0e:5a:8a:a2:89:42:ba:2e:03:
                    98:f1:33:40:76:b7:7b:03:ed:73:02:0a:5f:aa:72:
                    13:06:7d:b5:d2:9e:7b:19:ff:ac:20:b0:fb:bf:5e:
                    1b:90:86:12:48:53:8b:aa:d9:fd:2a:a4:8a:96:3e:
                    e2:2f:26:3a:c4:4a:b8:b0:c8:b2:16:53:66:13:df:
                    8a:b6:98:ca:28:6a:6e:bb:ff:8d:a4:31:aa:75:59:
                    ec:a7:49:b8:f9:c4:a8:9b:6a:3b:af:7a:a9:86:68:
                    25:f3:05:fe:43:5f:91:16:c0:9f:93:22:f1:46:84:
                    a4:a2:50:bd:18:50:ec:71:04:8c:3c:75:f1:f2:8e:
                    0d:b3:aa:6e:5d:bf:92:d7:57:c7:5f:f8:f2:f9:e6:
                    b7:dd:c0:dc:28:ff:6b:6b:83:31:6b:3b:5c:74:f3:
                    75:42:dd:51:95:ef:73:81:73:41:6d:1e:4c:5e:7d:
                    3b:15:62:9c:50:74:16:a0:b2:06:b9:99:bd:ba:cc:
                    26:06:dc:64:b3:f3:21:56:56:0a:0a:9e:90:36:7a:
                    41:57:89:c1:0d:a1:56:2b:1b:e7:59:bf:7b:20:d1:
                    67:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:9F:C1:1D:CC:42:B7:FE:C7:C0:D6:59:14:1A:38:9C:DA:7E:19:C0
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:4b:74:d4:a9:98:09:64:a8:5f:53:db:4b:08:11:0c:b7:9b:
         2f:3e:84:cc:f7:3f:ee:d7:ef:20:cf:b2:aa:88:92:ff:17:82:
         72:73:ad:04:34:e4:a0:8b:30:3c:bb:28:0b:64:c6:54:9c:7c:
         92:92:ee:ff:1c:28:ad:d8:5c:8c:e0:f8:63:28:2d:98:f4:ef:
         de:34:2e:86:41:b3:6a:cd:21:f0:ff:19:4b:a3:b7:72:80:ce:
         7f:e7:b4:fe:79:0d:b7:6c:3f:d4:20:51:38:fd:c7:7d:aa:ff:
         38:3c:c4:bb:73:28:09:e7:90:3f:8f:e3:68:91:c1:81:c9:ae:
         6c:78:0c:c1:0e:19:cb:58:04:f6:13:84:ab:e1:07:f8:95:82:
         4c:80:fd:7b:55:57:6d:6c:6f:e8:a9:3b:9f:24:c3:a1:30:34:
         09:ec:50:4a:0a:e4:fa:bc:36:18:cf:70:d3:45:8e:bf:10:bf:
         1d:da:ef:d7:98:5e:89:a3:fe:3a:e3:95:ac:be:92:d6:d6:ce:
         ed:53:54:cb:be:5d:64:81:db:44:a8:43:fb:b7:c5:21:e4:7c:
         a3:4e:28:5a:37:ce:bf:e7:00:d9:69:96:bb:01:a9:67:0c:80:
         74:a4:c2:26:ff:33:36:55:c3:7b:00:c0:6f:46:01:95:0e:10:
         03:ba:5f:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/yPDl1rX7P+ralKO42HlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjYwNjEzMDcwMTE3WhcNMjYwNjE0MDcwMTE3WjAzMTEwLwYDVQQD
EygxYjlmYzExZGNjNDJiN2ZlYzdjMGQ2NTkxNDFhMzg5Y2RhN2UxOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbQ8j2LQJmA40WH3WyVVj30dEpGL
7uqA4WKtcWJ/4pb/dhUOWoqiiUK6LgOY8TNAdrd7A+1zAgpfqnITBn210p57Gf+s
ILD7v14bkIYSSFOLqtn9KqSKlj7iLyY6xEq4sMiyFlNmE9+KtpjKKGpuu/+NpDGq
dVnsp0m4+cSom2o7r3qphmgl8wX+Q1+RFsCfkyLxRoSkolC9GFDscQSMPHXx8o4N
s6puXb+S11fHX/jy+ea33cDcKP9ra4MxaztcdPN1Qt1Rle9zgXNBbR5MXn07FWKc
UHQWoLIGuZm9uswmBtxks/MhVlYKCp6QNnpBV4nBDaFWKxvnWb97INFnKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBufwR3MQrf+x8DWWRQaOJzafhnAMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdEt01KmY
CWSoX1PbSwgRDLebLz6EzPc/7tfvIM+yqoiS/xeCcnOtBDTkoIswPLsoC2TGVJx8
kpLu/xwordhcjOD4YygtmPTv3jQuhkGzas0h8P8ZS6O3coDOf+e0/nkNt2w/1CBR
OP3Hfar/ODzEu3MoCeeQP4/jaJHBgcmubHgMwQ4Zy1gE9hOEq+EH+JWCTID9e1VX
bWxv6Kk7nyTDoTA0CexQSgrk+rw2GM9w00WOvxC/Hdrv15heiaP+OuOVrL6S1tbO
7VNUy75dZIHbRKhD+7fFIeR8o04oWjfOv+cA2WmWuwGpZwyAdKTCJv8zNlXDewDA
b0YBlQ4QA7pfIg==
-----END CERTIFICATE-----