Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
File:                     hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft (raw, json)
Hash identifier:          L118MLpQmN2o93LmfcGib9DT/N+t4J93ZYOqy5NxDl8=
Subject key identifier:   C4:C9:DC:EF:4D:39:2E:D4:66:10:24:6D:BD:46:68:98:65:BD:CC:5B
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Certificate issuer:       /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial:       019CAAC6723CC4920772BDEB36F99340728A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
Manifest number:          160B
Signing time:             Sun 01 Mar 2026 19:00:57 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:57 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:57 +0000
Files and hashes:         1: 1u23_XHmiJhjqy9S76sw3BzP9Ww.roa (hash: qDjQXmy6brh3hQItl8JxTdLVuqnZ3WF2FKz/Ualn8KI=)
                          2: 4KkUHNuHp_WUlcLV7ZmT-IELGLs.roa (hash: X02pU+wDvS97rZ0D42UQvqF9JhNnpzwkrnlhuhnewxY=)
                          3: An-h4kooPrBUGMT-6Nj0QudqGKE.roa (hash: 4VG1kUHyYf9yb01HKQwY97RZCAJU3VqeDAxr07wG4w0=)
                          4: DKJJrcnX3RnXlCDTnb0QnF9ph1c.roa (hash: FBpHgtUQjl2CKc1kAMv5YEG4ocTTbuqpzf8/LW2ex4k=)
                          5: GOgAejJFsLbsIoSjyXa89DsOln0.roa (hash: n61wmUPLOUsceRZoHaDl1wjd6NYSJP+7XllQ62IBWVA=)
                          6: JVIsfJ3DVyq9OG-AbEDRx8a3Bto.roa (hash: J8o+5Ee3eNiQKRGdXJdghD9ZXv8Izb9VeieBzPJF1ak=)
                          7: L3AHD1nIaJn-Qkxqjxi4waU1okM.roa (hash: MqsTHnRn4vzlkUHWrFaXq9Uo9UAjzsK7URiYSvcgf8k=)
                          8: NY2MX1mgk76QbEK78KfRCv9HXlc.roa (hash: n052UQO+ldLs19+3y0B7Wj4/DIUQ0nHDh3aGl0cSB9U=)
                          9: NgMsux-odmw_2otfxo6fwQPz6nk.roa (hash: acZbMbI5ZnLhauOT05TvSrJPxsUogE9hJcD3gMOAgYQ=)
                          10: SUe4J3Et3KgT01K3Zx9sbKaSGM0.roa (hash: LwIG+mDSylEHKB/dZoPmrJsG/6vCNLIoKeokQAgcByE=)
                          11: XdIic6TtMnHLSFKPt0NIgYA3BZE.roa (hash: Hz8Dp4xvPL6d1SZb+xVGL2Fnk7Ii6zPdDdS2xRff/c8=)
                          12: bFtTO9kUoK7V5nLLHjzqVj2iOcU.roa (hash: jJC/VOkqkEwdX7ejcOTbfcTesLG6OI5LMSL4JFJb9Ek=)
                          13: hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl (hash: uPedx99gdSqeu5oeYFJJMgozx9UhuWLbJcnC2mjw7bg=)
                          14: mDj4POXBo_BA8ao0TEZHTmOo46s.roa (hash: Y2b4Ei43NJZ9dDiKlYc7gN5osX878buWXGf115YzawI=)
                          15: nFYGg4ZIP1H9kzcY434jAerp2kU.roa (hash: Y/IgWysEh1nmKw0nLD81dJWu3QFpKM+9pnP+lyeoZXo=)
                          16: obFwaT_4MZtX-dKod3UGli-Mmuo.roa (hash: S1tcUGtkx7R83UYo2rACVKW3cgPV5XEnzrmsW37TA/Q=)
                          17: y2mTo6HHgH1hIKjXLEt22HvPvrw.roa (hash: YRXm/TWE2LnDq+SOmryX5rTG96P5ANXEnONR2xUrL80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:72:3c:c4:92:07:72:bd:eb:36:f9:93:40:72:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
        Validity
            Not Before: Mar  1 19:00:57 2026 GMT
            Not After : Mar  2 19:00:57 2026 GMT
        Subject: CN=c4c9dcef4d392ed46610246dbd46689865bdcc5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:c3:22:d1:9f:20:39:5d:f6:2a:d3:e7:26:63:
                    23:f2:42:c5:64:ba:b9:0f:21:4c:13:4f:57:ca:a2:
                    08:6e:02:e1:df:99:67:cd:71:3d:56:54:ec:ec:bc:
                    05:92:ae:4a:2d:11:47:8e:3e:d2:20:2e:b1:e6:dd:
                    ac:60:53:b0:9f:ff:92:b0:8c:58:11:ad:cb:32:6f:
                    0f:ce:a1:cc:da:08:c7:3b:1a:c3:ef:d5:59:88:47:
                    87:6d:36:15:73:81:be:9e:01:5f:55:e7:cb:bc:fc:
                    77:c7:b4:26:07:d5:7f:a8:a8:a2:e7:81:d9:d3:aa:
                    b4:03:1f:76:d5:9a:b3:d6:c1:3c:59:69:d7:46:bc:
                    3f:18:81:27:f0:16:9c:1b:73:0c:5c:a9:3c:86:c0:
                    c2:af:f2:fc:44:fc:35:fe:d6:41:cb:c3:af:99:21:
                    84:72:23:81:30:63:b4:38:34:5a:fd:6e:7a:3a:00:
                    7b:a8:96:e3:4a:83:d5:2b:d8:a1:29:21:bd:49:81:
                    d7:2b:a5:c5:9b:b0:00:d5:eb:d3:1e:04:40:3c:e2:
                    51:ca:25:24:e0:8a:81:10:fd:4b:f5:8a:db:4c:e1:
                    4b:81:e0:ce:19:0e:3b:f6:57:50:17:db:61:4f:9e:
                    54:d9:d0:8a:4b:c4:5d:8e:f3:4c:56:8f:4c:7b:1a:
                    75:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:C9:DC:EF:4D:39:2E:D4:66:10:24:6D:BD:46:68:98:65:BD:CC:5B
            X509v3 Authority Key Identifier:
                keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:a2:9f:74:fb:a7:71:14:62:8c:c7:6b:7f:3b:a6:31:f7:ce:
         88:47:d9:c8:dd:19:a4:f0:1a:95:0e:37:cd:ad:b8:aa:f7:92:
         e3:08:c6:9a:dd:1e:6e:4c:1b:47:21:4a:b5:6f:05:75:d1:8b:
         27:82:91:c5:fb:e2:dd:5c:cf:ad:27:dd:c8:c4:84:5d:12:bb:
         cb:b5:a4:d2:e6:91:e6:d7:92:f8:1f:42:64:59:e8:8a:f0:a9:
         41:d6:82:fe:a3:f1:61:5d:22:3b:03:66:0e:80:e1:1d:c6:71:
         6d:e6:f4:8f:8e:bf:ef:e3:85:69:f2:10:e5:82:d4:1b:d5:61:
         ba:dc:82:e2:83:46:7a:0d:bd:79:5a:76:e2:43:58:79:e5:41:
         77:65:bd:6f:a8:f3:c8:b2:5b:55:82:53:57:bd:b6:d5:20:40:
         e2:31:22:76:fb:fe:55:49:cb:91:05:d3:9c:d7:07:d1:f4:a6:
         4a:69:64:c2:25:73:c2:b6:6c:0d:b4:02:27:a6:76:73:18:88:
         5a:d3:f7:11:49:6f:b0:2f:1f:27:e6:40:f3:0c:f2:ea:25:3e:
         39:b6:7c:1b:7b:58:44:38:44:a8:a8:78:bb:2c:c6:58:4e:68:
         4d:7a:89:38:8a:c5:d5:28:3c:60:e6:87:2f:36:b0:ce:c7:1b:
         d3:14:2a:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxnI8xJIHcr3rNvmTQHKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjYwMzAxMTkwMDU3WhcNMjYwMzAyMTkwMDU3WjAzMTEwLwYDVQQD
EyhjNGM5ZGNlZjRkMzkyZWQ0NjYxMDI0NmRiZDQ2Njg5ODY1YmRjYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMMi0Z8gOV32KtPnJmMj8kLFZLq5
DyFME09XyqIIbgLh35lnzXE9VlTs7LwFkq5KLRFHjj7SIC6x5t2sYFOwn/+SsIxY
Ea3LMm8PzqHM2gjHOxrD79VZiEeHbTYVc4G+ngFfVefLvPx3x7QmB9V/qKii54HZ
06q0Ax921Zqz1sE8WWnXRrw/GIEn8BacG3MMXKk8hsDCr/L8RPw1/tZBy8OvmSGE
ciOBMGO0ODRa/W56OgB7qJbjSoPVK9ihKSG9SYHXK6XFm7AA1evTHgRAPOJRyiUk
4IqBEP1L9YrbTOFLgeDOGQ479ldQF9thT55U2dCKS8RdjvNMVo9Mexp1FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMTJ3O9NOS7UZhAkbb1GaJhlvcxbMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANKKfdPun
cRRijMdrfzumMffOiEfZyN0ZpPAalQ43za24qveS4wjGmt0ebkwbRyFKtW8FddGL
J4KRxfvi3VzPrSfdyMSEXRK7y7Wk0uaR5teS+B9CZFnoivCpQdaC/qPxYV0iOwNm
DoDhHcZxbeb0j46/7+OFafIQ5YLUG9VhutyC4oNGeg29eVp24kNYeeVBd2W9b6jz
yLJbVYJTV7221SBA4jEidvv+VUnLkQXTnNcH0fSmSmlkwiVzwrZsDbQCJ6Z2cxiI
WtP3EUlvsC8fJ+ZA8wzy6iU+ObZ8G3tYRDhEqKh4uyzGWE5oTXqJOIrF1Sg8YOaH
Lzawzscb0xQqbA==
-----END CERTIFICATE-----