Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft
File:                     gHmvy6Wodi-3n05eDXo17oTNPfQ.mft (raw, json)
Hash identifier:          lxL+v0TkV8gR0bqg7Y7IHDvy/ZVXc2qkvpyjYTyxKuU=
Subject key identifier:   2E:E1:D4:0A:BF:85:CD:9D:4C:C8:D2:D6:24:9E:A9:FA:D7:82:8C:0A
Authority key identifier: 80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
Certificate issuer:       /CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Certificate serial:       019CAA21EE57888204E112B626B93DF649BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft
Manifest number:          0EC2
Signing time:             Sun 01 Mar 2026 16:01:16 +0000
Manifest this update:     Sun 01 Mar 2026 16:01:16 +0000
Manifest next update:     Mon 02 Mar 2026 16:01:16 +0000
Files and hashes:         1: 3WDU47d2fLscnSW7F3hgvaXG5ss.roa (hash: BfORbJGgiA+wWZ0EeMRYkEWvSYxDk7NkNvd7Q4xSZco=)
                          2: C5clDNKWWV0HBKYFKcpzORw8EhA.roa (hash: XUJvNLXyYDdL2C6nEB+rx6DsIA04Nnq77ZyzZhlVv1Q=)
                          3: E50tmVkqcKJ8hvkMgzElVUsN-nk.roa (hash: v6/X+2RH7lba53xOm7erhTp0p/yhNOGtKRcVvRlqm6o=)
                          4: gHmvy6Wodi-3n05eDXo17oTNPfQ.crl (hash: et7S88gvH1L0Yj60Sp13u9yvzIxT2Tz/9Ddy5p+mAws=)
                          5: ppKOK1k4bpVipnmImPdupSEmNC0.roa (hash: F13uVr28Hl5+Q/lhAirlIzj/fvyS+AXLflKOQ84sZ2g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 16:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:ee:57:88:82:04:e1:12:b6:26:b9:3d:f6:49:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
        Validity
            Not Before: Mar  1 16:01:16 2026 GMT
            Not After : Mar  2 16:01:16 2026 GMT
        Subject: CN=2ee1d40abf85cd9d4cc8d2d6249ea9fad7828c0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:65:3e:57:95:0e:25:76:f1:64:02:5d:87:7d:
                    a2:40:28:d3:d2:9a:a1:b2:c1:e5:f0:ed:ae:5f:9b:
                    6f:1c:5e:e7:5f:e3:fb:9b:a2:64:1f:30:07:98:75:
                    9f:ee:70:6b:c2:0e:c8:27:82:27:ea:1f:55:a2:9e:
                    e0:d3:f4:15:1f:39:19:87:82:6e:e6:84:99:9b:c2:
                    20:11:0c:90:c1:0b:67:df:68:32:6f:8b:40:75:6b:
                    b5:71:21:b2:db:fa:43:aa:15:01:fa:ec:3c:93:e5:
                    74:12:a6:5f:ce:8b:6f:eb:f1:f9:75:dd:3f:b5:50:
                    8c:c5:fe:c6:58:9a:08:c5:2f:39:cd:87:23:9c:91:
                    69:b1:fb:77:f3:10:b1:72:e4:0f:59:33:0a:54:41:
                    3f:f5:9e:96:76:e2:ac:77:2d:8f:31:9d:c9:e9:db:
                    3f:de:2c:34:12:19:fd:34:44:0b:db:09:08:63:55:
                    5a:b7:99:eb:53:33:78:73:9b:a1:a8:e6:d1:6b:c4:
                    4a:59:13:86:04:58:0d:01:2b:92:48:03:75:e7:fa:
                    ad:3a:a3:96:23:3a:01:ea:3e:93:3c:fd:e3:a8:3a:
                    3f:8e:cd:1a:eb:fe:3a:54:9d:e9:dd:f4:65:77:bd:
                    a3:d2:74:f7:9e:10:52:20:c9:74:51:bf:55:d6:fd:
                    ad:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:E1:D4:0A:BF:85:CD:9D:4C:C8:D2:D6:24:9E:A9:FA:D7:82:8C:0A
            X509v3 Authority Key Identifier:
                keyid:80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:47:ba:a3:29:94:86:04:4e:78:58:3f:35:a2:0a:98:78:e7:
         31:0f:87:57:08:60:99:58:00:e6:dd:ec:a7:72:6b:7e:6d:f0:
         02:15:21:a8:19:70:cb:41:bb:9e:30:b2:92:e1:56:54:7a:00:
         04:71:66:7b:d3:d9:91:ce:da:43:5b:64:e5:51:b9:1e:b7:35:
         6f:23:4b:0e:15:4b:0f:89:ce:59:90:a8:48:69:24:04:d3:dd:
         22:1b:f7:91:36:ca:7a:62:32:1a:98:e7:3a:41:5b:87:f3:1f:
         05:25:0f:42:45:5b:a0:ac:f2:27:3f:33:e0:7c:96:9e:de:54:
         78:03:82:da:4d:e3:b9:56:91:fa:64:08:cd:8e:2b:25:ac:94:
         4b:87:28:df:64:3b:a2:b7:e7:f5:ee:eb:ef:c8:86:54:4c:36:
         b3:cf:66:50:4e:33:97:5e:6f:57:44:04:0b:26:87:7d:7c:a9:
         e3:b7:00:ae:d5:3c:7d:0b:a4:50:34:c3:38:21:81:db:08:71:
         d1:9b:00:24:cf:a8:90:00:01:e5:20:3d:22:fc:cd:11:75:b1:
         7b:00:d4:ea:52:51:bf:11:a8:5e:0f:cc:b1:55:1c:87:29:44:
         cf:78:43:5d:49:83:17:2a:ae:e0:eb:be:22:c5:ba:19:a5:fe:
         a5:d2:90:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIe5XiIIE4RK2Jrk99km8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzlhZmNiYTVhODc2MmZiNzlmNGU1ZTBkN2EzNWVlODRj
ZDNkZjQwHhcNMjYwMzAxMTYwMTE2WhcNMjYwMzAyMTYwMTE2WjAzMTEwLwYDVQQD
EygyZWUxZDQwYWJmODVjZDlkNGNjOGQyZDYyNDllYTlmYWQ3ODI4YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmU+V5UOJXbxZAJdh32iQCjT0pqh
ssHl8O2uX5tvHF7nX+P7m6JkHzAHmHWf7nBrwg7IJ4In6h9Vop7g0/QVHzkZh4Ju
5oSZm8IgEQyQwQtn32gyb4tAdWu1cSGy2/pDqhUB+uw8k+V0EqZfzotv6/H5dd0/
tVCMxf7GWJoIxS85zYcjnJFpsft38xCxcuQPWTMKVEE/9Z6WduKsdy2PMZ3J6ds/
3iw0Ehn9NEQL2wkIY1Vat5nrUzN4c5uhqObRa8RKWROGBFgNASuSSAN15/qtOqOW
IzoB6j6TPP3jqDo/js0a6/46VJ3p3fRld72j0nT3nhBSIMl0Ub9V1v2tyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7h1Aq/hc2dTMjS1iSeqfrXgowKMB8GA1UdIwQY
MBaAFIB5r8ulqHYvt59OXg16Ne6EzT30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMt
ZDJlMTBjOTc2NDVmLzEvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMtZDJlMTBjOTc2NDVm
LzEvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsUe6oymU
hgROeFg/NaIKmHjnMQ+HVwhgmVgA5t3sp3Jrfm3wAhUhqBlwy0G7njCykuFWVHoA
BHFme9PZkc7aQ1tk5VG5Hrc1byNLDhVLD4nOWZCoSGkkBNPdIhv3kTbKemIyGpjn
OkFbh/MfBSUPQkVboKzyJz8z4HyWnt5UeAOC2k3juVaR+mQIzY4rJayUS4co32Q7
orfn9e7r78iGVEw2s89mUE4zl15vV0QECyaHfXyp47cArtU8fQukUDTDOCGB2whx
0ZsAJM+okAAB5SA9IvzNEXWxewDU6lJRvxGoXg/MsVUchylEz3hDXUmDFyqu4Ou+
IsW6GaX+pdKQHg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:03:59 2026 by rpki-client