Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/a2bb92-c591-4250-b2d3-8dda6c6ca81d/1/oTeJHdTz34N3LXz-cYOEPL_0TVQ.mft
File:                     oTeJHdTz34N3LXz-cYOEPL_0TVQ.mft (raw, json)
Hash identifier:          roMpW5Yi9FfaKs6tAnVW2qETylD6fjB7h5EBjtplgOQ=
Subject key identifier:   D0:2E:3E:78:AD:A3:D9:B3:03:D6:F8:70:19:1F:AF:E4:1A:16:41:AF
Authority key identifier: A1:37:89:1D:D4:F3:DF:83:77:2D:7C:FE:71:83:84:3C:BF:F4:4D:54
Certificate issuer:       /CN=a137891dd4f3df83772d7cfe7183843cbff44d54
Certificate serial:       019CAC0FFBBA1BB93B5EB2C0CE27144573EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTeJHdTz34N3LXz-cYOEPL_0TVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/a2bb92-c591-4250-b2d3-8dda6c6ca81d/1/oTeJHdTz34N3LXz-cYOEPL_0TVQ.mft
Manifest number:          12E9
Signing time:             Mon 02 Mar 2026 01:00:54 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:54 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:54 +0000
Files and hashes:         1: oTeJHdTz34N3LXz-cYOEPL_0TVQ.crl (hash: pO/+0DwyWstAIoGLcd3jfqer8rYcFDPLU3YjKFzFr/I=)
                          2: wKG5f7dn1-pgRZqivJIzmXImgvk.roa (hash: 9MbV7Vdo6+ToMH+TbPulkfdTZLPlSBCEwYkmIQl3ggs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/a2bb92-c591-4250-b2d3-8dda6c6ca81d/1/oTeJHdTz34N3LXz-cYOEPL_0TVQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/a2bb92-c591-4250-b2d3-8dda6c6ca81d/1/oTeJHdTz34N3LXz-cYOEPL_0TVQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTeJHdTz34N3LXz-cYOEPL_0TVQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:fb:ba:1b:b9:3b:5e:b2:c0:ce:27:14:45:73:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a137891dd4f3df83772d7cfe7183843cbff44d54
        Validity
            Not Before: Mar  2 01:00:54 2026 GMT
            Not After : Mar  3 01:00:54 2026 GMT
        Subject: CN=d02e3e78ada3d9b303d6f870191fafe41a1641af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:6b:f2:66:e7:78:c4:02:72:e0:f3:13:34:92:
                    2f:51:44:04:90:76:82:03:e9:96:91:ed:39:d2:ad:
                    b3:7e:7a:ce:8a:4e:93:09:cf:10:ec:f6:86:e4:6e:
                    6f:e6:aa:b6:a7:61:cc:46:fe:7d:03:cf:e1:c6:83:
                    44:a5:38:b4:4d:5e:0f:b6:67:52:12:fa:e1:ef:da:
                    af:b4:b9:ee:84:c8:ae:21:cc:3c:5e:a8:45:d7:71:
                    9e:48:71:86:2f:ca:d9:43:9a:e9:41:b6:6e:68:36:
                    6a:32:c6:c1:f2:d7:05:6e:70:f6:43:f9:7a:12:29:
                    53:ef:2a:ac:ad:0c:b7:c7:22:87:de:75:ed:21:05:
                    0f:5f:63:4e:d1:6f:53:b8:a8:57:5b:c9:1e:91:12:
                    ea:9c:0d:d0:19:c1:01:72:d4:4d:fc:0a:be:6c:80:
                    40:06:55:20:39:22:03:21:00:95:fb:aa:e8:0b:be:
                    67:48:f7:f5:f5:3a:e3:f5:3a:4d:ac:3d:9f:9b:6d:
                    d9:d1:15:23:09:5c:97:21:cd:64:22:6e:d2:d0:74:
                    ee:78:01:f0:1a:3f:7f:18:32:5e:8d:11:88:ed:c1:
                    64:1b:bb:bc:fa:45:b3:83:32:44:7c:d4:84:88:b9:
                    1e:a7:cf:33:be:d4:28:57:f2:b8:45:d5:fc:af:c2:
                    3a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:2E:3E:78:AD:A3:D9:B3:03:D6:F8:70:19:1F:AF:E4:1A:16:41:AF
            X509v3 Authority Key Identifier:
                keyid:A1:37:89:1D:D4:F3:DF:83:77:2D:7C:FE:71:83:84:3C:BF:F4:4D:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTeJHdTz34N3LXz-cYOEPL_0TVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a2bb92-c591-4250-b2d3-8dda6c6ca81d/1/oTeJHdTz34N3LXz-cYOEPL_0TVQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/a2bb92-c591-4250-b2d3-8dda6c6ca81d/1/oTeJHdTz34N3LXz-cYOEPL_0TVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:63:3b:da:ad:35:04:83:e0:89:03:29:b7:07:0f:fd:28:28:
         30:72:e3:e4:8e:c4:18:99:b3:e3:31:47:60:80:56:32:f8:aa:
         38:96:63:61:a2:6f:b3:75:af:26:e9:ca:be:60:0c:13:c7:64:
         0f:7f:4a:11:83:e5:7a:8a:3f:df:91:8a:da:8e:2a:68:fb:5c:
         fa:7f:4a:b5:f7:4a:85:3c:d2:36:05:ae:82:04:12:38:ae:f0:
         e2:c3:d9:32:6d:77:05:c5:16:6a:78:54:84:c9:c6:5c:de:c6:
         b7:ff:31:b9:d6:54:87:9c:78:fa:90:bb:ae:5a:04:4e:92:39:
         f4:67:6a:62:ac:d3:0a:1f:26:b6:23:30:66:b7:24:61:98:c9:
         ba:0a:78:f3:d9:18:c6:7f:1b:56:a5:ea:2e:8e:1e:90:be:1d:
         04:5f:65:b2:44:d1:f0:fd:5f:9b:20:db:54:43:17:23:cc:ca:
         0f:a1:98:3d:9c:5b:23:ed:90:98:e8:c2:ad:9b:24:75:b8:72:
         72:de:54:a9:d6:39:ac:a8:17:fd:33:6f:22:b5:7a:5e:20:02:
         4c:28:c0:67:f6:66:bd:cb:00:73:3c:d6:3f:4c:98:bd:d1:18:
         b2:aa:cf:8e:5d:7d:e7:52:7f:22:b5:02:7f:de:bd:69:f3:2c:
         9a:26:fe:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD/u6G7k7XrLAzicURXPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzc4OTFkZDRmM2RmODM3NzJkN2NmZTcxODM4NDNjYmZm
NDRkNTQwHhcNMjYwMzAyMDEwMDU0WhcNMjYwMzAzMDEwMDU0WjAzMTEwLwYDVQQD
EyhkMDJlM2U3OGFkYTNkOWIzMDNkNmY4NzAxOTFmYWZlNDFhMTY0MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WvyZud4xAJy4PMTNJIvUUQEkHaC
A+mWke050q2zfnrOik6TCc8Q7PaG5G5v5qq2p2HMRv59A8/hxoNEpTi0TV4PtmdS
Evrh79qvtLnuhMiuIcw8XqhF13GeSHGGL8rZQ5rpQbZuaDZqMsbB8tcFbnD2Q/l6
EilT7yqsrQy3xyKH3nXtIQUPX2NO0W9TuKhXW8kekRLqnA3QGcEBctRN/Aq+bIBA
BlUgOSIDIQCV+6roC75nSPf19Trj9TpNrD2fm23Z0RUjCVyXIc1kIm7S0HTueAHw
Gj9/GDJejRGI7cFkG7u8+kWzgzJEfNSEiLkep88zvtQoV/K4RdX8r8I60wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNAuPnito9mzA9b4cBkfr+QaFkGvMB8GA1UdIwQY
MBaAFKE3iR3U89+Ddy18/nGDhDy/9E1UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RlSkhkVHozNE4zTFh6LWNZT0VQTF8wVFZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9hMmJiOTItYzU5MS00MjUwLWIyZDMt
OGRkYTZjNmNhODFkLzEvb1RlSkhkVHozNE4zTFh6LWNZT0VQTF8wVFZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9hMmJiOTItYzU5MS00MjUwLWIyZDMtOGRkYTZjNmNhODFk
LzEvb1RlSkhkVHozNE4zTFh6LWNZT0VQTF8wVFZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALmM72q01
BIPgiQMptwcP/SgoMHLj5I7EGJmz4zFHYIBWMviqOJZjYaJvs3WvJunKvmAME8dk
D39KEYPleoo/35GK2o4qaPtc+n9KtfdKhTzSNgWuggQSOK7w4sPZMm13BcUWanhU
hMnGXN7Gt/8xudZUh5x4+pC7rloETpI59GdqYqzTCh8mtiMwZrckYZjJugp489kY
xn8bVqXqLo4ekL4dBF9lskTR8P1fmyDbVEMXI8zKD6GYPZxbI+2QmOjCrZskdbhy
ct5UqdY5rKgX/TNvIrV6XiACTCjAZ/ZmvcsAczzWP0yYvdEYsqrPjl1951J/IrUC
f969afMsmib+8g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:54:32 2026 by rpki-client