Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
File:                     Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft (raw, json)
Hash identifier:          F7sO05/4X2eSLlU2iqTpzKLVzVjxA/PEqJLPK8BGS3o=
Subject key identifier:   47:44:85:46:3D:09:72:01:29:B3:B6:6F:52:BC:60:4F:D9:F6:55:FC
Authority key identifier: 22:FD:1B:59:D5:CA:AF:75:06:BC:0D:5C:34:F3:0C:21:59:B0:43:98
Certificate issuer:       /CN=22fd1b59d5caaf7506bc0d5c34f30c2159b04398
Certificate serial:       019CAEA3CA96648BCF619FA13F2EAC97C69B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
Manifest number:          0F32
Signing time:             Mon 02 Mar 2026 13:01:35 +0000
Manifest this update:     Mon 02 Mar 2026 13:01:35 +0000
Manifest next update:     Tue 03 Mar 2026 13:01:35 +0000
Files and hashes:         1: Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.crl (hash: Js1JI4EIgOpnjM49C3kAHZl29Ppepk5AYADo1HjphxY=)
                          2: R843p-38WteuOkSHzbf3qrehiDw.roa (hash: lL8mH/XViDvpJ3MkMI6sLi0P2Yyq2Vj6DtB1Dgsh4+g=)
                          3: lz_WC5uJeICfjQzpAPaUtpnLmOE.roa (hash: RYYydhlLpv7/DuyZEPW9/qv3fOSivSmlz/esgSVQG5U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:a3:ca:96:64:8b:cf:61:9f:a1:3f:2e:ac:97:c6:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22fd1b59d5caaf7506bc0d5c34f30c2159b04398
        Validity
            Not Before: Mar  2 13:01:35 2026 GMT
            Not After : Mar  3 13:01:35 2026 GMT
        Subject: CN=474485463d09720129b3b66f52bc604fd9f655fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d3:f6:ce:59:4c:fc:a2:93:ea:9c:20:a8:f6:
                    c0:6a:83:13:0a:7f:20:5f:3c:52:36:af:73:e0:8c:
                    84:ad:8e:72:74:e1:9e:8b:69:1c:0e:74:8b:51:f1:
                    f2:3e:21:00:83:3b:34:67:37:70:72:c5:a8:cf:d4:
                    aa:21:3c:db:b3:9b:9d:61:0e:20:67:47:a9:8c:3d:
                    ec:c3:22:36:b7:56:5c:6e:63:68:ba:55:22:26:1e:
                    52:3b:b6:38:e3:90:e9:9d:94:39:a2:32:bc:89:2b:
                    e4:d3:5d:62:c6:7d:67:2a:91:df:f8:81:b4:0a:4e:
                    76:94:b0:54:0d:d2:25:b9:ba:c5:da:33:18:fa:22:
                    29:40:32:2b:a3:c3:6f:cb:2e:71:69:e2:e9:19:78:
                    24:93:48:b0:35:fa:6b:f0:00:ed:4d:46:c9:62:21:
                    70:76:f8:73:d3:39:f5:ea:ec:58:fa:4a:ef:74:0c:
                    83:26:14:24:85:3e:74:a8:d1:bc:64:22:ca:e2:fd:
                    89:d3:b6:6c:c9:cc:37:ff:a8:4a:0c:52:9c:94:cf:
                    a8:cf:f5:1c:24:69:e8:41:7c:40:5e:c5:f0:92:83:
                    17:de:0b:5b:17:b0:8d:a7:68:52:84:a1:f2:dd:27:
                    4c:d7:80:06:c2:2b:77:b5:e3:ab:16:72:1a:eb:20:
                    2b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:44:85:46:3D:09:72:01:29:B3:B6:6F:52:BC:60:4F:D9:F6:55:FC
            X509v3 Authority Key Identifier:
                keyid:22:FD:1B:59:D5:CA:AF:75:06:BC:0D:5C:34:F3:0C:21:59:B0:43:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/850e96-191f-4dcb-9edb-cd58fa2014dd/1/Iv0bWdXKr3UGvA1cNPMMIVmwQ5g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:9b:e3:2e:b9:5b:ad:10:de:a6:e8:a9:89:2e:b7:28:65:5f:
         8b:e0:9b:f2:0a:1d:89:d6:bd:1a:82:a9:18:7b:a1:ca:d7:8e:
         93:43:1e:32:b3:2b:a7:2a:f2:ce:c9:c9:ac:2e:8b:8a:1b:91:
         a7:d2:d6:6c:60:8d:fd:41:8a:32:96:be:6a:9a:24:06:a3:95:
         c4:62:07:a5:68:98:f5:b7:df:96:83:ee:2d:5e:dc:95:26:df:
         e7:b7:2a:c5:79:57:a1:6f:c6:ae:12:ee:99:39:47:d3:ee:45:
         a0:83:fa:b1:04:e9:59:5e:2d:51:6d:b7:be:2e:76:34:b3:e1:
         4c:66:4f:22:aa:9b:43:5b:98:53:14:94:3f:5c:57:d0:3c:e5:
         46:67:5f:74:f4:33:15:ed:7b:29:9e:38:00:d2:3d:24:cb:7f:
         f4:7c:5b:cc:d7:1f:1e:12:42:30:b2:03:91:d8:5d:83:15:d5:
         66:55:86:27:29:52:a8:92:27:bd:8e:19:bc:fe:9d:f8:39:0d:
         82:83:2b:71:15:f4:f6:2e:fa:43:b2:99:c5:0e:2c:63:78:ff:
         8b:54:da:fd:e9:8f:cb:44:f0:03:07:a0:10:99:77:b2:6a:25:
         0e:c7:07:55:e8:13:01:ef:2a:72:95:4b:23:7b:5b:3a:16:ec:
         c1:2c:72:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo8qWZIvPYZ+hPy6sl8abMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmQxYjU5ZDVjYWFmNzUwNmJjMGQ1YzM0ZjMwYzIxNTli
MDQzOTgwHhcNMjYwMzAyMTMwMTM1WhcNMjYwMzAzMTMwMTM1WjAzMTEwLwYDVQQD
Eyg0NzQ0ODU0NjNkMDk3MjAxMjliM2I2NmY1MmJjNjA0ZmQ5ZjY1NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9P2zllM/KKT6pwgqPbAaoMTCn8g
XzxSNq9z4IyErY5ydOGei2kcDnSLUfHyPiEAgzs0ZzdwcsWoz9SqITzbs5udYQ4g
Z0epjD3swyI2t1ZcbmNoulUiJh5SO7Y445DpnZQ5ojK8iSvk011ixn1nKpHf+IG0
Ck52lLBUDdIlubrF2jMY+iIpQDIro8Nvyy5xaeLpGXgkk0iwNfpr8ADtTUbJYiFw
dvhz0zn16uxY+krvdAyDJhQkhT50qNG8ZCLK4v2J07Zsycw3/6hKDFKclM+oz/Uc
JGnoQXxAXsXwkoMX3gtbF7CNp2hShKHy3SdM14AGwit3teOrFnIa6yArDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdEhUY9CXIBKbO2b1K8YE/Z9lX8MB8GA1UdIwQY
MBaAFCL9G1nVyq91BrwNXDTzDCFZsEOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84NTBlOTYtMTkxZi00ZGNiLTllZGIt
Y2Q1OGZhMjAxNGRkLzEvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC84NTBlOTYtMTkxZi00ZGNiLTllZGItY2Q1OGZhMjAxNGRk
LzEvSXYwYldkWEtyM1VHdkExY05QTU1JVm13UTVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqpvjLrlb
rRDepuipiS63KGVfi+Cb8godida9GoKpGHuhyteOk0MeMrMrpyryzsnJrC6LihuR
p9LWbGCN/UGKMpa+apokBqOVxGIHpWiY9bffloPuLV7clSbf57cqxXlXoW/GrhLu
mTlH0+5FoIP6sQTpWV4tUW23vi52NLPhTGZPIqqbQ1uYUxSUP1xX0DzlRmdfdPQz
Fe17KZ44ANI9JMt/9HxbzNcfHhJCMLIDkdhdgxXVZlWGJylSqJInvY4ZvP6d+DkN
goMrcRX09i76Q7KZxQ4sY3j/i1Ta/emPy0TwAwegEJl3smolDscHVegTAe8qcpVL
I3tbOhbswSxygw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:54:56 2026 by rpki-client