Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft
File:                     XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft (raw, json)
Hash identifier:          DAcSquxwtEJtfbn7ubOG5n+Q37nD9xP6FACHQjQTA8g=
Subject key identifier:   2F:BE:14:96:A8:15:77:71:27:B7:AC:E0:EE:E3:A9:9B:A6:8B:6C:93
Authority key identifier: 5E:80:3B:66:B3:06:00:8F:B1:72:C2:DF:D5:22:B5:65:50:57:36:0D
Certificate issuer:       /CN=5e803b66b306008fb172c2dfd522b5655057360d
Certificate serial:       019ED5E336C1C0BFD8DCD18B2723E095F860
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft
Manifest number:          1585
Signing time:             Wed 17 Jun 2026 14:01:38 +0000
Manifest this update:     Wed 17 Jun 2026 14:01:38 +0000
Manifest next update:     Thu 18 Jun 2026 14:01:38 +0000
Files and hashes:         1: XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.crl (hash: Ks7BYTVoSPqbEzKM0Ea3LHb0P5UROt19vYUdplp8Qzw=)
                          2: fWRyoPqsq-qBSdxIWeERvOiM9FQ.roa (hash: xi+aWZFnVHDnRFBiu1WZojI31+OjhpCl/iLDjILOSEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 18 Jun 2026 08:33:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:d5:e3:36:c1:c0:bf:d8:dc:d1:8b:27:23:e0:95:f8:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e803b66b306008fb172c2dfd522b5655057360d
        Validity
            Not Before: Jun 17 14:01:38 2026 GMT
            Not After : Jun 18 14:01:38 2026 GMT
        Subject: CN=2fbe1496a815777127b7ace0eee3a99ba68b6c93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:4e:13:8d:4b:e6:6f:b5:ac:00:00:71:f7:8a:
                    7f:63:a0:65:ac:58:34:b9:1f:ab:9b:bc:c3:26:bf:
                    0f:a2:e7:b2:67:31:15:60:2e:1e:61:16:02:5e:f1:
                    38:13:2d:00:96:fe:b4:35:32:41:3e:7c:43:23:a0:
                    1b:79:b4:8c:a0:e2:e6:c0:41:c6:e3:1a:44:ca:6f:
                    b6:35:bd:f0:eb:2c:90:97:62:6e:84:39:b6:ab:3d:
                    7e:de:5a:5c:b9:b2:76:39:79:05:e0:fb:b4:2f:2e:
                    68:47:7e:50:f0:a2:c9:83:6d:d6:c5:1d:e7:30:bb:
                    09:3f:b0:58:82:c4:58:d4:8b:41:50:5a:be:9c:c4:
                    23:c0:f9:8e:5c:ff:8f:a7:7e:8e:0e:9d:99:0e:a9:
                    42:05:f1:45:99:1d:7a:47:4b:3b:34:65:81:82:d0:
                    5d:0b:91:2b:51:ce:68:56:e1:c1:3d:17:d6:28:99:
                    8e:1a:31:8a:1d:ca:30:a9:cb:e6:00:20:55:a3:2f:
                    02:da:8d:11:0c:c1:2c:b7:0d:16:9c:ab:7d:01:70:
                    f5:8e:24:33:ea:53:62:a8:5c:7e:2a:a6:e7:a4:43:
                    c4:80:cf:3f:62:af:83:5f:5f:c3:f7:86:70:d9:4e:
                    3e:74:7b:6d:49:dc:b7:e4:b6:d4:f4:93:7c:07:a8:
                    38:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:BE:14:96:A8:15:77:71:27:B7:AC:E0:EE:E3:A9:9B:A6:8B:6C:93
            X509v3 Authority Key Identifier:
                keyid:5E:80:3B:66:B3:06:00:8F:B1:72:C2:DF:D5:22:B5:65:50:57:36:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/9d342c-7ce7-4c69-aece-938506a9f2a7/1/XoA7ZrMGAI-xcsLf1SK1ZVBXNg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:80:ae:db:9f:e8:55:08:90:0f:5e:5d:77:56:a1:3b:89:c7:
         9b:49:f3:93:4c:4e:37:ce:02:bc:29:4a:6e:74:5b:15:e3:b3:
         a7:94:a7:37:03:58:dc:a7:ff:e5:6f:2b:bc:48:24:b0:7b:d2:
         4a:19:11:49:43:0d:40:9a:25:52:39:36:25:a9:73:19:ff:d8:
         4f:67:26:64:27:06:af:10:b8:69:1a:3c:47:61:b5:c2:f1:1a:
         7e:d5:47:0a:e7:94:93:ca:09:f2:cf:f9:d4:fc:11:c3:15:f6:
         5b:0e:85:09:21:ca:bc:3d:d5:8d:89:39:8b:ac:e5:64:94:33:
         53:8d:67:9c:ed:7a:58:1f:f6:b5:3d:26:bc:5f:7b:84:7a:c2:
         94:55:93:4b:51:ed:70:5a:0a:b4:de:2f:30:f7:ac:87:e5:32:
         19:19:e8:4d:31:f4:5b:bf:6e:66:23:74:62:1b:e7:df:a3:91:
         23:f0:c3:3e:62:66:8a:cc:82:1b:88:7a:ef:3d:a7:5e:8e:fb:
         e9:80:90:42:c2:e4:ea:55:54:c7:16:71:5f:33:14:b7:4c:44:
         4a:56:97:eb:c2:2c:85:a0:64:6a:9f:45:3b:9e:2a:5a:c7:aa:
         c4:b1:3d:57:ff:0e:d9:76:13:3e:2f:92:a3:23:56:be:76:3d:
         b3:eb:4f:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7V4zbBwL/Y3NGLJyPglfhgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlODAzYjY2YjMwNjAwOGZiMTcyYzJkZmQ1MjJiNTY1NTA1
NzM2MGQwHhcNMjYwNjE3MTQwMTM4WhcNMjYwNjE4MTQwMTM4WjAzMTEwLwYDVQQD
EygyZmJlMTQ5NmE4MTU3NzcxMjdiN2FjZTBlZWUzYTk5YmE2OGI2YzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1E4TjUvmb7WsAABx94p/Y6BlrFg0
uR+rm7zDJr8PoueyZzEVYC4eYRYCXvE4Ey0Alv60NTJBPnxDI6AbebSMoOLmwEHG
4xpEym+2Nb3w6yyQl2JuhDm2qz1+3lpcubJ2OXkF4Pu0Ly5oR35Q8KLJg23WxR3n
MLsJP7BYgsRY1ItBUFq+nMQjwPmOXP+Pp36ODp2ZDqlCBfFFmR16R0s7NGWBgtBd
C5ErUc5oVuHBPRfWKJmOGjGKHcowqcvmACBVoy8C2o0RDMEstw0WnKt9AXD1jiQz
6lNiqFx+KqbnpEPEgM8/Yq+DX1/D94Zw2U4+dHttSdy35LbU9JN8B6g4ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC++FJaoFXdxJ7es4O7jqZumi2yTMB8GA1UdIwQY
MBaAFF6AO2azBgCPsXLC39UitWVQVzYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG9BN1pyTUdBSS14Y3NMZjFTSzFaVkJYTmcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy85ZDM0MmMtN2NlNy00YzY5LWFlY2Ut
OTM4NTA2YTlmMmE3LzEvWG9BN1pyTUdBSS14Y3NMZjFTSzFaVkJYTmcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy85ZDM0MmMtN2NlNy00YzY5LWFlY2UtOTM4NTA2YTlmMmE3
LzEvWG9BN1pyTUdBSS14Y3NMZjFTSzFaVkJYTmcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACoCu25/o
VQiQD15dd1ahO4nHm0nzk0xON84CvClKbnRbFeOzp5SnNwNY3Kf/5W8rvEgksHvS
ShkRSUMNQJolUjk2JalzGf/YT2cmZCcGrxC4aRo8R2G1wvEaftVHCueUk8oJ8s/5
1PwRwxX2Ww6FCSHKvD3VjYk5i6zlZJQzU41nnO16WB/2tT0mvF97hHrClFWTS1Ht
cFoKtN4vMPesh+UyGRnoTTH0W79uZiN0Yhvn36ORI/DDPmJmisyCG4h67z2nXo77
6YCQQsLk6lVUxxZxXzMUt0xESlaX68IshaBkap9FO54qWseqxLE9V/8O2XYTPi+S
oyNWvnY9s+tPQg==
-----END CERTIFICATE-----
Generated at Wed Jun 17 16:32:10 2026 by rpki-client