Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.mft
File:                     XM3soXHkIseck4wnMqkNSKjFPAY.mft (raw, json)
Hash identifier:          J9QFf3t83LRhanstiPgqUxInyMCkNqjsLPkEoB4QkZw=
Subject key identifier:   C0:B1:62:BA:21:6E:E2:7E:E5:FD:EB:78:E5:15:34:A9:BB:60:64:F5
Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
Certificate issuer:       /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Certificate serial:       019CABD9C90D0D1316B9D7A9C62A7F2733FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.mft
Manifest number:          1856
Signing time:             Mon 02 Mar 2026 00:01:42 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:42 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:42 +0000
Files and hashes:         1: EhB5W-KfEwT0NkOmIwksEobFf8s.roa (hash: EFH6duVwDra37mgW3ZdzFLq6hzVDIYr0D81IscrZcCw=)
                          2: Vcrxz5upkyAccEnWWkm1jKbiHCU.roa (hash: DF9acpeNSt3QcU3RLTkyAoSPyBTgnqf4yVUPlH/IEUw=)
                          3: XM3soXHkIseck4wnMqkNSKjFPAY.crl (hash: hxKOZsaCPuxjzLXoLtrCIdw+wdeVWHdDWyoPgGmXZhc=)
                          4: d61QkjArffvt5fKMvIXWF8nIPcE.roa (hash: n77B2cSkql2uFL2mgGTUwbPJJQCN8pumVVKiMumdlmQ=)
                          5: vEmqZz7TyOIZcMFGWq5sr0qWa9c.roa (hash: rxEx9pdbLlzRrifCSn69fPPljhSEaN1XwXY/F5cFM9M=)
                          6: x9IxkDkzEkDokkzWh7NpXLA6pSU.roa (hash: HHdD49yqs88lPuXMSPj56CT2/FilbQVuZopBY9/6oH8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:c9:0d:0d:13:16:b9:d7:a9:c6:2a:7f:27:33:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
        Validity
            Not Before: Mar  2 00:01:42 2026 GMT
            Not After : Mar  3 00:01:42 2026 GMT
        Subject: CN=c0b162ba216ee27ee5fdeb78e51534a9bb6064f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:11:42:5f:b6:7a:ee:f4:79:b3:1e:05:78:6d:
                    b4:46:f1:db:d7:2b:ea:75:3e:a0:9a:5e:70:d6:8a:
                    7c:24:03:bc:46:ba:e5:89:5c:dd:8f:9d:04:cf:50:
                    77:88:5e:aa:2e:fa:f3:d0:12:3c:75:63:ad:a0:d6:
                    56:25:07:c3:0a:d9:a6:6a:11:27:9a:3f:8e:65:5c:
                    d7:82:4a:7b:67:2b:a2:00:28:c2:19:42:01:36:bf:
                    a5:0b:98:b2:78:c6:08:ce:db:a3:f1:4c:8f:42:db:
                    04:99:99:e6:b4:36:fc:cb:ed:ef:b7:bd:9f:e3:f2:
                    cc:00:d6:df:84:c3:68:7e:61:f4:84:b7:2a:02:b7:
                    b8:06:cd:30:03:58:69:5d:46:c9:e8:d3:db:e8:43:
                    03:a8:f1:9e:8e:3a:6b:a6:3b:37:86:cc:eb:ff:f2:
                    82:0c:e9:7e:4b:a1:05:90:05:b8:ed:b4:7a:12:d3:
                    20:fe:b7:27:d1:23:4a:71:28:5e:4c:06:1e:24:58:
                    78:87:43:58:04:3d:3c:c1:c1:d3:99:be:04:ee:f8:
                    38:db:06:74:fd:77:a3:b9:de:d1:21:eb:34:45:6b:
                    ed:91:00:14:7b:0b:03:5e:87:d8:d1:f8:0e:9b:d6:
                    db:9d:23:26:f5:be:2e:ec:7b:da:64:33:73:19:30:
                    2c:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:B1:62:BA:21:6E:E2:7E:E5:FD:EB:78:E5:15:34:A9:BB:60:64:F5
            X509v3 Authority Key Identifier:
                keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:6c:98:34:19:1e:1c:8b:20:b3:7c:93:48:0b:cc:4a:b1:15:
         a7:a5:d1:27:5b:9f:46:19:c4:80:87:f7:d1:2e:be:f0:8d:55:
         13:fa:63:4e:a3:e7:ae:b6:3f:b5:dc:c1:aa:5b:da:41:fc:ca:
         50:36:4e:dd:3b:95:8b:73:2d:f9:c0:44:4d:00:19:01:a2:20:
         c9:4b:d5:29:4c:bc:51:d5:e7:9f:ae:02:b6:0d:bd:fd:3b:58:
         e3:35:bf:5c:3c:5c:60:e7:49:20:4a:2b:1f:8c:5d:9b:6e:73:
         2d:2c:7b:44:46:bf:32:9a:e0:6a:33:5d:31:20:41:f8:3a:70:
         60:43:a2:42:31:07:13:d9:60:5d:07:83:07:20:16:50:da:ea:
         37:a0:fd:2e:ab:0f:5c:6b:a4:94:44:a2:6c:bf:49:80:6e:a0:
         9e:77:da:39:61:92:0b:4b:ec:37:27:45:23:66:54:89:c9:0d:
         c3:ad:31:89:9a:79:e5:a4:03:01:51:fd:61:b2:40:39:ed:6b:
         81:1b:d6:bc:ab:a0:ab:aa:ad:42:9f:28:de:4b:76:37:c6:51:
         3a:7c:ab:b6:9f:26:50:c9:37:ae:92:2f:dd:7e:84:af:85:6c:
         75:c3:63:5f:07:56:cf:0e:de:bc:bd:04:77:11:ba:9a:f1:21:
         32:c1:b2:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2ckNDRMWudepxip/JzP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj
NTNjMDYwHhcNMjYwMzAyMDAwMTQyWhcNMjYwMzAzMDAwMTQyWjAzMTEwLwYDVQQD
EyhjMGIxNjJiYTIxNmVlMjdlZTVmZGViNzhlNTE1MzRhOWJiNjA2NGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhFCX7Z67vR5sx4FeG20RvHb1yvq
dT6gml5w1op8JAO8RrrliVzdj50Ez1B3iF6qLvrz0BI8dWOtoNZWJQfDCtmmahEn
mj+OZVzXgkp7ZyuiACjCGUIBNr+lC5iyeMYIztuj8UyPQtsEmZnmtDb8y+3vt72f
4/LMANbfhMNofmH0hLcqAre4Bs0wA1hpXUbJ6NPb6EMDqPGejjprpjs3hszr//KC
DOl+S6EFkAW47bR6EtMg/rcn0SNKcSheTAYeJFh4h0NYBD08wcHTmb4E7vg42wZ0
/Xejud7RIes0RWvtkQAUewsDXofY0fgOm9bbnSMm9b4u7HvaZDNzGTAsqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCxYrohbuJ+5f3reOUVNKm7YGT1MB8GA1UdIwQY
MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt
YTg4MWVjODIyOGI1LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1
LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMmyYNBke
HIsgs3yTSAvMSrEVp6XRJ1ufRhnEgIf30S6+8I1VE/pjTqPnrrY/tdzBqlvaQfzK
UDZO3TuVi3Mt+cBETQAZAaIgyUvVKUy8UdXnn64Ctg29/TtY4zW/XDxcYOdJIEor
H4xdm25zLSx7REa/MprgajNdMSBB+DpwYEOiQjEHE9lgXQeDByAWUNrqN6D9LqsP
XGuklESibL9JgG6gnnfaOWGSC0vsNydFI2ZUickNw60xiZp55aQDAVH9YbJAOe1r
gRvWvKugq6qtQp8o3kt2N8ZROnyrtp8mUMk3rpIv3X6Er4VsdcNjXwdWzw7evL0E
dxG6mvEhMsGygw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:48:53 2026 by rpki-client