Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.mft
File:                     5H78nMPZxL0porvBVVH4LyXPEbo.mft (raw, json)
Hash identifier:          EdhWLrlNV9oNLSSmSPzZSl/AAN/UGUCWQ4APeIEq7WY=
Subject key identifier:   AF:BD:13:6F:61:D0:A1:C9:A8:3D:32:42:3E:6C:EA:F0:59:F9:7E:3C
Authority key identifier: E4:7E:FC:9C:C3:D9:C4:BD:29:A2:BB:C1:55:51:F8:2F:25:CF:11:BA
Certificate issuer:       /CN=e47efc9cc3d9c4bd29a2bbc15551f82f25cf11ba
Certificate serial:       019CACEB97F2CDBA0D608253D312F54EA047
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5H78nMPZxL0porvBVVH4LyXPEbo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.mft
Manifest number:          0FFA
Signing time:             Mon 02 Mar 2026 05:00:46 +0000
Manifest this update:     Mon 02 Mar 2026 05:00:46 +0000
Manifest next update:     Tue 03 Mar 2026 05:00:46 +0000
Files and hashes:         1: 5H78nMPZxL0porvBVVH4LyXPEbo.crl (hash: 0NkfPFm9P7oNYDs+TY5BPfjeC8uNCMW9/S7gc19Q3To=)
                          2: vfg-SAjuqUJDpM-dI7gV1uCQ2uw.roa (hash: R/EtSB73ZGWrRnb/Gf2BJqZ0RYrtTKAiO9HiXzdMKyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5H78nMPZxL0porvBVVH4LyXPEbo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 05:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:eb:97:f2:cd:ba:0d:60:82:53:d3:12:f5:4e:a0:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e47efc9cc3d9c4bd29a2bbc15551f82f25cf11ba
        Validity
            Not Before: Mar  2 05:00:46 2026 GMT
            Not After : Mar  3 05:00:46 2026 GMT
        Subject: CN=afbd136f61d0a1c9a83d32423e6ceaf059f97e3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:d5:b8:7b:bf:73:98:c0:9f:a4:a1:9f:35:0c:
                    b8:81:95:36:7e:c5:06:b3:dd:24:ea:ea:fd:32:72:
                    aa:68:35:15:62:05:24:84:f5:44:16:79:8b:52:69:
                    fe:a4:2d:74:29:fa:d0:fd:c6:41:4d:7b:54:10:2d:
                    a7:bb:25:ab:22:e3:dd:e1:8b:ab:3d:dc:3a:19:20:
                    d6:18:52:33:f2:a1:a0:88:ee:79:8d:0a:57:2b:9b:
                    13:c9:9b:bd:cd:5f:f3:95:66:d0:5e:60:8e:ba:16:
                    ca:c9:75:eb:c4:72:dc:36:1d:ab:37:84:0f:13:dc:
                    ec:e0:46:e7:1c:97:70:53:91:6d:26:b8:cd:0c:b3:
                    ff:f2:7a:28:e2:fb:ed:b4:50:c3:ec:04:1e:86:bf:
                    de:ad:6d:81:95:42:01:76:b7:e8:d9:19:c7:52:ce:
                    9b:67:fa:1c:ea:9f:93:c4:8c:cd:06:3f:d9:f4:d3:
                    61:35:08:60:22:36:42:54:e3:ae:03:b9:e9:b9:d3:
                    2d:cc:6e:8d:eb:2a:d3:f6:58:81:e7:91:51:8b:9f:
                    e6:2c:3b:19:ee:c5:61:b3:71:ad:03:b1:49:80:a9:
                    78:81:e8:0e:71:36:b7:e4:5f:8b:91:d9:fa:c2:94:
                    50:aa:f0:47:8a:8a:d3:ae:9d:2f:b5:7a:17:d5:fa:
                    90:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:BD:13:6F:61:D0:A1:C9:A8:3D:32:42:3E:6C:EA:F0:59:F9:7E:3C
            X509v3 Authority Key Identifier:
                keyid:E4:7E:FC:9C:C3:D9:C4:BD:29:A2:BB:C1:55:51:F8:2F:25:CF:11:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5H78nMPZxL0porvBVVH4LyXPEbo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/248133-8670-4167-a195-6e2f588c0c7e/1/5H78nMPZxL0porvBVVH4LyXPEbo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:5b:22:83:50:17:53:47:28:3d:cb:aa:6a:16:9e:82:3b:6a:
         32:d2:4c:a4:ad:4c:45:c8:fa:f0:10:07:2d:ea:82:91:78:65:
         10:a9:e5:10:52:fb:34:ee:9c:67:bf:31:35:71:1b:04:1b:ac:
         64:b9:1f:82:a4:8c:e0:0e:a8:c4:0c:c1:7f:91:62:9f:e4:b9:
         84:e7:78:22:a1:60:f7:58:c4:5e:91:eb:ad:d8:83:16:e6:d9:
         7a:a6:36:5f:a2:d7:24:b6:a7:5f:5d:17:95:61:2a:6c:14:26:
         21:a3:c4:3c:d9:fb:da:28:d8:44:26:c8:96:e7:9f:1d:30:2b:
         38:e1:fb:d6:cf:70:f6:1b:53:6a:37:58:be:bc:2b:00:a8:e5:
         e6:7d:d1:7d:34:32:93:81:98:4f:06:33:83:4c:08:f7:5e:4f:
         3b:89:21:df:ec:08:a9:36:91:90:b4:c1:6f:39:28:8f:82:e8:
         9e:8f:20:66:c3:7b:72:16:f1:90:76:9a:9b:de:1f:8f:81:12:
         2b:cc:f6:c1:bb:b2:cb:f8:12:ef:7d:4c:66:97:47:3e:6a:a3:
         ba:20:40:6a:7f:07:4f:2c:11:db:e1:1e:4a:3b:f3:b9:3b:f7:
         5f:46:83:71:17:94:57:39:39:54:31:0b:f0:27:a5:b5:c0:db:
         7b:d4:3a:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys65fyzboNYIJT0xL1TqBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0N2VmYzljYzNkOWM0YmQyOWEyYmJjMTU1NTFmODJmMjVj
ZjExYmEwHhcNMjYwMzAyMDUwMDQ2WhcNMjYwMzAzMDUwMDQ2WjAzMTEwLwYDVQQD
EyhhZmJkMTM2ZjYxZDBhMWM5YTgzZDMyNDIzZTZjZWFmMDU5Zjk3ZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dW4e79zmMCfpKGfNQy4gZU2fsUG
s90k6ur9MnKqaDUVYgUkhPVEFnmLUmn+pC10KfrQ/cZBTXtUEC2nuyWrIuPd4Yur
Pdw6GSDWGFIz8qGgiO55jQpXK5sTyZu9zV/zlWbQXmCOuhbKyXXrxHLcNh2rN4QP
E9zs4EbnHJdwU5FtJrjNDLP/8noo4vvttFDD7AQehr/erW2BlUIBdrfo2RnHUs6b
Z/oc6p+TxIzNBj/Z9NNhNQhgIjZCVOOuA7npudMtzG6N6yrT9liB55FRi5/mLDsZ
7sVhs3GtA7FJgKl4gegOcTa35F+Lkdn6wpRQqvBHiorTrp0vtXoX1fqQ3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+9E29h0KHJqD0yQj5s6vBZ+X48MB8GA1UdIwQY
MBaAFOR+/JzD2cS9KaK7wVVR+C8lzxG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUg3OG5NUFp4TDBwb3J2QlZWSDRMeVhQRWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yNDgxMzMtODY3MC00MTY3LWExOTUt
NmUyZjU4OGMwYzdlLzEvNUg3OG5NUFp4TDBwb3J2QlZWSDRMeVhQRWJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yNDgxMzMtODY3MC00MTY3LWExOTUtNmUyZjU4OGMwYzdl
LzEvNUg3OG5NUFp4TDBwb3J2QlZWSDRMeVhQRWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuVsig1AX
U0coPcuqahaegjtqMtJMpK1MRcj68BAHLeqCkXhlEKnlEFL7NO6cZ78xNXEbBBus
ZLkfgqSM4A6oxAzBf5Fin+S5hOd4IqFg91jEXpHrrdiDFubZeqY2X6LXJLanX10X
lWEqbBQmIaPEPNn72ijYRCbIluefHTArOOH71s9w9htTajdYvrwrAKjl5n3RfTQy
k4GYTwYzg0wI915PO4kh3+wIqTaRkLTBbzkoj4Lono8gZsN7chbxkHaam94fj4ES
K8z2wbuyy/gS731MZpdHPmqjuiBAan8HTywR2+EeSjvzuTv3X0aDcReUVzk5VDEL
8CeltcDbe9Q6MQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:18:29 2026 by rpki-client