Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/c4a45f-4213-4f01-98f6-98eb53b9502a/1/bNoVAPXJY-0jT9lIWfI7MvSIXfw.mft
File:                     bNoVAPXJY-0jT9lIWfI7MvSIXfw.mft (raw, json)
Hash identifier:          JwWPastvFmuasJC5ipO/iIx3d4UHXwpP/xOd7i8iD0A=
Subject key identifier:   43:BF:DA:EA:F0:17:1D:FA:AA:39:5B:DE:7C:6C:D1:11:95:04:35:8C
Authority key identifier: 6C:DA:15:00:F5:C9:63:ED:23:4F:D9:48:59:F2:3B:32:F4:88:5D:FC
Certificate issuer:       /CN=6cda1500f5c963ed234fd94859f23b32f4885dfc
Certificate serial:       019D992B6C33051F5D402D664AE19C2A14D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bNoVAPXJY-0jT9lIWfI7MvSIXfw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/c4a45f-4213-4f01-98f6-98eb53b9502a/1/bNoVAPXJY-0jT9lIWfI7MvSIXfw.mft
Manifest number:          16A0
Signing time:             Fri 17 Apr 2026 02:00:52 +0000
Manifest this update:     Fri 17 Apr 2026 02:00:52 +0000
Manifest next update:     Sat 18 Apr 2026 02:00:52 +0000
Files and hashes:         1: Uqn6iMFS0A-L6D9kMDDjbMCbWuM.roa (hash: TeSeZwoDHMz9koxsVTB//jq8uP6vjAXuwnX8VHNH6GY=)
                          2: bNoVAPXJY-0jT9lIWfI7MvSIXfw.crl (hash: d1PUchEfXLx8enG+ngtJ+YI1Rqw4Qh7iWWEs00aJnPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/c4a45f-4213-4f01-98f6-98eb53b9502a/1/bNoVAPXJY-0jT9lIWfI7MvSIXfw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/c4a45f-4213-4f01-98f6-98eb53b9502a/1/bNoVAPXJY-0jT9lIWfI7MvSIXfw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bNoVAPXJY-0jT9lIWfI7MvSIXfw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 02:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:2b:6c:33:05:1f:5d:40:2d:66:4a:e1:9c:2a:14:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cda1500f5c963ed234fd94859f23b32f4885dfc
        Validity
            Not Before: Apr 17 02:00:52 2026 GMT
            Not After : Apr 18 02:00:52 2026 GMT
        Subject: CN=43bfdaeaf0171dfaaa395bde7c6cd1119504358c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:03:e1:e7:c6:e5:eb:cc:c2:4c:04:a2:c6:ee:
                    63:25:c4:7c:40:7f:b3:79:5e:6f:da:a2:b8:4d:e8:
                    a5:64:f0:3d:e3:43:d3:64:91:25:4a:51:db:41:b1:
                    fd:c3:4b:f0:67:c2:e2:3c:32:8f:c9:3b:94:9b:fe:
                    7f:e6:f4:c1:52:d5:38:d2:21:1b:52:9f:e8:10:39:
                    a3:52:14:00:24:10:fe:86:59:f0:ab:b0:f3:08:96:
                    4a:66:a6:54:cc:7d:8a:4e:9c:f5:e8:86:b4:1e:04:
                    68:28:68:f0:e8:5e:23:98:cc:d1:53:76:9f:ed:ad:
                    1e:70:81:16:90:bc:55:cc:9e:34:a7:b6:2d:df:f8:
                    53:77:c7:72:2a:eb:97:f6:7d:62:d4:64:68:6c:a3:
                    75:88:dc:30:b5:3c:1b:68:d3:50:4c:a1:1b:22:84:
                    09:68:76:29:5e:4e:1b:49:4a:7d:a5:4c:e7:26:87:
                    c6:af:06:03:a3:d6:1e:8e:7e:17:8f:34:80:49:2a:
                    46:9a:4c:08:c8:00:81:fc:01:54:1a:17:0f:be:97:
                    9e:c3:51:ba:54:56:21:f3:bd:70:2c:8d:c6:6b:8c:
                    79:57:c8:22:dc:fa:0a:46:c8:c0:ca:0f:40:37:f4:
                    bb:67:a0:0f:9f:9e:93:fd:5a:2d:72:96:3b:56:9c:
                    6d:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:BF:DA:EA:F0:17:1D:FA:AA:39:5B:DE:7C:6C:D1:11:95:04:35:8C
            X509v3 Authority Key Identifier:
                keyid:6C:DA:15:00:F5:C9:63:ED:23:4F:D9:48:59:F2:3B:32:F4:88:5D:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNoVAPXJY-0jT9lIWfI7MvSIXfw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c4a45f-4213-4f01-98f6-98eb53b9502a/1/bNoVAPXJY-0jT9lIWfI7MvSIXfw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/c4a45f-4213-4f01-98f6-98eb53b9502a/1/bNoVAPXJY-0jT9lIWfI7MvSIXfw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:d6:c3:84:c5:b8:ac:f7:4c:cf:b6:df:59:17:10:ff:17:2e:
         01:e5:eb:2c:34:37:b5:1d:86:ba:d4:21:12:b9:9d:06:07:8e:
         76:e5:f3:70:47:c9:a3:ad:2e:4d:08:45:bb:67:98:ce:5b:fa:
         68:e0:64:5a:51:fc:10:a3:b3:cf:bc:45:d0:12:c2:70:9d:f7:
         14:02:91:c0:31:a6:ce:51:c3:0a:2e:e4:96:3e:c5:21:d5:99:
         d1:39:ed:23:7f:6f:12:b1:17:cc:eb:0d:f7:1c:48:8d:3e:35:
         2a:06:fa:90:e1:0b:4f:d1:9c:df:4e:e5:b3:99:04:6e:bf:34:
         35:d3:f3:9c:bf:ad:86:19:5f:52:2e:1b:e5:71:b1:83:c2:69:
         70:27:14:35:95:a0:c0:dd:69:bb:54:bd:90:79:54:e6:73:5e:
         da:c7:fe:65:cd:8f:a6:99:a2:c8:b7:db:92:f7:c6:59:4f:6b:
         73:0d:5f:b9:24:7d:84:2d:27:2d:d7:59:6a:8b:e5:69:27:d7:
         07:6c:95:d4:4a:b1:80:ea:ba:c3:81:73:c3:77:29:ec:2d:aa:
         b1:42:a1:61:4f:25:27:b3:8d:ef:e0:f2:34:ac:eb:fd:ec:5e:
         26:d7:68:1d:e5:92:f6:37:c4:8f:b9:72:a0:e3:5f:b8:d2:db:
         5b:9c:9a:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZK2wzBR9dQC1mSuGcKhTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZGExNTAwZjVjOTYzZWQyMzRmZDk0ODU5ZjIzYjMyZjQ4
ODVkZmMwHhcNMjYwNDE3MDIwMDUyWhcNMjYwNDE4MDIwMDUyWjAzMTEwLwYDVQQD
Eyg0M2JmZGFlYWYwMTcxZGZhYWEzOTViZGU3YzZjZDExMTk1MDQzNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQPh58bl68zCTASixu5jJcR8QH+z
eV5v2qK4TeilZPA940PTZJElSlHbQbH9w0vwZ8LiPDKPyTuUm/5/5vTBUtU40iEb
Up/oEDmjUhQAJBD+hlnwq7DzCJZKZqZUzH2KTpz16Ia0HgRoKGjw6F4jmMzRU3af
7a0ecIEWkLxVzJ40p7Yt3/hTd8dyKuuX9n1i1GRobKN1iNwwtTwbaNNQTKEbIoQJ
aHYpXk4bSUp9pUznJofGrwYDo9Yejn4XjzSASSpGmkwIyACB/AFUGhcPvpeew1G6
VFYh871wLI3Ga4x5V8gi3PoKRsjAyg9AN/S7Z6APn56T/VotcpY7VpxtPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEO/2urwFx36qjlb3nxs0RGVBDWMMB8GA1UdIwQY
MBaAFGzaFQD1yWPtI0/ZSFnyOzL0iF38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5vVkFQWEpZLTBqVDlsSVdmSTdNdlNJWGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9jNGE0NWYtNDIxMy00ZjAxLTk4ZjYt
OThlYjUzYjk1MDJhLzEvYk5vVkFQWEpZLTBqVDlsSVdmSTdNdlNJWGZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9jNGE0NWYtNDIxMy00ZjAxLTk4ZjYtOThlYjUzYjk1MDJh
LzEvYk5vVkFQWEpZLTBqVDlsSVdmSTdNdlNJWGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWNbDhMW4
rPdMz7bfWRcQ/xcuAeXrLDQ3tR2GutQhErmdBgeOduXzcEfJo60uTQhFu2eYzlv6
aOBkWlH8EKOzz7xF0BLCcJ33FAKRwDGmzlHDCi7klj7FIdWZ0TntI39vErEXzOsN
9xxIjT41Kgb6kOELT9Gc307ls5kEbr80NdPznL+thhlfUi4b5XGxg8JpcCcUNZWg
wN1pu1S9kHlU5nNe2sf+Zc2PppmiyLfbkvfGWU9rcw1fuSR9hC0nLddZaovlaSfX
B2yV1EqxgOq6w4Fzw3cp7C2qsUKhYU8lJ7ON7+DyNKzr/exeJtdoHeWS9jfEj7ly
oONfuNLbW5yaJg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:19:46 2026 by rpki-client