Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft
File:                     rwlQP8rAF2lRWhny3CZX2S_TUN8.mft (raw, json)
Hash identifier:          mkoK/Es+0vOWZOHyecS6uz50r8fJAY/Xd4dAbgczdvM=
Subject key identifier:   B4:B5:80:A5:E6:F8:06:E2:98:F3:58:1F:63:BB:0D:70:26:17:B8:B1
Authority key identifier: AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF
Certificate issuer:       /CN=af09503fcac01769515a19f2dc2657d92fd350df
Certificate serial:       019CAB6B0D543B9DB93C33F7BD91941B8341
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft
Manifest number:          17D9
Signing time:             Sun 01 Mar 2026 22:00:45 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:45 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:45 +0000
Files and hashes:         1: oPTsHymLci7fd09NsvXBq7O6RPk.roa (hash: LFrx4cQED0mzFhJ5bZEMbk7u2JP9cJJqjo6hpAnRfYc=)
                          2: rwlQP8rAF2lRWhny3CZX2S_TUN8.crl (hash: 70H+HQeI/UR43AvDa7pc72zvYNaWM8Z23sB8ZwQvn/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:0d:54:3b:9d:b9:3c:33:f7:bd:91:94:1b:83:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af09503fcac01769515a19f2dc2657d92fd350df
        Validity
            Not Before: Mar  1 22:00:45 2026 GMT
            Not After : Mar  2 22:00:45 2026 GMT
        Subject: CN=b4b580a5e6f806e298f3581f63bb0d702617b8b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5d:69:76:64:25:0c:59:41:14:f8:3f:3e:c2:
                    41:f3:90:03:15:ed:8a:fd:54:1a:f7:bd:7d:16:10:
                    62:72:ee:45:d6:f4:e4:3f:91:80:45:36:f0:2d:a4:
                    9d:29:95:79:e2:75:58:ea:c5:30:8f:e2:c3:ce:7f:
                    64:f5:b4:cc:21:12:3e:c3:d7:0b:19:28:be:ba:63:
                    7f:78:be:07:fe:35:80:58:76:da:08:e0:e4:73:c6:
                    12:f2:e8:68:23:3e:d6:6f:8c:58:e6:fd:4c:df:a9:
                    70:e8:62:ae:c4:75:65:9c:0c:c7:fa:b8:24:fc:9f:
                    e9:30:08:f7:45:e6:43:a6:b5:0f:f2:1a:7e:6e:f6:
                    16:02:2c:a8:40:03:d8:4c:08:de:2a:21:3d:5b:46:
                    bf:b9:05:6b:d3:65:6d:79:00:4c:19:e1:b7:c7:50:
                    25:03:18:3a:c7:10:df:d3:b3:44:c0:a5:30:d2:6b:
                    9f:ae:6b:19:c0:81:57:5d:76:ce:e4:95:9b:48:bb:
                    38:ab:8d:07:53:ae:30:bf:f6:38:9c:f9:fd:6a:17:
                    06:23:af:45:b7:a5:d6:61:63:e5:ca:5d:23:51:21:
                    fd:c1:fa:b1:e6:b3:a9:be:57:5b:6c:4a:19:1f:f3:
                    95:10:b9:e5:4c:f2:dd:36:ac:18:fc:56:80:74:60:
                    ba:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:B5:80:A5:E6:F8:06:E2:98:F3:58:1F:63:BB:0D:70:26:17:B8:B1
            X509v3 Authority Key Identifier:
                keyid:AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:75:4d:7a:0d:66:09:d9:57:7c:97:82:71:60:75:a9:13:19:
         c3:c8:3b:f1:9d:bf:8f:ed:8a:e5:56:37:78:f3:03:2d:a3:30:
         2e:c8:74:75:70:c6:ff:5b:1b:1a:a7:77:37:e5:70:d3:f7:a1:
         eb:34:a3:03:95:cc:a9:4f:f8:58:8d:75:67:42:f9:0b:61:21:
         7d:8a:f7:d1:44:b2:d8:ed:16:4c:4d:b2:9d:f6:53:79:d2:c0:
         c7:4c:05:11:98:d7:1c:72:4d:8e:6d:79:05:b2:3f:5b:c6:15:
         43:e5:71:21:d5:75:c0:51:da:b6:b0:de:c5:3f:a1:19:d3:c3:
         a4:db:ca:2d:76:42:b8:bf:2c:7b:4e:f1:e4:e1:d3:7a:6f:cc:
         0a:6c:a7:ea:4a:2d:ff:e9:0b:c2:c8:92:4d:89:e2:d1:f3:c4:
         75:a8:8b:92:39:dc:3b:e8:1d:f2:61:39:77:80:f5:15:5f:a6:
         06:15:c4:2c:1e:0e:3b:b9:13:9d:ae:c3:fd:96:65:d2:e9:2c:
         e8:bf:55:67:1e:d8:b4:f5:3c:38:5e:be:78:27:a5:33:2d:01:
         1f:14:cd:e8:de:7a:fd:45:30:34:8f:15:b9:55:8f:8b:71:82:
         9f:95:b1:35:28:76:d4:c7:50:85:7c:8a:72:56:f9:7a:b5:79:
         f8:33:d7:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraw1UO525PDP3vZGUG4NBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMDk1MDNmY2FjMDE3Njk1MTVhMTlmMmRjMjY1N2Q5MmZk
MzUwZGYwHhcNMjYwMzAxMjIwMDQ1WhcNMjYwMzAyMjIwMDQ1WjAzMTEwLwYDVQQD
EyhiNGI1ODBhNWU2ZjgwNmUyOThmMzU4MWY2M2JiMGQ3MDI2MTdiOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV1pdmQlDFlBFPg/PsJB85ADFe2K
/VQa9719FhBicu5F1vTkP5GARTbwLaSdKZV54nVY6sUwj+LDzn9k9bTMIRI+w9cL
GSi+umN/eL4H/jWAWHbaCODkc8YS8uhoIz7Wb4xY5v1M36lw6GKuxHVlnAzH+rgk
/J/pMAj3ReZDprUP8hp+bvYWAiyoQAPYTAjeKiE9W0a/uQVr02VteQBMGeG3x1Al
Axg6xxDf07NEwKUw0mufrmsZwIFXXXbO5JWbSLs4q40HU64wv/Y4nPn9ahcGI69F
t6XWYWPlyl0jUSH9wfqx5rOpvldbbEoZH/OVELnlTPLdNqwY/FaAdGC6+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLS1gKXm+AbimPNYH2O7DXAmF7ixMB8GA1UdIwQY
MBaAFK8JUD/KwBdpUVoZ8twmV9kv01DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAt
MTc1MDJkM2RmOTVmLzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAtMTc1MDJkM2RmOTVm
LzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZnVNeg1m
CdlXfJeCcWB1qRMZw8g78Z2/j+2K5VY3ePMDLaMwLsh0dXDG/1sbGqd3N+Vw0/eh
6zSjA5XMqU/4WI11Z0L5C2EhfYr30USy2O0WTE2ynfZTedLAx0wFEZjXHHJNjm15
BbI/W8YVQ+VxIdV1wFHatrDexT+hGdPDpNvKLXZCuL8se07x5OHTem/MCmyn6kot
/+kLwsiSTYni0fPEdaiLkjncO+gd8mE5d4D1FV+mBhXELB4OO7kTna7D/ZZl0uks
6L9VZx7YtPU8OF6+eCelMy0BHxTN6N56/UUwNI8VuVWPi3GCn5WxNSh21MdQhXyK
clb5erV5+DPXjQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:36:40 2026 by rpki-client