Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File:                     20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier:          RiqBM5q7Z+t2c7iC9teL4vwfXAUfFV8F0AMnCKNqz58=
Subject key identifier:   83:5B:17:89:06:08:E2:FE:85:85:71:6A:5D:2B:28:7F:31:38:2D:9F
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer:       /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial:       019D99622608A866040E3C9DA8924AD8FE5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number:          0BBE
Signing time:             Fri 17 Apr 2026 03:00:39 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:39 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:39 +0000
Files and hashes:         1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: vCKboXEH1Rr4jUxAERc5EuJ6OU216eEc0f+BdEV4Y/I=)
                          2: K_G3q1oHoFkLaOnMyEVLIcn7Qmw.roa (hash: /NaxyStNTlcpIpTarZjjR+9kQ6m4FlTTRFr5N6+rcrM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:26:08:a8:66:04:0e:3c:9d:a8:92:4a:d8:fe:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db42059ce291d49a66920731c767da563ef21124
        Validity
            Not Before: Apr 17 03:00:39 2026 GMT
            Not After : Apr 18 03:00:39 2026 GMT
        Subject: CN=835b17890608e2fe8585716a5d2b287f31382d9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:1f:e7:23:08:26:1c:73:4d:a9:28:a1:89:01:
                    c8:91:70:11:9d:23:15:e6:4a:07:70:ef:59:25:6d:
                    88:d0:3f:eb:c9:c0:4e:ac:08:7d:6b:e1:5e:27:4b:
                    3e:55:6f:90:cd:5c:b4:29:6a:b5:11:32:e8:c4:57:
                    61:b8:10:15:75:75:cb:5a:ba:f9:a5:36:33:7f:96:
                    09:26:f1:d0:93:35:30:13:05:e2:39:a2:02:a1:1a:
                    30:fc:e1:8d:26:98:97:e5:18:1e:93:86:be:bd:30:
                    2b:cb:fc:2d:a0:54:33:cb:3e:37:73:e1:c8:86:7e:
                    af:36:8f:12:87:9f:06:29:ca:69:74:61:40:d7:cc:
                    2c:33:5b:7e:02:26:33:d7:43:91:80:d7:c1:8e:b7:
                    76:a0:68:78:45:d3:c1:5d:80:ac:b7:a4:e0:50:ea:
                    37:b0:2d:8d:2e:30:32:91:df:69:0b:f4:32:41:1e:
                    10:96:bf:7e:34:d0:08:11:3f:46:12:f8:0d:52:3b:
                    79:85:f8:68:95:6c:e9:13:31:20:b3:35:18:21:1a:
                    e0:5b:bf:58:11:a3:fe:1d:1a:79:2f:98:2e:16:13:
                    09:82:1c:27:79:d1:09:6b:1a:37:1d:e5:87:32:92:
                    7f:42:26:d2:b2:dd:85:81:ed:bc:93:6c:29:4d:c6:
                    0e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:5B:17:89:06:08:E2:FE:85:85:71:6A:5D:2B:28:7F:31:38:2D:9F
            X509v3 Authority Key Identifier:
                keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:73:b8:18:63:16:4a:8b:a0:d3:66:10:7a:c1:ea:37:43:8f:
         db:a8:61:71:1f:62:90:14:e7:cb:db:63:6c:ab:67:2c:c1:77:
         c9:b5:f0:a3:97:cd:df:32:5d:1f:56:c2:2f:59:f8:8e:93:6a:
         f0:91:21:5b:28:36:4f:62:b4:ae:95:aa:dd:93:f7:05:53:d1:
         3c:96:92:5d:3a:7c:0f:a4:e2:8c:21:92:0c:06:23:f7:1d:b5:
         15:6a:fe:ad:35:b9:42:92:8f:de:5f:82:1b:b7:ec:1b:0a:9f:
         fb:be:6a:d1:bd:c8:1d:76:f5:86:cc:6d:a4:c5:a5:7b:41:df:
         9c:1f:30:67:20:5c:2d:5d:b2:35:fc:b2:1b:f6:01:4b:ba:20:
         bb:a3:aa:63:bd:4f:a2:32:13:5c:cc:ce:3e:04:f3:c9:1c:ed:
         99:37:e7:3a:9f:cd:73:ce:16:8f:bd:81:96:31:ca:fc:3d:09:
         fc:3e:84:21:42:b9:a9:d9:b4:a4:12:6d:43:6e:42:05:c9:b1:
         ff:09:0d:8a:0a:bb:e1:7e:0c:72:6f:e6:bb:ed:70:0b:d9:f4:
         5c:52:f3:d3:d7:b6:2e:3f:01:1a:ca:3b:ac:da:d8:37:65:d4:
         af:ff:8c:56:87:da:e3:46:f0:99:8b:13:6f:9a:36:4b:65:8d:
         d0:25:a2:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYiYIqGYEDjydqJJK2P5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjYwNDE3MDMwMDM5WhcNMjYwNDE4MDMwMDM5WjAzMTEwLwYDVQQD
Eyg4MzViMTc4OTA2MDhlMmZlODU4NTcxNmE1ZDJiMjg3ZjMxMzgyZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h/nIwgmHHNNqSihiQHIkXARnSMV
5koHcO9ZJW2I0D/rycBOrAh9a+FeJ0s+VW+QzVy0KWq1ETLoxFdhuBAVdXXLWrr5
pTYzf5YJJvHQkzUwEwXiOaICoRow/OGNJpiX5Rgek4a+vTAry/wtoFQzyz43c+HI
hn6vNo8Sh58GKcppdGFA18wsM1t+AiYz10ORgNfBjrd2oGh4RdPBXYCst6TgUOo3
sC2NLjAykd9pC/QyQR4Qlr9+NNAIET9GEvgNUjt5hfholWzpEzEgszUYIRrgW79Y
EaP+HRp5L5guFhMJghwnedEJaxo3HeWHMpJ/QibSst2Fge28k2wpTcYOlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINbF4kGCOL+hYVxal0rKH8xOC2fMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZnO4GGMW
Soug02YQesHqN0OP26hhcR9ikBTny9tjbKtnLMF3ybXwo5fN3zJdH1bCL1n4jpNq
8JEhWyg2T2K0rpWq3ZP3BVPRPJaSXTp8D6TijCGSDAYj9x21FWr+rTW5QpKP3l+C
G7fsGwqf+75q0b3IHXb1hsxtpMWle0HfnB8wZyBcLV2yNfyyG/YBS7ogu6OqY71P
ojITXMzOPgTzyRztmTfnOp/Nc84Wj72BljHK/D0J/D6EIUK5qdm0pBJtQ25CBcmx
/wkNigq74X4Mcm/mu+1wC9n0XFLz09e2Lj8BGso7rNrYN2XUr/+MVofa40bwmYsT
b5o2S2WN0CWiKw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:08:39 2026 by rpki-client