Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/a68e26-92e5-4f49-adb8-664778845b16/1/9iZUZY9nKqzzcTO1xxz0sRwYado.mft
File:                     9iZUZY9nKqzzcTO1xxz0sRwYado.mft (raw, json)
Hash identifier:          lAcPoOyQ9RUeteUisYCB172bqY1bQHHNUz+gOZ7GyGs=
Subject key identifier:   D4:AF:CA:A5:05:B7:8C:11:6F:2E:21:87:2D:3C:1E:10:9A:D3:56:FD
Authority key identifier: F6:26:54:65:8F:67:2A:AC:F3:71:33:B5:C7:1C:F4:B1:1C:18:69:DA
Certificate issuer:       /CN=f62654658f672aacf37133b5c71cf4b11c1869da
Certificate serial:       019CB400694B8BA18990EF68493326F1445F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9iZUZY9nKqzzcTO1xxz0sRwYado.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/a68e26-92e5-4f49-adb8-664778845b16/1/9iZUZY9nKqzzcTO1xxz0sRwYado.mft
Manifest number:          0355
Signing time:             Tue 03 Mar 2026 14:00:51 +0000
Manifest this update:     Tue 03 Mar 2026 14:00:51 +0000
Manifest next update:     Wed 04 Mar 2026 14:00:51 +0000
Files and hashes:         1: 9iZUZY9nKqzzcTO1xxz0sRwYado.crl (hash: sxVmpHI3dXwl2TD3NXBG+5Az19qUgG2nC4HJJUskrUA=)
                          2: tvMXQZLl7Wysz_xvdn4KxR27LYI.roa (hash: DS+mGSmFWnDI1NNRJFgUsn5iaFW320NJTO3U5Mk3hfc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/a68e26-92e5-4f49-adb8-664778845b16/1/9iZUZY9nKqzzcTO1xxz0sRwYado.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/a68e26-92e5-4f49-adb8-664778845b16/1/9iZUZY9nKqzzcTO1xxz0sRwYado.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9iZUZY9nKqzzcTO1xxz0sRwYado.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Mar 2026 14:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:b4:00:69:4b:8b:a1:89:90:ef:68:49:33:26:f1:44:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f62654658f672aacf37133b5c71cf4b11c1869da
        Validity
            Not Before: Mar  3 14:00:51 2026 GMT
            Not After : Mar  4 14:00:51 2026 GMT
        Subject: CN=d4afcaa505b78c116f2e21872d3c1e109ad356fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:6e:20:13:b7:f8:4e:a7:5d:72:1c:87:ad:f1:
                    b2:d0:57:0c:c9:73:6e:96:14:42:46:04:94:55:dd:
                    89:1e:ec:ce:86:c7:09:5e:c2:c3:2e:52:01:10:70:
                    b0:8c:91:2d:a2:d5:f5:28:e0:98:f4:d4:ea:41:52:
                    52:9b:0b:5d:9c:4b:96:aa:11:7e:fc:0b:6f:ca:97:
                    e8:ba:8e:e9:c9:f4:c8:01:a9:8f:d5:00:4c:67:47:
                    18:75:38:a9:dc:2c:93:ad:71:cb:bc:e5:da:54:08:
                    80:70:5b:e2:03:fa:c6:b6:15:39:99:5f:35:1e:2b:
                    70:5e:10:8b:d4:5b:95:f8:f4:9e:d6:0f:a2:41:34:
                    30:02:2e:e4:fd:70:c8:fa:1c:dd:c1:21:20:f2:26:
                    5d:da:cd:83:49:cb:92:4b:f9:5e:26:04:02:4d:d2:
                    22:d2:a3:d5:3d:40:fa:ac:17:c3:f3:15:14:30:95:
                    a3:5f:d2:8e:86:37:9e:6b:7e:e5:91:ce:8d:b3:35:
                    6f:82:e9:47:79:e8:1e:85:d9:99:d1:d9:e2:6f:2f:
                    a0:ed:fb:f0:d3:8c:13:8b:23:91:ee:66:60:92:e9:
                    12:74:18:fe:d7:ef:f6:96:32:0f:a5:b3:dc:21:e7:
                    a8:03:ea:03:f8:6d:f2:c5:b2:26:8c:e7:35:93:ba:
                    8a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:AF:CA:A5:05:B7:8C:11:6F:2E:21:87:2D:3C:1E:10:9A:D3:56:FD
            X509v3 Authority Key Identifier:
                keyid:F6:26:54:65:8F:67:2A:AC:F3:71:33:B5:C7:1C:F4:B1:1C:18:69:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9iZUZY9nKqzzcTO1xxz0sRwYado.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/a68e26-92e5-4f49-adb8-664778845b16/1/9iZUZY9nKqzzcTO1xxz0sRwYado.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/a68e26-92e5-4f49-adb8-664778845b16/1/9iZUZY9nKqzzcTO1xxz0sRwYado.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:bc:7a:d6:4c:0b:b5:52:33:30:80:b1:8b:2c:0a:5d:5b:8a:
         9e:10:b4:41:e0:0b:c0:78:9e:cc:9c:d5:21:45:c3:9a:ed:9b:
         7c:0a:19:c4:39:1f:b6:da:79:57:9e:ec:7b:6b:d9:19:c9:18:
         ec:29:33:49:f5:f7:32:30:f4:5c:dd:78:6b:4e:76:c2:2f:56:
         9d:65:11:d3:4b:ed:e7:f7:9d:ac:01:68:92:ee:2a:0f:98:20:
         58:81:92:03:58:bb:9e:0e:81:d9:e7:9a:f0:40:93:84:f2:41:
         7a:63:c3:f3:23:54:f8:fd:44:2a:17:04:42:32:03:0b:3e:ad:
         b2:94:5a:e3:aa:e3:a2:89:e3:99:af:db:73:f8:75:7a:7d:8c:
         89:9a:bd:a1:b9:01:fb:69:e3:3a:a9:a4:e6:6b:85:36:39:c0:
         f3:c0:53:cf:86:f8:e1:5a:f9:56:c4:20:d9:4b:3d:38:15:3d:
         3c:68:c0:99:03:41:dc:ff:3b:c9:c1:99:86:a4:62:c3:3c:82:
         94:1f:59:5d:d0:ae:47:b8:eb:0d:12:e2:63:c9:f2:b9:d6:b3:
         4e:de:a8:95:70:58:9e:83:94:4d:bf:18:fd:0a:f1:33:f1:84:
         e5:00:dc:4b:a5:e2:72:34:70:20:db:88:da:c9:80:26:6d:9e:
         4a:db:ac:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZy0AGlLi6GJkO9oSTMm8URfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MjY1NDY1OGY2NzJhYWNmMzcxMzNiNWM3MWNmNGIxMWMx
ODY5ZGEwHhcNMjYwMzAzMTQwMDUxWhcNMjYwMzA0MTQwMDUxWjAzMTEwLwYDVQQD
EyhkNGFmY2FhNTA1Yjc4YzExNmYyZTIxODcyZDNjMWUxMDlhZDM1NmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG4gE7f4TqddchyHrfGy0FcMyXNu
lhRCRgSUVd2JHuzOhscJXsLDLlIBEHCwjJEtotX1KOCY9NTqQVJSmwtdnEuWqhF+
/Atvypfouo7pyfTIAamP1QBMZ0cYdTip3CyTrXHLvOXaVAiAcFviA/rGthU5mV81
HitwXhCL1FuV+PSe1g+iQTQwAi7k/XDI+hzdwSEg8iZd2s2DScuSS/leJgQCTdIi
0qPVPUD6rBfD8xUUMJWjX9KOhjeea37lkc6NszVvgulHeegehdmZ0dniby+g7fvw
04wTiyOR7mZgkukSdBj+1+/2ljIPpbPcIeeoA+oD+G3yxbImjOc1k7qKlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSvyqUFt4wRby4hhy08HhCa01b9MB8GA1UdIwQY
MBaAFPYmVGWPZyqs83Eztccc9LEcGGnaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWlaVVpZOW5LcXp6Y1RPMXh4ejBzUndZYWRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9hNjhlMjYtOTJlNS00ZjQ5LWFkYjgt
NjY0Nzc4ODQ1YjE2LzEvOWlaVVpZOW5LcXp6Y1RPMXh4ejBzUndZYWRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9hNjhlMjYtOTJlNS00ZjQ5LWFkYjgtNjY0Nzc4ODQ1YjE2
LzEvOWlaVVpZOW5LcXp6Y1RPMXh4ejBzUndZYWRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvLx61kwL
tVIzMICxiywKXVuKnhC0QeALwHiezJzVIUXDmu2bfAoZxDkfttp5V57se2vZGckY
7CkzSfX3MjD0XN14a052wi9WnWUR00vt5/edrAFoku4qD5ggWIGSA1i7ng6B2eea
8ECThPJBemPD8yNU+P1EKhcEQjIDCz6tspRa46rjoonjma/bc/h1en2MiZq9obkB
+2njOqmk5muFNjnA88BTz4b44Vr5VsQg2Us9OBU9PGjAmQNB3P87ycGZhqRiwzyC
lB9ZXdCuR7jrDRLiY8nyudazTt6olXBYnoOUTb8Y/QrxM/GE5QDcS6XicjRwINuI
2smAJm2eStuseQ==
-----END CERTIFICATE-----
Generated at Tue Mar 3 16:19:27 2026 by rpki-client