Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/b56504-ed17-4197-bba0-a0adecfd5fa9/1/sQeA3za1uUL2YOQDov5ginXk5X0.mft
File:                     sQeA3za1uUL2YOQDov5ginXk5X0.mft (raw, json)
Hash identifier:          0dtAT0OM7ufaBvgwmpSn+ApRkj9R0Ekky5s15sBy3So=
Subject key identifier:   40:B2:6F:64:B7:39:11:A6:36:77:9E:9F:A0:E6:4E:73:5B:6B:7D:87
Authority key identifier: B1:07:80:DF:36:B5:B9:42:F6:60:E4:03:A2:FE:60:8A:75:E4:E5:7D
Certificate issuer:       /CN=b10780df36b5b942f660e403a2fe608a75e4e57d
Certificate serial:       019CAD907FF95702B3EB13EF1405C83E9375
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sQeA3za1uUL2YOQDov5ginXk5X0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/b56504-ed17-4197-bba0-a0adecfd5fa9/1/sQeA3za1uUL2YOQDov5ginXk5X0.mft
Manifest number:          17D9
Signing time:             Mon 02 Mar 2026 08:00:54 +0000
Manifest this update:     Mon 02 Mar 2026 08:00:54 +0000
Manifest next update:     Tue 03 Mar 2026 08:00:54 +0000
Files and hashes:         1: IRpFGeK75W2NCoLOiJ_s8Xp5yew.roa (hash: BhIo7ljP7ZgEPGbs9sKTB4qik1eSNnRy76SvPdzQrR4=)
                          2: sQeA3za1uUL2YOQDov5ginXk5X0.crl (hash: Vr5IxnpPJv6mXL8X8SSsSmmcQrqriRP7r9NofMAi5OM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/b56504-ed17-4197-bba0-a0adecfd5fa9/1/sQeA3za1uUL2YOQDov5ginXk5X0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/b56504-ed17-4197-bba0-a0adecfd5fa9/1/sQeA3za1uUL2YOQDov5ginXk5X0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sQeA3za1uUL2YOQDov5ginXk5X0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 08:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:90:7f:f9:57:02:b3:eb:13:ef:14:05:c8:3e:93:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b10780df36b5b942f660e403a2fe608a75e4e57d
        Validity
            Not Before: Mar  2 08:00:54 2026 GMT
            Not After : Mar  3 08:00:54 2026 GMT
        Subject: CN=40b26f64b73911a636779e9fa0e64e735b6b7d87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:eb:64:65:57:ce:80:24:87:6a:43:45:ef:d8:
                    67:7a:fc:25:be:a9:8c:19:ec:61:17:18:08:ea:95:
                    e1:77:b2:40:91:b6:af:be:ef:59:38:cd:da:fb:77:
                    62:b3:ff:b8:f8:17:ca:50:a1:aa:c6:5c:e7:e5:cc:
                    5c:07:a0:ed:d8:32:de:96:24:52:11:ec:42:6f:6d:
                    f6:c9:0f:e2:19:77:69:77:15:99:0f:68:d7:73:ca:
                    33:64:79:eb:7d:d5:0e:03:cb:9c:53:35:33:af:8e:
                    00:3a:09:f2:c4:5a:41:3b:5f:84:04:ff:bf:1f:c0:
                    9f:18:89:a0:b7:1e:7f:52:65:9c:1b:a2:d2:9b:02:
                    23:45:c6:06:a9:9e:a9:bf:e3:61:3b:f0:9d:40:30:
                    99:8f:a2:d6:cd:78:91:fd:57:14:b0:09:16:9f:90:
                    4a:3c:2b:57:8e:62:68:f2:bd:b4:a5:00:76:5a:c8:
                    28:d5:44:1e:9a:ad:2f:83:9e:a2:33:52:81:6d:6e:
                    57:6b:03:71:80:3d:cc:b1:21:01:61:20:d5:57:a1:
                    79:f9:00:62:0d:c5:d7:28:0c:50:28:53:c3:21:0d:
                    60:de:e6:81:66:0e:d6:13:14:c7:2b:f6:1f:46:8e:
                    ed:d1:00:14:e1:4d:a2:63:87:11:e0:a4:fc:15:64:
                    3e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:B2:6F:64:B7:39:11:A6:36:77:9E:9F:A0:E6:4E:73:5B:6B:7D:87
            X509v3 Authority Key Identifier:
                keyid:B1:07:80:DF:36:B5:B9:42:F6:60:E4:03:A2:FE:60:8A:75:E4:E5:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sQeA3za1uUL2YOQDov5ginXk5X0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/b56504-ed17-4197-bba0-a0adecfd5fa9/1/sQeA3za1uUL2YOQDov5ginXk5X0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/b56504-ed17-4197-bba0-a0adecfd5fa9/1/sQeA3za1uUL2YOQDov5ginXk5X0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:4d:8d:29:05:d6:3e:96:5f:8c:7b:22:b6:d2:04:69:1f:c7:
         f5:75:10:54:da:19:de:ae:fa:3f:e2:fe:47:85:65:01:f3:18:
         b1:e0:64:96:20:87:ac:34:bb:65:36:3e:58:00:00:a4:59:61:
         7b:e6:ab:f8:80:3c:01:6b:44:26:03:37:28:c6:10:8c:c6:98:
         b0:37:12:c8:54:58:43:75:0e:38:1b:14:87:71:5b:ab:ac:92:
         60:48:fa:dc:a3:56:8b:8f:f3:da:5f:e9:7c:6e:c5:52:bf:cb:
         54:ff:7c:57:f8:86:31:58:bd:0d:33:f1:59:cd:fd:50:71:38:
         3c:4b:db:20:d7:4c:f1:44:9c:e4:8e:ed:f1:f5:28:5e:40:0d:
         eb:3f:65:0c:d6:15:a4:56:b5:5a:75:94:93:eb:32:71:74:d2:
         50:cd:24:fb:e2:3d:01:62:76:eb:a3:bc:30:95:33:b8:42:6d:
         2d:61:a1:2f:aa:cf:a2:13:ba:9c:fa:bb:7f:21:42:86:82:c1:
         95:6b:74:48:98:8a:34:fe:22:4c:76:0d:3c:db:81:d7:66:13:
         36:b9:c7:d8:9d:ec:2b:a7:49:dd:13:fb:2c:19:09:83:43:99:
         27:74:8c:b4:af:76:7d:01:f6:b3:58:16:d5:9b:a3:63:d6:4f:
         40:79:9b:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkH/5VwKz6xPvFAXIPpN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMDc4MGRmMzZiNWI5NDJmNjYwZTQwM2EyZmU2MDhhNzVl
NGU1N2QwHhcNMjYwMzAyMDgwMDU0WhcNMjYwMzAzMDgwMDU0WjAzMTEwLwYDVQQD
Eyg0MGIyNmY2NGI3MzkxMWE2MzY3NzllOWZhMGU2NGU3MzViNmI3ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvetkZVfOgCSHakNF79hnevwlvqmM
GexhFxgI6pXhd7JAkbavvu9ZOM3a+3dis/+4+BfKUKGqxlzn5cxcB6Dt2DLeliRS
EexCb232yQ/iGXdpdxWZD2jXc8ozZHnrfdUOA8ucUzUzr44AOgnyxFpBO1+EBP+/
H8CfGImgtx5/UmWcG6LSmwIjRcYGqZ6pv+NhO/CdQDCZj6LWzXiR/VcUsAkWn5BK
PCtXjmJo8r20pQB2Wsgo1UQemq0vg56iM1KBbW5XawNxgD3MsSEBYSDVV6F5+QBi
DcXXKAxQKFPDIQ1g3uaBZg7WExTHK/YfRo7t0QAU4U2iY4cR4KT8FWQ+LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECyb2S3ORGmNneen6DmTnNba32HMB8GA1UdIwQY
MBaAFLEHgN82tblC9mDkA6L+YIp15OV9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1FlQTN6YTF1VUwyWU9RRG92NWdpblhrNVgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9iNTY1MDQtZWQxNy00MTk3LWJiYTAt
YTBhZGVjZmQ1ZmE5LzEvc1FlQTN6YTF1VUwyWU9RRG92NWdpblhrNVgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9iNTY1MDQtZWQxNy00MTk3LWJiYTAtYTBhZGVjZmQ1ZmE5
LzEvc1FlQTN6YTF1VUwyWU9RRG92NWdpblhrNVgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk02NKQXW
PpZfjHsittIEaR/H9XUQVNoZ3q76P+L+R4VlAfMYseBkliCHrDS7ZTY+WAAApFlh
e+ar+IA8AWtEJgM3KMYQjMaYsDcSyFRYQ3UOOBsUh3Fbq6ySYEj63KNWi4/z2l/p
fG7FUr/LVP98V/iGMVi9DTPxWc39UHE4PEvbINdM8USc5I7t8fUoXkAN6z9lDNYV
pFa1WnWUk+sycXTSUM0k++I9AWJ266O8MJUzuEJtLWGhL6rPohO6nPq7fyFChoLB
lWt0SJiKNP4iTHYNPNuB12YTNrnH2J3sK6dJ3RP7LBkJg0OZJ3SMtK92fQH2s1gW
1ZujY9ZPQHmbxQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:24:36 2026 by rpki-client