Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
File:                     pkHn9ngj7vUqGf4dyODmp_QclDM.mft (raw, json)
Hash identifier:          Een9tkrwNKT9oKwUYG/EG5Hu8dAdenGIN+9CE7aZwn4=
Subject key identifier:   B0:64:CE:29:1B:19:EE:74:FD:09:E6:47:AE:12:F9:84:AC:34:A2:67
Authority key identifier: A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33
Certificate issuer:       /CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433
Certificate serial:       019EC25C32D54BC47C7CFC56FF4D9763A3CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
Manifest number:          0CF8
Signing time:             Sat 13 Jun 2026 19:01:22 +0000
Manifest this update:     Sat 13 Jun 2026 19:01:22 +0000
Manifest next update:     Sun 14 Jun 2026 19:01:22 +0000
Files and hashes:         1: nJSmMLTuP11zOj-elOc_2mrwgF8.roa (hash: 10N2e/W3MOYvDPcGICyNpYfCx8NxZM9dOTlLGlZzpE4=)
                          2: pkHn9ngj7vUqGf4dyODmp_QclDM.crl (hash: rGEi8kLB1/skI+tcajoB7tqLGIHLKv9kkLeyzlrXGXs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 17:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c2:5c:32:d5:4b:c4:7c:7c:fc:56:ff:4d:97:63:a3:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a641e7f67823eef52a19fe1dc8e0e6a7f41c9433
        Validity
            Not Before: Jun 13 19:01:22 2026 GMT
            Not After : Jun 14 19:01:22 2026 GMT
        Subject: CN=b064ce291b19ee74fd09e647ae12f984ac34a267
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:3e:b8:89:13:92:0b:c0:65:0a:7d:0d:e2:eb:
                    85:9e:cd:5c:87:58:37:cc:2b:64:3f:96:a7:9e:4b:
                    5f:fa:da:ef:60:20:6d:51:2e:e0:3f:c6:7d:45:9c:
                    f0:e0:10:70:be:4a:f2:01:c5:0c:6b:5d:1b:78:a1:
                    9c:06:7a:9a:f3:39:5d:21:75:0c:e9:6c:03:f7:bb:
                    91:89:ba:e8:6c:99:ab:a3:46:a7:3e:2a:f1:fd:c6:
                    c4:9b:20:db:f1:c4:fc:1f:81:5c:32:93:c1:3e:4f:
                    d3:bc:01:bb:0a:67:77:fc:b7:85:21:4a:58:21:bf:
                    d6:de:a5:f1:b3:53:40:08:67:3e:bd:f0:01:32:02:
                    c0:e0:9d:c9:74:0b:05:a6:09:4c:93:0d:7e:d2:30:
                    de:e4:c8:3e:92:7c:7e:f2:3f:d3:99:4c:0a:cd:77:
                    aa:08:75:78:37:f2:fd:37:95:34:b6:9f:aa:70:c5:
                    45:c3:af:37:5c:bd:4f:ab:de:df:7a:63:bd:cc:e2:
                    05:fe:3f:75:e4:0d:53:50:42:86:b1:52:fc:2e:5b:
                    ff:22:52:fe:14:09:11:a7:ac:f3:13:0a:b5:8e:34:
                    72:6e:74:e4:a2:62:96:80:1a:79:a5:e5:88:b0:d4:
                    41:db:3f:26:bd:06:f3:5a:1a:35:8c:15:8e:38:37:
                    fe:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:64:CE:29:1B:19:EE:74:FD:09:E6:47:AE:12:F9:84:AC:34:A2:67
            X509v3 Authority Key Identifier:
                keyid:A6:41:E7:F6:78:23:EE:F5:2A:19:FE:1D:C8:E0:E6:A7:F4:1C:94:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkHn9ngj7vUqGf4dyODmp_QclDM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0ac21c-c72b-4719-a085-0788f7921852/1/pkHn9ngj7vUqGf4dyODmp_QclDM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:0a:50:1d:41:80:bc:59:6f:9e:43:e8:b4:b1:be:ce:f6:65:
         af:ec:e8:63:29:8f:d7:b5:83:98:0c:eb:64:29:d2:47:a5:bb:
         16:4d:c4:c9:01:95:63:00:73:b8:ca:4a:35:e0:2f:eb:30:a2:
         1d:d2:f4:b7:0d:85:74:41:6a:5b:5d:02:17:42:64:75:fc:b7:
         a6:aa:37:8f:e0:7a:a9:d0:46:d5:8a:43:81:45:9f:bd:66:3e:
         00:5c:33:fd:ab:da:85:7e:23:c1:a7:2c:0b:07:fc:64:58:2a:
         d7:a8:12:12:95:5c:7b:02:db:8f:41:b0:2a:d5:73:1d:41:56:
         c6:d3:25:12:8a:31:49:71:3a:e2:72:e5:71:3b:1d:23:d6:a6:
         fb:df:5f:67:04:aa:45:66:12:1e:4e:3d:89:b1:2e:56:2b:6b:
         89:6b:21:f4:81:36:f7:87:dc:d9:05:08:bc:3b:12:da:a0:ee:
         d2:d1:4c:fc:cc:b8:92:86:2c:af:db:7d:38:e7:b2:87:2d:e9:
         cf:23:2c:c1:c5:20:5a:2d:ac:8b:13:d6:08:d4:41:d0:a4:ab:
         9f:e4:1a:8d:0f:1e:72:69:34:f0:a2:0b:b3:99:64:eb:a6:0b:
         12:ed:0a:68:5f:5a:c8:80:42:90:b4:dc:c9:18:69:ae:10:db:
         c6:01:51:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7CXDLVS8R8fPxW/02XY6PKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDFlN2Y2NzgyM2VlZjUyYTE5ZmUxZGM4ZTBlNmE3ZjQx
Yzk0MzMwHhcNMjYwNjEzMTkwMTIyWhcNMjYwNjE0MTkwMTIyWjAzMTEwLwYDVQQD
EyhiMDY0Y2UyOTFiMTllZTc0ZmQwOWU2NDdhZTEyZjk4NGFjMzRhMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T64iROSC8BlCn0N4uuFns1ch1g3
zCtkP5annktf+trvYCBtUS7gP8Z9RZzw4BBwvkryAcUMa10beKGcBnqa8zldIXUM
6WwD97uRibrobJmro0anPirx/cbEmyDb8cT8H4FcMpPBPk/TvAG7Cmd3/LeFIUpY
Ib/W3qXxs1NACGc+vfABMgLA4J3JdAsFpglMkw1+0jDe5Mg+knx+8j/TmUwKzXeq
CHV4N/L9N5U0tp+qcMVFw683XL1Pq97femO9zOIF/j915A1TUEKGsVL8Llv/IlL+
FAkRp6zzEwq1jjRybnTkomKWgBp5peWIsNRB2z8mvQbzWho1jBWOODf+CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBkzikbGe50/QnmR64S+YSsNKJnMB8GA1UdIwQY
MBaAFKZB5/Z4I+71Khn+Hcjg5qf0HJQzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUt
MDc4OGY3OTIxODUyLzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wYWMyMWMtYzcyYi00NzE5LWEwODUtMDc4OGY3OTIxODUy
LzEvcGtIbjluZ2o3dlVxR2Y0ZHlPRG1wX1FjbERNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMApQHUGA
vFlvnkPotLG+zvZlr+zoYymP17WDmAzrZCnSR6W7Fk3EyQGVYwBzuMpKNeAv6zCi
HdL0tw2FdEFqW10CF0Jkdfy3pqo3j+B6qdBG1YpDgUWfvWY+AFwz/avahX4jwacs
Cwf8ZFgq16gSEpVcewLbj0GwKtVzHUFWxtMlEooxSXE64nLlcTsdI9am+99fZwSq
RWYSHk49ibEuVitriWsh9IE294fc2QUIvDsS2qDu0tFM/My4koYsr9t9OOeyhy3p
zyMswcUgWi2sixPWCNRB0KSrn+QajQ8ecmk08KILs5lk66YLEu0KaF9ayIBCkLTc
yRhprhDbxgFRuA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:12:58 2026 by rpki-client