Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
File:                     HjXAaowG1d1k_nawkKPh4qSZbcg.mft (raw, json)
Hash identifier:          tc/bV0YWSU2njp4cZ3ubdmGRzdC6jZZoJFI/GCrF2Ds=
Subject key identifier:   8C:C4:E6:F4:74:DF:6A:3E:B3:97:19:96:DE:9C:64:B1:F9:F6:F1:81
Authority key identifier: 1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8
Certificate issuer:       /CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8
Certificate serial:       019EC149A27645B2F0E7D48887AABC5CB0CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
Manifest number:          195C
Signing time:             Sat 13 Jun 2026 14:01:28 +0000
Manifest this update:     Sat 13 Jun 2026 14:01:28 +0000
Manifest next update:     Sun 14 Jun 2026 14:01:28 +0000
Files and hashes:         1: HjXAaowG1d1k_nawkKPh4qSZbcg.crl (hash: kQ6NGOzNLOuZRSn6EwIa4Ls1yB51qAKTGT/v0RGvtpE=)
                          2: _SW-efIyZk8frPlLE8yBxAElkiU.roa (hash: iv2POwrNLwDCvtWPf5ONex0CqcvwAdFHiaQ1/D120FA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c1:49:a2:76:45:b2:f0:e7:d4:88:87:aa:bc:5c:b0:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e35c06a8c06d5dd64fe76b090a3e1e2a4996dc8
        Validity
            Not Before: Jun 13 14:01:28 2026 GMT
            Not After : Jun 14 14:01:28 2026 GMT
        Subject: CN=8cc4e6f474df6a3eb3971996de9c64b1f9f6f181
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:29:a2:c1:1a:22:e8:56:53:f7:be:68:0e:a6:
                    42:50:1d:13:54:18:17:40:d1:db:b6:b7:7d:fc:7b:
                    ac:d9:4a:e2:94:2c:5c:d3:53:4a:ca:3e:29:ed:e3:
                    96:9b:83:30:62:48:44:6a:8d:f9:a1:24:36:67:2a:
                    52:41:7c:f9:ec:0c:6e:33:74:c5:c1:3e:ea:1f:54:
                    c4:4f:6e:a0:5c:57:f8:7d:b5:87:7b:11:35:ce:fc:
                    66:7e:59:a7:39:da:6b:8a:f3:a2:34:6a:79:96:5b:
                    34:ae:66:78:9d:24:e7:12:86:06:87:0c:7e:07:6e:
                    01:8e:69:ca:05:2a:79:d4:d2:77:d6:fe:0d:2e:47:
                    18:90:80:45:30:b4:c2:cb:ee:d1:9d:f7:cd:e4:59:
                    10:26:88:d6:7a:50:bc:94:d6:12:2a:f4:66:ca:27:
                    2a:31:8f:e5:49:f8:ea:b0:f4:b2:03:95:3c:c9:24:
                    ef:df:2c:db:a8:83:be:e8:b4:83:35:64:a1:df:7c:
                    fd:ba:83:c7:83:5d:61:5a:ee:9e:e4:cb:9f:66:bc:
                    e6:28:cf:e2:e6:52:24:0c:b7:dd:52:4a:12:76:58:
                    bb:3b:72:03:d8:89:51:db:b0:ff:6e:eb:db:ec:3f:
                    0c:f9:06:81:6a:99:32:12:27:72:50:38:c4:42:e8:
                    8e:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:C4:E6:F4:74:DF:6A:3E:B3:97:19:96:DE:9C:64:B1:F9:F6:F1:81
            X509v3 Authority Key Identifier:
                keyid:1E:35:C0:6A:8C:06:D5:DD:64:FE:76:B0:90:A3:E1:E2:A4:99:6D:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjXAaowG1d1k_nawkKPh4qSZbcg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/ab45e4-6ea0-495f-8b78-9b5d76a949f4/1/HjXAaowG1d1k_nawkKPh4qSZbcg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:d9:2a:81:0a:c4:3d:97:4a:d8:74:3b:27:a1:1a:a2:3e:f1:
         b6:da:73:f6:55:06:10:ab:a2:5a:58:12:86:c3:3e:4f:ae:e8:
         d9:63:b4:6e:68:71:c1:9b:55:fc:36:1e:57:11:92:7e:0c:87:
         e4:5e:4b:1a:71:b3:63:30:f9:24:00:59:a6:f5:dd:03:06:b2:
         94:fd:44:10:ec:cb:c4:eb:0a:0c:c8:b4:5f:a2:37:72:39:f4:
         75:43:79:19:f8:5d:b3:c5:84:04:b9:98:c5:03:2e:5a:bd:a8:
         44:42:0d:14:b0:3e:4e:35:8f:24:fb:3f:6e:79:1d:ed:03:83:
         89:4b:32:2d:6f:8d:2b:e7:51:d9:5e:41:d5:60:cc:5f:72:31:
         55:b7:55:ca:f8:b7:c7:c0:b6:6a:45:62:ba:c9:aa:fc:bb:49:
         e5:50:72:5b:44:d9:5b:f9:63:82:29:0b:45:05:d8:09:d0:e5:
         63:60:b1:ab:bc:5b:7c:64:0f:29:09:6e:67:48:bf:59:81:c2:
         95:94:97:91:79:50:25:e9:13:24:7a:fd:e1:d2:ec:89:b0:09:
         71:f3:0b:7f:fd:a6:ec:13:4c:23:9b:c8:f1:8f:a2:e6:af:e5:
         48:72:e8:41:08:b4:f6:e1:fe:19:0f:89:91:dc:08:ee:5f:be:
         f9:0d:36:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7BSaJ2RbLw59SIh6q8XLDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzVjMDZhOGMwNmQ1ZGQ2NGZlNzZiMDkwYTNlMWUyYTQ5
OTZkYzgwHhcNMjYwNjEzMTQwMTI4WhcNMjYwNjE0MTQwMTI4WjAzMTEwLwYDVQQD
Eyg4Y2M0ZTZmNDc0ZGY2YTNlYjM5NzE5OTZkZTljNjRiMWY5ZjZmMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuimiwRoi6FZT975oDqZCUB0TVBgX
QNHbtrd9/Hus2UrilCxc01NKyj4p7eOWm4MwYkhEao35oSQ2ZypSQXz57AxuM3TF
wT7qH1TET26gXFf4fbWHexE1zvxmflmnOdprivOiNGp5lls0rmZ4nSTnEoYGhwx+
B24BjmnKBSp51NJ31v4NLkcYkIBFMLTCy+7RnffN5FkQJojWelC8lNYSKvRmyicq
MY/lSfjqsPSyA5U8ySTv3yzbqIO+6LSDNWSh33z9uoPHg11hWu6e5MufZrzmKM/i
5lIkDLfdUkoSdli7O3ID2IlR27D/buvb7D8M+QaBapkyEidyUDjEQuiOhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzE5vR032o+s5cZlt6cZLH59vGBMB8GA1UdIwQY
MBaAFB41wGqMBtXdZP52sJCj4eKkmW3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgt
OWI1ZDc2YTk0OWY0LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hYjQ1ZTQtNmVhMC00OTVmLThiNzgtOWI1ZDc2YTk0OWY0
LzEvSGpYQWFvd0cxZDFrX25hd2tLUGg0cVNaYmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiNkqgQrE
PZdK2HQ7J6Eaoj7xttpz9lUGEKuiWlgShsM+T67o2WO0bmhxwZtV/DYeVxGSfgyH
5F5LGnGzYzD5JABZpvXdAwaylP1EEOzLxOsKDMi0X6I3cjn0dUN5Gfhds8WEBLmY
xQMuWr2oREINFLA+TjWPJPs/bnkd7QODiUsyLW+NK+dR2V5B1WDMX3IxVbdVyvi3
x8C2akViusmq/LtJ5VByW0TZW/ljgikLRQXYCdDlY2Cxq7xbfGQPKQluZ0i/WYHC
lZSXkXlQJekTJHr94dLsibAJcfMLf/2m7BNMI5vI8Y+i5q/lSHLoQQi09uH+GQ+J
kdwI7l+++Q021Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 18:07:32 2026 by rpki-client