Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft
File:                     521525856CBBA6D9D2254221C280DC930734AAB8.mft (raw, json)
Hash identifier:          orNGiuunzbIAra79/e+1eILnp+kWTRqPeA3O9FTxRh4=
Subject key identifier:   AA:5E:90:DD:2E:11:F3:F1:05:00:0D:55:9C:07:8A:70:8D:C7:BB:9F
Authority key identifier: 52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8
Certificate issuer:       /CN=521525856CBBA6D9D2254221C280DC930734AAB8
Certificate serial:       324AAE2854C571119E3DE94521D1DB5EABE5703C
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft
Manifest number:          01CC
Signing time:             Fri 12 Jun 2026 21:59:35 +0000
Manifest this update:     Fri 12 Jun 2026 21:54:35 +0000
Manifest next update:     Sun 14 Jun 2026 01:13:35 +0000
Files and hashes:         1: 326130363a613030333a313333373a3a2f34382d3438203d3e20323030363736.roa (hash: y6dlRvQ6Ei4ylbtG2E1Fsbq6bkYPEiXc/hP5pnr/A5s=)
                          2: 326130363a613030333a3a2f34382d3438203d3e20323030363736.roa (hash: hctWuN+nHCxcPnxwlB0HaZTfqv5a4O8gc3WDRLEEUrc=)
                          3: 39342e32342e3130382e302f32342d3234203d3e20323030363736.roa (hash: HSErQq3crkyzVJa6g9ayoDntWunwG4uTUMd6ifKsOLU=)
                          4: 326130363a613030333a666666663a3a2f34382d3438203d3e203530373535.roa (hash: ZhHRzDFs7fBtUGvR8pxFCEtpL9Hraol9iZdGLjWUEvI=)
                          5: 326130363a613030333a313131313a3a2f34382d3438203d3e20323030363736.roa (hash: reSiEjWqNL5bMfSb8NDNP7L36wtpl2UMV26XqCjhnmE=)
                          6: 326130363a613030333a623030623a3a2f34382d3438203d3e20323030363736.roa (hash: Pecsaqccf5tHcdlTeF7bCwVmz7JER7H8qSHLGuqWRMI=)
                          7: 521525856CBBA6D9D2254221C280DC930734AAB8.crl (hash: ghhtMT2/s3s91uUi0D624EPPdW77wGePHu/0P0N/Cg4=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:13:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:4a:ae:28:54:c5:71:11:9e:3d:e9:45:21:d1:db:5e:ab:e5:70:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=521525856CBBA6D9D2254221C280DC930734AAB8
        Validity
            Not Before: Jun 12 21:54:35 2026 GMT
            Not After : Jun 14 01:13:35 2026 GMT
        Subject: CN=AA5E90DD2E11F3F105000D559C078A708DC7BB9F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:3d:00:5e:9b:b2:13:8a:c3:4e:e3:27:a3:7e:
                    05:cc:7f:c6:df:b8:77:e2:cc:28:5e:e9:d0:55:6b:
                    92:6d:7e:03:74:74:df:f5:06:26:39:fe:6b:05:94:
                    6f:b5:1b:ee:cb:67:94:fe:0e:52:66:a5:db:e3:ec:
                    ce:b2:e9:62:83:96:3c:91:b4:36:73:c6:db:1b:e7:
                    be:6d:11:67:dd:e5:84:c7:f7:02:4c:1b:1d:0d:7e:
                    a5:eb:61:d7:f0:20:1a:70:f4:c3:ed:98:ff:13:da:
                    75:49:8b:30:b1:19:d3:55:ba:af:cf:1c:ed:40:93:
                    c3:b5:3a:b8:16:05:cb:a3:51:aa:42:79:84:f6:53:
                    70:c4:4f:22:31:e6:c8:e6:c7:14:8f:a7:02:28:1c:
                    1b:45:1f:6e:28:b6:4e:1a:90:68:18:60:a1:b3:af:
                    1a:b7:3b:80:ec:5f:72:0f:2f:3e:93:2d:27:1e:b2:
                    13:83:a0:54:1a:80:cb:3f:89:7e:97:d4:4c:21:13:
                    e0:e7:d1:f6:7b:88:01:6f:45:b3:07:0c:79:16:a7:
                    6f:05:83:69:e5:c5:44:b6:e0:d4:05:9d:59:c9:1b:
                    a2:a9:05:19:f8:5c:db:aa:65:81:f8:83:a3:7b:6d:
                    26:25:8b:fb:13:17:3c:45:c9:f6:e4:66:79:b8:88:
                    e9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:5E:90:DD:2E:11:F3:F1:05:00:0D:55:9C:07:8A:70:8D:C7:BB:9F
            X509v3 Authority Key Identifier:
                keyid:52:15:25:85:6C:BB:A6:D9:D2:25:42:21:C2:80:DC:93:07:34:AA:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/521525856CBBA6D9D2254221C280DC930734AAB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2aca3ca6-34cc-4772-bac0-a35dd0195ce7/4/521525856CBBA6D9D2254221C280DC930734AAB8.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:0f:55:3d:bd:cd:08:80:73:c4:3d:04:36:82:36:91:3c:91:
         e5:0c:00:c5:86:34:c8:95:81:8d:ce:db:9f:50:6a:66:df:74:
         8a:c4:b3:7c:6d:53:06:c7:83:a9:ab:03:86:4c:64:f0:76:71:
         6c:9b:de:8e:d0:2e:91:60:42:97:52:67:b0:e2:cd:13:68:c5:
         54:77:a2:e4:85:25:8d:72:54:7b:e9:13:60:8a:5c:52:1c:47:
         67:27:a8:54:de:7c:49:f0:18:21:0a:db:2a:d2:c5:e5:c7:c5:
         38:c8:be:fb:e0:1b:da:9d:f1:7e:74:68:23:b0:7e:54:60:bc:
         0c:1d:0c:4c:29:bb:d8:2d:fc:e0:09:c5:f3:b1:e2:89:57:e6:
         21:3f:e2:f7:ff:35:b6:6c:bb:c5:48:ce:c5:d4:cc:c6:5b:22:
         88:a8:29:e4:40:ab:cb:98:f5:9c:82:2f:c1:c5:2c:50:28:da:
         03:82:9b:26:40:c1:8d:46:10:62:9c:55:83:06:f7:4f:ad:71:
         46:c3:da:e4:b4:d6:c6:34:d9:9e:a9:2a:99:65:55:3d:da:30:
         53:65:39:17:c3:4e:4b:13:86:89:24:c0:ea:06:82:b4:4c:44:
         0c:87:f6:53:39:e3:61:b6:6e:32:b3:e7:c7:3f:33:d4:5b:8c:
         b5:3e:93:4c
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUMkquKFTFcRGePelFIdHbXqvlcDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMw
NzM0QUFCODAeFw0yNjA2MTIyMTU0MzVaFw0yNjA2MTQwMTEzMzVaMDMxMTAvBgNV
BAMTKEFBNUU5MEREMkUxMUYzRjEwNTAwMEQ1NTlDMDc4QTcwOERDN0JCOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrPQBem7ITisNO4yejfgXMf8bf
uHfizChe6dBVa5JtfgN0dN/1BiY5/msFlG+1G+7LZ5T+DlJmpdvj7M6y6WKDljyR
tDZzxtsb575tEWfd5YTH9wJMGx0NfqXrYdfwIBpw9MPtmP8T2nVJizCxGdNVuq/P
HO1Ak8O1OrgWBcujUapCeYT2U3DETyIx5sjmxxSPpwIoHBtFH24otk4akGgYYKGz
rxq3O4DsX3IPLz6TLSceshODoFQagMs/iX6X1EwhE+Dn0fZ7iAFvRbMHDHkWp28F
g2nlxUS24NQFnVnJG6KpBRn4XNuqZYH4g6N7bSYli/sTFzxFyfbkZnm4iOkNAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUql6Q3S4R8/EFAA1VnAeKcI3Hu58wHwYDVR0j
BBgwFoAUUhUlhWy7ptnSJUIhwoDckwc0qrgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFjYTNjYTYtMzRjYy00NzcyLWJhYzAtYTM1ZGQwMTk1
Y2U3LzQvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0QUFCOC5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzcvNTIxNTI1ODU2Q0JCQTZEOUQyMjU0MjIxQzI4MERDOTMwNzM0
QUFCOC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yYWNhM2NhNi0z
NGNjLTQ3NzItYmFjMC1hMzVkZDAxOTVjZTcvNC81MjE1MjU4NTZDQkJBNkQ5RDIy
NTQyMjFDMjgwREM5MzA3MzRBQUI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKg9VPb3NCIBzxD0ENoI2
kTyR5QwAxYY0yJWBjc7bn1BqZt90isSzfG1TBseDqasDhkxk8HZxbJvejtAukWBC
l1JnsOLNE2jFVHei5IUljXJUe+kTYIpcUhxHZyeoVN58SfAYIQrbKtLF5cfFOMi+
++Ab2p3xfnRoI7B+VGC8DB0MTCm72C384AnF87HiiVfmIT/i9/81tmy7xUjOxdTM
xlsiiKgp5ECry5j1nIIvwcUsUCjaA4KbJkDBjUYQYpxVgwb3T61xRsPa5LTWxjTZ
nqkqmWVVPdowU2U5F8NOSxOGiSTA6gaCtExEDIf2UznjYbZuMrPnxz8z1FuMtT6T
TA==
-----END CERTIFICATE-----