Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.mft
File:                     hyd386vnZf-Is-jm24PSfDxiYTg.mft (raw, json)
Hash identifier:          pwAcXMYjxpcGnBEVbZfuFW23TNdm9kCcvbDqnQ6h24E=
Subject key identifier:   A0:DF:4C:0A:E7:6C:4A:0A:9A:69:25:C5:13:2B:9A:B2:99:68:51:E5
Authority key identifier: 87:27:77:F3:AB:E7:65:FF:88:B3:E8:E6:DB:83:D2:7C:3C:62:61:38
Certificate issuer:       /CN=872777f3abe765ff88b3e8e6db83d27c3c626138
Certificate serial:       019D2961420799E4D894FC68A6034CCDD008
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyd386vnZf-Is-jm24PSfDxiYTg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.mft
Manifest number:          04AA
Signing time:             Thu 26 Mar 2026 09:02:12 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:12 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:12 +0000
Files and hashes:         1: 1-viZKzZcs2hL671huJpZke8oCa8.roa (hash: +mu7L8sH0WKwCKuSeMKrM/p/c/OlxP69D6YYgy4YRII=)
                          2: hyd386vnZf-Is-jm24PSfDxiYTg.crl (hash: G7QtVSIvW8PkI0653LhWs9cVDfyEiHNn+LBe3E1fDkk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyd386vnZf-Is-jm24PSfDxiYTg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:42:07:99:e4:d8:94:fc:68:a6:03:4c:cd:d0:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=872777f3abe765ff88b3e8e6db83d27c3c626138
        Validity
            Not Before: Mar 26 09:02:12 2026 GMT
            Not After : Mar 27 09:02:12 2026 GMT
        Subject: CN=a0df4c0ae76c4a0a9a6925c5132b9ab2996851e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:eb:44:cf:38:88:1a:0c:ee:14:14:36:e5:93:
                    6b:72:f5:0b:76:78:48:be:f8:0a:ce:bc:33:0b:b7:
                    d2:7c:4b:b7:fa:0a:47:0d:33:09:e2:96:f0:b1:13:
                    d0:82:0a:d3:4d:15:15:24:c1:36:62:2a:eb:58:44:
                    ad:44:d4:c7:77:a1:92:84:44:fe:15:29:da:cc:dc:
                    85:c5:65:d4:74:76:26:df:4a:02:fe:38:f6:36:48:
                    3d:19:4b:26:9d:56:6d:bd:5d:4f:88:83:19:b0:1f:
                    cd:06:2c:f6:d2:56:27:02:e5:e6:59:c4:61:1e:02:
                    07:d9:85:97:6d:09:64:4d:4a:91:13:5b:f3:b2:36:
                    a8:8b:cc:c6:2f:70:26:d7:58:b0:3f:cb:e1:3f:0a:
                    20:30:00:45:c9:74:29:9c:bf:0e:32:15:9c:3e:7c:
                    d9:b0:11:a6:ec:cf:ec:bf:28:39:34:e3:01:31:28:
                    8d:ff:ba:42:7e:4c:1a:40:bd:4b:57:b3:5f:76:c0:
                    04:3c:3c:3f:4b:24:9e:1f:b2:6f:5f:2a:4d:95:1c:
                    58:c0:eb:97:eb:bc:ea:c9:3f:60:8e:03:5c:0a:2f:
                    7a:d4:4c:4d:1d:4f:d6:dc:93:25:95:fb:70:31:ad:
                    06:82:68:e7:84:36:d1:7f:5f:9b:82:d0:aa:ed:81:
                    f7:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:DF:4C:0A:E7:6C:4A:0A:9A:69:25:C5:13:2B:9A:B2:99:68:51:E5
            X509v3 Authority Key Identifier:
                keyid:87:27:77:F3:AB:E7:65:FF:88:B3:E8:E6:DB:83:D2:7C:3C:62:61:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyd386vnZf-Is-jm24PSfDxiYTg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:ab:3e:e8:ce:11:fa:f4:8e:90:51:93:5d:12:27:99:2b:e8:
         53:14:ae:03:af:03:61:e3:f4:89:b6:73:4e:ee:a3:10:92:4f:
         c7:60:51:40:55:83:11:52:a9:6d:f7:85:32:9d:d6:e2:5b:bd:
         64:eb:7b:ee:6b:a1:06:c4:ec:57:b5:64:f4:b9:b7:75:b2:68:
         95:dc:19:b6:88:0c:ec:ba:f3:16:2a:52:5e:18:0e:1b:b5:d0:
         40:70:8f:56:43:1c:cd:63:01:9c:db:2b:fd:3f:61:f4:bb:8a:
         02:00:c6:45:33:6c:a1:38:a3:de:ad:c0:3f:dc:80:8a:cb:77:
         22:a8:ec:7b:9c:af:c6:aa:cb:3a:47:eb:71:98:88:2f:b8:fd:
         fb:a0:84:da:cc:59:08:e9:a0:8f:f5:0e:c6:d3:d4:73:5d:bd:
         dc:09:e3:d1:f4:f9:9e:98:8c:e3:2d:d5:a0:31:e2:a9:3d:44:
         38:f1:01:bf:8e:a3:cd:75:35:03:fc:88:de:81:01:20:ee:bf:
         dd:e6:0b:c9:85:e4:51:86:58:75:61:5c:39:16:8c:38:31:74:
         7f:61:f4:5d:01:7a:a7:e7:07:68:f3:68:95:43:82:82:c0:16:
         f5:5a:22:44:cc:31:c3:ea:07:c8:a2:4b:8f:12:9f:60:35:5c:
         c5:b2:5e:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYUIHmeTYlPxopgNMzdAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3Mjc3N2YzYWJlNzY1ZmY4OGIzZThlNmRiODNkMjdjM2M2
MjYxMzgwHhcNMjYwMzI2MDkwMjEyWhcNMjYwMzI3MDkwMjEyWjAzMTEwLwYDVQQD
EyhhMGRmNGMwYWU3NmM0YTBhOWE2OTI1YzUxMzJiOWFiMjk5Njg1MWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+tEzziIGgzuFBQ25ZNrcvULdnhI
vvgKzrwzC7fSfEu3+gpHDTMJ4pbwsRPQggrTTRUVJME2YirrWEStRNTHd6GShET+
FSnazNyFxWXUdHYm30oC/jj2Nkg9GUsmnVZtvV1PiIMZsB/NBiz20lYnAuXmWcRh
HgIH2YWXbQlkTUqRE1vzsjaoi8zGL3Am11iwP8vhPwogMABFyXQpnL8OMhWcPnzZ
sBGm7M/svyg5NOMBMSiN/7pCfkwaQL1LV7NfdsAEPDw/SySeH7JvXypNlRxYwOuX
67zqyT9gjgNcCi961ExNHU/W3JMllftwMa0GgmjnhDbRf1+bgtCq7YH38wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKDfTArnbEoKmmklxRMrmrKZaFHlMB8GA1UdIwQY
MBaAFIcnd/Or52X/iLPo5tuD0nw8YmE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlkMzg2dm5aZi1Jcy1qbTI0UFNmRHhpWVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83YTdlZjYtMzcyYS00Yjc0LTkyZjIt
NDFiNDY4ZjNhYWIwLzEvaHlkMzg2dm5aZi1Jcy1qbTI0UFNmRHhpWVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83YTdlZjYtMzcyYS00Yjc0LTkyZjItNDFiNDY4ZjNhYWIw
LzEvaHlkMzg2dm5aZi1Jcy1qbTI0UFNmRHhpWVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj6s+6M4R
+vSOkFGTXRInmSvoUxSuA68DYeP0ibZzTu6jEJJPx2BRQFWDEVKpbfeFMp3W4lu9
ZOt77muhBsTsV7Vk9Lm3dbJoldwZtogM7LrzFipSXhgOG7XQQHCPVkMczWMBnNsr
/T9h9LuKAgDGRTNsoTij3q3AP9yAist3Iqjse5yvxqrLOkfrcZiIL7j9+6CE2sxZ
COmgj/UOxtPUc1293Anj0fT5npiM4y3VoDHiqT1EOPEBv46jzXU1A/yI3oEBIO6/
3eYLyYXkUYZYdWFcORaMODF0f2H0XQF6p+cHaPNolUOCgsAW9VoiRMwxw+oHyKJL
jxKfYDVcxbJe3g==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:04:09 2026 by rpki-client