Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.mft
File:                     hyd386vnZf-Is-jm24PSfDxiYTg.mft (raw, json)
Hash identifier:          ArfVZQfaPdGL4BwZReLFKf0Ovb01x3E7YZai9tED/2Q=
Subject key identifier:   4B:63:8A:DE:A6:69:E4:87:AA:E0:41:90:6F:F8:22:64:94:A9:A9:E4
Authority key identifier: 87:27:77:F3:AB:E7:65:FF:88:B3:E8:E6:DB:83:D2:7C:3C:62:61:38
Certificate issuer:       /CN=872777f3abe765ff88b3e8e6db83d27c3c626138
Certificate serial:       019D2B4E74A6A2754AB215A823C3550447D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hyd386vnZf-Is-jm24PSfDxiYTg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.mft
Manifest number:          04AB
Signing time:             Thu 26 Mar 2026 18:00:54 +0000
Manifest this update:     Thu 26 Mar 2026 18:00:54 +0000
Manifest next update:     Fri 27 Mar 2026 18:00:54 +0000
Files and hashes:         1: 1-viZKzZcs2hL671huJpZke8oCa8.roa (hash: +mu7L8sH0WKwCKuSeMKrM/p/c/OlxP69D6YYgy4YRII=)
                          2: hyd386vnZf-Is-jm24PSfDxiYTg.crl (hash: N3G99P3IvKwpcXIlug0nqb7v56uhfnY/HNoXyfaNZko=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hyd386vnZf-Is-jm24PSfDxiYTg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2b:4e:74:a6:a2:75:4a:b2:15:a8:23:c3:55:04:47:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=872777f3abe765ff88b3e8e6db83d27c3c626138
        Validity
            Not Before: Mar 26 18:00:54 2026 GMT
            Not After : Mar 27 18:00:54 2026 GMT
        Subject: CN=4b638adea669e487aae041906ff8226494a9a9e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:eb:cc:7f:da:66:60:02:57:0a:79:7c:db:c9:
                    74:b4:20:74:88:64:35:27:69:58:aa:b9:3a:22:72:
                    52:ee:5f:90:a3:f1:1a:45:b9:86:74:e4:dc:bb:bb:
                    3e:88:4d:f5:b7:e6:e3:31:b2:05:d6:59:b8:d4:46:
                    f7:44:26:dd:6d:4a:b8:28:10:60:e8:15:38:c6:9c:
                    54:72:8d:15:9e:3e:cd:63:e3:fd:dc:78:9d:54:be:
                    37:2d:25:db:f3:98:c9:72:3e:e1:06:93:b8:79:86:
                    df:37:ee:b2:c8:08:12:78:af:3d:07:0e:b4:9e:c6:
                    ea:a1:42:d2:85:a2:61:2d:c8:69:14:a6:e7:a1:a0:
                    c8:1d:6d:de:c4:46:a6:4d:5a:d6:86:74:fa:a5:f9:
                    c8:58:62:09:2c:fa:b8:1c:1e:59:eb:70:01:0f:8f:
                    81:7c:3d:a0:e4:d3:9d:ac:f5:fd:71:8d:aa:7c:93:
                    68:d6:1b:ef:0c:27:64:07:44:f8:06:40:83:f8:b9:
                    3d:0f:03:94:90:e8:50:c0:db:76:71:83:45:70:b5:
                    ff:25:dd:9b:68:7b:ed:ec:e8:f5:16:69:4f:4a:47:
                    9d:96:49:0d:e8:ae:93:23:50:03:0a:ae:2b:66:f3:
                    55:85:61:90:18:12:53:ee:e0:e5:cc:ab:b6:b0:cd:
                    8f:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:63:8A:DE:A6:69:E4:87:AA:E0:41:90:6F:F8:22:64:94:A9:A9:E4
            X509v3 Authority Key Identifier:
                keyid:87:27:77:F3:AB:E7:65:FF:88:B3:E8:E6:DB:83:D2:7C:3C:62:61:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyd386vnZf-Is-jm24PSfDxiYTg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/7a7ef6-372a-4b74-92f2-41b468f3aab0/1/hyd386vnZf-Is-jm24PSfDxiYTg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:69:df:ce:c7:3b:39:75:a8:f4:94:34:60:ef:fb:f0:8b:2b:
         53:13:e7:bd:28:84:07:35:d2:b4:5e:ff:b7:5f:58:e4:f4:2d:
         60:83:c1:ab:20:2c:95:ed:d2:f4:53:5c:ed:22:01:fe:35:39:
         c5:c0:ff:3f:36:ed:f9:2a:5f:97:3a:10:39:ac:d6:f4:f1:30:
         79:7b:1a:d1:b6:72:24:d4:8e:84:7d:b8:57:71:b1:b8:20:44:
         dd:ce:ee:be:b2:6b:90:3d:82:8e:b8:ca:c4:d4:ca:1e:50:f8:
         86:34:6e:d9:52:11:a6:da:fe:2a:ac:c9:e7:25:19:62:1c:a1:
         26:34:4f:14:72:7f:a6:8f:0a:41:92:21:e6:51:e4:58:71:9b:
         76:c4:6b:a2:e5:51:4c:71:c8:24:fc:37:01:91:68:5d:ce:99:
         f4:82:63:f0:d4:60:4b:1d:dc:11:1b:73:b7:6c:5f:a1:1d:5a:
         eb:b5:9c:2c:8b:6d:24:20:7b:e6:a6:dd:04:ba:1a:9e:f4:ce:
         a0:83:ed:21:78:02:f2:af:fa:68:84:e1:b1:0a:a9:97:c0:5b:
         2d:ec:a9:da:03:c5:db:ed:d8:1e:08:c2:c6:2a:5f:0f:29:91:
         7f:cb:94:dd:3f:36:52:e6:29:f4:77:47:1c:62:1b:8e:ea:11:
         30:84:10:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTnSmonVKshWoI8NVBEfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3Mjc3N2YzYWJlNzY1ZmY4OGIzZThlNmRiODNkMjdjM2M2
MjYxMzgwHhcNMjYwMzI2MTgwMDU0WhcNMjYwMzI3MTgwMDU0WjAzMTEwLwYDVQQD
Eyg0YjYzOGFkZWE2NjllNDg3YWFlMDQxOTA2ZmY4MjI2NDk0YTlhOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uvMf9pmYAJXCnl828l0tCB0iGQ1
J2lYqrk6InJS7l+Qo/EaRbmGdOTcu7s+iE31t+bjMbIF1lm41Eb3RCbdbUq4KBBg
6BU4xpxUco0Vnj7NY+P93HidVL43LSXb85jJcj7hBpO4eYbfN+6yyAgSeK89Bw60
nsbqoULShaJhLchpFKbnoaDIHW3exEamTVrWhnT6pfnIWGIJLPq4HB5Z63ABD4+B
fD2g5NOdrPX9cY2qfJNo1hvvDCdkB0T4BkCD+Lk9DwOUkOhQwNt2cYNFcLX/Jd2b
aHvt7Oj1FmlPSkedlkkN6K6TI1ADCq4rZvNVhWGQGBJT7uDlzKu2sM2PYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEtjit6maeSHquBBkG/4ImSUqankMB8GA1UdIwQY
MBaAFIcnd/Or52X/iLPo5tuD0nw8YmE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlkMzg2dm5aZi1Jcy1qbTI0UFNmRHhpWVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83YTdlZjYtMzcyYS00Yjc0LTkyZjIt
NDFiNDY4ZjNhYWIwLzEvaHlkMzg2dm5aZi1Jcy1qbTI0UFNmRHhpWVRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83YTdlZjYtMzcyYS00Yjc0LTkyZjItNDFiNDY4ZjNhYWIw
LzEvaHlkMzg2dm5aZi1Jcy1qbTI0UFNmRHhpWVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALGnfzsc7
OXWo9JQ0YO/78IsrUxPnvSiEBzXStF7/t19Y5PQtYIPBqyAsle3S9FNc7SIB/jU5
xcD/Pzbt+SpflzoQOazW9PEweXsa0bZyJNSOhH24V3GxuCBE3c7uvrJrkD2CjrjK
xNTKHlD4hjRu2VIRptr+KqzJ5yUZYhyhJjRPFHJ/po8KQZIh5lHkWHGbdsRrouVR
THHIJPw3AZFoXc6Z9IJj8NRgSx3cERtzt2xfoR1a67WcLIttJCB75qbdBLoanvTO
oIPtIXgC8q/6aIThsQqpl8BbLeyp2gPF2+3YHgjCxipfDymRf8uU3T82UuYp9HdH
HGIbjuoRMIQQ0Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:15:35 2026 by rpki-client