Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft
File:                     IATWKTJ0OW9ajWkUhdaHagogcdk.mft (raw, json)
Hash identifier:          5Hneoco2SuNkziJ5U7K9IHbDfXC9xAEXQwm7LhQrglY=
Subject key identifier:   B9:D7:4B:A9:0B:74:F2:31:20:E1:2D:84:E8:3B:1F:AC:39:CF:84:D9
Authority key identifier: 20:04:D6:29:32:74:39:6F:5A:8D:69:14:85:D6:87:6A:0A:20:71:D9
Certificate issuer:       /CN=2004d6293274396f5a8d691485d6876a0a2071d9
Certificate serial:       019D2AA9C7C1D1780D7CE54505FBDEAFC599
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft
Manifest number:          1529
Signing time:             Thu 26 Mar 2026 15:01:02 +0000
Manifest this update:     Thu 26 Mar 2026 15:01:02 +0000
Manifest next update:     Fri 27 Mar 2026 15:01:02 +0000
Files and hashes:         1: IATWKTJ0OW9ajWkUhdaHagogcdk.crl (hash: U2qvW1ZPvOr1tGVuRsModwMsTzpFAiehFNuck4auFuI=)
                          2: hnmnA26xKXY54jFPUcSN_0PAckk.roa (hash: iZnIOMbwxqj7gdSqvCeT/1vFVrhvoJ0Z39/9nmcH68s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 15:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:a9:c7:c1:d1:78:0d:7c:e5:45:05:fb:de:af:c5:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2004d6293274396f5a8d691485d6876a0a2071d9
        Validity
            Not Before: Mar 26 15:01:02 2026 GMT
            Not After : Mar 27 15:01:02 2026 GMT
        Subject: CN=b9d74ba90b74f23120e12d84e83b1fac39cf84d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f7:ae:10:9e:f0:d4:05:4e:95:6f:6f:02:4c:
                    be:fe:af:78:de:96:5d:a7:dd:ee:12:f3:67:74:a4:
                    e3:55:aa:e8:f4:93:b9:1a:e8:66:b3:3c:76:2e:8a:
                    3d:a1:09:20:f9:7e:37:e2:56:5d:91:55:60:fc:32:
                    c8:13:8c:5d:74:e0:a6:9e:78:51:d4:1f:8c:8b:ad:
                    31:66:ae:20:3e:c2:7f:99:1f:a7:43:ea:7f:94:c0:
                    37:2a:a5:95:5a:8a:85:13:9d:6b:f9:6a:4e:7c:81:
                    70:14:b6:29:f4:40:38:01:4d:70:e3:de:bb:43:12:
                    f9:a3:e4:11:6a:b1:34:1e:d8:7a:4f:94:59:ba:f0:
                    bd:82:c8:bb:a8:4e:bd:58:8d:f0:bd:cb:6a:75:5d:
                    e4:4a:57:9c:2e:96:68:99:7d:20:12:c3:54:f1:fb:
                    9c:c0:e6:91:1e:bb:f9:e5:2e:18:d6:b2:44:d3:75:
                    88:3b:ff:2d:1b:9c:eb:9a:c4:cd:73:0d:46:89:c9:
                    92:4e:62:75:6d:8d:80:6e:5c:b4:ee:a8:5d:d3:dc:
                    0c:bd:c8:9f:5d:15:e3:dc:0a:57:a6:c9:7b:9e:0e:
                    41:0c:4c:3a:45:13:77:9b:1d:23:f8:94:47:2b:58:
                    0b:df:a2:08:05:4e:80:55:b5:a2:57:6c:00:54:d8:
                    08:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:D7:4B:A9:0B:74:F2:31:20:E1:2D:84:E8:3B:1F:AC:39:CF:84:D9
            X509v3 Authority Key Identifier:
                keyid:20:04:D6:29:32:74:39:6F:5A:8D:69:14:85:D6:87:6A:0A:20:71:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IATWKTJ0OW9ajWkUhdaHagogcdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e5cbd-4d5a-4ed6-b1c2-4ef9cc751517/1/IATWKTJ0OW9ajWkUhdaHagogcdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:6f:b5:5e:36:39:67:04:9a:b7:15:c4:21:7e:54:d9:3d:3a:
         e0:e4:ec:3c:b1:2a:42:bc:a8:90:0a:5a:ee:4b:ef:5d:04:8f:
         c0:54:4b:4c:53:e6:a0:61:96:b5:0f:c6:33:9f:96:27:90:db:
         bf:98:8e:88:85:bf:d8:d5:9c:b0:1f:d5:8e:3b:19:50:5b:ed:
         ea:c9:9f:e8:a2:b9:4b:e7:7c:6e:ea:f7:6d:a6:a0:f2:8f:5d:
         b3:7a:f3:29:ba:1b:f3:a8:68:82:a1:a0:76:6c:1c:52:c7:a0:
         7d:64:82:e7:f0:3b:6f:ec:90:6e:96:14:12:39:9e:15:41:cb:
         ab:88:8e:54:ef:f2:8c:95:f6:6b:53:7a:bf:b6:8c:98:1a:25:
         e8:a1:41:98:44:46:13:a8:11:53:7d:c4:bd:80:11:a1:ce:1b:
         8d:9a:1d:98:ac:01:15:4a:40:88:9a:c4:fd:f3:61:a1:cc:96:
         38:a5:7e:2f:41:62:11:c3:d3:78:ac:d2:d1:b8:20:d2:16:28:
         4d:92:5d:ae:d3:26:28:d8:cf:e1:24:e5:dd:04:8d:83:c5:d6:
         b0:c1:69:40:35:7b:bd:1a:33:61:c1:6a:3c:d1:27:48:d3:86:
         cd:0d:7e:20:56:1e:b2:6e:51:79:8d:79:99:84:0b:c5:0c:dd:
         6d:c2:87:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qqcfB0XgNfOVFBfver8WZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMDRkNjI5MzI3NDM5NmY1YThkNjkxNDg1ZDY4NzZhMGEy
MDcxZDkwHhcNMjYwMzI2MTUwMTAyWhcNMjYwMzI3MTUwMTAyWjAzMTEwLwYDVQQD
EyhiOWQ3NGJhOTBiNzRmMjMxMjBlMTJkODRlODNiMWZhYzM5Y2Y4NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PeuEJ7w1AVOlW9vAky+/q943pZd
p93uEvNndKTjVaro9JO5Guhmszx2Loo9oQkg+X434lZdkVVg/DLIE4xddOCmnnhR
1B+Mi60xZq4gPsJ/mR+nQ+p/lMA3KqWVWoqFE51r+WpOfIFwFLYp9EA4AU1w4967
QxL5o+QRarE0Hth6T5RZuvC9gsi7qE69WI3wvctqdV3kSlecLpZomX0gEsNU8fuc
wOaRHrv55S4Y1rJE03WIO/8tG5zrmsTNcw1GicmSTmJ1bY2Ably07qhd09wMvcif
XRXj3ApXpsl7ng5BDEw6RRN3mx0j+JRHK1gL36IIBU6AVbWiV2wAVNgIRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnXS6kLdPIxIOEthOg7H6w5z4TZMB8GA1UdIwQY
MBaAFCAE1ikydDlvWo1pFIXWh2oKIHHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTVjYmQtNGQ1YS00ZWQ2LWIxYzIt
NGVmOWNjNzUxNTE3LzEvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZTVjYmQtNGQ1YS00ZWQ2LWIxYzItNGVmOWNjNzUxNTE3
LzEvSUFUV0tUSjBPVzlhaldrVWhkYUhhZ29nY2RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZm+1XjY5
ZwSatxXEIX5U2T064OTsPLEqQryokApa7kvvXQSPwFRLTFPmoGGWtQ/GM5+WJ5Db
v5iOiIW/2NWcsB/VjjsZUFvt6smf6KK5S+d8bur3baag8o9ds3rzKbob86hogqGg
dmwcUsegfWSC5/A7b+yQbpYUEjmeFUHLq4iOVO/yjJX2a1N6v7aMmBol6KFBmERG
E6gRU33EvYARoc4bjZodmKwBFUpAiJrE/fNhocyWOKV+L0FiEcPTeKzS0bgg0hYo
TZJdrtMmKNjP4STl3QSNg8XWsMFpQDV7vRozYcFqPNEnSNOGzQ1+IFYesm5ReY15
mYQLxQzdbcKHtQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:15:27 2026 by rpki-client