Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/03d0e2-a49e-4371-b21c-5015e1208119/1/UqZcYoSDp1Zoi7FYwoq3wNR94nw.mft
File:                     UqZcYoSDp1Zoi7FYwoq3wNR94nw.mft (raw, json)
Hash identifier:          mvVU1k6al6+rReKfpyj/IH2sPA0MzCL6TSzR9BKtHyk=
Subject key identifier:   A7:76:1D:D5:8E:B6:33:34:72:3E:82:CE:13:BA:58:AE:6A:35:6C:76
Authority key identifier: 52:A6:5C:62:84:83:A7:56:68:8B:B1:58:C2:8A:B7:C0:D4:7D:E2:7C
Certificate issuer:       /CN=52a65c628483a756688bb158c28ab7c0d47de27c
Certificate serial:       019D265F2472B5BAAFA0F088827611F401F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UqZcYoSDp1Zoi7FYwoq3wNR94nw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/03d0e2-a49e-4371-b21c-5015e1208119/1/UqZcYoSDp1Zoi7FYwoq3wNR94nw.mft
Manifest number:          0658
Signing time:             Wed 25 Mar 2026 19:01:02 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:02 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:02 +0000
Files and hashes:         1: La2aKUWeZDjg9QmjOG5Ypn3DLPs.roa (hash: 0EBH5b7C6wuxTeA4u0lRX6AP5UIiFNUIOVkyZ9JGpK4=)
                          2: UqZcYoSDp1Zoi7FYwoq3wNR94nw.crl (hash: ONbgnrj3jnfMA5pLcVfK0yIQyoBQXlGJtocawGOmAM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/03d0e2-a49e-4371-b21c-5015e1208119/1/UqZcYoSDp1Zoi7FYwoq3wNR94nw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/03d0e2-a49e-4371-b21c-5015e1208119/1/UqZcYoSDp1Zoi7FYwoq3wNR94nw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UqZcYoSDp1Zoi7FYwoq3wNR94nw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:24:72:b5:ba:af:a0:f0:88:82:76:11:f4:01:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52a65c628483a756688bb158c28ab7c0d47de27c
        Validity
            Not Before: Mar 25 19:01:02 2026 GMT
            Not After : Mar 26 19:01:02 2026 GMT
        Subject: CN=a7761dd58eb63334723e82ce13ba58ae6a356c76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:af:20:c3:f0:21:06:de:a5:ef:b8:7c:f2:55:
                    73:f1:d5:34:71:8b:f6:29:9d:22:4a:04:f3:b4:bb:
                    7f:1b:ff:0d:7d:1f:b5:9c:3d:eb:6b:71:42:7a:c9:
                    16:c6:c5:c9:c6:32:67:fd:c4:22:8f:0d:af:d4:1a:
                    47:07:c8:9b:4e:0b:b2:69:90:76:10:35:e4:e9:eb:
                    99:4c:8e:a5:91:f3:34:38:b3:21:1b:81:89:b0:72:
                    82:1d:76:5b:ba:93:dc:64:f7:a4:66:51:91:09:88:
                    d2:26:8d:7f:0d:84:4e:1c:0f:11:51:cb:81:dc:53:
                    ae:d3:f7:5c:dc:b9:26:40:ee:36:26:79:65:67:50:
                    19:2e:d7:dc:93:33:8c:2b:36:3b:d6:68:3a:a9:60:
                    61:04:28:0c:1a:af:08:9e:ce:73:41:f2:89:f9:3f:
                    f3:a8:0f:8d:2d:57:d5:61:93:b5:ba:69:fa:7d:1c:
                    14:ca:cf:c5:37:8a:85:41:a0:ed:c1:13:ed:07:79:
                    8b:b3:1e:da:1b:d9:ef:2c:4b:00:e0:f6:dd:cb:28:
                    79:da:ee:90:eb:3c:cb:f1:3a:87:4f:17:e9:56:b8:
                    c7:95:a9:0f:ae:ae:c1:12:95:fe:f4:98:a8:44:42:
                    50:85:f8:f0:1f:e5:31:f4:12:bd:dd:57:d7:a8:99:
                    42:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:76:1D:D5:8E:B6:33:34:72:3E:82:CE:13:BA:58:AE:6A:35:6C:76
            X509v3 Authority Key Identifier:
                keyid:52:A6:5C:62:84:83:A7:56:68:8B:B1:58:C2:8A:B7:C0:D4:7D:E2:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqZcYoSDp1Zoi7FYwoq3wNR94nw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/03d0e2-a49e-4371-b21c-5015e1208119/1/UqZcYoSDp1Zoi7FYwoq3wNR94nw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/03d0e2-a49e-4371-b21c-5015e1208119/1/UqZcYoSDp1Zoi7FYwoq3wNR94nw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:2a:62:16:51:5f:ab:4f:ca:a7:fa:0a:fa:cc:f3:4b:19:f8:
         1c:fd:ab:37:98:ab:05:05:0a:ec:0f:cd:68:3e:04:71:08:eb:
         d7:a7:c3:bb:89:2f:81:5c:0e:c3:9f:0d:14:5e:aa:d5:2c:b7:
         ed:eb:5c:b0:68:da:fe:cd:49:02:5e:86:11:2e:4b:7a:ca:c6:
         6d:e4:39:ab:0d:b8:d9:70:a1:e8:98:cb:15:1f:ef:f6:11:37:
         e9:7b:89:d1:3d:e8:77:50:73:8f:75:6e:d7:b6:3b:66:f5:09:
         75:51:05:7f:8f:3a:5c:d8:07:0b:07:1e:44:a4:24:55:65:ee:
         77:cb:b0:51:b9:22:12:a3:ab:e1:76:cb:85:0a:32:b8:a7:28:
         8e:7c:4e:1a:b3:4e:f5:c0:66:8a:9f:e6:06:3d:bc:fc:fa:b9:
         eb:cf:bb:49:83:50:09:9d:f4:a1:c4:60:75:4c:05:4b:ff:19:
         c6:dc:66:ee:f9:6d:d4:c2:ad:48:f1:49:d7:da:c4:8d:45:19:
         39:da:a2:b7:50:50:17:10:10:92:6f:ce:4c:6e:f2:59:75:a2:
         ad:c2:63:e7:7b:30:0a:66:fa:03:f5:9c:4c:48:0e:0c:a0:1c:
         e3:fc:81:e7:ec:50:95:bf:53:05:8c:26:92:a7:5f:cc:70:92:
         4b:25:c9:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXyRytbqvoPCIgnYR9AHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYTY1YzYyODQ4M2E3NTY2ODhiYjE1OGMyOGFiN2MwZDQ3
ZGUyN2MwHhcNMjYwMzI1MTkwMTAyWhcNMjYwMzI2MTkwMTAyWjAzMTEwLwYDVQQD
EyhhNzc2MWRkNThlYjYzMzM0NzIzZTgyY2UxM2JhNThhZTZhMzU2Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq8gw/AhBt6l77h88lVz8dU0cYv2
KZ0iSgTztLt/G/8NfR+1nD3ra3FCeskWxsXJxjJn/cQijw2v1BpHB8ibTguyaZB2
EDXk6euZTI6lkfM0OLMhG4GJsHKCHXZbupPcZPekZlGRCYjSJo1/DYROHA8RUcuB
3FOu0/dc3LkmQO42JnllZ1AZLtfckzOMKzY71mg6qWBhBCgMGq8Ins5zQfKJ+T/z
qA+NLVfVYZO1umn6fRwUys/FN4qFQaDtwRPtB3mLsx7aG9nvLEsA4Pbdyyh52u6Q
6zzL8TqHTxfpVrjHlakPrq7BEpX+9JioREJQhfjwH+Ux9BK93VfXqJlC8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKd2HdWOtjM0cj6CzhO6WK5qNWx2MB8GA1UdIwQY
MBaAFFKmXGKEg6dWaIuxWMKKt8DUfeJ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFaY1lvU0RwMVpvaTdGWXdvcTN3TlI5NG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wM2QwZTItYTQ5ZS00MzcxLWIyMWMt
NTAxNWUxMjA4MTE5LzEvVXFaY1lvU0RwMVpvaTdGWXdvcTN3TlI5NG53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wM2QwZTItYTQ5ZS00MzcxLWIyMWMtNTAxNWUxMjA4MTE5
LzEvVXFaY1lvU0RwMVpvaTdGWXdvcTN3TlI5NG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYSpiFlFf
q0/Kp/oK+szzSxn4HP2rN5irBQUK7A/NaD4EcQjr16fDu4kvgVwOw58NFF6q1Sy3
7etcsGja/s1JAl6GES5LesrGbeQ5qw242XCh6JjLFR/v9hE36XuJ0T3od1Bzj3Vu
17Y7ZvUJdVEFf486XNgHCwceRKQkVWXud8uwUbkiEqOr4XbLhQoyuKcojnxOGrNO
9cBmip/mBj28/Pq568+7SYNQCZ30ocRgdUwFS/8Zxtxm7vlt1MKtSPFJ19rEjUUZ
Odqit1BQFxAQkm/OTG7yWXWircJj53swCmb6A/WcTEgODKAc4/yB5+xQlb9TBYwm
kqdfzHCSSyXJ9Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:56:19 2026 by rpki-client