Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft
File:                     3-4r9D8hqBxJLG5qn8bwdNLwohc.mft (raw, json)
Hash identifier:          drh08klc53vjOJbbA3eSsACt2HtRZ12LxU9wjMv+sGM=
Subject key identifier:   9A:34:F9:FC:68:0F:E2:61:0B:8D:74:7D:D6:B4:23:77:B3:E3:28:A7
Authority key identifier: DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17
Certificate issuer:       /CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
Certificate serial:       019D2960F4E1CD6B9627EAC2AD03C7F04DBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft
Manifest number:          1894
Signing time:             Thu 26 Mar 2026 09:01:53 +0000
Manifest this update:     Thu 26 Mar 2026 09:01:53 +0000
Manifest next update:     Fri 27 Mar 2026 09:01:53 +0000
Files and hashes:         1: 1fQajHTJp0S8KUunDd6YeyFtENM.roa (hash: mmAzmTwR/ELzJWO/mTGxkNnXnKiWntSSUF9kf4/Kzb4=)
                          2: 3-4r9D8hqBxJLG5qn8bwdNLwohc.crl (hash: rwNIzJu8y0dwPWHSCRC3ohMkEk1i1A1iZ8ujug08f70=)
                          3: 6I-aggcE89s528aMt_8CuZqJ61A.roa (hash: 1l0d6AnGSzNrEZie8Z3fZ9Fg7c3oqYcQ4vM6hMLN2Xk=)
                          4: AFp3F2X8yQTaBQfkM_zsF9UYmww.roa (hash: 7p1zPt6PNmGU8W+3TijuQxRqjYyJqKF96JpQUyZBeZY=)
                          5: EHQpUpEMo4S4SvN6ygFHQVkQJ6A.roa (hash: aL98OrOlu07CFPxf6rwXnJMO4vbO/beSHKJmE+F/5nQ=)
                          6: l6dcV9zJ9n_Ctd5EzzonA7X-jFo.roa (hash: mwxDuvlYfTCoynYTFAQOpS/BivdbtxW1voj1voq8fsg=)
                          7: rrxhY0T34NFm8dBURFOGg9BvJjw.roa (hash: CAUMQZvZz6QKlQgRUZEx4oRHdyyDBXGnUQ6HYMNXgDk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:60:f4:e1:cd:6b:96:27:ea:c2:ad:03:c7:f0:4d:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfee2bf43f21a81c492c6e6a9fc6f074d2f0a217
        Validity
            Not Before: Mar 26 09:01:53 2026 GMT
            Not After : Mar 27 09:01:53 2026 GMT
        Subject: CN=9a34f9fc680fe2610b8d747dd6b42377b3e328a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:55:4a:1b:a5:38:dd:5c:e5:51:62:11:9c:18:
                    3c:96:38:e9:5e:b4:e3:a9:c1:1a:dc:ba:99:2e:05:
                    8f:b4:a2:51:c5:d8:83:ae:82:1a:10:71:94:af:f3:
                    02:2e:97:34:17:05:a5:cf:81:af:12:b8:e7:4a:34:
                    f7:1b:e5:0b:8c:87:c9:a4:3e:44:cf:7c:a2:31:90:
                    64:4f:39:41:6a:2e:68:4d:51:fb:17:51:37:e3:a1:
                    da:b1:5d:0b:f8:42:2b:14:76:6d:b4:66:74:c8:43:
                    16:2d:ea:83:42:ca:1d:3d:81:69:03:13:69:6a:16:
                    22:97:08:f6:9d:c2:91:39:a1:a7:11:27:88:c0:83:
                    d3:79:35:f3:18:7f:9b:be:e2:60:30:b8:32:f0:c1:
                    32:e5:bf:06:40:17:23:df:a0:ba:02:ab:24:56:33:
                    1a:21:ff:ec:be:34:e0:91:2f:ef:e2:27:44:98:3e:
                    bd:42:6a:d5:cc:66:fe:04:54:50:8c:99:17:b2:4c:
                    ce:eb:24:fe:85:65:6c:47:4b:b8:d8:b0:dd:a6:3e:
                    64:76:db:ac:c6:e3:37:26:ee:61:78:3a:97:e0:97:
                    82:5f:d7:da:b8:cc:98:82:ab:49:61:93:7e:88:15:
                    e3:28:c2:40:c7:3b:f6:ff:ae:83:75:74:69:ff:dc:
                    15:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:34:F9:FC:68:0F:E2:61:0B:8D:74:7D:D6:B4:23:77:B3:E3:28:A7
            X509v3 Authority Key Identifier:
                keyid:DF:EE:2B:F4:3F:21:A8:1C:49:2C:6E:6A:9F:C6:F0:74:D2:F0:A2:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-4r9D8hqBxJLG5qn8bwdNLwohc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/3b3be0-54a7-410f-9d12-28d78eb9f2dc/1/3-4r9D8hqBxJLG5qn8bwdNLwohc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:68:df:cb:7b:f8:69:89:1c:eb:4e:f8:4f:29:11:ea:43:f7:
         d2:63:1d:9d:39:d4:5c:f7:92:21:50:93:86:97:a4:41:bb:bf:
         fa:67:b7:71:5d:db:a9:ab:a2:2d:ec:ca:e3:ec:8a:15:91:6e:
         b8:a8:42:d3:3e:71:03:31:6f:94:9e:57:a9:a1:5f:cb:1b:a5:
         a2:3d:47:81:71:f3:e6:0b:81:ba:ae:e2:f7:26:c6:7f:ab:b4:
         a4:35:36:98:d3:41:2b:9c:8d:75:8b:55:de:06:e2:fc:39:35:
         80:36:b4:20:1b:bc:f1:be:cb:ba:3c:db:00:59:c0:39:3a:93:
         bd:56:15:16:38:0b:56:02:15:ce:b5:41:63:95:f0:65:96:b2:
         b4:2d:e5:32:80:62:76:51:c6:f2:12:da:52:b3:9f:73:98:39:
         9e:e9:ab:86:cc:47:e1:3e:27:b3:84:c5:85:7a:fe:5a:63:76:
         ea:cd:df:29:53:6f:40:7d:e5:5b:5e:2e:08:9b:41:a5:bb:4d:
         5a:b1:6a:93:85:f1:11:47:28:cf:91:ea:77:ff:bb:63:38:e4:
         4d:29:e1:c8:cb:48:4b:c1:f8:4e:32:f3:8f:e9:a0:65:cc:22:
         ed:19:67:3d:f5:d0:70:0f:12:38:0b:0d:de:c3:72:52:52:03:
         9b:85:91:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYPThzWuWJ+rCrQPH8E2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWUyYmY0M2YyMWE4MWM0OTJjNmU2YTlmYzZmMDc0ZDJm
MGEyMTcwHhcNMjYwMzI2MDkwMTUzWhcNMjYwMzI3MDkwMTUzWjAzMTEwLwYDVQQD
Eyg5YTM0ZjlmYzY4MGZlMjYxMGI4ZDc0N2RkNmI0MjM3N2IzZTMyOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVVKG6U43VzlUWIRnBg8ljjpXrTj
qcEa3LqZLgWPtKJRxdiDroIaEHGUr/MCLpc0FwWlz4GvErjnSjT3G+ULjIfJpD5E
z3yiMZBkTzlBai5oTVH7F1E346HasV0L+EIrFHZttGZ0yEMWLeqDQsodPYFpAxNp
ahYilwj2ncKROaGnESeIwIPTeTXzGH+bvuJgMLgy8MEy5b8GQBcj36C6AqskVjMa
If/svjTgkS/v4idEmD69QmrVzGb+BFRQjJkXskzO6yT+hWVsR0u42LDdpj5kdtus
xuM3Ju5heDqX4JeCX9fauMyYgqtJYZN+iBXjKMJAxzv2/66DdXRp/9wVDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJo0+fxoD+JhC410fda0I3ez4yinMB8GA1UdIwQY
MBaAFN/uK/Q/IagcSSxuap/G8HTS8KIXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTIt
MjhkNzhlYjlmMmRjLzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zYjNiZTAtNTRhNy00MTBmLTlkMTItMjhkNzhlYjlmMmRj
LzEvMy00cjlEOGhxQnhKTEc1cW44YndkTkx3b2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWmjfy3v4
aYkc6074TykR6kP30mMdnTnUXPeSIVCThpekQbu/+me3cV3bqauiLezK4+yKFZFu
uKhC0z5xAzFvlJ5XqaFfyxuloj1HgXHz5guBuq7i9ybGf6u0pDU2mNNBK5yNdYtV
3gbi/Dk1gDa0IBu88b7LujzbAFnAOTqTvVYVFjgLVgIVzrVBY5XwZZaytC3lMoBi
dlHG8hLaUrOfc5g5numrhsxH4T4ns4TFhXr+WmN26s3fKVNvQH3lW14uCJtBpbtN
WrFqk4XxEUcoz5Hqd/+7YzjkTSnhyMtIS8H4TjLzj+mgZcwi7RlnPfXQcA8SOAsN
3sNyUlIDm4WR7w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:33:08 2026 by rpki-client