Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
File:                     Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft (raw, json)
Hash identifier:          D4kZFqHp3ote1l24p84QptCI8Lvv6p5YndmvZLNJ5I4=
Subject key identifier:   23:9B:8D:A0:72:2E:10:60:68:11:82:D6:79:CF:DA:A4:20:15:7E:03
Authority key identifier: 09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
Certificate issuer:       /CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Certificate serial:       019D288495B80F24982218B30ABBE127B1A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
Manifest number:          16D8
Signing time:             Thu 26 Mar 2026 05:01:10 +0000
Manifest this update:     Thu 26 Mar 2026 05:01:10 +0000
Manifest next update:     Fri 27 Mar 2026 05:01:10 +0000
Files and hashes:         1: 4c-GbGdVRIrY9IqPjRy0nzn_VSE.roa (hash: icjwc3qakSmAHiw3iEGT6Xw+HBGCPaCuGNR8zcJ+6LU=)
                          2: Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl (hash: Sm/4oF3HkVTTLlIfzkYBsXr5BtXHA1VKRL++ec68iEY=)
                          3: G89I4eFQRreVo-7aKBmhJUYUtfE.roa (hash: Y0sI6cJ3p/tnjubSMmOmQUTjHM00CIS1iUsc5f8JH6o=)
                          4: dYdu6qoIQ4XCeyHdAC497fGCxxs.roa (hash: oc3k4EGMJTIdaq924ORNmciOrYjNG46O7CO8iE2EBZI=)
                          5: lgCyYbtiym8UQxlU3Wsnfuin5Po.roa (hash: Y0pYZtEe50I9gKfovWkm1yNE+nmUWXQeAcc9hn8uT60=)
                          6: u3tl30EyAJsURqJzM6oI5-sRJh4.roa (hash: +MJkYGw5uZPSvZdWWPtxlmooe+ag+H3pOtple6Ilz3I=)
                          7: zR5fs6PTrjyplvT56u1K4BvWPlc.roa (hash: O8dzuCsmazQPoLBfGqOiMn2tNXQbancZpn0bojUcLR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 05:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:95:b8:0f:24:98:22:18:b3:0a:bb:e1:27:b1:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
        Validity
            Not Before: Mar 26 05:01:10 2026 GMT
            Not After : Mar 27 05:01:10 2026 GMT
        Subject: CN=239b8da0722e1060681182d679cfdaa420157e03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:93:c7:de:93:0d:a6:9a:12:42:c6:c1:3b:71:
                    e5:db:bc:c6:3d:08:da:29:c6:a1:b4:65:0b:91:9b:
                    7d:1b:42:96:b2:cc:0c:2d:51:73:5a:d9:da:12:a6:
                    19:95:cb:31:a1:bb:93:7a:73:9b:26:03:90:e7:8d:
                    f2:18:5e:28:40:8e:fb:15:55:9d:2d:76:64:cf:36:
                    11:44:4b:a3:9d:6f:45:78:81:33:e5:32:a3:2c:62:
                    13:6b:a8:3a:7a:22:c6:ee:55:50:8b:c9:cd:0f:49:
                    a1:16:23:0d:eb:69:31:97:ff:4b:1b:81:aa:ab:94:
                    c3:2b:a4:d5:fb:ea:da:92:4a:77:de:fd:1c:7e:0b:
                    06:c9:9b:7d:d6:55:db:ed:36:2a:f0:76:18:72:1b:
                    52:bd:bf:76:73:f2:9c:5c:c8:fd:4d:a5:ee:6d:2c:
                    dc:17:3c:26:81:05:7b:f4:41:ed:2f:4a:02:3f:e7:
                    c4:e8:99:5c:22:9a:87:be:03:84:32:d1:94:d3:16:
                    3d:11:7a:fd:97:12:f0:06:75:cc:de:83:d8:a2:41:
                    4c:60:a2:1f:4d:33:71:c8:20:a9:78:ed:3e:2e:ac:
                    5d:84:92:f4:92:37:13:27:ca:6b:0b:2c:0f:70:14:
                    99:35:03:b7:4e:91:a2:67:f6:44:6a:0e:8b:38:d5:
                    e7:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:9B:8D:A0:72:2E:10:60:68:11:82:D6:79:CF:DA:A4:20:15:7E:03
            X509v3 Authority Key Identifier:
                keyid:09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:1e:5a:bb:18:e5:7b:44:76:f8:dc:e0:fa:d8:e2:33:73:31:
         68:58:1b:4f:60:8f:1b:66:ad:d2:f5:8e:c8:32:9b:c2:16:62:
         8f:7f:f2:80:37:a0:9d:3f:67:83:9a:d1:55:59:79:87:26:5a:
         d4:e8:ba:c1:9f:1a:ab:83:36:1f:bd:58:f5:69:83:87:3b:77:
         cc:41:97:9e:11:d5:1d:f2:5f:f6:3d:6b:fc:e4:57:83:a0:2f:
         6e:d8:6f:77:39:c5:ab:f6:53:ac:a9:e0:53:c2:20:5d:53:3c:
         3a:bc:e0:0c:f9:35:41:02:6a:49:9d:a0:88:81:28:1f:f0:46:
         88:8a:1a:b6:18:e0:c9:86:ff:d0:9f:df:63:b0:48:85:a2:c3:
         35:17:e7:60:85:40:eb:07:d0:42:3a:31:45:aa:af:ad:44:f6:
         e3:70:af:6f:c3:e0:93:a4:a6:30:5a:a8:e0:d0:1c:7e:00:07:
         e8:79:90:61:c0:0b:03:d3:e0:99:90:a0:5b:39:5c:1a:7e:ce:
         78:45:24:6a:53:1c:b4:08:48:a9:7b:a3:c0:f1:c8:ac:8c:1e:
         05:51:eb:94:16:8a:7e:1a:4b:fe:30:5a:fa:b2:f4:65:6d:2b:
         36:d7:ec:52:b2:13:fb:c1:86:77:0f:e1:7d:5e:d9:e2:1c:b5:
         ff:4c:74:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohJW4DySYIhizCrvhJ7GgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZGNmMWU4OTdlNTk4ZWMzZjFhYjYwYmQ0NDMzMjg3MjZk
ZWRhZTQwHhcNMjYwMzI2MDUwMTEwWhcNMjYwMzI3MDUwMTEwWjAzMTEwLwYDVQQD
EygyMzliOGRhMDcyMmUxMDYwNjgxMTgyZDY3OWNmZGFhNDIwMTU3ZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZPH3pMNppoSQsbBO3Hl27zGPQja
KcahtGULkZt9G0KWsswMLVFzWtnaEqYZlcsxobuTenObJgOQ543yGF4oQI77FVWd
LXZkzzYRREujnW9FeIEz5TKjLGITa6g6eiLG7lVQi8nND0mhFiMN62kxl/9LG4Gq
q5TDK6TV++rakkp33v0cfgsGyZt91lXb7TYq8HYYchtSvb92c/KcXMj9TaXubSzc
FzwmgQV79EHtL0oCP+fE6JlcIpqHvgOEMtGU0xY9EXr9lxLwBnXM3oPYokFMYKIf
TTNxyCCpeO0+LqxdhJL0kjcTJ8prCywPcBSZNQO3TpGiZ/ZEag6LONXniwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCObjaByLhBgaBGC1nnP2qQgFX4DMB8GA1UdIwQY
MBaAFAnc8eiX5ZjsPxq2C9RDMocm3trkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUt
NjIzZTE5OWZkYmU5LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUtNjIzZTE5OWZkYmU5
LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZB5auxjl
e0R2+Nzg+tjiM3MxaFgbT2CPG2at0vWOyDKbwhZij3/ygDegnT9ng5rRVVl5hyZa
1Oi6wZ8aq4M2H71Y9WmDhzt3zEGXnhHVHfJf9j1r/ORXg6AvbthvdznFq/ZTrKng
U8IgXVM8OrzgDPk1QQJqSZ2giIEoH/BGiIoathjgyYb/0J/fY7BIhaLDNRfnYIVA
6wfQQjoxRaqvrUT243Cvb8Pgk6SmMFqo4NAcfgAH6HmQYcALA9PgmZCgWzlcGn7O
eEUkalMctAhIqXujwPHIrIweBVHrlBaKfhpL/jBa+rL0ZW0rNtfsUrIT+8GGdw/h
fV7Z4hy1/0x0ng==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:55:13 2026 by rpki-client