Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
File:                     aAONTKy9QZGZUus3CcFlM4OJAOM.mft (raw, json)
Hash identifier:          DSRc+HSOg2m3sdk84G/Rdc16U5x7BZ5u6TtcLHkQV5Y=
Subject key identifier:   DF:D0:5E:4F:A1:4B:F4:46:EE:40:6E:5D:D3:C8:23:A3:5D:50:05:24
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Certificate issuer:       /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial:       019D27DFAE7467D0C867B6543B2D4A2E4A32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
Manifest number:          188A
Signing time:             Thu 26 Mar 2026 02:01:03 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:03 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:03 +0000
Files and hashes:         1: VUWyLZ0rJ2KWNFwxw_bl1XOWT5Y.roa (hash: h6fu2o5gEs54ynuGXWVxljJh43rB4bmU8/bT0YsjVoE=)
                          2: aAONTKy9QZGZUus3CcFlM4OJAOM.crl (hash: Kh38DindlX5BFgirqE7kiCPSmagR3mupCTV7XL2Xp38=)
                          3: tp0SOw0ReetfWj-1nSTTgqHkwxM.roa (hash: XzLhvr/WPwVDdpz3jGaEEAicJMQsJQFmkLSa5mS4sUM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 02:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:ae:74:67:d0:c8:67:b6:54:3b:2d:4a:2e:4a:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
        Validity
            Not Before: Mar 26 02:01:03 2026 GMT
            Not After : Mar 27 02:01:03 2026 GMT
        Subject: CN=dfd05e4fa14bf446ee406e5dd3c823a35d500524
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b4:25:f0:72:51:97:4c:b7:0b:67:ea:c5:6a:
                    6c:a0:26:c2:af:2e:81:f3:ae:4d:47:04:db:93:0c:
                    08:d0:8d:53:91:ae:c0:0d:f1:db:12:10:fd:af:52:
                    b6:a0:1b:4c:49:2a:27:b1:35:4b:65:6d:d3:1f:39:
                    4f:59:03:20:b5:33:28:44:c9:2e:95:bb:d3:68:b5:
                    86:cb:93:07:36:a8:35:e7:aa:9c:a1:cb:38:e6:f8:
                    5f:ae:bf:68:c7:e1:78:52:b1:4e:73:fa:d2:05:76:
                    7d:4a:d1:3e:e4:ad:66:f9:2c:da:b4:4d:49:e8:97:
                    49:15:87:b7:29:52:8a:79:9f:d5:b9:fa:58:b6:6f:
                    d0:1f:70:6d:6a:79:be:f1:d2:3f:16:ef:2c:22:24:
                    84:68:12:f5:4a:36:d4:05:1c:29:78:ec:6d:68:3b:
                    2c:40:3b:54:6e:62:75:39:6e:66:79:e6:0a:72:74:
                    a8:b3:95:5b:26:7d:1b:14:e1:a4:d3:4c:75:23:46:
                    46:8e:a8:01:11:07:32:41:67:10:ca:49:9b:16:5a:
                    46:77:fb:0c:2c:e7:7f:2d:06:d1:2e:1f:28:34:21:
                    dc:f1:f7:d9:64:76:50:c3:3b:ac:9d:fe:d0:3a:d1:
                    50:7b:f9:f4:e5:c3:d5:19:4f:48:9d:dc:56:fb:6b:
                    42:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:D0:5E:4F:A1:4B:F4:46:EE:40:6E:5D:D3:C8:23:A3:5D:50:05:24
            X509v3 Authority Key Identifier:
                keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:0f:d8:79:62:2b:73:b2:c8:d3:17:7d:87:ef:46:7d:79:8d:
         aa:2c:80:3a:35:28:1c:27:81:52:a6:7b:5a:92:17:62:07:6b:
         c3:75:33:a5:c1:37:5d:e4:19:e2:b5:b1:02:15:24:27:e0:99:
         41:07:fd:3f:97:cc:5d:a5:b1:aa:b6:6e:86:cb:30:db:83:4f:
         8f:e7:00:77:45:2a:6a:4e:c8:6d:ac:e9:fc:53:0f:6f:d8:c1:
         ab:0a:b6:54:e0:fe:06:d8:aa:6e:81:b9:89:a0:d7:17:e7:f4:
         9b:34:5b:c9:a9:f6:65:6a:5b:a1:03:d3:40:56:0c:12:b3:82:
         51:f4:64:1d:26:d6:a3:e1:3c:8c:55:bf:df:ea:dc:fe:8c:59:
         62:f1:47:18:b0:72:5d:f5:0e:14:dd:ca:45:7c:b2:f2:19:c1:
         a3:e3:3b:9b:ff:20:aa:35:06:33:71:9e:9a:08:d4:1e:88:d0:
         47:a1:81:c8:58:63:0c:28:87:49:d1:f5:c2:a7:f1:c1:ba:54:
         0f:c5:04:5c:ef:5c:06:97:8d:68:95:51:1d:4f:40:4d:a6:e6:
         2e:28:27:51:e4:51:88:01:c8:e8:af:6c:6b:7f:c0:83:6d:b6:
         b2:d5:1f:36:4d:77:43:51:50:66:b3:b3:65:89:93:d0:8b:b5:
         4e:20:88:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n3650Z9DIZ7ZUOy1KLkoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjYwMzI2MDIwMTAzWhcNMjYwMzI3MDIwMTAzWjAzMTEwLwYDVQQD
EyhkZmQwNWU0ZmExNGJmNDQ2ZWU0MDZlNWRkM2M4MjNhMzVkNTAwNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLQl8HJRl0y3C2fqxWpsoCbCry6B
865NRwTbkwwI0I1Tka7ADfHbEhD9r1K2oBtMSSonsTVLZW3THzlPWQMgtTMoRMku
lbvTaLWGy5MHNqg156qcocs45vhfrr9ox+F4UrFOc/rSBXZ9StE+5K1m+SzatE1J
6JdJFYe3KVKKeZ/VufpYtm/QH3Btanm+8dI/Fu8sIiSEaBL1SjbUBRwpeOxtaDss
QDtUbmJ1OW5meeYKcnSos5VbJn0bFOGk00x1I0ZGjqgBEQcyQWcQykmbFlpGd/sM
LOd/LQbRLh8oNCHc8ffZZHZQwzusnf7QOtFQe/n05cPVGU9IndxW+2tCewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/QXk+hS/RG7kBuXdPII6NdUAUkMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmw/YeWIr
c7LI0xd9h+9GfXmNqiyAOjUoHCeBUqZ7WpIXYgdrw3UzpcE3XeQZ4rWxAhUkJ+CZ
QQf9P5fMXaWxqrZuhssw24NPj+cAd0Uqak7Ibazp/FMPb9jBqwq2VOD+BtiqboG5
iaDXF+f0mzRbyan2ZWpboQPTQFYMErOCUfRkHSbWo+E8jFW/3+rc/oxZYvFHGLBy
XfUOFN3KRXyy8hnBo+M7m/8gqjUGM3GemgjUHojQR6GByFhjDCiHSdH1wqfxwbpU
D8UEXO9cBpeNaJVRHU9ATabmLignUeRRiAHI6K9sa3/Ag222stUfNk13Q1FQZrOz
ZYmT0Iu1TiCIvg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:02:00 2026 by rpki-client