Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.mft
File:                     DbPDFk09jCZEzymzI2dhpXHuWLo.mft (raw, json)
Hash identifier:          lv7YeF5oKbwEXVpCO3H5KHWswrMMBKQiHuoG9wPcHuw=
Subject key identifier:   D2:AE:02:4D:CD:89:D5:A2:89:D8:9E:C8:8E:6B:DB:A4:4E:3D:F9:2A
Authority key identifier: 0D:B3:C3:16:4D:3D:8C:26:44:CF:29:B3:23:67:61:A5:71:EE:58:BA
Certificate issuer:       /CN=0db3c3164d3d8c2644cf29b3236761a571ee58ba
Certificate serial:       019D284DFC566F2D32175F84CB86A4D91BA3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DbPDFk09jCZEzymzI2dhpXHuWLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.mft
Manifest number:          0E8E
Signing time:             Thu 26 Mar 2026 04:01:32 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:32 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:32 +0000
Files and hashes:         1: AV8o_HRJCYQ0OsTpD-wRX5B7CZE.roa (hash: IbeU1AeOys6rseJf5ugRnLAWWP/7mZIxuUtqX7netkk=)
                          2: DbPDFk09jCZEzymzI2dhpXHuWLo.crl (hash: CVZuGssTiOowFCOI0cVcALii+nz6sJ7aZsWFWym4wlk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DbPDFk09jCZEzymzI2dhpXHuWLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 04:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:fc:56:6f:2d:32:17:5f:84:cb:86:a4:d9:1b:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0db3c3164d3d8c2644cf29b3236761a571ee58ba
        Validity
            Not Before: Mar 26 04:01:32 2026 GMT
            Not After : Mar 27 04:01:32 2026 GMT
        Subject: CN=d2ae024dcd89d5a289d89ec88e6bdba44e3df92a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:fd:3c:98:8b:db:b6:cc:80:3c:b4:86:c5:f0:
                    f2:9e:3e:d8:ba:32:f8:35:8e:fd:46:62:f9:c0:c1:
                    20:66:2b:93:c8:f6:df:3c:f0:69:1e:15:c0:7c:f5:
                    13:d1:60:ff:96:26:f3:96:3b:35:10:5e:41:11:8f:
                    82:b8:f7:59:86:f2:df:ac:65:63:1b:38:6d:a3:62:
                    06:9b:eb:1a:25:e2:d0:b6:3d:9d:22:c4:c4:36:d5:
                    b8:e5:ff:17:18:52:be:60:3e:af:62:d8:24:bb:e6:
                    aa:55:e2:c2:0b:e8:75:1d:62:84:7a:a7:9b:c9:42:
                    34:54:e1:94:46:53:33:c0:cc:52:88:32:54:bc:ad:
                    76:10:e9:a1:65:ea:20:fa:e3:8d:9a:17:d5:ab:d1:
                    5d:bf:bc:88:75:47:31:17:15:af:73:0c:3b:a9:a6:
                    94:ca:5b:88:0d:d1:0f:85:74:b6:1b:d9:22:94:8d:
                    3b:04:37:ec:d4:65:86:49:bc:95:9f:de:96:96:c5:
                    7e:dd:21:36:ae:b5:79:db:a4:2e:5e:ef:48:e5:a7:
                    47:b9:a9:96:b9:cd:0a:1f:27:4a:57:65:9c:27:3c:
                    8f:83:67:d4:24:19:19:94:e0:9a:12:8b:ba:25:fb:
                    08:49:79:8c:98:64:7a:7d:af:37:fa:89:5b:17:0a:
                    56:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:AE:02:4D:CD:89:D5:A2:89:D8:9E:C8:8E:6B:DB:A4:4E:3D:F9:2A
            X509v3 Authority Key Identifier:
                keyid:0D:B3:C3:16:4D:3D:8C:26:44:CF:29:B3:23:67:61:A5:71:EE:58:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbPDFk09jCZEzymzI2dhpXHuWLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6cd366-3557-42b2-885b-3d46439aa41c/1/DbPDFk09jCZEzymzI2dhpXHuWLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:7a:b5:2f:c4:e8:cc:54:87:1c:90:f6:bf:42:5c:a1:99:03:
         36:f1:8e:f1:2e:f0:c9:4c:40:a5:4b:d7:3d:62:32:80:50:2a:
         64:72:30:3d:b5:06:7f:7c:70:44:e3:a6:93:c7:72:13:dd:97:
         49:86:64:1f:ba:79:cc:08:1e:cb:d0:0d:e2:6e:3e:dc:1f:03:
         c6:14:1b:14:5f:2e:1c:0d:e5:2d:2f:de:ff:48:79:bd:8a:06:
         de:98:69:d7:68:4c:4f:2f:84:e4:d3:1d:a5:98:34:38:1c:69:
         cf:e4:50:97:9b:7c:24:de:bd:66:a0:a5:22:bf:db:cb:75:0e:
         f7:30:1e:dd:31:b4:1f:00:f9:e0:a7:cd:09:52:ff:53:40:0a:
         48:a0:3d:dc:bb:da:d3:02:83:54:18:39:dc:09:95:3f:92:99:
         e0:32:24:62:76:a7:49:e5:a0:1d:4e:f3:ce:6d:72:96:3f:57:
         fc:ff:8e:38:02:04:98:73:b7:e1:e0:9d:62:29:5f:1b:e9:f8:
         c8:e9:9a:fa:47:36:dc:c0:00:76:33:59:f5:7c:76:af:8b:b7:
         e9:08:00:03:db:e7:c2:d8:c2:50:f3:a6:8b:7e:24:5a:e1:77:
         72:70:fc:6c:9b:22:be:5e:ed:c4:fd:0c:a1:74:dd:4d:86:5d:
         db:87:76:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTfxWby0yF1+Ey4ak2RujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjNjMzE2NGQzZDhjMjY0NGNmMjliMzIzNjc2MWE1NzFl
ZTU4YmEwHhcNMjYwMzI2MDQwMTMyWhcNMjYwMzI3MDQwMTMyWjAzMTEwLwYDVQQD
EyhkMmFlMDI0ZGNkODlkNWEyODlkODllYzg4ZTZiZGJhNDRlM2RmOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv08mIvbtsyAPLSGxfDynj7YujL4
NY79RmL5wMEgZiuTyPbfPPBpHhXAfPUT0WD/libzljs1EF5BEY+CuPdZhvLfrGVj
Gzhto2IGm+saJeLQtj2dIsTENtW45f8XGFK+YD6vYtgku+aqVeLCC+h1HWKEeqeb
yUI0VOGURlMzwMxSiDJUvK12EOmhZeog+uONmhfVq9Fdv7yIdUcxFxWvcww7qaaU
yluIDdEPhXS2G9kilI07BDfs1GWGSbyVn96WlsV+3SE2rrV526QuXu9I5adHuamW
uc0KHydKV2WcJzyPg2fUJBkZlOCaEou6JfsISXmMmGR6fa83+olbFwpWqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKuAk3NidWiidieyI5r26ROPfkqMB8GA1UdIwQY
MBaAFA2zwxZNPYwmRM8psyNnYaVx7li6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJQREZrMDlqQ1pFenltekkyZGhwWEh1V0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi82Y2QzNjYtMzU1Ny00MmIyLTg4NWIt
M2Q0NjQzOWFhNDFjLzEvRGJQREZrMDlqQ1pFenltekkyZGhwWEh1V0xvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi82Y2QzNjYtMzU1Ny00MmIyLTg4NWItM2Q0NjQzOWFhNDFj
LzEvRGJQREZrMDlqQ1pFenltekkyZGhwWEh1V0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAXq1L8To
zFSHHJD2v0JcoZkDNvGO8S7wyUxApUvXPWIygFAqZHIwPbUGf3xwROOmk8dyE92X
SYZkH7p5zAgey9AN4m4+3B8DxhQbFF8uHA3lLS/e/0h5vYoG3php12hMTy+E5NMd
pZg0OBxpz+RQl5t8JN69ZqClIr/by3UO9zAe3TG0HwD54KfNCVL/U0AKSKA93Lva
0wKDVBg53AmVP5KZ4DIkYnanSeWgHU7zzm1ylj9X/P+OOAIEmHO34eCdYilfG+n4
yOma+kc23MAAdjNZ9Xx2r4u36QgAA9vnwtjCUPOmi34kWuF3cnD8bJsivl7txP0M
oXTdTYZd24d2zg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:57:45 2026 by rpki-client