Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.mft
File:                     _ltNUIvcIUFbR1LuvESNSqrGNdk.mft (raw, json)
Hash identifier:          tDg09xp9ltUeOY296RMCVwvUBq/HV76zw5RLI/1eXhY=
Subject key identifier:   28:36:6B:5E:2E:23:BA:6A:07:FF:36:A0:1E:5F:49:31:D7:90:B2:05
Authority key identifier: FE:5B:4D:50:8B:DC:21:41:5B:47:52:EE:BC:44:8D:4A:AA:C6:35:D9
Certificate issuer:       /CN=fe5b4d508bdc21415b4752eebc448d4aaac635d9
Certificate serial:       019D2A3BC9A461E614A4887EEB77991D23B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_ltNUIvcIUFbR1LuvESNSqrGNdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.mft
Manifest number:          0304
Signing time:             Thu 26 Mar 2026 13:00:54 +0000
Manifest this update:     Thu 26 Mar 2026 13:00:54 +0000
Manifest next update:     Fri 27 Mar 2026 13:00:54 +0000
Files and hashes:         1: 9J2k_v-AhLXeWsx0gyZ7MSycihA.roa (hash: KdEABeI7OUulamOMnpjJAOHhCOTUaC4bju9UuYK4BXI=)
                          2: _ltNUIvcIUFbR1LuvESNSqrGNdk.crl (hash: QhabATX1hK3c8BvAlRLmz5I0LXPKAb/5/fcUj00yQHQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_ltNUIvcIUFbR1LuvESNSqrGNdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3b:c9:a4:61:e6:14:a4:88:7e:eb:77:99:1d:23:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe5b4d508bdc21415b4752eebc448d4aaac635d9
        Validity
            Not Before: Mar 26 13:00:54 2026 GMT
            Not After : Mar 27 13:00:54 2026 GMT
        Subject: CN=28366b5e2e23ba6a07ff36a01e5f4931d790b205
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d4:da:75:f6:2c:fa:88:86:75:e5:7b:4a:36:
                    9d:4b:9e:5d:5a:d5:11:e2:ce:21:b2:f1:26:4a:40:
                    8a:aa:aa:0e:2e:72:ab:46:aa:07:66:ff:2b:54:15:
                    b7:52:08:ce:73:56:7c:5e:97:b5:28:6b:6a:b5:a1:
                    3b:d2:87:51:e0:8e:c0:94:87:58:a4:f2:84:a7:8f:
                    9d:52:d5:53:07:6a:1c:82:81:e6:c1:3d:98:d2:7e:
                    d8:ec:a4:53:e7:15:7e:f3:e2:90:7e:8e:3b:be:93:
                    b7:c1:71:e9:b6:f2:19:9e:02:c1:80:37:37:c2:f1:
                    62:55:a3:8a:79:6f:6e:40:c5:17:4a:6c:7a:4d:c7:
                    47:aa:68:21:a3:01:50:36:d4:13:7c:6c:4b:03:52:
                    2b:cf:ce:32:01:66:f3:2b:c4:9e:dc:96:51:b8:6f:
                    b9:e4:3c:98:b2:68:85:43:7d:76:ea:ee:cc:39:f6:
                    7d:7d:09:22:d8:ae:3f:ad:aa:45:47:50:1b:86:33:
                    96:71:bb:9e:2f:88:ee:6f:d2:b1:b4:c8:0b:2e:33:
                    ac:57:f0:5a:66:76:8e:2f:d1:89:a3:65:ba:8a:03:
                    8e:b9:74:b0:66:4f:86:84:a1:2f:03:eb:74:e1:5a:
                    01:cf:a8:6b:39:47:3f:35:88:a6:05:b6:c6:ad:2a:
                    98:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:36:6B:5E:2E:23:BA:6A:07:FF:36:A0:1E:5F:49:31:D7:90:B2:05
            X509v3 Authority Key Identifier:
                keyid:FE:5B:4D:50:8B:DC:21:41:5B:47:52:EE:BC:44:8D:4A:AA:C6:35:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ltNUIvcIUFbR1LuvESNSqrGNdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/c9f7ab-3fa0-471f-bb95-00b4fbb3849d/1/_ltNUIvcIUFbR1LuvESNSqrGNdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:95:c5:70:1d:61:c4:e8:be:f0:06:bf:ba:7f:58:ef:4c:c2:
         f8:42:80:36:7e:cd:ed:d7:ae:e0:6d:fe:1e:5f:ec:b7:4e:a3:
         de:31:68:ac:d2:14:ff:c8:b8:86:c3:e5:f0:43:fc:e9:3a:4b:
         5f:8d:9a:2f:4e:c1:91:10:c0:d0:74:a7:a5:fe:4c:d7:6e:20:
         ab:41:0d:5f:25:b8:0b:d7:f4:cc:e1:9e:a9:b9:b4:4f:a8:44:
         6b:92:f3:18:1e:a3:69:f7:36:f1:63:25:a8:38:03:c1:b1:f0:
         71:6a:4a:80:6d:40:02:9a:46:02:cb:6e:14:b4:cc:37:9f:6f:
         60:4c:d7:db:dc:d0:11:2f:d0:6e:01:46:ad:5f:ee:b2:fe:e1:
         2c:e3:2b:85:1a:42:cf:66:da:c2:6a:51:c2:b8:ca:ee:7f:f4:
         b1:84:be:9a:c3:dd:bc:67:22:42:a0:7a:9f:98:b3:8a:0d:97:
         8b:61:55:5f:25:fd:54:4b:db:5e:83:fa:a3:1e:44:45:fc:14:
         55:ad:73:6a:85:b6:9b:99:25:24:c9:af:0a:20:1f:08:37:cb:
         6d:7b:07:75:f3:02:0b:c2:35:c2:22:33:90:d9:5a:70:d9:73:
         ee:1a:a4:7a:9a:8a:6b:a7:9c:78:94:76:57:41:5c:a1:5e:fa:
         75:a0:70:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qO8mkYeYUpIh+63eZHSO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNWI0ZDUwOGJkYzIxNDE1YjQ3NTJlZWJjNDQ4ZDRhYWFj
NjM1ZDkwHhcNMjYwMzI2MTMwMDU0WhcNMjYwMzI3MTMwMDU0WjAzMTEwLwYDVQQD
EygyODM2NmI1ZTJlMjNiYTZhMDdmZjM2YTAxZTVmNDkzMWQ3OTBiMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtTadfYs+oiGdeV7SjadS55dWtUR
4s4hsvEmSkCKqqoOLnKrRqoHZv8rVBW3UgjOc1Z8Xpe1KGtqtaE70odR4I7AlIdY
pPKEp4+dUtVTB2ocgoHmwT2Y0n7Y7KRT5xV+8+KQfo47vpO3wXHptvIZngLBgDc3
wvFiVaOKeW9uQMUXSmx6TcdHqmghowFQNtQTfGxLA1Irz84yAWbzK8Se3JZRuG+5
5DyYsmiFQ3126u7MOfZ9fQki2K4/rapFR1AbhjOWcbueL4jub9KxtMgLLjOsV/Ba
ZnaOL9GJo2W6igOOuXSwZk+GhKEvA+t04VoBz6hrOUc/NYimBbbGrSqYbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCg2a14uI7pqB/82oB5fSTHXkLIFMB8GA1UdIwQY
MBaAFP5bTVCL3CFBW0dS7rxEjUqqxjXZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2x0TlVJdmNJVUZiUjFMdXZFU05TcXJHTmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9jOWY3YWItM2ZhMC00NzFmLWJiOTUt
MDBiNGZiYjM4NDlkLzEvX2x0TlVJdmNJVUZiUjFMdXZFU05TcXJHTmRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9jOWY3YWItM2ZhMC00NzFmLWJiOTUtMDBiNGZiYjM4NDlk
LzEvX2x0TlVJdmNJVUZiUjFMdXZFU05TcXJHTmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq5XFcB1h
xOi+8Aa/un9Y70zC+EKANn7N7deu4G3+Hl/st06j3jForNIU/8i4hsPl8EP86TpL
X42aL07BkRDA0HSnpf5M124gq0ENXyW4C9f0zOGeqbm0T6hEa5LzGB6jafc28WMl
qDgDwbHwcWpKgG1AAppGAstuFLTMN59vYEzX29zQES/QbgFGrV/usv7hLOMrhRpC
z2bawmpRwrjK7n/0sYS+msPdvGciQqB6n5izig2Xi2FVXyX9VEvbXoP6ox5ERfwU
Va1zaoW2m5klJMmvCiAfCDfLbXsHdfMCC8I1wiIzkNlacNlz7hqkepqKa6eceJR2
V0FcoV76daBwTA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:45:03 2026 by rpki-client