Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
File:                     3AWXDmUMKq8atqOjOoNzJGahUS4.mft (raw, json)
Hash identifier:          InRaHdTd+q1nnIS/ebfVx2yn1cCBC6ETBuEQojwRcz0=
Subject key identifier:   B0:B7:1B:C8:63:C5:48:0D:C3:CB:D2:B5:86:28:02:08:E1:3D:63:E2
Authority key identifier: DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E
Certificate issuer:       /CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e
Certificate serial:       019D277237F05079800DA11DB81DFC6C0661
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
Manifest number:          1888
Signing time:             Thu 26 Mar 2026 00:01:29 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:29 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:29 +0000
Files and hashes:         1: 36CB5eigCHYIuRmXqrnDW_-F3Xc.roa (hash: KcH/S3GFg0T0gWVpA5XkZVyUjTJRMZNW3hzXP6Ng0zo=)
                          2: 3AWXDmUMKq8atqOjOoNzJGahUS4.crl (hash: 00kH2msRDD3XrkYCDRN2H7zIper6iDwTd4jT3mILhTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:37:f0:50:79:80:0d:a1:1d:b8:1d:fc:6c:06:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e
        Validity
            Not Before: Mar 26 00:01:29 2026 GMT
            Not After : Mar 27 00:01:29 2026 GMT
        Subject: CN=b0b71bc863c5480dc3cbd2b586280208e13d63e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b4:2b:54:cc:ce:dd:65:00:c7:b4:aa:34:03:
                    1d:aa:26:64:5d:05:d6:84:77:e6:b6:2e:29:02:2d:
                    6f:b0:84:9f:a3:73:be:76:44:f7:91:13:35:36:21:
                    e3:5a:e6:47:08:27:88:a3:a0:e7:f3:86:97:56:51:
                    00:d2:7d:7f:7d:2b:8e:c3:2b:b9:f8:34:27:bc:34:
                    95:83:47:1c:72:53:7a:20:e8:d5:11:56:a3:48:7c:
                    23:9b:03:ef:87:86:5b:2a:74:fa:19:18:23:46:36:
                    52:cd:40:85:8b:4c:93:a8:fb:8c:14:1a:8d:07:ca:
                    f1:69:8b:28:79:4f:88:ff:0c:4f:3d:52:d0:d6:7b:
                    fb:97:4f:eb:4a:c9:2b:7c:33:77:4b:61:16:ec:65:
                    46:12:25:c4:09:fb:62:30:19:5a:1e:90:d3:46:20:
                    df:86:61:42:4f:dc:85:10:b9:6b:5f:3b:1c:28:ac:
                    32:fc:52:6c:fa:3f:ca:32:5c:fa:f4:26:b4:d0:2b:
                    4a:69:ce:fc:e6:65:fc:ba:af:53:9b:9a:88:0d:e7:
                    6e:3b:2d:f8:10:f6:e1:c0:c8:ad:6f:38:db:05:48:
                    d0:02:da:82:f9:c0:9e:ee:9b:b1:ae:20:06:36:46:
                    eb:3b:4a:44:d6:b6:44:68:33:5a:3d:e6:53:c7:d9:
                    cb:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:B7:1B:C8:63:C5:48:0D:C3:CB:D2:B5:86:28:02:08:E1:3D:63:E2
            X509v3 Authority Key Identifier:
                keyid:DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:35:1b:4a:54:3a:d6:c4:f2:c9:13:ef:e7:6a:ca:51:9f:5c:
         8a:0a:5d:ba:c5:ab:32:cf:ef:74:a1:37:14:53:da:b1:67:cb:
         d9:04:34:fa:88:87:67:0d:c2:69:f2:74:c6:d6:ee:63:ec:0c:
         3f:42:8f:c2:38:98:d4:0f:b7:00:66:9b:65:c4:b3:fd:a2:12:
         fe:37:09:87:63:2a:39:07:07:72:bc:36:2b:42:e9:6b:e6:1b:
         c4:0a:89:16:7b:ca:6d:66:7e:e5:19:f0:3c:2a:cb:0f:9a:83:
         84:b4:1e:9e:d7:de:80:ed:d1:54:24:12:c1:bc:cc:61:63:65:
         06:57:74:f5:5e:80:a3:fb:a8:52:e9:a9:48:9d:27:fd:53:b9:
         cd:18:fc:d9:5d:ae:e7:5a:45:87:e0:bd:95:10:3d:d9:a0:f9:
         e1:23:5e:b7:72:7d:7e:18:b5:83:b6:4a:78:3a:98:dc:48:f5:
         ac:a0:1c:dc:61:9d:73:65:e3:55:56:f6:83:1a:c3:49:26:ce:
         42:3d:87:f1:69:e8:0e:da:0e:5f:00:6b:92:31:f0:1c:07:78:
         43:36:a9:30:fe:4f:42:da:86:c9:6c:dc:67:69:4f:30:76:d7:
         11:34:78:db:15:8d:e3:1d:88:1b:eb:4b:65:43:69:15:6c:57:
         9d:4a:ac:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncjfwUHmADaEduB38bAZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDU5NzBlNjUwYzJhYWYxYWI2YTNhMzNhODM3MzI0NjZh
MTUxMmUwHhcNMjYwMzI2MDAwMTI5WhcNMjYwMzI3MDAwMTI5WjAzMTEwLwYDVQQD
EyhiMGI3MWJjODYzYzU0ODBkYzNjYmQyYjU4NjI4MDIwOGUxM2Q2M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rQrVMzO3WUAx7SqNAMdqiZkXQXW
hHfmti4pAi1vsISfo3O+dkT3kRM1NiHjWuZHCCeIo6Dn84aXVlEA0n1/fSuOwyu5
+DQnvDSVg0ccclN6IOjVEVajSHwjmwPvh4ZbKnT6GRgjRjZSzUCFi0yTqPuMFBqN
B8rxaYsoeU+I/wxPPVLQ1nv7l0/rSskrfDN3S2EW7GVGEiXECftiMBlaHpDTRiDf
hmFCT9yFELlrXzscKKwy/FJs+j/KMlz69Ca00CtKac785mX8uq9Tm5qIDeduOy34
EPbhwMitbzjbBUjQAtqC+cCe7puxriAGNkbrO0pE1rZEaDNaPeZTx9nLtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLC3G8hjxUgNw8vStYYoAgjhPWPiMB8GA1UdIwQY
MBaAFNwFlw5lDCqvGrajozqDcyRmoVEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTkt
NjdhNTQwZTI5N2YwLzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTktNjdhNTQwZTI5N2Yw
LzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFTUbSlQ6
1sTyyRPv52rKUZ9cigpdusWrMs/vdKE3FFPasWfL2QQ0+oiHZw3CafJ0xtbuY+wM
P0KPwjiY1A+3AGabZcSz/aIS/jcJh2MqOQcHcrw2K0Lpa+YbxAqJFnvKbWZ+5Rnw
PCrLD5qDhLQentfegO3RVCQSwbzMYWNlBld09V6Ao/uoUumpSJ0n/VO5zRj82V2u
51pFh+C9lRA92aD54SNet3J9fhi1g7ZKeDqY3Ej1rKAc3GGdc2XjVVb2gxrDSSbO
Qj2H8WnoDtoOXwBrkjHwHAd4QzapMP5PQtqGyWzcZ2lPMHbXETR42xWN4x2IG+tL
ZUNpFWxXnUqsPQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 12:29:39 2026 by rpki-client