Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
File:                     IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft (raw, json)
Hash identifier:          oMcRrdzRBumEVsLiMEd4LNNvgzfIanDZK6kmqwiSVm8=
Subject key identifier:   CA:6D:D0:04:A9:B7:1E:62:26:DA:BC:46:22:89:9D:39:E4:52:11:DC
Authority key identifier: 21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90
Certificate issuer:       /CN=2101b6388d6435f54990905382b41dc9675fd490
Certificate serial:       019D27DFF9BE178B98DD08F3431BCE57051D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
Manifest number:          0717
Signing time:             Thu 26 Mar 2026 02:01:22 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:22 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:22 +0000
Files and hashes:         1: Bb0AlX7LVs8xu9FbBxHR7jZ41sc.roa (hash: 1RAeUNL+1NswFK++fmlLXs7tYc2gvuypR/zGLkI4pFk=)
                          2: IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl (hash: mLuAb8dsATpdforDU9Sx4ZmHRQWb9h2t1m5Mh7HwFkw=)
                          3: wuwvCCyqsgM8AhmBamIU1CDvuC4.roa (hash: 7kzHmkdddwIql7JhhvogOzHNgfL2sl/BzbMljE2+YF0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 02:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:f9:be:17:8b:98:dd:08:f3:43:1b:ce:57:05:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2101b6388d6435f54990905382b41dc9675fd490
        Validity
            Not Before: Mar 26 02:01:22 2026 GMT
            Not After : Mar 27 02:01:22 2026 GMT
        Subject: CN=ca6dd004a9b71e6226dabc4622899d39e45211dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:71:79:68:86:38:b1:45:25:6a:12:d1:17:f4:
                    c4:d7:06:51:6a:ab:77:ce:56:30:67:bb:bb:b0:c8:
                    c2:2d:bc:29:5c:d4:69:36:e5:15:4c:dc:31:f7:69:
                    91:aa:01:17:78:a9:3c:99:e1:71:25:cd:8e:64:ab:
                    20:9c:84:ee:9b:53:e7:b8:5c:4c:86:dd:b5:f4:39:
                    2b:b0:49:60:92:78:f8:a2:49:82:7e:02:ce:ef:67:
                    cb:4c:cc:01:a2:8f:fd:ea:75:5a:55:f1:00:ff:a1:
                    8b:67:bb:12:89:82:ac:04:86:e4:53:54:08:e4:11:
                    5f:5a:34:ec:48:a4:65:0b:60:3e:7f:a8:32:23:da:
                    52:35:c7:db:67:19:ae:da:61:59:78:18:8c:71:0f:
                    59:e5:65:bd:c2:5e:61:7c:f7:f7:90:31:09:ce:9f:
                    98:4f:f2:96:ab:ac:4b:fe:00:f1:4b:e8:02:87:25:
                    b7:51:50:c3:15:dc:86:44:fb:56:9b:38:34:34:a8:
                    05:a8:99:b9:0a:5e:57:ae:1a:92:89:16:90:54:38:
                    fd:3e:eb:37:00:53:30:0a:f7:8c:f0:b8:df:69:a6:
                    31:85:24:a3:c6:fb:50:57:df:87:b6:4b:a3:4a:08:
                    39:e5:18:3f:e8:57:10:94:d8:79:ba:7d:39:df:9b:
                    65:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:6D:D0:04:A9:B7:1E:62:26:DA:BC:46:22:89:9D:39:E4:52:11:DC
            X509v3 Authority Key Identifier:
                keyid:21:01:B6:38:8D:64:35:F5:49:90:90:53:82:B4:1D:C9:67:5F:D4:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQG2OI1kNfVJkJBTgrQdyWdf1JA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c2095a-3b3d-4ac4-9c32-4df8912188f7/1/IQG2OI1kNfVJkJBTgrQdyWdf1JA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:16:6f:97:f4:38:3b:19:2f:b3:ad:27:d6:80:8f:fa:42:32:
         c6:95:67:bf:94:a2:84:89:14:14:d0:62:45:46:e0:7b:5a:26:
         43:e6:9a:4d:c2:a6:6b:84:3a:d0:55:2c:08:50:d6:3c:40:0d:
         bc:1a:19:8e:36:b3:1b:84:b7:52:71:00:d3:ec:98:b3:fe:13:
         7b:c7:5c:d4:63:d8:9d:83:34:6d:e7:58:9b:07:ce:58:2a:b8:
         ea:b0:50:9e:c2:9e:46:2e:a8:48:ea:31:21:61:2e:ef:f0:c7:
         f3:bd:cc:77:61:2b:4b:bf:c6:d0:72:3a:80:bf:7d:68:38:26:
         9f:9e:45:eb:69:de:26:10:0f:ff:f1:e5:c3:e9:0b:19:ae:6b:
         e0:28:20:84:9f:89:05:22:72:e4:eb:60:63:3f:7b:a9:52:0d:
         39:87:98:6a:3b:ca:fd:d9:f8:3b:84:90:0e:4e:6c:9d:90:b3:
         74:e9:0a:66:33:e8:cc:f2:9f:f2:55:a5:cf:82:1d:51:4f:68:
         33:69:64:be:6d:c3:1c:77:38:ca:aa:5b:b9:47:70:60:c0:c3:
         9a:4b:f3:5b:b7:52:4a:04:18:ef:c5:75:da:9b:56:70:ce:65:
         0c:e2:ae:18:81:ee:80:2a:56:f4:db:a4:a4:59:b4:40:8a:61:
         de:43:8c:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n3/m+F4uY3QjzQxvOVwUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDFiNjM4OGQ2NDM1ZjU0OTkwOTA1MzgyYjQxZGM5Njc1
ZmQ0OTAwHhcNMjYwMzI2MDIwMTIyWhcNMjYwMzI3MDIwMTIyWjAzMTEwLwYDVQQD
EyhjYTZkZDAwNGE5YjcxZTYyMjZkYWJjNDYyMjg5OWQzOWU0NTIxMWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHF5aIY4sUUlahLRF/TE1wZRaqt3
zlYwZ7u7sMjCLbwpXNRpNuUVTNwx92mRqgEXeKk8meFxJc2OZKsgnITum1PnuFxM
ht219DkrsElgknj4okmCfgLO72fLTMwBoo/96nVaVfEA/6GLZ7sSiYKsBIbkU1QI
5BFfWjTsSKRlC2A+f6gyI9pSNcfbZxmu2mFZeBiMcQ9Z5WW9wl5hfPf3kDEJzp+Y
T/KWq6xL/gDxS+gChyW3UVDDFdyGRPtWmzg0NKgFqJm5Cl5XrhqSiRaQVDj9Pus3
AFMwCveM8LjfaaYxhSSjxvtQV9+HtkujSgg55Rg/6FcQlNh5un0535tlTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpt0ASptx5iJtq8RiKJnTnkUhHcMB8GA1UdIwQY
MBaAFCEBtjiNZDX1SZCQU4K0HclnX9SQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzIt
NGRmODkxMjE4OGY3LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjA5NWEtM2IzZC00YWM0LTljMzItNGRmODkxMjE4OGY3
LzEvSVFHMk9JMWtOZlZKa0pCVGdyUWR5V2RmMUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnxZvl/Q4
Oxkvs60n1oCP+kIyxpVnv5SihIkUFNBiRUbge1omQ+aaTcKma4Q60FUsCFDWPEAN
vBoZjjazG4S3UnEA0+yYs/4Te8dc1GPYnYM0bedYmwfOWCq46rBQnsKeRi6oSOox
IWEu7/DH873Md2ErS7/G0HI6gL99aDgmn55F62neJhAP//Hlw+kLGa5r4CgghJ+J
BSJy5OtgYz97qVINOYeYajvK/dn4O4SQDk5snZCzdOkKZjPozPKf8lWlz4IdUU9o
M2lkvm3DHHc4yqpbuUdwYMDDmkvzW7dSSgQY78V12ptWcM5lDOKuGIHugCpW9Nuk
pFm0QIph3kOMzA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:18:01 2026 by rpki-client