Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
File:                     71fC2dk6x8-bLxfKp4WbaYWzm50.mft (raw, json)
Hash identifier:          0Ax6fZkpc6wn3gayeLU11J4/BpFfEL8ohybLsRkzcNY=
Subject key identifier:   7B:C6:52:2F:6F:97:76:48:1B:73:2E:60:DE:5D:D9:E8:36:2B:DB:A6
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Certificate issuer:       /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial:       019E1CEBDAC4F31110ABDD634DA413B1531D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
Manifest number:          154E
Signing time:             Tue 12 May 2026 16:01:19 +0000
Manifest this update:     Tue 12 May 2026 16:01:19 +0000
Manifest next update:     Wed 13 May 2026 16:01:19 +0000
Files and hashes:         1: 2ngTJwoTyX1Nz5fKPJKsViXxDHk.roa (hash: Ir7bv4VELFAPGwsqBM/ur+v9Fopro+iM13JltIh4cX4=)
                          2: 6rWzroD3N7hgAXbNo3yuEEQJsfI.roa (hash: E8YwvFkIVbhynhPsVej9fShdrkMGkyiT775U87D7jFU=)
                          3: 71fC2dk6x8-bLxfKp4WbaYWzm50.crl (hash: d9jEgxdFFXGNTU6AvnhjAFvUefnE1cQOWpYeQvynRUk=)
                          4: 7G49o5z8bi7Lcd53h1h0bVLCJZ4.roa (hash: xDGbGchiaLKjcl8d608rUMISo9V9+y1tYFZNtiJzodk=)
                          5: LEPIREdkNINi3YsArD5Iqz6JZKw.roa (hash: u5xGsEDr0cKb/8SFVnNCp/maWigXZl2skRgwHSiizuc=)
                          6: MhN5MRvvgoofpuFJ5m4YLHyq3Nc.roa (hash: NsITOI3k4qxMk9t6uldTtNFi2z9FnXsMOLB/akZmaQE=)
                          7: OoWh-cPJxIo9-JnYWW14PlGkMmw.roa (hash: cwPQ8D+hZiBjw4HTvZt5RVfnCwIHlW6ts6eZs3ca5ro=)
                          8: SFT1d23h5s56wOshvucHEdfHMus.roa (hash: VF+VBV1f8xNTi+BzW8c6Ab0X5I99oWpbTy8oGRDDLo4=)
                          9: WGjiujLOuuOMzeq5qZIClszPW1M.roa (hash: O/EAhkWdzhGmiMAnV0b4Fh9oCWFKJcMW6EgTymaPAQY=)
                          10: Y6USBv7EsN_hgdgW0uW5KbpmRN4.roa (hash: tv5XftYxR3URBlazOVai0U6SyL0OPoC8TTkoFI5KZuM=)
                          11: cC6SDRV9V0p2_NMV4sw_ptq5Hlo.roa (hash: jEMYUPIGrPy+Y+xLvCOsQ36XF8oj9iEL636o4Kzme40=)
                          12: cJiubHQvHYR5Esd1XVcnoAH7nVc.roa (hash: FMFv+8H/z6shQKfY24LWmw315shSovkbNLpCdkTVVts=)
                          13: fxFIclzOclkDebowO2HCdBIp7JU.roa (hash: kKrwCtFqATS4Q0FX0wGNL2DdvolnBDZchK0yi2jbTGw=)
                          14: hOLoSAjKi_Ysduv-PJ2ejNql5Ok.roa (hash: lHppC78Yz/GWXK8KxKeoOvZZKZRlVzNZc6B6F5euHEc=)
                          15: lQ3OWX0myb8uFOtmBUqCeb2oHhA.roa (hash: bhpFnL+TI2NRedv8XMlX+BIC3gSuHb2XvhJF/GSwAJE=)
                          16: lfuF0jCiq554Dy69uuASsTOPZ58.roa (hash: 6OAF0vEeoAJWYtA3vCDPsWGl38QU6NBLN+OCMZmyOUQ=)
                          17: xgcIl72OMRsTXzMLl7PIGrHb2sQ.roa (hash: 2SWmpy8UdVqECkthus0V0cF6NslAcNvMaIDq36UHafw=)
                          18: yJInE-fPhdu-ABKOdKIoShinhzo.roa (hash: skD34yjii/PhcEF3U0syiUJjraUYJpJM6Jt4QrA1zs8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:eb:da:c4:f3:11:10:ab:dd:63:4d:a4:13:b1:53:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
        Validity
            Not Before: May 12 16:01:19 2026 GMT
            Not After : May 13 16:01:19 2026 GMT
        Subject: CN=7bc6522f6f9776481b732e60de5dd9e8362bdba6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:b8:a9:9e:40:83:3f:4f:be:cb:19:c6:eb:36:
                    c6:28:f1:ac:87:d7:68:dc:d6:b8:fe:1f:45:3a:93:
                    4c:ab:8a:50:5f:81:11:e9:79:8c:56:a7:25:e2:22:
                    c4:81:e8:73:3d:d0:39:bf:85:c3:60:a6:92:37:53:
                    5d:5e:a8:fa:4f:1d:ce:65:36:3d:43:61:f6:cf:aa:
                    f3:b5:36:64:2e:99:1f:ca:47:d9:c0:a6:e3:46:d0:
                    50:98:19:f6:5e:11:c2:29:39:95:15:2a:c4:85:23:
                    e9:e4:8e:bf:67:9e:85:9c:22:cd:c3:92:e7:66:48:
                    11:3a:ad:bf:11:85:f9:69:4d:90:1a:14:c4:d6:98:
                    55:7a:ec:aa:c8:44:15:ab:77:03:74:71:2f:61:22:
                    65:55:ac:8c:36:00:d1:c7:bf:eb:a0:f5:96:0e:63:
                    76:30:a8:ae:cd:73:0b:72:5c:66:59:80:98:e2:2f:
                    80:8a:6c:e4:7d:e1:46:75:93:d6:3f:40:3b:23:f9:
                    93:b5:af:81:1b:49:13:8b:1f:72:40:b9:70:77:4e:
                    20:f9:f1:e4:f5:97:e2:4d:8c:60:5e:3d:0b:18:4a:
                    72:1c:7e:99:ce:f8:2f:7f:af:da:c9:c7:c7:ce:f7:
                    cc:bb:e6:d7:b7:c8:42:3a:3b:13:42:02:5f:b7:00:
                    18:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:C6:52:2F:6F:97:76:48:1B:73:2E:60:DE:5D:D9:E8:36:2B:DB:A6
            X509v3 Authority Key Identifier:
                keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:0f:9a:ce:1f:ec:ad:3f:b5:39:53:92:3e:6c:20:70:e5:17:
         a0:40:30:a3:ba:09:2b:1f:5b:16:5d:78:90:f3:4b:fd:68:f1:
         d9:9c:fb:08:a0:43:48:f7:9b:9f:11:76:af:61:43:b5:a5:d4:
         f7:8b:4f:d0:a4:85:71:9b:43:9f:46:24:3e:27:26:01:8b:29:
         50:15:45:ce:52:a6:61:46:40:0d:13:1b:bf:06:59:bd:32:9a:
         da:26:85:ed:fd:5f:ac:e2:34:8d:26:b9:e0:cd:5e:85:71:d2:
         f7:2f:4c:eb:82:f0:b5:6f:a6:49:1e:51:8f:2e:73:93:b8:6f:
         6a:96:69:e2:86:45:dc:4c:79:7a:c7:65:2e:5a:a0:b1:7c:40:
         04:77:a8:0a:82:ba:46:c0:85:0f:5c:da:5d:4c:06:08:7e:ba:
         7f:b8:02:d5:89:af:d3:c0:1d:4f:96:da:ba:fd:8b:3f:8f:cf:
         cc:61:33:13:36:74:76:3d:b4:3b:6b:59:bc:b7:e3:89:7d:a5:
         9b:b2:e1:d8:c7:4c:fa:d8:f5:f3:82:d3:4f:f6:dc:2d:f3:be:
         84:24:96:c0:cd:3f:20:29:0c:a9:b9:95:d8:de:56:46:b8:db:
         f9:39:8d:e3:6d:10:2b:f9:96:c0:21:85:e7:b2:cb:55:23:60:
         fb:16:e6:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4c69rE8xEQq91jTaQTsVMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjYwNTEyMTYwMTE5WhcNMjYwNTEzMTYwMTE5WjAzMTEwLwYDVQQD
Eyg3YmM2NTIyZjZmOTc3NjQ4MWI3MzJlNjBkZTVkZDllODM2MmJkYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhripnkCDP0++yxnG6zbGKPGsh9do
3Na4/h9FOpNMq4pQX4ER6XmMVqcl4iLEgehzPdA5v4XDYKaSN1NdXqj6Tx3OZTY9
Q2H2z6rztTZkLpkfykfZwKbjRtBQmBn2XhHCKTmVFSrEhSPp5I6/Z56FnCLNw5Ln
ZkgROq2/EYX5aU2QGhTE1phVeuyqyEQVq3cDdHEvYSJlVayMNgDRx7/roPWWDmN2
MKiuzXMLclxmWYCY4i+AimzkfeFGdZPWP0A7I/mTta+BG0kTix9yQLlwd04g+fHk
9ZfiTYxgXj0LGEpyHH6Zzvgvf6/aycfHzvfMu+bXt8hCOjsTQgJftwAYvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHvGUi9vl3ZIG3MuYN5d2eg2K9umMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcw+azh/s
rT+1OVOSPmwgcOUXoEAwo7oJKx9bFl14kPNL/Wjx2Zz7CKBDSPebnxF2r2FDtaXU
94tP0KSFcZtDn0YkPicmAYspUBVFzlKmYUZADRMbvwZZvTKa2iaF7f1frOI0jSa5
4M1ehXHS9y9M64LwtW+mSR5Rjy5zk7hvapZp4oZF3Ex5esdlLlqgsXxABHeoCoK6
RsCFD1zaXUwGCH66f7gC1Ymv08AdT5bauv2LP4/PzGEzEzZ0dj20O2tZvLfjiX2l
m7Lh2MdM+tj184LTT/bcLfO+hCSWwM0/ICkMqbmV2N5WRrjb+TmN420QK/mWwCGF
57LLVSNg+xbmmQ==
-----END CERTIFICATE-----