Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft
File:                     SSFvXBZbgnp_1z2BB669L2PGPiQ.mft (raw, json)
Hash identifier:          G9UhyCREWsSeCN1QbvmjOUky66z1lIy75jOOJzHzbl0=
Subject key identifier:   58:F8:14:88:E7:EA:78:D4:3C:C6:E9:CE:0B:FC:84:E6:DD:98:BA:5C
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Certificate issuer:       /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial:       019D273B2BAAD8176630EDE335EEC3005705
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft
Manifest number:          09B8
Signing time:             Wed 25 Mar 2026 23:01:22 +0000
Manifest this update:     Wed 25 Mar 2026 23:01:22 +0000
Manifest next update:     Thu 26 Mar 2026 23:01:22 +0000
Files and hashes:         1: 5cflrPSBczVw-y9CBdznGslTCz8.roa (hash: e3Ui7ThS6C0Gj8prOOjSxh7lUAWtygpEnNw9xX2dtRk=)
                          2: 6ikDq3uU-14xeZ06o1f5sBEku08.roa (hash: 14bAM4PQevceSeTCaULI+ouG0nOTQYIq9lETR/sCBX4=)
                          3: 6zmwiCnaR_RUV1zVvXd131O-Byk.roa (hash: wivF7cNRJAl3OyL7EJY6TuKfTwqgRld3+ZHQke6SRP8=)
                          4: 8lF-x6f7B2bwP5qOnFQwpxn9L0I.roa (hash: ciLzKnjSavNPyQD1IQHv/gt0vWyFhjCiKLjRitLPEkE=)
                          5: DJA8iYfOt3bjbbEH0sfO-Yzt5D0.roa (hash: dll+XV6deSG185dIKUE72K/Hgk2Qi2c2WRrfDucz8Pg=)
                          6: DPMVT21xt_FxJ1sn3UX-_U68dhM.roa (hash: W+9Q7HyRT/GtNJeWW1rH3dBewR4z6axBBAIPrMJ0PUU=)
                          7: DbbcNPtDfL7-gagtJ1a0Eyc1Z_A.roa (hash: MbxJlm+ziQoeXoBZ7l2IXv7uYhNPhhJgV3LLj54kjMg=)
                          8: HLY3yOfkVYAqEx3IXqQjGqSe60s.roa (hash: 89cRs5OEP6GzsmQJJPOS43nhrd5JryCvGoLQgmsG8Fk=)
                          9: QbspjSgom0qmdSedksWxw1y_dkI.roa (hash: eJ1YS4oVCoR1VNmiqp1NCkjDzMJ9GIvRJ3pjx5vZ9ic=)
                          10: SSFvXBZbgnp_1z2BB669L2PGPiQ.crl (hash: wyStuySHeTO/rawoZC1QhzmRwGn6EK3rEk5UgiijkjQ=)
                          11: TOVytZLtGiR_loWDvv77N1q9Wfs.roa (hash: Sv4e/TvtoYqQVyB6uh9qVYGBsdkIHsts6lbRC1DO+ec=)
                          12: UcQ1Ippcic9QsMq4m2D2gO9ZpIk.roa (hash: Y4z7KLj7vfcDesQxa00pP19sxOBjnRSBjEe98F7tXaU=)
                          13: bZJA4Zdk6OCETrYbfAEHSsuzwDE.roa (hash: IUm+Or+NvYeQ78zXKIY9OqKwxZRYHCF8Axsyp7t54Y8=)
                          14: q-kjvAzpx-ZYDXpOS_cviEYAaOc.roa (hash: 1g4myUSs6hufFOhffJJdUxf69ZM3/4EE4AG3+gn7wds=)
                          15: uLmKjHdh6xVL5Ct2SX4RrNBGZlY.roa (hash: M6ZErU+xYI38Ut27LDMzp6JcZbiEl5nEdPQAb8KQF+I=)
                          16: vEQzBYHoPzDXuty_rx-5GlAJtfQ.roa (hash: s7mP1EwT7gSUHcvBRHCBoQGsDjEPpmRpeu0/iQN+vMQ=)
                          17: yaioAwQqgstiMhVwqwEHasXnYDs.roa (hash: B1OftcLanWUv1RXMYsVOlCmHJWT10XchoJjDrQXqjiM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 23:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:3b:2b:aa:d8:17:66:30:ed:e3:35:ee:c3:00:57:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
        Validity
            Not Before: Mar 25 23:01:22 2026 GMT
            Not After : Mar 26 23:01:22 2026 GMT
        Subject: CN=58f81488e7ea78d43cc6e9ce0bfc84e6dd98ba5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:01:62:9d:8a:3d:a9:32:5c:fe:92:cf:00:d2:
                    66:5e:b1:a3:0a:6a:19:ce:d4:94:ca:a8:3c:93:86:
                    e3:a6:cf:52:e0:29:8b:5d:c7:c7:e4:b0:04:cd:4b:
                    33:e8:6e:71:88:54:67:09:86:b5:8e:ce:b7:d2:1e:
                    3d:60:24:2b:f0:9a:c9:fd:53:21:ae:4b:d5:52:86:
                    69:26:ff:93:ae:75:0b:04:fc:12:96:2f:08:5b:c9:
                    85:93:81:b5:26:14:43:83:b3:15:10:81:6a:ef:29:
                    9d:89:89:88:d0:11:84:a5:87:35:d7:8f:42:56:25:
                    d3:fd:64:69:59:17:87:ed:d7:43:76:d2:d2:b2:bc:
                    ba:e5:a6:1c:dc:15:e5:96:36:12:20:8e:92:49:f2:
                    96:cb:31:9d:b1:58:09:4f:d9:9d:1c:8b:62:ac:00:
                    34:5b:ed:4b:2c:69:4c:c1:fe:05:3d:e4:3d:77:f0:
                    2f:9c:e8:d8:c0:93:26:23:0f:63:d7:e5:b9:b8:66:
                    62:cd:cb:8c:28:cd:9b:ef:ad:36:be:06:e4:db:c1:
                    f6:cc:ad:6c:01:c6:9e:5a:3b:79:12:01:58:26:d4:
                    48:63:94:7e:49:96:91:00:24:38:1f:0b:03:7d:ca:
                    d2:7d:fe:3d:40:69:13:74:08:d0:5b:aa:64:42:d2:
                    db:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:F8:14:88:E7:EA:78:D4:3C:C6:E9:CE:0B:FC:84:E6:DD:98:BA:5C
            X509v3 Authority Key Identifier:
                keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:2f:87:84:f7:28:6d:fe:40:10:e4:53:e3:7f:a8:4d:5a:ba:
         7c:9d:c2:b0:40:5b:1c:26:70:41:75:b8:86:e5:a3:b4:52:c9:
         d7:c1:c5:29:ed:a8:c2:14:61:80:ea:fd:d9:67:f4:77:4b:2b:
         3b:ba:1b:dc:3c:20:76:dc:83:a9:a4:14:d4:e1:9b:bb:ca:4e:
         18:91:af:9c:ac:ea:61:58:61:36:e0:ae:ab:8a:40:6c:5b:2a:
         c4:f5:c6:82:bc:7a:29:63:be:96:b6:3c:1f:e3:c7:fb:f4:50:
         86:9a:6f:c7:c4:35:0f:cc:06:bb:0b:c0:84:47:15:e9:d1:8d:
         24:ac:0e:4e:12:3e:39:5a:7c:b4:77:dc:5c:75:d4:02:b9:e7:
         6e:91:0c:dd:33:98:78:15:05:cd:bb:17:b5:12:7b:ce:9f:c6:
         69:30:df:70:e6:b6:d6:83:d8:30:fb:d3:95:08:22:e5:a9:52:
         ee:6d:6f:7b:0c:08:39:08:7f:59:bd:55:10:04:3a:46:ab:ed:
         7e:09:7b:50:0c:a8:61:26:9d:89:1f:56:af:f8:07:e4:cf:72:
         ca:c8:7a:a2:f6:99:aa:a7:5a:60:7f:21:f3:ee:4a:7c:44:a5:
         dc:05:fd:a2:e7:34:89:ea:9e:93:f2:5e:f3:ea:8b:9f:85:8f:
         fe:f9:01:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOyuq2BdmMO3jNe7DAFcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjYwMzI1MjMwMTIyWhcNMjYwMzI2MjMwMTIyWjAzMTEwLwYDVQQD
Eyg1OGY4MTQ4OGU3ZWE3OGQ0M2NjNmU5Y2UwYmZjODRlNmRkOThiYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AFinYo9qTJc/pLPANJmXrGjCmoZ
ztSUyqg8k4bjps9S4CmLXcfH5LAEzUsz6G5xiFRnCYa1js630h49YCQr8JrJ/VMh
rkvVUoZpJv+TrnULBPwSli8IW8mFk4G1JhRDg7MVEIFq7ymdiYmI0BGEpYc1149C
ViXT/WRpWReH7ddDdtLSsry65aYc3BXlljYSII6SSfKWyzGdsVgJT9mdHItirAA0
W+1LLGlMwf4FPeQ9d/AvnOjYwJMmIw9j1+W5uGZizcuMKM2b7602vgbk28H2zK1s
AcaeWjt5EgFYJtRIY5R+SZaRACQ4HwsDfcrSff49QGkTdAjQW6pkQtLbEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFj4FIjn6njUPMbpzgv8hObdmLpcMB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPy+HhPco
bf5AEORT43+oTVq6fJ3CsEBbHCZwQXW4huWjtFLJ18HFKe2owhRhgOr92Wf0d0sr
O7ob3DwgdtyDqaQU1OGbu8pOGJGvnKzqYVhhNuCuq4pAbFsqxPXGgrx6KWO+lrY8
H+PH+/RQhppvx8Q1D8wGuwvAhEcV6dGNJKwOThI+OVp8tHfcXHXUArnnbpEM3TOY
eBUFzbsXtRJ7zp/GaTDfcOa21oPYMPvTlQgi5alS7m1vewwIOQh/Wb1VEAQ6Rqvt
fgl7UAyoYSadiR9Wr/gH5M9yysh6ovaZqqdaYH8h8+5KfESl3AX9ouc0ieqek/Je
8+qLn4WP/vkBVw==
-----END CERTIFICATE-----