Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.mft
File:                     258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.mft (raw, json)
Hash identifier:          KPIu2pAZhX98O8UD/XHK80xOzpHXj+4JEvhY2ymTMFg=
Subject key identifier:   9B:79:98:2B:0F:E5:22:84:A3:12:2D:7E:20:AD:CC:C5:8E:0D:54:E3
Authority key identifier: 25:8D:1C:E0:CB:76:A9:86:E5:6C:7A:90:A6:6B:A7:DC:72:F5:95:2A
Certificate issuer:       /CN=258D1CE0CB76A986E56C7A90A66BA7DC72F5952A
Certificate serial:       3B05B3BC3DC0EF93E5A7A6386197DAEC7D7236AD
Authority info access:    rsync://rpki.axivora.net/repo/Axivora-Net/2/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.mft
Manifest number:          CF
Signing time:             Wed 25 Mar 2026 19:14:25 +0000
Manifest this update:     Wed 25 Mar 2026 19:09:25 +0000
Manifest next update:     Thu 26 Mar 2026 22:10:25 +0000
Files and hashes:         1: 326131343a373538303a3737373a3a2f34382d3438203d3e203134363138.roa (hash: RTK2m9QZnNSKC5ZVcuz7+tdRZKTs7/hzcAu/hXd2ZTc=)
                          2: 326131343a373538303a3737353a3a2f34382d3438203d3e203134363138.roa (hash: MfUF2laHihcgibdMapv7JAFGkNEIH6JIdDfIW/lhqFE=)
                          3: 258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.crl (hash: 1ymz0gd+8gYxJodsMOTAxLju2bpdoIBGGiToL7z58EM=)
                          4: 326131343a373538303a3737353a3a2f34382d3438203d3e203136353039.roa (hash: LbzBckLICgXq7UKYaeP/CXL1PXD0JCr+a84omRC/7VY=)
                          5: 326131343a373538303a3737373a3a2f34382d3438203d3e203136353039.roa (hash: xvnqSl1qLoVMIEzXN9sXRb87iGsN7N/pVeZWynFQufE=)
                          6: 326131343a373538303a3737303a3a2f34342d3438203d3e20323133383931.roa (hash: woLwL0VEJzWnepdsx0zvpMFwwJXef1WYeYkaz1KcaHg=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.mft
                          rsync://rpki.axivora.net/repo/Axivora-Net/2/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.cer
                          rsync://rpki.axivora.net/repo/Axivora-Net/2/F6DE6FC7AC467F10B5705E60B8FDDA02FFFD7378.crl
                          rsync://rpki.axivora.net/repo/Axivora-Net/2/F6DE6FC7AC467F10B5705E60B8FDDA02FFFD7378.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F6DE6FC7AC467F10B5705E60B8FDDA02FFFD7378.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:10:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:05:b3:bc:3d:c0:ef:93:e5:a7:a6:38:61:97:da:ec:7d:72:36:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=258D1CE0CB76A986E56C7A90A66BA7DC72F5952A
        Validity
            Not Before: Mar 25 19:09:25 2026 GMT
            Not After : Mar 26 22:10:25 2026 GMT
        Subject: CN=9B79982B0FE52284A3122D7E20ADCCC58E0D54E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:fc:06:25:fb:ea:95:2c:e3:6c:31:49:ea:74:
                    fa:08:f4:70:b3:9f:48:6e:d6:3e:40:b5:4b:62:15:
                    64:f2:a3:5c:28:97:30:01:3e:58:b8:2b:08:27:7c:
                    97:5b:28:47:6a:ca:bc:3d:75:62:17:02:22:54:43:
                    1e:06:65:2f:d5:97:2c:80:b4:a2:69:65:a3:34:60:
                    7b:89:39:70:a9:9e:d2:7d:cc:2b:bf:6d:56:46:8f:
                    5e:d5:67:90:11:c4:df:36:c1:fc:f9:ac:f7:45:26:
                    30:6f:1a:da:b4:64:0b:d0:d7:a7:d1:25:db:a1:4c:
                    2a:67:e6:e2:dd:94:32:a6:c4:77:68:fb:11:b9:ab:
                    47:e6:0e:8f:f5:3f:22:d4:97:bf:7a:e7:e2:84:06:
                    78:36:d5:89:e5:61:cc:d3:b8:e3:3a:12:3f:8c:c1:
                    56:7b:9b:f9:52:9b:c2:a9:61:47:99:c9:54:e2:8f:
                    8f:02:a1:69:a1:19:c6:0c:e1:59:50:0f:ab:b3:eb:
                    06:45:0a:4c:71:d6:04:32:23:4e:fc:21:35:e4:76:
                    83:6e:60:39:ed:24:cf:d9:93:d4:13:12:1e:34:35:
                    8b:a2:35:60:70:6e:41:51:6e:1e:4e:7c:e4:5e:11:
                    b9:ee:48:df:2d:8d:02:0c:9a:23:a6:bf:6d:bb:b3:
                    2e:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:79:98:2B:0F:E5:22:84:A3:12:2D:7E:20:AD:CC:C5:8E:0D:54:E3
            X509v3 Authority Key Identifier:
                keyid:25:8D:1C:E0:CB:76:A9:86:E5:6C:7A:90:A6:6B:A7:DC:72:F5:95:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.axivora.net/repo/Axivora-Net/2/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03fd0b76-7243-4b26-9760-cc07b94bfe23/1/258D1CE0CB76A986E56C7A90A66BA7DC72F5952A.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:15:d5:96:16:3c:c2:c6:d6:f2:ce:4d:1b:93:ca:24:75:85:
         6b:a2:95:f0:28:fd:0a:65:39:fc:d5:ca:fe:9f:ad:7b:ed:a0:
         83:2d:7b:d9:10:af:c4:1a:b2:db:2b:b4:87:5f:90:5e:83:40:
         61:22:d2:9a:dd:5b:52:cc:e3:35:2e:1d:87:fd:34:3c:de:91:
         e1:43:96:43:15:9f:87:3e:f7:4a:e9:60:f3:75:5b:5e:cf:28:
         b9:ce:26:6f:f6:8c:27:b8:87:6d:a1:66:b3:c3:e6:83:c0:b4:
         73:c9:11:89:75:b4:6e:f0:3f:52:66:dc:58:0f:53:af:d1:a0:
         04:23:73:3d:57:41:23:be:3c:12:9e:83:88:42:c6:a7:32:a1:
         fe:06:e1:ea:9b:49:f1:63:26:d2:dc:25:50:d4:d0:b5:90:80:
         c1:4c:9e:ee:64:88:25:6b:b3:af:55:56:3b:f8:47:49:33:7d:
         a5:25:0f:37:11:b2:c6:ad:0a:b1:9a:ce:91:eb:d6:c2:5e:9c:
         8b:7d:32:2a:ba:92:3d:87:87:22:c7:54:bb:68:72:87:71:d8:
         26:fd:e4:70:52:f0:53:b1:89:d8:bc:3b:2f:13:47:bb:d5:c9:
         52:93:a1:c6:de:3a:60:3a:6a:89:dc:79:a9:03:90:7f:81:9b:
         6c:1d:6c:04
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIUOwWzvD3A75Plp6Y4YZfa7H1yNq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjU4RDFDRTBDQjc2QTk4NkU1NkM3QTkwQTY2QkE3REM3
MkY1OTUyQTAeFw0yNjAzMjUxOTA5MjVaFw0yNjAzMjYyMjEwMjVaMDMxMTAvBgNV
BAMTKDlCNzk5ODJCMEZFNTIyODRBMzEyMkQ3RTIwQURDQ0M1OEUwRDU0RTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk/AYl++qVLONsMUnqdPoI9HCz
n0hu1j5AtUtiFWTyo1wolzABPli4KwgnfJdbKEdqyrw9dWIXAiJUQx4GZS/VlyyA
tKJpZaM0YHuJOXCpntJ9zCu/bVZGj17VZ5ARxN82wfz5rPdFJjBvGtq0ZAvQ16fR
JduhTCpn5uLdlDKmxHdo+xG5q0fmDo/1PyLUl7965+KEBng21YnlYczTuOM6Ej+M
wVZ7m/lSm8KpYUeZyVTij48CoWmhGcYM4VlQD6uz6wZFCkxx1gQyI078ITXkdoNu
YDntJM/Zk9QTEh40NYuiNWBwbkFRbh5OfOReEbnuSN8tjQIMmiOmv227sy6XAgMB
AAGjggJXMIICUzAdBgNVHQ4EFgQUm3mYKw/lIoSjEi1+IK3MxY4NVOMwHwYDVR0j
BBgwFoAUJY0c4Mt2qYblbHqQpmun3HL1lSowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDNmZDBiNzYtNzI0My00YjI2LTk3NjAtY2MwN2I5NGJm
ZTIzLzEvMjU4RDFDRTBDQjc2QTk4NkU1NkM3QTkwQTY2QkE3REM3MkY1OTUyQS5j
cmwwdAYIKwYBBQUHAQEEaDBmMGQGCCsGAQUFBzAChlhyc3luYzovL3Jwa2kuYXhp
dm9yYS5uZXQvcmVwby9BeGl2b3JhLU5ldC8yLzI1OEQxQ0UwQ0I3NkE5ODZFNTZD
N0E5MEE2NkJBN0RDNzJGNTk1MkEuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9z
aXRvcnkvMDNmZDBiNzYtNzI0My00YjI2LTk3NjAtY2MwN2I5NGJmZTIzLzEvMjU4
RDFDRTBDQjc2QTk4NkU1NkM3QTkwQTY2QkE3REM3MkY1OTUyQS5tZnQwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAG
BAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwDQYJKoZIhvcNAQELBQADggEB
ABAV1ZYWPMLG1vLOTRuTyiR1hWuilfAo/QplOfzVyv6frXvtoIMte9kQr8Qastsr
tIdfkF6DQGEi0prdW1LM4zUuHYf9NDzekeFDlkMVn4c+90rpYPN1W17PKLnOJm/2
jCe4h22hZrPD5oPAtHPJEYl1tG7wP1Jm3FgPU6/RoAQjcz1XQSO+PBKeg4hCxqcy
of4G4eqbSfFjJtLcJVDU0LWQgMFMnu5kiCVrs69VVjv4R0kzfaUlDzcRssatCrGa
zpHr1sJenIt9Miq6kj2HhyLHVLtocodx2Cb95HBS8FOxidi8Oy8TR7vVyVKTocbe
OmA6aonceakDkH+Bm2wdbAQ=
-----END CERTIFICATE-----