Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
File:                     F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json)
Hash identifier:          8qNbgxDmQKCbtjf6pAOktEzDjeBZm7HTc+dwtAe2zQA=
Subject key identifier:   95:ED:1D:D2:A7:7C:2E:6F:1B:BB:0D:E8:74:06:F2:64:FF:D1:58:DD
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer:       /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial:       05E15D0A776B3A2029249031153E6F00ACE3BCF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
Manifest number:          0345
Signing time:             Thu 26 Mar 2026 01:52:16 +0000
Manifest this update:     Thu 26 Mar 2026 01:47:16 +0000
Manifest next update:     Fri 27 Mar 2026 04:45:16 +0000
Files and hashes:         1: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 894RTKAEh4ciZZOdefpuTBSaNDM2TQpQSdGle6pgy08=)
                          2: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=)
                          3: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=)
                          4: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=)
                          5: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: YRttKbBVKmVFJCLqXVNyqXBZwi5ZooomBxSDP4Gl2m4=)
                          6: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: xRCU3nXCnz2MpLvZ8S6BQfSsChJR/mZM0sQQQoIV4gs=)
                          7: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: DDBKGLOay0ETlRkkd+ZGuz8/q4wtGaLppxLYYnPMDTM=)
                          8: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: 3m2Z/mjozERlCSY+vSBpPSC7mc1wNvFz/UzxCrw2jy0=)
                          9: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=)
                          10: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=)
                          11: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=)
                          12: 326131333a393634313a3a2f34382d3438203d3e203532313132.roa (hash: 5o2ZOradY5DoOPidcJ775vbaNLbxYZsPfZS6MPweSnY=)
                          13: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:e1:5d:0a:77:6b:3a:20:29:24:90:31:15:3e:6f:00:ac:e3:bc:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
        Validity
            Not Before: Mar 26 01:47:16 2026 GMT
            Not After : Mar 27 04:45:16 2026 GMT
        Subject: CN=95ED1DD2A77C2E6F1BBB0DE87406F264FFD158DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:95:97:cd:3e:d7:d2:91:85:c3:24:a0:74:cb:
                    55:7d:25:e9:5f:8f:4a:77:9e:74:ff:da:d2:eb:cf:
                    22:d2:9c:47:b6:77:72:43:4d:9c:9a:4a:40:42:b4:
                    b7:2a:81:28:3b:49:65:2c:6c:63:20:87:ee:c6:3d:
                    9b:19:62:65:a4:71:57:59:8d:71:20:f1:23:26:d6:
                    b2:63:c9:56:fb:13:32:bc:9d:7b:c2:d2:e5:a5:f9:
                    df:56:e9:62:8f:00:27:9a:36:7c:58:7c:15:f8:4f:
                    91:8d:69:dc:e7:bb:6a:0c:2c:ed:3a:2e:07:96:df:
                    04:d7:b0:1d:f3:2a:ff:f7:d7:60:04:ff:36:a3:e8:
                    93:d0:89:91:0b:ff:38:7c:05:c3:47:a0:0e:14:ce:
                    04:2e:34:31:21:76:d2:8f:a0:a4:38:80:aa:64:be:
                    2e:f6:44:f7:cc:30:c4:0f:b7:67:ee:bb:a7:db:c7:
                    fe:e0:ad:d0:bb:44:55:33:0f:58:1f:cb:8b:f1:b2:
                    9a:ff:3c:75:6e:11:e7:1b:44:71:4c:30:ae:c5:58:
                    3c:ce:96:f3:b1:7c:64:4e:ff:f1:61:08:ce:ed:2a:
                    71:b4:a9:64:a1:82:74:91:c2:dd:03:60:88:ea:e1:
                    67:ad:08:af:38:f3:ea:c7:d2:43:5b:6d:2e:fe:36:
                    bc:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:ED:1D:D2:A7:7C:2E:6F:1B:BB:0D:E8:74:06:F2:64:FF:D1:58:DD
            X509v3 Authority Key Identifier:
                keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:1f:fe:5a:ed:b8:65:2d:09:a6:03:79:f6:aa:f3:d0:57:38:
         66:eb:79:21:41:ee:93:93:73:4f:2a:bc:73:f7:84:99:17:43:
         c6:93:65:0b:87:24:72:49:93:b0:41:c1:63:e2:cc:07:9d:fe:
         0a:b3:c3:77:1e:98:42:e6:57:34:f9:65:99:c9:92:4c:e4:55:
         95:eb:22:63:19:12:57:3a:36:e3:04:ba:2c:14:36:61:93:e0:
         cb:0e:9d:96:a2:5a:ff:53:f6:3e:d5:2d:95:48:13:98:69:de:
         2d:02:3f:ff:02:a4:1b:a6:64:b8:6b:41:ee:f3:00:e4:db:ba:
         f1:90:54:6d:3c:39:aa:f0:71:5b:a0:35:22:56:b1:b7:a8:59:
         fe:03:45:1b:80:f8:f0:27:83:10:51:0f:5b:18:2b:35:e8:c5:
         aa:b4:a8:46:a5:6f:aa:79:99:3f:7a:0b:a2:fc:5d:33:d9:3e:
         b5:89:8c:e6:b0:45:d3:7d:88:b4:67:56:de:fc:56:e9:4d:84:
         2d:55:ad:4b:ab:37:4b:41:f0:42:67:c8:6d:21:46:e4:3e:c9:
         4b:8b:c3:04:68:03:3b:22:72:59:87:a3:37:0c:a9:cb:8c:b7:
         7a:d3:88:a6:90:f3:11:14:09:3c:c1:75:1c:e8:5a:ce:b2:ac:
         5c:62:6a:09
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUBeFdCndrOiApJJAxFT5vAKzjvPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjAzMjYwMTQ3MTZaFw0yNjAzMjcwNDQ1MTZaMDMxMTAvBgNV
BAMTKDk1RUQxREQyQTc3QzJFNkYxQkJCMERFODc0MDZGMjY0RkZEMTU4REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/lZfNPtfSkYXDJKB0y1V9Jelf
j0p3nnT/2tLrzyLSnEe2d3JDTZyaSkBCtLcqgSg7SWUsbGMgh+7GPZsZYmWkcVdZ
jXEg8SMm1rJjyVb7EzK8nXvC0uWl+d9W6WKPACeaNnxYfBX4T5GNadznu2oMLO06
LgeW3wTXsB3zKv/312AE/zaj6JPQiZEL/zh8BcNHoA4UzgQuNDEhdtKPoKQ4gKpk
vi72RPfMMMQPt2fuu6fbx/7grdC7RFUzD1gfy4vxspr/PHVuEecbRHFMMK7FWDzO
lvOxfGRO//FhCM7tKnG0qWShgnSRwt0DYIjq4WetCK848+rH0kNbbS7+NryFAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUle0d0qd8Lm8buw3odAbyZP/RWN0wHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00
MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4
NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzx/+Wu24ZS0JpgN59qrz
0Fc4Zut5IUHuk5NzTyq8c/eEmRdDxpNlC4ckckmTsEHBY+LMB53+CrPDdx6YQuZX
NPllmcmSTORVlesiYxkSVzo24wS6LBQ2YZPgyw6dlqJa/1P2PtUtlUgTmGneLQI/
/wKkG6ZkuGtB7vMA5Nu68ZBUbTw5qvBxW6A1Ilaxt6hZ/gNFG4D48CeDEFEPWxgr
NejFqrSoRqVvqnmZP3oLovxdM9k+tYmM5rBF032ItGdW3vxW6U2ELVWtS6s3S0Hw
QmfIbSFG5D7JS4vDBGgDOyJyWYejNwypy4y3etOIppDzERQJPMF1HOhazrKsXGJq
CQ==
-----END CERTIFICATE-----