Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
File:                     F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft (raw, json)
Hash identifier:          9FbrGes/U4v3fCIpZiTX4hQM6iaLP24GAMJS0LElBNY=
Subject key identifier:   7E:51:9C:CC:EB:D6:71:CD:56:40:C7:30:C1:6E:1B:78:B3:D6:E2:F4
Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE
Certificate issuer:       /CN=f1d0572fe72991bd32854bac716676ebdad22ace
Certificate serial:       131C5C2EB6A1F04071FB95AF10A063B496A6E2E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
Manifest number:          0384
Signing time:             Tue 12 May 2026 19:36:40 +0000
Manifest this update:     Tue 12 May 2026 19:31:40 +0000
Manifest next update:     Wed 13 May 2026 20:53:40 +0000
Files and hashes:         1: 326131333a393634343a323232303a3a2f34342d3438203d3e20323134393932.roa (hash: 894RTKAEh4ciZZOdefpuTBSaNDM2TQpQSdGle6pgy08=)
                          2: 326131333a393634313a3a2f34382d3438203d3e203532313132.roa (hash: 5o2ZOradY5DoOPidcJ775vbaNLbxYZsPfZS6MPweSnY=)
                          3: 8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer (hash: nYcdq/fifitjvFyPoNBEJvUP1WGfqAJvzv/Dj2Iivv0=)
                          4: 39312e3230372e31332e302f32342d3234203d3e203532313132.roa (hash: YRttKbBVKmVFJCLqXVNyqXBZwi5ZooomBxSDP4Gl2m4=)
                          5: 326131333a393634343a31303a3a2f34362d3438203d3e203438313934.roa (hash: WOAaZY65k+/GoeKbXXymPrZVu7CfbDlQvCXqyS0ZjLA=)
                          6: 326131333a393634343a333030303a3a2f34302d3438203d3e20323131343331.roa (hash: e3gM8xBShVESXc8MaKIMDq1iDa8wjJWbHPjdOfhPuFQ=)
                          7: F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl (hash: R+7b4q5KIg7h8/x8cAwlD8eLvXuiwmHr7BCN1ynL3E0=)
                          8: 326131333a393634303a3a2f34342d3434203d3e203532313132.roa (hash: DOR1Pt3ct68s+ey18ZghPrs5rAUoZlIbwxjvP68BE+k=)
                          9: 326131333a393634343a34303a3a2f34342d3438203d3e20323131343331.roa (hash: UQpEpactphMaN3i4tpyR5s9Tmz685dUuNs8hSuG0cJQ=)
                          10: 5EB2E5DAD0C6996D0A80A7B90F3A2AA60FB1A7AC.cer (hash: DDBKGLOay0ETlRkkd+ZGuz8/q4wtGaLppxLYYnPMDTM=)
                          11: 326131333a393634343a343030303a3a2f34302d3438203d3e20323034323931.roa (hash: OXH7kpuguUKmKnwoouN0IGAOMj3E/W/ffH2kJO7vbOY=)
                          12: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (hash: 3m2Z/mjozERlCSY+vSBpPSC7mc1wNvFz/UzxCrw2jy0=)
                          13: 326131333a393634343a34303a3a2f34342d3438203d3e20323136333336.roa (hash: lNHaIlVxi/lYCx53I3+MfwePjUfRoiP0WtejKnMjprU=)
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:1c:5c:2e:b6:a1:f0:40:71:fb:95:af:10:a0:63:b4:96:a6:e2:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace
        Validity
            Not Before: May 12 19:31:40 2026 GMT
            Not After : May 13 20:53:40 2026 GMT
        Subject: CN=7E519CCCEBD671CD5640C730C16E1B78B3D6E2F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:8b:85:fd:a4:f7:50:3a:4a:6a:31:2e:04:3e:
                    62:10:07:49:27:49:d0:48:bc:86:bc:4a:2a:71:ed:
                    53:f7:49:56:bc:04:f3:f6:f3:0f:26:cd:63:4a:6b:
                    2f:a6:c5:b5:55:d6:40:ae:4b:7e:b6:31:f0:a1:74:
                    0c:f5:37:79:32:be:7a:c9:5c:74:9d:f2:d6:ad:61:
                    21:84:1c:0a:1d:42:e9:c3:8e:73:3c:71:ee:d0:d1:
                    d0:d4:1d:c7:38:13:df:3b:3e:57:ec:ac:9a:1e:1b:
                    86:0e:5d:1c:42:75:7f:17:79:39:59:c3:c3:d1:c5:
                    40:84:74:cc:4b:70:60:3b:3d:db:bb:1a:2d:60:61:
                    79:3e:b5:eb:a5:f1:82:3a:24:70:c8:e9:df:b6:32:
                    88:4c:6b:64:6a:62:de:77:07:47:7e:f3:84:a1:0e:
                    be:af:a3:7c:c9:d4:7d:05:84:c5:b6:53:eb:0c:f9:
                    67:a9:f6:30:7a:b9:72:6b:ec:36:08:58:4f:0c:38:
                    45:a7:34:8c:9d:2a:80:00:9a:5a:ab:a2:75:ac:af:
                    2a:fe:03:36:b2:ac:5d:6a:37:0f:df:ed:f9:dd:30:
                    40:52:56:5e:bb:00:34:38:01:64:10:c1:1d:4a:b5:
                    24:a2:2a:30:d8:5a:69:f4:90:2e:56:97:e9:f7:94:
                    8c:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:51:9C:CC:EB:D6:71:CD:56:40:C7:30:C1:6E:1B:78:B3:D6:E2:F4
            X509v3 Authority Key Identifier:
                keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:f4:82:b1:92:e4:bf:e6:51:aa:5e:a5:94:e5:bf:af:21:fe:
         f1:32:7b:ae:f1:99:e8:e4:59:af:49:c8:1e:74:96:e7:54:29:
         df:f5:a4:54:fc:07:b0:3d:9f:04:a5:da:3e:e7:48:5f:fa:40:
         89:ae:eb:7c:8b:ac:6f:b5:2f:13:cb:c6:46:e3:0f:f5:44:16:
         54:8e:4c:2c:a2:a2:85:27:4e:6f:05:70:0e:2f:7f:3b:16:8e:
         56:cc:77:4a:3f:92:bc:fd:93:66:42:1a:09:ce:e3:72:eb:26:
         f3:58:b3:1a:ee:d5:37:d2:16:1f:3a:29:0b:d0:a4:d9:22:5f:
         7c:fd:5f:cf:33:b3:43:14:2a:ee:22:c6:36:44:51:86:b2:de:
         66:94:e2:17:3f:17:13:f8:bc:99:7b:4f:b2:f0:c4:66:c7:42:
         a8:ce:c0:74:b6:50:46:52:3f:0d:c7:51:4a:41:37:9e:44:b6:
         37:48:ef:78:f3:07:26:f8:00:7b:f3:09:99:36:74:a7:e3:0a:
         d2:18:fc:bb:68:00:78:37:88:4c:1a:1e:6d:ae:4d:06:89:b2:
         f3:7f:9d:64:2d:34:49:25:1d:00:73:62:d0:55:3f:5f:03:16:
         9f:da:64:bc:1b:51:21:3d:09:64:2b:f3:6e:5a:6d:af:1a:cb:
         ad:59:51:31
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUExxcLrah8EBx+5WvEKBjtJam4uMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk
YWQyMmFjZTAeFw0yNjA1MTIxOTMxNDBaFw0yNjA1MTMyMDUzNDBaMDMxMTAvBgNV
BAMTKDdFNTE5Q0NDRUJENjcxQ0Q1NjQwQzczMEMxNkUxQjc4QjNENkUyRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvi4X9pPdQOkpqMS4EPmIQB0kn
SdBIvIa8Sipx7VP3SVa8BPP28w8mzWNKay+mxbVV1kCuS362MfChdAz1N3kyvnrJ
XHSd8tatYSGEHAodQunDjnM8ce7Q0dDUHcc4E987PlfsrJoeG4YOXRxCdX8XeTlZ
w8PRxUCEdMxLcGA7Pdu7Gi1gYXk+teul8YI6JHDI6d+2MohMa2RqYt53B0d+84Sh
Dr6vo3zJ1H0FhMW2U+sM+Wep9jB6uXJr7DYIWE8MOEWnNIydKoAAmlqronWsryr+
AzayrF1qNw/f7fndMEBSVl67ADQ4AWQQwR1KtSSiKjDYWmn0kC5Wl+n3lIyvAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUflGczOvWcc1WQMcwwW4beLPW4vQwHwYDVR0j
BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1
YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly
U0tzNC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00
MDBhLTRmZDEtYWI4YS1lNzYxNmUyNDViNDkvMC9GMUQwNTcyRkU3Mjk5MUJEMzI4
NTRCQUM3MTY2NzZFQkRBRDIyQUNFLm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb/SCsZLkv+ZRql6llOW/
ryH+8TJ7rvGZ6ORZr0nIHnSW51Qp3/WkVPwHsD2fBKXaPudIX/pAia7rfIusb7Uv
E8vGRuMP9UQWVI5MLKKihSdObwVwDi9/OxaOVsx3Sj+SvP2TZkIaCc7jcusm81iz
Gu7VN9IWHzopC9Ck2SJffP1fzzOzQxQq7iLGNkRRhrLeZpTiFz8XE/i8mXtPsvDE
ZsdCqM7AdLZQRlI/DcdRSkE3nkS2N0jvePMHJvgAe/MJmTZ0p+MK0hj8u2gAeDeI
TBoeba5NBomy83+dZC00SSUdAHNi0FU/XwMWn9pkvBtRIT0JZCvzblptrxrLrVlR
MQ==
-----END CERTIFICATE-----