Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
File:                     20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json)
Hash identifier:          Ri5Yz7OvPfNWgc2L4UZSIRZZpkyNODnspZexTCA1ArY=
Subject key identifier:   B9:53:F4:E0:95:F2:08:A5:F6:28:A6:57:CD:E8:93:01:F4:58:72:28
Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
Certificate issuer:       /CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Certificate serial:       019EBF2369BF3237F6375F325B17515615E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
Manifest number:          1955
Signing time:             Sat 13 Jun 2026 04:00:29 +0000
Manifest this update:     Sat 13 Jun 2026 04:00:29 +0000
Manifest next update:     Sun 14 Jun 2026 04:00:29 +0000
Files and hashes:         1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: HR/ed7NHqmnnh2JvorU5ZVwPKsALuNYWnCkRDNGrdlQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 04:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:23:69:bf:32:37:f6:37:5f:32:5b:17:51:56:15:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852
        Validity
            Not Before: Jun 13 04:00:29 2026 GMT
            Not After : Jun 14 04:00:29 2026 GMT
        Subject: CN=b953f4e095f208a5f628a657cde89301f4587228
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:4f:49:4d:1b:ea:c4:ea:d3:50:bb:c4:38:49:
                    c6:7f:3c:be:5b:a9:53:c1:74:ea:be:80:64:6e:df:
                    0f:00:8b:99:4d:bd:c9:43:d0:70:f6:d8:68:28:f4:
                    e1:26:a8:94:47:91:75:18:7e:10:16:fd:00:a1:43:
                    53:dc:fa:72:5b:0e:f6:47:6d:81:e1:01:aa:ac:9d:
                    58:c5:75:67:bc:59:bd:1f:df:5e:9e:a5:d0:6b:05:
                    a5:6a:b9:85:b7:56:63:3f:74:ec:2a:b4:2c:13:8d:
                    c8:6b:56:dc:cb:24:16:0c:5b:56:5f:9e:61:ee:ea:
                    5c:c4:1e:9c:c7:73:7b:c3:ba:35:dd:50:95:02:47:
                    49:e0:22:2d:dd:08:26:60:17:c0:4a:55:0b:2e:5a:
                    ee:62:f2:b3:79:be:d7:d2:2d:81:d8:a7:45:fb:1a:
                    f4:b6:65:1f:8b:8c:72:d2:60:f5:e4:6f:5a:5e:ed:
                    c8:19:e1:b6:56:87:e0:e5:54:b2:b5:3f:c3:ac:3e:
                    21:1a:32:60:b2:3a:7f:55:6e:78:7f:c5:5d:bb:a3:
                    15:61:f5:97:41:14:7e:2d:ea:80:f2:da:11:05:46:
                    f9:9c:94:bd:8e:1a:8e:f0:10:2d:a3:1a:b5:21:98:
                    e6:ca:96:ed:27:0d:99:b5:1f:b2:a6:ec:d8:ac:a4:
                    a0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:53:F4:E0:95:F2:08:A5:F6:28:A6:57:CD:E8:93:01:F4:58:72:28
            X509v3 Authority Key Identifier:
                keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:c3:0b:87:a1:90:fb:50:15:5e:c9:c6:7b:6e:b7:50:c4:54:
         11:b0:7b:0b:ed:ff:f6:fe:09:dd:fd:2e:06:b2:67:ca:c5:36:
         f5:39:db:a8:4a:7d:8e:7c:39:22:8f:d3:bd:d6:9b:91:e7:aa:
         55:ef:08:bc:9c:0a:90:87:87:dc:aa:0b:38:15:8c:75:df:b6:
         5b:43:98:2b:8d:a1:52:34:4a:1e:fa:9d:b5:8f:ff:5a:ba:1b:
         96:a7:d0:2f:55:66:5f:64:16:b1:d7:a8:66:07:91:49:58:9f:
         39:cd:28:5a:cc:2a:3e:3c:b0:6a:32:9c:23:ec:50:b4:af:30:
         4e:6e:81:12:16:61:cd:4c:a3:3c:2f:92:d0:1b:e1:a7:09:a1:
         b0:64:71:8e:2a:6c:7d:dc:68:68:14:53:90:f5:07:67:13:8a:
         df:8f:30:a0:a3:ab:6b:c0:b3:f3:41:53:b4:ac:00:72:30:60:
         93:9e:bf:7c:48:07:cd:ad:51:b7:5d:c3:6e:48:b7:75:44:7f:
         61:1f:4c:92:0b:8e:d3:26:59:b8:96:a2:8c:19:ed:86:d5:a0:
         38:dd:9f:0e:3f:c9:a6:bf:e5:75:fe:3f:e0:f9:35:72:20:6d:
         00:75:f0:74:b0:6d:10:1d:41:60:86:f6:66:9e:f0:1a:56:ce:
         87:66:bd:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/I2m/Mjf2N18yWxdRVhXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4
Yjc4NTIwHhcNMjYwNjEzMDQwMDI5WhcNMjYwNjE0MDQwMDI5WjAzMTEwLwYDVQQD
EyhiOTUzZjRlMDk1ZjIwOGE1ZjYyOGE2NTdjZGU4OTMwMWY0NTg3MjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU9JTRvqxOrTULvEOEnGfzy+W6lT
wXTqvoBkbt8PAIuZTb3JQ9Bw9thoKPThJqiUR5F1GH4QFv0AoUNT3PpyWw72R22B
4QGqrJ1YxXVnvFm9H99enqXQawWlarmFt1ZjP3TsKrQsE43Ia1bcyyQWDFtWX55h
7upcxB6cx3N7w7o13VCVAkdJ4CIt3QgmYBfASlULLlruYvKzeb7X0i2B2KdF+xr0
tmUfi4xy0mD15G9aXu3IGeG2Vofg5VSytT/DrD4hGjJgsjp/VW54f8Vdu6MVYfWX
QRR+LeqA8toRBUb5nJS9jhqO8BAtoxq1IZjmypbtJw2ZtR+ypuzYrKSgWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlT9OCV8gil9iimV83okwH0WHIoMB8GA1UdIwQY
MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut
ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3
LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcsMLh6GQ
+1AVXsnGe263UMRUEbB7C+3/9v4J3f0uBrJnysU29TnbqEp9jnw5Io/Tvdabkeeq
Ve8IvJwKkIeH3KoLOBWMdd+2W0OYK42hUjRKHvqdtY//WroblqfQL1VmX2QWsdeo
ZgeRSVifOc0oWswqPjywajKcI+xQtK8wTm6BEhZhzUyjPC+S0BvhpwmhsGRxjips
fdxoaBRTkPUHZxOK348woKOra8Cz80FTtKwAcjBgk56/fEgHza1Rt13Dbki3dUR/
YR9MkguO0yZZuJaijBnthtWgON2fDj/Jpr/ldf4/4Pk1ciBtAHXwdLBtEB1BYIb2
Zp7wGlbOh2a9Dg==
-----END CERTIFICATE-----