Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft
File:                     8z9sz1fxxI8RwU_QBUBazONtA7g.mft (raw, json)
Hash identifier:          EDfexc/jRinOmu983uLenBjbDFp23Cdk62oXkGmw39c=
Subject key identifier:   17:72:AD:0E:39:6E:57:56:F0:0B:F7:11:9F:6C:51:CF:85:1C:03:E1
Authority key identifier: F3:3F:6C:CF:57:F1:C4:8F:11:C1:4F:D0:05:40:5A:CC:E3:6D:03:B8
Certificate issuer:       /CN=f33f6ccf57f1c48f11c14fd005405acce36d03b8
Certificate serial:       019EC2C9687196DCCFD09493237B5FB616D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8z9sz1fxxI8RwU_QBUBazONtA7g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft
Manifest number:          1956
Signing time:             Sat 13 Jun 2026 21:00:39 +0000
Manifest this update:     Sat 13 Jun 2026 21:00:39 +0000
Manifest next update:     Sun 14 Jun 2026 21:00:39 +0000
Files and hashes:         1: 8z9sz1fxxI8RwU_QBUBazONtA7g.crl (hash: AYli9NtRIOo650FZfvVG1dmJxtQeqZuwEANFTWifC9A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8z9sz1fxxI8RwU_QBUBazONtA7g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 17:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c2:c9:68:71:96:dc:cf:d0:94:93:23:7b:5f:b6:16:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f33f6ccf57f1c48f11c14fd005405acce36d03b8
        Validity
            Not Before: Jun 13 21:00:39 2026 GMT
            Not After : Jun 14 21:00:39 2026 GMT
        Subject: CN=1772ad0e396e5756f00bf7119f6c51cf851c03e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ca:d4:27:1b:b8:2a:38:43:26:58:d9:09:f4:
                    df:59:9a:c2:cd:53:4a:fb:7a:54:23:83:27:4a:82:
                    10:59:44:00:15:50:b7:12:97:7b:02:cc:ef:6a:6f:
                    67:92:b7:50:82:da:b3:da:77:3e:ab:00:15:44:ef:
                    04:d3:af:43:75:95:bc:36:47:cc:4b:cd:71:b5:f8:
                    6a:5a:eb:1c:c6:6d:f1:9f:7b:ab:be:b2:70:08:ff:
                    6f:a2:2b:ac:82:09:cb:db:b6:13:de:73:8f:3e:ae:
                    79:6a:ec:a2:39:99:cd:c8:84:5e:fb:70:61:69:44:
                    cc:74:67:f1:05:46:2d:68:1a:19:35:20:3a:c4:e1:
                    0f:7c:10:5e:92:ec:f3:34:29:30:32:cf:c6:f8:90:
                    56:67:0a:42:3c:87:22:19:2c:da:ee:de:30:5c:f1:
                    bf:b1:6c:6c:4e:6f:1f:99:bd:a0:ca:e3:cf:81:6b:
                    91:18:e8:b2:07:c7:c6:1b:2c:8f:69:d5:52:b9:b5:
                    d5:61:03:a8:ee:f4:b0:8f:88:41:77:a1:65:5e:32:
                    01:90:22:85:b4:fd:42:bc:b1:00:55:5b:38:59:9d:
                    bd:0e:a0:1e:cc:3f:9d:6a:eb:c8:e2:77:9a:84:16:
                    88:3c:99:05:28:65:cc:78:6c:52:23:fe:02:2e:40:
                    52:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:72:AD:0E:39:6E:57:56:F0:0B:F7:11:9F:6C:51:CF:85:1C:03:E1
            X509v3 Authority Key Identifier:
                keyid:F3:3F:6C:CF:57:F1:C4:8F:11:C1:4F:D0:05:40:5A:CC:E3:6D:03:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8z9sz1fxxI8RwU_QBUBazONtA7g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:7d:5e:a2:df:fa:09:d2:c2:9f:1f:d7:d0:13:9e:38:f2:5a:
         9f:f9:60:13:61:d4:82:4f:61:2e:30:81:c4:77:fc:b9:01:96:
         75:15:ca:bc:03:f7:f4:04:c8:f3:d2:71:19:3e:7c:81:8e:c9:
         a5:1d:9f:c2:85:cd:73:49:d8:bd:f7:97:b3:f4:ae:93:32:78:
         55:49:a7:57:14:0e:99:9c:66:f9:c5:85:b6:b6:7f:71:0c:43:
         8a:94:23:6c:94:c3:29:fd:7a:01:79:46:87:4a:94:51:59:e4:
         9f:c7:79:55:69:de:aa:41:76:3b:3f:ac:6a:98:c2:b2:a1:a4:
         69:69:cc:4e:da:c6:b0:8c:fc:7a:1b:e2:fd:e6:e4:37:80:d7:
         3d:0c:7d:31:76:b7:ce:03:99:32:54:7f:02:67:c1:33:2c:d9:
         51:23:ed:df:68:78:96:1b:e2:15:20:7b:6b:16:6e:b7:1d:40:
         07:a4:12:44:38:03:44:6e:31:54:bf:99:5f:c5:77:d2:c3:06:
         64:98:97:b0:9c:1f:c7:9e:eb:94:ce:77:5d:0f:b4:f3:dc:a8:
         50:50:95:eb:af:86:e4:4e:cb:f6:84:cc:01:1e:d3:a1:96:87:
         d9:28:24:08:3f:3f:0b:13:6a:0e:6a:5c:d6:bb:4b:55:ba:ec:
         81:3e:61:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7CyWhxltzP0JSTI3tfthbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzM2Y2Y2NmNTdmMWM0OGYxMWMxNGZkMDA1NDA1YWNjZTM2
ZDAzYjgwHhcNMjYwNjEzMjEwMDM5WhcNMjYwNjE0MjEwMDM5WjAzMTEwLwYDVQQD
EygxNzcyYWQwZTM5NmU1NzU2ZjAwYmY3MTE5ZjZjNTFjZjg1MWMwM2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8rUJxu4KjhDJljZCfTfWZrCzVNK
+3pUI4MnSoIQWUQAFVC3Epd7Aszvam9nkrdQgtqz2nc+qwAVRO8E069DdZW8NkfM
S81xtfhqWuscxm3xn3urvrJwCP9voiusggnL27YT3nOPPq55auyiOZnNyIRe+3Bh
aUTMdGfxBUYtaBoZNSA6xOEPfBBekuzzNCkwMs/G+JBWZwpCPIciGSza7t4wXPG/
sWxsTm8fmb2gyuPPgWuRGOiyB8fGGyyPadVSubXVYQOo7vSwj4hBd6FlXjIBkCKF
tP1CvLEAVVs4WZ29DqAezD+dauvI4neahBaIPJkFKGXMeGxSI/4CLkBSrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBdyrQ45bldW8Av3EZ9sUc+FHAPhMB8GA1UdIwQY
MBaAFPM/bM9X8cSPEcFP0AVAWszjbQO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHo5c3oxZnh4SThSd1VfUUJVQmF6T050QTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jZGMyZWMtZDBlZS00MzZhLThkMTEt
ZjVkNmI0OTIzOTRiLzEvOHo5c3oxZnh4SThSd1VfUUJVQmF6T050QTdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jZGMyZWMtZDBlZS00MzZhLThkMTEtZjVkNmI0OTIzOTRi
LzEvOHo5c3oxZnh4SThSd1VfUUJVQmF6T050QTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ31eot/6
CdLCnx/X0BOeOPJan/lgE2HUgk9hLjCBxHf8uQGWdRXKvAP39ATI89JxGT58gY7J
pR2fwoXNc0nYvfeXs/SukzJ4VUmnVxQOmZxm+cWFtrZ/cQxDipQjbJTDKf16AXlG
h0qUUVnkn8d5VWneqkF2Oz+sapjCsqGkaWnMTtrGsIz8ehvi/ebkN4DXPQx9MXa3
zgOZMlR/AmfBMyzZUSPt32h4lhviFSB7axZutx1AB6QSRDgDRG4xVL+ZX8V30sMG
ZJiXsJwfx57rlM53XQ+089yoUFCV66+G5E7L9oTMAR7ToZaH2SgkCD8/CxNqDmpc
1rtLVbrsgT5h6A==
-----END CERTIFICATE-----