Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          myuowS7208cHrijnCS43leQu7ZJTQJGFktdHjKkvVV0=
Subject key identifier:   7A:68:4E:61:1A:18:9B:86:78:33:8F:1E:77:55:45:83:04:2E:60:18
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       019EBFC865CE8F808EC62C4245D48D0668FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          0A4E
Signing time:             Sat 13 Jun 2026 07:00:41 +0000
Manifest this update:     Sat 13 Jun 2026 07:00:41 +0000
Manifest next update:     Sun 14 Jun 2026 07:00:41 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: sy6vfQZ6kAkFMaY67du4sgb3humArJ5gL6yisglvgdo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:c8:65:ce:8f:80:8e:c6:2c:42:45:d4:8d:06:68:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: Jun 13 07:00:41 2026 GMT
            Not After : Jun 14 07:00:41 2026 GMT
        Subject: CN=7a684e611a189b8678338f1e77554583042e6018
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:1e:2d:be:17:d1:88:9b:e9:8d:32:3c:dd:e0:
                    52:41:11:12:90:ad:fb:c5:9f:59:d5:ef:fb:18:01:
                    cb:00:b1:6f:d8:ce:8c:bc:a4:f6:03:ed:22:0e:6f:
                    36:f1:ef:0e:dd:7c:4b:10:de:86:81:e0:ed:b0:a5:
                    92:60:fa:6c:22:3b:71:c2:7a:73:b0:42:88:11:20:
                    9b:ac:cc:6b:23:2b:6c:53:3c:57:3b:43:ea:39:79:
                    f8:7e:71:49:4c:7c:d3:5a:e3:ee:76:85:47:33:29:
                    4d:e6:80:db:2c:95:f8:fa:13:79:52:31:59:1d:33:
                    e2:be:a3:e7:76:f9:1f:fd:e7:70:35:89:27:34:19:
                    f2:a8:d8:57:4b:05:bd:5f:6f:1e:03:2f:47:d5:5d:
                    23:a8:d5:82:61:8a:e5:bb:1e:9a:6c:a1:9c:a0:25:
                    e3:00:56:24:91:3d:99:33:3f:b9:af:47:1e:f4:36:
                    50:1d:56:77:70:83:a5:32:05:55:7d:d3:ba:12:d3:
                    62:04:64:9b:b9:97:90:ca:91:27:d2:29:b0:4b:f1:
                    d4:d6:69:13:0a:d9:9b:90:1d:34:e9:25:cb:14:05:
                    1c:3b:60:83:01:06:7c:d4:52:a1:45:b2:b8:bf:55:
                    14:80:bf:0e:77:b3:b5:94:1c:c7:52:50:c6:c2:09:
                    c2:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:68:4E:61:1A:18:9B:86:78:33:8F:1E:77:55:45:83:04:2E:60:18
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:09:bf:65:9b:0a:ef:f4:bb:75:9e:5c:dd:10:56:27:e4:80:
         f2:e3:49:81:f0:12:59:ff:80:87:c3:43:c6:42:2c:2f:77:03:
         7a:88:af:cc:76:83:95:d4:6f:8d:b3:40:34:e7:5a:67:3b:c4:
         f7:84:ca:e5:08:20:9e:a4:60:74:b2:78:36:a3:6a:24:d0:da:
         f2:e1:fb:ae:90:c6:b4:85:10:05:76:25:e3:da:3f:77:17:d7:
         d6:8f:d8:68:33:6e:df:a6:91:fb:c2:60:f0:bd:95:f5:6f:be:
         0f:c9:b7:fd:62:d3:43:e0:93:eb:ed:69:fc:13:c5:69:7a:95:
         f5:57:8c:17:f8:38:38:79:a5:1f:98:bc:5b:79:92:96:f4:68:
         0a:de:26:81:a4:03:aa:05:23:b7:58:9a:f5:b8:65:c1:13:0a:
         72:4c:dd:bc:14:bc:36:61:03:52:bb:b7:f7:1a:60:66:53:b3:
         b7:46:93:6c:ff:19:24:cb:13:a7:e9:b2:ad:a2:98:37:5e:0e:
         9e:81:3d:62:c3:0a:ff:43:bd:37:df:8f:8b:07:3b:79:a0:2e:
         f1:a0:6d:eb:87:c6:1e:f2:28:28:59:b0:7f:97:68:62:7c:a4:
         00:7a:e6:d3:f1:b2:f7:e2:5f:b0:bf:42:83:37:b1:b5:1f:92:
         ae:e7:37:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/yGXOj4COxixCRdSNBmj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjYwNjEzMDcwMDQxWhcNMjYwNjE0MDcwMDQxWjAzMTEwLwYDVQQD
Eyg3YTY4NGU2MTFhMTg5Yjg2NzgzMzhmMWU3NzU1NDU4MzA0MmU2MDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR4tvhfRiJvpjTI83eBSQRESkK37
xZ9Z1e/7GAHLALFv2M6MvKT2A+0iDm828e8O3XxLEN6GgeDtsKWSYPpsIjtxwnpz
sEKIESCbrMxrIytsUzxXO0PqOXn4fnFJTHzTWuPudoVHMylN5oDbLJX4+hN5UjFZ
HTPivqPndvkf/edwNYknNBnyqNhXSwW9X28eAy9H1V0jqNWCYYrlux6abKGcoCXj
AFYkkT2ZMz+5r0ce9DZQHVZ3cIOlMgVVfdO6EtNiBGSbuZeQypEn0imwS/HU1mkT
CtmbkB006SXLFAUcO2CDAQZ81FKhRbK4v1UUgL8Od7O1lBzHUlDGwgnC2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHpoTmEaGJuGeDOPHndVRYMELmAYMB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOgm/ZZsK
7/S7dZ5c3RBWJ+SA8uNJgfASWf+Ah8NDxkIsL3cDeoivzHaDldRvjbNANOdaZzvE
94TK5QggnqRgdLJ4NqNqJNDa8uH7rpDGtIUQBXYl49o/dxfX1o/YaDNu36aR+8Jg
8L2V9W++D8m3/WLTQ+CT6+1p/BPFaXqV9VeMF/g4OHmlH5i8W3mSlvRoCt4mgaQD
qgUjt1ia9bhlwRMKckzdvBS8NmEDUru39xpgZlOzt0aTbP8ZJMsTp+myraKYN14O
noE9YsMK/0O9N9+Piwc7eaAu8aBt64fGHvIoKFmwf5doYnykAHrm0/Gy9+JfsL9C
gzextR+Sruc35Q==
-----END CERTIFICATE-----