Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          iTyM1pETPN5OGHYhvJft0sK202/HmM0rvfRCJBFZ9gg=
Subject key identifier:   9E:78:74:D8:68:32:EC:4C:DB:7F:A1:E3:56:26:C2:5F:81:37:10:A4
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       019EBF5B40F4D16634299C48F146FC5E452E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          1039
Signing time:             Sat 13 Jun 2026 05:01:29 +0000
Manifest this update:     Sat 13 Jun 2026 05:01:29 +0000
Manifest next update:     Sun 14 Jun 2026 05:01:29 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: YMDMRCZcO046EtbOptfJ4IAHofBf4aMl4HPI463JSSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:5b:40:f4:d1:66:34:29:9c:48:f1:46:fc:5e:45:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Jun 13 05:01:29 2026 GMT
            Not After : Jun 14 05:01:29 2026 GMT
        Subject: CN=9e7874d86832ec4cdb7fa1e35626c25f813710a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:f3:d1:3a:61:0e:82:cd:97:48:ee:cf:63:41:
                    ae:b8:9d:ec:7a:77:f4:96:ca:e3:6d:58:d9:8e:a5:
                    31:06:2b:b5:59:be:50:84:fe:3e:1f:99:91:d7:75:
                    32:c9:ea:d1:a7:8e:ca:78:ac:ca:4d:4a:a0:02:54:
                    7b:aa:cc:f9:8e:37:d2:23:69:b6:8a:6c:26:0a:b6:
                    67:1e:82:04:33:24:b1:44:5a:26:b4:c5:fc:3a:0c:
                    d3:fc:5f:e5:72:b0:6f:16:f4:a4:b8:be:6f:d0:d1:
                    6c:0f:45:34:2d:9f:8b:f4:b5:ea:de:80:fd:a1:cb:
                    7c:84:14:ba:60:64:42:a7:9d:01:a7:20:5a:12:63:
                    93:96:2a:34:6b:d9:c6:82:04:87:0a:c8:eb:13:63:
                    3f:3e:6e:e6:63:4b:91:4b:9e:71:f8:fa:83:f0:cb:
                    34:d8:95:b2:93:50:fc:ae:ad:cb:0e:18:0c:9a:c7:
                    0f:fe:00:32:3e:14:e6:39:ef:36:6a:ab:bc:1c:ee:
                    14:8f:b6:5a:51:f6:db:b5:52:63:57:5f:fa:b8:be:
                    c7:01:22:cc:75:05:da:dd:fd:de:1a:58:b4:14:36:
                    f4:dc:4a:8e:3d:08:8a:68:e7:d6:f2:2e:26:b1:09:
                    0a:9f:bb:6f:66:2c:7b:57:a3:75:97:43:52:05:d0:
                    8d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:78:74:D8:68:32:EC:4C:DB:7F:A1:E3:56:26:C2:5F:81:37:10:A4
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:64:4f:92:a9:95:31:a8:84:56:a2:80:e8:89:66:93:99:b0:
         06:bc:f0:ce:c5:73:04:95:2b:20:a6:f3:6f:af:9c:20:14:f3:
         46:60:bf:da:ee:14:15:38:5a:01:f4:91:68:76:fa:55:ed:f6:
         19:5e:10:70:10:0d:c3:d0:6e:0e:1e:33:a8:68:bb:da:86:00:
         75:da:f0:e3:de:27:33:d4:b5:c6:e3:a3:35:0e:c9:90:09:73:
         f2:6a:62:5c:ce:60:a1:46:b2:fc:26:e4:21:3f:ee:4b:1e:63:
         6b:0f:6c:7b:ae:62:9a:7d:f4:0c:f7:cb:8a:b6:4b:f3:50:0a:
         14:a2:af:ed:e1:a4:56:93:c8:49:c6:c8:1f:78:30:24:8d:5b:
         e9:7c:79:60:7d:60:ae:d0:62:fd:30:43:59:9f:b9:1e:37:64:
         9f:b3:10:08:ad:fc:ec:11:4c:10:9f:31:dd:19:75:1d:55:a4:
         19:da:6e:c5:45:f0:01:e9:73:cf:8a:6b:6a:45:1c:1b:53:23:
         ce:0d:f0:1d:4f:f2:32:a0:af:31:d6:e9:1b:b6:74:f0:18:4a:
         a2:5b:98:6b:16:c9:cf:e5:ad:c6:fc:2a:df:18:98:3d:44:a9:
         d6:42:e1:ff:d3:eb:e5:05:23:d5:2a:9c:94:f5:ae:4e:96:17:
         0c:f6:83:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/W0D00WY0KZxI8Ub8XkUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjYwNjEzMDUwMTI5WhcNMjYwNjE0MDUwMTI5WjAzMTEwLwYDVQQD
Eyg5ZTc4NzRkODY4MzJlYzRjZGI3ZmExZTM1NjI2YzI1ZjgxMzcxMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9fPROmEOgs2XSO7PY0GuuJ3senf0
lsrjbVjZjqUxBiu1Wb5QhP4+H5mR13UyyerRp47KeKzKTUqgAlR7qsz5jjfSI2m2
imwmCrZnHoIEMySxRFomtMX8OgzT/F/lcrBvFvSkuL5v0NFsD0U0LZ+L9LXq3oD9
oct8hBS6YGRCp50BpyBaEmOTlio0a9nGggSHCsjrE2M/Pm7mY0uRS55x+PqD8Ms0
2JWyk1D8rq3LDhgMmscP/gAyPhTmOe82aqu8HO4Uj7ZaUfbbtVJjV1/6uL7HASLM
dQXa3f3eGli0FDb03EqOPQiKaOfW8i4msQkKn7tvZix7V6N1l0NSBdCNTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ54dNhoMuxM23+h41Ymwl+BNxCkMB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVWRPkqmV
MaiEVqKA6Ilmk5mwBrzwzsVzBJUrIKbzb6+cIBTzRmC/2u4UFThaAfSRaHb6Ve32
GV4QcBANw9BuDh4zqGi72oYAddrw494nM9S1xuOjNQ7JkAlz8mpiXM5goUay/Cbk
IT/uSx5jaw9se65imn30DPfLirZL81AKFKKv7eGkVpPIScbIH3gwJI1b6Xx5YH1g
rtBi/TBDWZ+5Hjdkn7MQCK387BFMEJ8x3Rl1HVWkGdpuxUXwAelzz4prakUcG1Mj
zg3wHU/yMqCvMdbpG7Z08BhKoluYaxbJz+Wtxvwq3xiYPUSp1kLh/9Pr5QUj1Sqc
lPWuTpYXDPaD3Q==
-----END CERTIFICATE-----