Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
File:                     A2hHspcjX68HFob-0sHpEL9gBIY.mft (raw, json)
Hash identifier:          WwdRQjhhAX8gToa3IwtZHuMx8pGTFK4Gj8IDvemQAAc=
Subject key identifier:   23:3F:66:84:3D:04:B5:8E:4D:17:50:B7:24:86:5E:37:CF:B9:43:07
Authority key identifier: 03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86
Certificate issuer:       /CN=036847b297235faf071686fed2c1e910bf600486
Certificate serial:       019EC06E4B2F31CD54D3C714C28A546B652A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
Manifest number:          15EA
Signing time:             Sat 13 Jun 2026 10:01:54 +0000
Manifest this update:     Sat 13 Jun 2026 10:01:54 +0000
Manifest next update:     Sun 14 Jun 2026 10:01:54 +0000
Files and hashes:         1: A2hHspcjX68HFob-0sHpEL9gBIY.crl (hash: m8B6/PoqiTo5wRUMN8hSwQogSOsQma/5KAe4ibeo8Jw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6e:4b:2f:31:cd:54:d3:c7:14:c2:8a:54:6b:65:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036847b297235faf071686fed2c1e910bf600486
        Validity
            Not Before: Jun 13 10:01:54 2026 GMT
            Not After : Jun 14 10:01:54 2026 GMT
        Subject: CN=233f66843d04b58e4d1750b724865e37cfb94307
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:80:08:06:00:e6:76:a6:d8:3e:7e:60:31:d6:
                    25:f4:0b:b5:9d:04:fe:ab:5d:78:25:34:16:07:e9:
                    4e:e2:df:56:61:38:67:90:98:65:6e:30:96:e0:0d:
                    24:b8:65:4b:85:6d:c1:11:c9:83:39:c5:bc:5f:08:
                    ac:fe:89:11:d1:a2:27:1f:97:f7:2a:68:1d:3d:37:
                    c1:7b:98:87:2f:14:83:46:60:6c:84:b4:0b:7b:81:
                    3f:c1:8f:2b:5c:a9:cd:a6:27:12:89:8a:e6:9a:6d:
                    92:61:b4:cd:03:6e:ca:8b:55:76:e7:79:20:80:e2:
                    ab:74:cd:f3:a9:90:19:26:72:6a:a0:bf:ad:24:01:
                    f5:2d:2d:ba:c2:38:06:29:81:88:e2:e6:09:2b:85:
                    bc:57:99:be:ff:f7:8e:42:11:52:86:d0:84:cd:db:
                    2c:8c:f9:3c:99:58:cd:e8:3a:32:69:a9:8c:ab:0c:
                    71:c7:e8:f3:62:c1:71:49:c4:89:02:fc:5a:c6:3f:
                    75:91:10:ee:89:0f:7d:17:e4:31:ff:bb:42:ee:87:
                    53:a1:19:ba:a0:11:86:ab:58:b0:b1:42:92:cc:fb:
                    0a:9b:04:cf:57:ca:39:d9:97:ec:f5:35:19:ae:9c:
                    14:62:e3:a6:c8:93:67:e2:06:c5:20:ae:bd:93:3c:
                    bc:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:3F:66:84:3D:04:B5:8E:4D:17:50:B7:24:86:5E:37:CF:B9:43:07
            X509v3 Authority Key Identifier:
                keyid:03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:6b:d0:d9:fe:2a:7f:4c:51:a1:98:a6:d1:9d:d3:7c:5a:fd:
         63:46:60:9e:9e:b1:0e:7e:10:fd:5a:6d:02:be:22:26:44:1d:
         1a:d9:6f:f4:21:2d:67:1f:fa:85:72:63:e6:8b:28:92:a3:23:
         40:e4:81:35:55:5c:c3:c5:6f:0e:a3:d0:5e:96:e7:fb:b6:fa:
         f1:85:cc:d4:6a:7b:8e:2c:81:0a:99:15:c7:cf:11:00:98:1b:
         96:08:7f:b1:ca:81:1d:d5:0c:6e:f3:18:38:00:c1:e5:f4:82:
         d4:82:35:92:06:32:45:56:f1:b9:46:a1:67:03:cd:f3:3f:65:
         5c:db:71:48:fe:90:0a:22:16:4b:58:a6:95:eb:69:1c:5b:24:
         bf:88:0f:49:a4:aa:ea:02:a0:60:77:d7:98:57:9c:14:cc:f7:
         01:4a:0a:30:61:b4:9e:c3:4e:af:50:e9:36:db:5d:08:6a:87:
         25:1b:9e:67:0f:8d:41:60:68:6f:ff:58:e9:45:7f:1d:c8:fd:
         5d:41:38:a1:0e:cb:36:3e:1f:50:6a:df:b3:44:17:c2:d0:72:
         dd:ae:3d:93:98:6a:00:f0:21:65:4e:c7:3a:dc:ee:95:77:94:
         43:c8:2b:d6:a6:f9:b4:30:d9:1c:5f:80:c1:79:89:4d:bd:8f:
         81:56:1b:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbksvMc1U08cUwopUa2UqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjg0N2IyOTcyMzVmYWYwNzE2ODZmZWQyYzFlOTEwYmY2
MDA0ODYwHhcNMjYwNjEzMTAwMTU0WhcNMjYwNjE0MTAwMTU0WjAzMTEwLwYDVQQD
EygyMzNmNjY4NDNkMDRiNThlNGQxNzUwYjcyNDg2NWUzN2NmYjk0MzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoAIBgDmdqbYPn5gMdYl9Au1nQT+
q114JTQWB+lO4t9WYThnkJhlbjCW4A0kuGVLhW3BEcmDOcW8Xwis/okR0aInH5f3
KmgdPTfBe5iHLxSDRmBshLQLe4E/wY8rXKnNpicSiYrmmm2SYbTNA27Ki1V253kg
gOKrdM3zqZAZJnJqoL+tJAH1LS26wjgGKYGI4uYJK4W8V5m+//eOQhFShtCEzdss
jPk8mVjN6DoyaamMqwxxx+jzYsFxScSJAvxaxj91kRDuiQ99F+Qx/7tC7odToRm6
oBGGq1iwsUKSzPsKmwTPV8o52Zfs9TUZrpwUYuOmyJNn4gbFIK69kzy8cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCM/ZoQ9BLWOTRdQtySGXjfPuUMHMB8GA1UdIwQY
MBaAFANoR7KXI1+vBxaG/tLB6RC/YASGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjIt
YmRkNzMyOGU5NGNiLzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjItYmRkNzMyOGU5NGNi
LzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjGvQ2f4q
f0xRoZim0Z3TfFr9Y0Zgnp6xDn4Q/VptAr4iJkQdGtlv9CEtZx/6hXJj5osokqMj
QOSBNVVcw8VvDqPQXpbn+7b68YXM1Gp7jiyBCpkVx88RAJgblgh/scqBHdUMbvMY
OADB5fSC1II1kgYyRVbxuUahZwPN8z9lXNtxSP6QCiIWS1imletpHFskv4gPSaSq
6gKgYHfXmFecFMz3AUoKMGG0nsNOr1DpNttdCGqHJRueZw+NQWBob/9Y6UV/Hcj9
XUE4oQ7LNj4fUGrfs0QXwtBy3a49k5hqAPAhZU7HOtzulXeUQ8gr1qb5tDDZHF+A
wXmJTb2PgVYbmw==
-----END CERTIFICATE-----