Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          FjbuUZh/qWQZnsmHg0bA3l4+C28bYQMhTR//WYyJ+Fs=
Subject key identifier:   6E:B1:B7:E8:15:DF:7D:75:BB:ED:16:56:FD:55:43:5A:BD:69:5F:FE
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       019EBE7F363450F6893D50C20D080193C1F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0D67
Signing time:             Sat 13 Jun 2026 01:01:08 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:08 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:08 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: y+MyLmuE5I43Rulriji8msJkmTlKPL98iu+D5JmNOtQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:36:34:50:f6:89:3d:50:c2:0d:08:01:93:c1:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Jun 13 01:01:08 2026 GMT
            Not After : Jun 14 01:01:08 2026 GMT
        Subject: CN=6eb1b7e815df7d75bbed1656fd55435abd695ffe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:39:ed:24:ff:23:39:af:cd:d5:d0:96:23:9c:
                    44:21:1e:7e:48:5d:d8:e7:2a:0b:73:36:65:ce:ee:
                    85:46:0a:96:9b:cc:e2:d5:92:48:f6:0b:c0:71:6a:
                    fb:50:f4:33:32:45:d4:22:63:da:b4:de:85:03:4d:
                    40:1e:d8:4c:24:a3:1c:f2:3d:aa:2e:1c:c5:a9:ce:
                    9e:6a:c8:59:60:51:2b:41:fb:28:b2:e9:48:d3:84:
                    3a:cf:54:7b:85:41:12:ae:96:8c:36:13:25:92:9c:
                    fa:25:4d:df:e1:2a:90:f4:ef:0a:3f:28:73:5a:6c:
                    f4:47:c1:67:7b:2e:14:ea:e3:1a:db:92:c0:de:f0:
                    6a:7a:fe:2d:75:15:10:09:d4:65:fe:7c:03:4e:b1:
                    24:62:4b:54:fd:cb:f5:3f:db:80:3e:1e:65:f3:29:
                    af:af:ab:07:62:28:64:a3:21:73:0f:ee:4a:4d:b2:
                    73:6b:c3:0c:ee:73:8c:4f:b0:26:61:60:2c:77:16:
                    74:00:01:cc:5f:c3:21:25:81:a8:2c:73:a2:2d:73:
                    30:1d:c8:49:0c:9e:bf:f7:7a:0b:32:e8:78:60:54:
                    69:67:de:95:d9:e9:d8:6e:a7:65:7b:4a:fc:5a:0a:
                    6f:c6:2e:c9:0f:4b:eb:4d:0d:41:80:47:26:f1:b9:
                    df:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:B1:B7:E8:15:DF:7D:75:BB:ED:16:56:FD:55:43:5A:BD:69:5F:FE
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:8a:83:f9:1c:7a:c1:88:a5:20:1c:25:31:20:1a:4e:98:40:
         a9:f8:e3:db:1c:f2:2c:92:8d:7c:e0:df:cc:36:03:de:39:c3:
         7d:df:8c:cc:83:be:47:d6:a5:37:3b:2b:9e:22:7f:76:cf:68:
         81:83:f2:31:35:60:13:95:a3:6f:e1:ed:74:f1:74:d0:f4:6a:
         d0:13:a8:a2:7c:80:e2:1b:33:e0:f4:dd:3a:4c:be:0b:83:5a:
         11:00:07:52:0c:a6:17:cb:7d:c9:c6:c7:08:33:31:87:98:72:
         46:79:c3:a8:13:6c:c0:69:e3:04:95:23:7b:65:71:8f:e8:09:
         c5:95:16:cf:d4:6e:77:ac:a7:48:aa:52:05:47:c4:7d:db:1a:
         77:1f:4d:90:97:a8:a4:d5:f7:4d:a1:cc:9a:af:bb:a2:c1:70:
         cd:28:d8:cd:23:9d:22:6c:20:ca:83:27:5b:49:b0:d7:50:3e:
         ba:0c:46:11:11:3c:ac:70:43:80:a6:e0:4d:83:47:6d:7a:77:
         f2:d8:6d:0e:8d:01:90:8a:cf:8b:b7:7a:08:cf:4e:5c:e7:c5:
         f0:ca:1d:1e:64:ad:0a:0c:90:0c:0b:89:01:6b:43:58:09:a5:
         f0:b3:fe:b6:2c:2b:7d:20:20:62:9b:c3:5e:a9:ec:9c:a5:e4:
         dc:a5:c0:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+fzY0UPaJPVDCDQgBk8HxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjYwNjEzMDEwMTA4WhcNMjYwNjE0MDEwMTA4WjAzMTEwLwYDVQQD
Eyg2ZWIxYjdlODE1ZGY3ZDc1YmJlZDE2NTZmZDU1NDM1YWJkNjk1ZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjntJP8jOa/N1dCWI5xEIR5+SF3Y
5yoLczZlzu6FRgqWm8zi1ZJI9gvAcWr7UPQzMkXUImPatN6FA01AHthMJKMc8j2q
LhzFqc6eashZYFErQfsosulI04Q6z1R7hUESrpaMNhMlkpz6JU3f4SqQ9O8KPyhz
Wmz0R8Fney4U6uMa25LA3vBqev4tdRUQCdRl/nwDTrEkYktU/cv1P9uAPh5l8ymv
r6sHYihkoyFzD+5KTbJza8MM7nOMT7AmYWAsdxZ0AAHMX8MhJYGoLHOiLXMwHchJ
DJ6/93oLMuh4YFRpZ96V2enYbqdle0r8Wgpvxi7JD0vrTQ1BgEcm8bnfowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6xt+gV3311u+0WVv1VQ1q9aV/+MB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEIqD+Rx6
wYilIBwlMSAaTphAqfjj2xzyLJKNfODfzDYD3jnDfd+MzIO+R9alNzsrniJ/ds9o
gYPyMTVgE5Wjb+HtdPF00PRq0BOoonyA4hsz4PTdOky+C4NaEQAHUgymF8t9ycbH
CDMxh5hyRnnDqBNswGnjBJUje2Vxj+gJxZUWz9Rud6ynSKpSBUfEfdsadx9NkJeo
pNX3TaHMmq+7osFwzSjYzSOdImwgyoMnW0mw11A+ugxGERE8rHBDgKbgTYNHbXp3
8thtDo0BkIrPi7d6CM9OXOfF8ModHmStCgyQDAuJAWtDWAml8LP+tiwrfSAgYpvD
XqnsnKXk3KXAMw==
-----END CERTIFICATE-----