Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
File:                     8QMX8k1xpRbXUEO-kPWr4_ocklk.mft (raw, json)
Hash identifier:          4w/UXItPIrj1/IfG3D1BbDVngVLscLptx2QDTElhxSM=
Subject key identifier:   0F:EC:08:05:15:8B:0B:7A:15:B4:BC:B3:83:37:0E:2D:EF:6A:2C:C2
Authority key identifier: F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59
Certificate issuer:       /CN=f10317f24d71a516d75043be90f5abe3fa1c9259
Certificate serial:       019EBEEC8B0ED3D6CAA84E98872813CF68C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
Manifest number:          150D
Signing time:             Sat 13 Jun 2026 03:00:33 +0000
Manifest this update:     Sat 13 Jun 2026 03:00:33 +0000
Manifest next update:     Sun 14 Jun 2026 03:00:33 +0000
Files and hashes:         1: 8QMX8k1xpRbXUEO-kPWr4_ocklk.crl (hash: HF4QCjNMyR3N0EKMPOucny3v0VdQ/6tVikNz66dzaQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:ec:8b:0e:d3:d6:ca:a8:4e:98:87:28:13:cf:68:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f10317f24d71a516d75043be90f5abe3fa1c9259
        Validity
            Not Before: Jun 13 03:00:33 2026 GMT
            Not After : Jun 14 03:00:33 2026 GMT
        Subject: CN=0fec0805158b0b7a15b4bcb383370e2def6a2cc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:57:78:7c:15:16:c8:eb:ab:36:51:21:88:1e:
                    07:72:75:1c:b2:91:26:67:29:ce:0e:66:a6:96:a3:
                    87:3d:10:3c:6a:ea:3b:1c:d3:ac:6f:3e:6e:b4:2d:
                    51:f1:28:16:e8:1f:c2:7d:9e:e3:23:f8:15:1e:e1:
                    19:e8:9c:58:d5:ae:d2:23:6f:92:84:a5:eb:76:7e:
                    46:dd:fd:83:23:42:81:49:61:02:94:54:f3:1c:b1:
                    b0:d3:fa:81:20:6a:56:23:35:b8:7e:56:e6:dc:4e:
                    c5:98:96:67:f0:0a:18:5a:21:0e:80:27:e8:10:a5:
                    ea:50:e4:96:26:8d:de:ad:b2:11:1f:01:f3:fc:6f:
                    1c:aa:82:69:4b:bd:64:f7:cc:37:d6:bb:de:d6:24:
                    98:6c:8b:ff:c8:d8:81:e5:91:80:8e:48:a6:49:79:
                    53:8a:38:c8:46:60:02:e2:55:7d:61:18:5e:ae:26:
                    f4:b1:4d:cb:fe:bd:45:7d:c3:aa:6f:89:a5:0a:fb:
                    3e:50:bf:dd:8c:0f:fb:28:2b:c1:13:ba:79:86:4f:
                    71:a8:c8:f1:5b:bb:f6:a3:75:d6:27:9b:25:85:eb:
                    9c:e1:ca:dd:d4:d2:42:df:88:ab:b4:93:09:de:a4:
                    ea:53:64:0d:4b:e0:b6:5b:95:63:06:0c:56:ab:f1:
                    d4:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:EC:08:05:15:8B:0B:7A:15:B4:BC:B3:83:37:0E:2D:EF:6A:2C:C2
            X509v3 Authority Key Identifier:
                keyid:F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:c5:42:3d:bc:8c:b4:2e:99:8f:d3:95:42:e5:7a:f4:01:87:
         d4:e0:fd:02:39:40:94:73:7a:33:5e:f8:19:ca:d0:ad:67:47:
         4e:b0:2d:d1:6f:20:9b:c1:59:47:a5:5d:69:79:77:6a:17:50:
         dd:12:e6:9c:a5:2b:01:09:c1:ac:93:68:c2:61:97:7f:c3:4f:
         3f:39:dc:27:c2:5a:36:05:41:fb:83:72:7b:6e:51:6d:bd:66:
         bf:34:38:18:40:01:b8:4b:a2:60:e1:8a:64:81:06:34:f3:6c:
         4b:24:dc:50:08:59:51:15:53:7e:9f:33:a6:7d:44:a2:aa:d6:
         6d:b9:f9:dd:b3:e2:29:1b:ec:af:f3:e3:70:55:19:09:3f:f3:
         23:a2:e3:27:59:fa:5d:40:47:ae:6a:0c:01:30:f0:0f:ef:01:
         04:17:6e:cc:46:07:a2:f2:91:3c:c8:01:62:fe:c1:20:13:6f:
         cc:ab:ae:e3:b1:96:fa:9a:a8:0f:22:b5:e7:11:e7:ce:b3:4f:
         f4:49:78:f1:32:4a:31:31:4e:8d:c3:a8:5b:bd:e9:10:39:b2:
         e7:4f:32:aa:35:c8:9b:56:ca:24:d5:ac:b4:44:32:87:2e:8e:
         9d:37:1a:bb:67:c5:58:3f:da:25:2e:c5:0a:65:14:03:d0:d1:
         37:2f:f3:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+7IsO09bKqE6YhygTz2jBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMDMxN2YyNGQ3MWE1MTZkNzUwNDNiZTkwZjVhYmUzZmEx
YzkyNTkwHhcNMjYwNjEzMDMwMDMzWhcNMjYwNjE0MDMwMDMzWjAzMTEwLwYDVQQD
EygwZmVjMDgwNTE1OGIwYjdhMTViNGJjYjM4MzM3MGUyZGVmNmEyY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFd4fBUWyOurNlEhiB4HcnUcspEm
ZynODmamlqOHPRA8auo7HNOsbz5utC1R8SgW6B/CfZ7jI/gVHuEZ6JxY1a7SI2+S
hKXrdn5G3f2DI0KBSWEClFTzHLGw0/qBIGpWIzW4flbm3E7FmJZn8AoYWiEOgCfo
EKXqUOSWJo3erbIRHwHz/G8cqoJpS71k98w31rve1iSYbIv/yNiB5ZGAjkimSXlT
ijjIRmAC4lV9YRherib0sU3L/r1FfcOqb4mlCvs+UL/djA/7KCvBE7p5hk9xqMjx
W7v2o3XWJ5slheuc4crd1NJC34irtJMJ3qTqU2QNS+C2W5VjBgxWq/HUewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/sCAUViwt6FbS8s4M3Di3vaizCMB8GA1UdIwQY
MBaAFPEDF/JNcaUW11BDvpD1q+P6HJJZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMt
NjZkNDlkZjUzZWYxLzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMtNjZkNDlkZjUzZWYx
LzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADMVCPbyM
tC6Zj9OVQuV69AGH1OD9AjlAlHN6M174GcrQrWdHTrAt0W8gm8FZR6VdaXl3ahdQ
3RLmnKUrAQnBrJNowmGXf8NPPzncJ8JaNgVB+4Nye25Rbb1mvzQ4GEABuEuiYOGK
ZIEGNPNsSyTcUAhZURVTfp8zpn1EoqrWbbn53bPiKRvsr/PjcFUZCT/zI6LjJ1n6
XUBHrmoMATDwD+8BBBduzEYHovKRPMgBYv7BIBNvzKuu47GW+pqoDyK15xHnzrNP
9El48TJKMTFOjcOoW73pEDmy508yqjXIm1bKJNWstEQyhy6OnTcau2fFWD/aJS7F
CmUUA9DRNy/zOA==
-----END CERTIFICATE-----