Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
File:                     4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft (raw, json)
Hash identifier:          /dRQrDUFTkVlN4Tn9NMYXU3HYYHT1ib5/BTEcULrPRc=
Subject key identifier:   9C:9F:38:92:38:93:DB:16:DD:CD:B3:3F:7B:E1:11:49:53:8B:BC:81
Authority key identifier: E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60
Certificate issuer:       /CN=e33779b8388d001fdcbddc48ace227f009850660
Certificate serial:       019EC06DECC997A17D14227DA947AEDFCC93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
Manifest number:          1955
Signing time:             Sat 13 Jun 2026 10:01:29 +0000
Manifest this update:     Sat 13 Jun 2026 10:01:29 +0000
Manifest next update:     Sun 14 Jun 2026 10:01:29 +0000
Files and hashes:         1: 4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl (hash: zgvM5Isij9CHsghcHC+eIHLDrBstZDxqzRTle3FwJWg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6d:ec:c9:97:a1:7d:14:22:7d:a9:47:ae:df:cc:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e33779b8388d001fdcbddc48ace227f009850660
        Validity
            Not Before: Jun 13 10:01:29 2026 GMT
            Not After : Jun 14 10:01:29 2026 GMT
        Subject: CN=9c9f38923893db16ddcdb33f7be11149538bbc81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:3e:12:31:22:08:c1:f2:b8:ea:c7:7c:32:ff:
                    86:b9:53:30:f7:f1:14:a4:20:bf:d7:1e:02:35:fa:
                    98:95:2b:e2:0d:a0:fe:2b:ed:59:e5:c8:67:70:75:
                    1f:70:ed:fa:dc:60:ca:44:bf:8b:0b:87:a0:94:88:
                    a3:13:4d:f3:e1:6a:e4:34:1c:cb:24:04:91:f8:c0:
                    fc:51:83:0c:5c:06:e6:dd:3f:f7:b7:74:f3:85:07:
                    9e:b3:91:90:71:e8:05:34:5e:ce:6f:17:d9:71:82:
                    b2:b5:28:3a:e5:1a:2a:f4:b3:1e:db:ed:37:66:a6:
                    de:72:25:6d:97:a8:33:70:32:12:3f:c6:1d:cf:22:
                    0e:4b:be:62:06:a8:14:d3:dc:d1:e6:7f:9a:a7:ee:
                    0d:86:0e:e0:34:c0:dc:60:b7:a0:f1:7a:af:fb:ef:
                    f0:af:06:84:ef:bf:52:1c:3e:f3:93:12:f8:4b:4e:
                    ae:63:6a:e0:fa:44:24:83:db:85:6e:1b:aa:d7:99:
                    bb:0a:bb:95:e0:0b:55:24:1f:de:5c:1e:fe:54:6f:
                    98:64:44:42:d7:33:47:0b:1a:7a:0b:2c:5e:97:36:
                    37:fa:7b:c5:a0:20:9c:72:0b:bb:a9:f4:0f:0d:db:
                    c9:3e:87:ff:6e:7c:2d:27:f3:db:ba:19:ca:18:df:
                    6c:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:9F:38:92:38:93:DB:16:DD:CD:B3:3F:7B:E1:11:49:53:8B:BC:81
            X509v3 Authority Key Identifier:
                keyid:E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:ef:8a:29:26:77:2b:70:21:3a:b4:92:7b:55:d7:fd:2f:87:
         57:09:d5:47:04:90:98:6b:f4:62:8d:f9:2e:ea:bc:71:cf:12:
         a1:ee:de:70:37:82:1b:6a:53:4c:94:49:b0:de:07:86:bd:14:
         2e:18:a4:d3:d7:a8:d9:ef:f0:df:2d:a2:ca:7f:a4:6d:bd:f7:
         77:f3:2d:39:17:2a:bb:70:0d:b8:9b:1e:9c:74:6a:78:3b:ff:
         16:46:73:00:be:fd:41:01:0a:ae:a2:39:05:20:01:c4:99:f3:
         d9:63:93:a6:b4:10:28:2c:99:a4:6f:55:75:79:3d:3b:72:cf:
         e7:e4:c9:10:45:dc:ae:7e:0b:1f:e6:5e:d9:bd:e0:f5:44:dd:
         18:55:8f:2f:a1:49:1f:2a:9a:c8:b1:3e:81:31:22:76:37:ef:
         a1:ee:ae:a8:48:e4:39:99:a4:c7:17:47:32:c6:f2:6d:03:e3:
         98:53:5d:fe:43:c5:80:26:7a:b6:54:68:a4:52:ca:6b:a8:18:
         74:56:1b:e1:14:91:5b:19:fa:d2:0d:28:11:7d:55:93:3a:d8:
         e0:e1:41:59:19:57:d4:c2:13:c5:ef:bb:db:a4:2f:30:56:8d:
         cb:e9:8d:5a:dc:c2:7e:a4:e2:c4:d5:7f:3a:18:45:6d:bd:cc:
         b1:ea:f5:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbezJl6F9FCJ9qUeu38yTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzc3OWI4Mzg4ZDAwMWZkY2JkZGM0OGFjZTIyN2YwMDk4
NTA2NjAwHhcNMjYwNjEzMTAwMTI5WhcNMjYwNjE0MTAwMTI5WjAzMTEwLwYDVQQD
Eyg5YzlmMzg5MjM4OTNkYjE2ZGRjZGIzM2Y3YmUxMTE0OTUzOGJiYzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnD4SMSIIwfK46sd8Mv+GuVMw9/EU
pCC/1x4CNfqYlSviDaD+K+1Z5chncHUfcO363GDKRL+LC4eglIijE03z4WrkNBzL
JASR+MD8UYMMXAbm3T/3t3TzhQees5GQcegFNF7ObxfZcYKytSg65Roq9LMe2+03
ZqbeciVtl6gzcDISP8YdzyIOS75iBqgU09zR5n+ap+4Nhg7gNMDcYLeg8Xqv++/w
rwaE779SHD7zkxL4S06uY2rg+kQkg9uFbhuq15m7CruV4AtVJB/eXB7+VG+YZERC
1zNHCxp6CyxelzY3+nvFoCCccgu7qfQPDdvJPof/bnwtJ/PbuhnKGN9sowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyfOJI4k9sW3c2zP3vhEUlTi7yBMB8GA1UdIwQY
MBaAFOM3ebg4jQAf3L3cSKziJ/AJhQZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTIt
ZjI5NGQzYjEyY2ZkLzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTItZjI5NGQzYjEyY2Zk
LzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACO+KKSZ3
K3AhOrSSe1XX/S+HVwnVRwSQmGv0Yo35Luq8cc8Soe7ecDeCG2pTTJRJsN4Hhr0U
Lhik09eo2e/w3y2iyn+kbb33d/MtORcqu3ANuJsenHRqeDv/FkZzAL79QQEKrqI5
BSABxJnz2WOTprQQKCyZpG9VdXk9O3LP5+TJEEXcrn4LH+Ze2b3g9UTdGFWPL6FJ
HyqayLE+gTEidjfvoe6uqEjkOZmkxxdHMsbybQPjmFNd/kPFgCZ6tlRopFLKa6gY
dFYb4RSRWxn60g0oEX1VkzrY4OFBWRlX1MITxe+726QvMFaNy+mNWtzCfqTixNV/
OhhFbb3Mser1vg==
-----END CERTIFICATE-----