Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          Lv+o+Z3jtjwbJ4rLDeuEgTCEPkswjobwclk5YyK5JWw=
Subject key identifier:   84:B9:74:73:D7:E9:64:96:43:6E:22:86:5B:26:CC:D9:1F:97:5C:37
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       019EBFFF699FAAC02D298E93D4C9FCCFE9C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          0833
Signing time:             Sat 13 Jun 2026 08:00:47 +0000
Manifest this update:     Sat 13 Jun 2026 08:00:47 +0000
Manifest next update:     Sun 14 Jun 2026 08:00:47 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: Hzr1n5EvfiRLWXtG0QzYpKlkq/5G7jn9XfzDnK2DYPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:ff:69:9f:aa:c0:2d:29:8e:93:d4:c9:fc:cf:e9:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Jun 13 08:00:47 2026 GMT
            Not After : Jun 14 08:00:47 2026 GMT
        Subject: CN=84b97473d7e96496436e22865b26ccd91f975c37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:b7:9f:fa:a2:ce:b1:57:81:29:2c:ff:81:56:
                    df:42:f1:ef:ea:31:1d:5e:8a:11:46:f2:bc:4a:c9:
                    5e:77:0f:96:0e:53:7c:4c:17:de:fc:c8:1d:71:0d:
                    ee:63:77:cf:45:6e:a5:00:27:15:10:9b:c8:6f:7a:
                    79:8a:6f:46:01:4d:76:36:3d:54:71:ba:0f:c0:a7:
                    f1:8b:e1:18:01:ab:34:54:ad:59:de:04:f4:8c:03:
                    75:20:1c:ff:c0:f0:44:d4:8c:8a:23:53:64:96:35:
                    d7:cf:77:21:3f:64:ef:15:86:fb:de:6b:eb:0b:fb:
                    20:4e:fd:7b:30:3a:fa:93:fd:62:eb:d8:88:e5:37:
                    2c:ab:b5:a2:ad:1f:c7:57:7f:d6:bf:46:46:ca:40:
                    c7:d4:93:09:be:f6:d1:b6:47:c9:84:49:28:44:08:
                    6e:5f:c2:ec:82:90:cf:58:69:f3:26:06:f4:70:69:
                    e2:cd:87:2b:be:9d:79:b8:3b:c1:0c:5a:d1:79:1a:
                    1d:4d:da:eb:9c:43:2e:36:95:52:9b:0e:5c:19:a2:
                    21:c0:94:d6:e6:b0:4f:d1:77:fe:77:b7:86:7e:12:
                    5e:69:87:1b:52:66:77:89:ff:3c:1d:f7:2c:f6:29:
                    07:35:f0:84:a1:5f:8f:fc:ad:1b:69:88:55:80:e9:
                    4a:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:B9:74:73:D7:E9:64:96:43:6E:22:86:5B:26:CC:D9:1F:97:5C:37
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:3e:df:a2:0e:a8:7e:6b:23:25:60:23:d9:7c:5e:f1:e9:d3:
         3a:00:b0:92:e3:3c:21:b9:04:c1:77:9c:5c:ad:dd:ac:9a:0c:
         51:ae:f8:8a:6a:f9:a1:97:dc:06:f5:9a:41:bc:81:48:0c:b8:
         22:f0:0e:63:8a:5d:c2:50:93:4b:06:4b:c0:33:92:ce:b1:05:
         c3:49:60:31:93:2e:b5:45:60:35:c0:77:df:cb:b7:73:6e:a9:
         24:28:88:c6:50:16:bc:5e:49:ec:ea:b4:ee:3e:92:99:77:96:
         38:d0:c2:4a:3d:f6:aa:18:6e:f5:4a:cb:50:c0:a1:46:cd:c1:
         68:01:53:af:e4:08:09:be:d6:9b:c6:af:db:08:61:da:8d:90:
         cd:26:7a:3f:01:d3:50:95:a6:ae:be:d2:c9:d4:04:62:6f:ed:
         a8:2f:f5:ef:3c:93:3b:eb:a0:9d:43:fb:ac:b3:74:85:1d:22:
         ae:d5:ca:50:10:7c:0e:f7:87:05:72:7c:8a:2a:37:93:05:4b:
         9e:3d:16:41:c0:72:4c:9b:ce:f0:49:e9:fd:c8:6e:10:a3:d0:
         72:4b:ec:05:fe:16:37:64:96:7e:c4:29:ad:11:73:44:e5:27:
         60:89:9a:6f:23:4f:04:09:0a:af:8e:cd:1c:3a:8c:20:2e:cb:
         fa:ca:a2:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6//2mfqsAtKY6T1Mn8z+nDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjYwNjEzMDgwMDQ3WhcNMjYwNjE0MDgwMDQ3WjAzMTEwLwYDVQQD
Eyg4NGI5NzQ3M2Q3ZTk2NDk2NDM2ZTIyODY1YjI2Y2NkOTFmOTc1YzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhref+qLOsVeBKSz/gVbfQvHv6jEd
XooRRvK8Ssledw+WDlN8TBfe/MgdcQ3uY3fPRW6lACcVEJvIb3p5im9GAU12Nj1U
cboPwKfxi+EYAas0VK1Z3gT0jAN1IBz/wPBE1IyKI1NkljXXz3chP2TvFYb73mvr
C/sgTv17MDr6k/1i69iI5Tcsq7WirR/HV3/Wv0ZGykDH1JMJvvbRtkfJhEkoRAhu
X8LsgpDPWGnzJgb0cGnizYcrvp15uDvBDFrReRodTdrrnEMuNpVSmw5cGaIhwJTW
5rBP0Xf+d7eGfhJeaYcbUmZ3if88Hfcs9ikHNfCEoV+P/K0baYhVgOlKxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIS5dHPX6WSWQ24ihlsmzNkfl1w3MB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXT7fog6o
fmsjJWAj2Xxe8enTOgCwkuM8IbkEwXecXK3drJoMUa74imr5oZfcBvWaQbyBSAy4
IvAOY4pdwlCTSwZLwDOSzrEFw0lgMZMutUVgNcB338u3c26pJCiIxlAWvF5J7Oq0
7j6SmXeWONDCSj32qhhu9UrLUMChRs3BaAFTr+QICb7Wm8av2whh2o2QzSZ6PwHT
UJWmrr7SydQEYm/tqC/17zyTO+ugnUP7rLN0hR0irtXKUBB8DveHBXJ8iio3kwVL
nj0WQcByTJvO8Enp/chuEKPQckvsBf4WN2SWfsQprRFzROUnYImabyNPBAkKr47N
HDqMIC7L+sqieQ==
-----END CERTIFICATE-----