Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          Nq0EFE5EcWn2/zZGrfBHscP9G+BDmm6RMqyFr/8uizk=
Subject key identifier:   5A:59:CA:83:12:89:36:C8:E0:B2:0A:5A:E2:AA:B2:0E:7C:AD:14:D2
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       019EBF5AB986F329ABB2F014DDE108B4BD26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          0671
Signing time:             Sat 13 Jun 2026 05:00:54 +0000
Manifest this update:     Sat 13 Jun 2026 05:00:54 +0000
Manifest next update:     Sun 14 Jun 2026 05:00:54 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: bpklg/eL4o2QPDL5+Phbo7X3NVxFG9oZkFDS/tTAA4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:5a:b9:86:f3:29:ab:b2:f0:14:dd:e1:08:b4:bd:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Jun 13 05:00:54 2026 GMT
            Not After : Jun 14 05:00:54 2026 GMT
        Subject: CN=5a59ca83128936c8e0b20a5ae2aab20e7cad14d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:46:01:c1:15:6a:d8:ce:0f:84:2b:21:3f:f0:
                    df:96:0e:77:8a:12:fd:5b:f3:26:53:10:62:d3:c6:
                    4c:f6:79:e5:1e:b3:e1:24:22:a1:95:54:7c:88:20:
                    f0:5c:e1:3f:c0:44:60:ed:f0:64:d7:d6:ff:51:15:
                    fd:d5:08:be:7e:8d:0f:60:bb:ac:a4:f4:3c:3b:35:
                    fb:71:d6:96:df:f4:38:46:cc:8f:0f:89:b6:0e:f2:
                    51:ed:36:40:4e:fa:60:9b:7f:2d:cb:03:04:0a:0b:
                    71:b8:38:84:c5:24:ee:48:5e:18:f3:6e:d9:28:7e:
                    4e:49:26:9b:be:e6:69:7e:f8:41:43:41:57:b3:50:
                    6b:6a:31:bc:6c:a3:6d:3f:b6:1b:1a:cb:c7:31:c8:
                    fc:9f:65:81:9b:3d:d3:13:ee:d8:f2:1f:e5:2f:3b:
                    cb:06:25:17:dc:7d:67:64:33:2f:60:2f:28:1c:ff:
                    86:ee:30:b1:b1:35:30:ac:59:4d:04:b1:e0:51:21:
                    bc:20:54:26:4b:ed:9c:0f:5f:21:66:a6:be:9c:0d:
                    5a:ad:e2:07:12:cb:a8:e2:b5:05:32:74:58:b0:24:
                    9d:fc:3e:d5:c8:d0:5d:fb:76:fc:3a:b7:b7:13:e5:
                    63:78:58:7a:16:9e:85:7e:7d:ab:44:a9:18:98:6a:
                    74:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:59:CA:83:12:89:36:C8:E0:B2:0A:5A:E2:AA:B2:0E:7C:AD:14:D2
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:2b:1b:cf:30:bb:64:9a:4e:a9:a7:0c:6a:95:13:24:c6:b8:
         56:57:b9:ab:55:08:fd:74:5e:91:8f:04:5c:7a:0b:be:d0:cf:
         75:b3:08:7e:9c:c0:98:cd:48:04:2d:ff:c9:f2:56:fa:45:11:
         de:3c:f6:24:28:0c:66:a1:00:04:b4:4d:fd:5f:ef:17:9b:7b:
         74:e6:c0:fd:96:f1:57:7b:f7:49:1f:68:15:aa:b6:27:a9:c3:
         4d:5c:8b:af:a6:2c:a2:9a:a6:76:c4:d5:3c:af:01:1f:3d:dc:
         ef:d1:82:6c:c7:80:09:bd:54:57:df:42:ae:f9:ea:14:c1:12:
         34:ae:56:fa:37:71:ca:a1:fa:44:bd:dc:17:dd:1e:56:23:86:
         57:4b:c0:3c:9b:9c:9e:59:44:dc:9c:32:03:ca:f5:00:fe:9e:
         9a:c0:a3:df:03:02:97:cd:68:62:af:df:7c:89:43:b2:4a:cd:
         d4:68:61:4e:2e:bf:55:b0:e6:e1:33:04:3b:4c:69:0a:4f:1d:
         3b:bc:76:85:55:fe:02:57:c4:a0:d6:12:01:f8:3c:b6:7a:10:
         b2:36:4e:4c:17:0a:86:91:01:76:2e:af:57:a9:b7:cb:a1:e6:
         ae:e7:ec:bf:ca:5f:27:2b:6a:9c:eb:dd:11:5e:0e:33:aa:21:
         ef:0d:50:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/WrmG8ymrsvAU3eEItL0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjYwNjEzMDUwMDU0WhcNMjYwNjE0MDUwMDU0WjAzMTEwLwYDVQQD
Eyg1YTU5Y2E4MzEyODkzNmM4ZTBiMjBhNWFlMmFhYjIwZTdjYWQxNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0YBwRVq2M4PhCshP/Dflg53ihL9
W/MmUxBi08ZM9nnlHrPhJCKhlVR8iCDwXOE/wERg7fBk19b/URX91Qi+fo0PYLus
pPQ8OzX7cdaW3/Q4RsyPD4m2DvJR7TZATvpgm38tywMECgtxuDiExSTuSF4Y827Z
KH5OSSabvuZpfvhBQ0FXs1BrajG8bKNtP7YbGsvHMcj8n2WBmz3TE+7Y8h/lLzvL
BiUX3H1nZDMvYC8oHP+G7jCxsTUwrFlNBLHgUSG8IFQmS+2cD18hZqa+nA1areIH
Esuo4rUFMnRYsCSd/D7VyNBd+3b8Ore3E+VjeFh6Fp6Ffn2rRKkYmGp0rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpZyoMSiTbI4LIKWuKqsg58rRTSMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkisbzzC7
ZJpOqacMapUTJMa4Vle5q1UI/XRekY8EXHoLvtDPdbMIfpzAmM1IBC3/yfJW+kUR
3jz2JCgMZqEABLRN/V/vF5t7dObA/ZbxV3v3SR9oFaq2J6nDTVyLr6YsopqmdsTV
PK8BHz3c79GCbMeACb1UV99CrvnqFMESNK5W+jdxyqH6RL3cF90eViOGV0vAPJuc
nllE3JwyA8r1AP6emsCj3wMCl81oYq/ffIlDskrN1GhhTi6/VbDm4TMEO0xpCk8d
O7x2hVX+AlfEoNYSAfg8tnoQsjZOTBcKhpEBdi6vV6m3y6Hmrufsv8pfJytqnOvd
EV4OM6oh7w1Qww==
-----END CERTIFICATE-----