Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          +cpMK7eSPfDGliWSRO73L9BFs1PjGd4ruCk+/GdurfE=
Subject key identifier:   6A:CB:38:6A:68:13:BD:85:49:80:1D:8C:7C:36:86:75:17:8D:8F:27
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       019EBF23682E639F49F4D99F94EC78C6FA5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          1956
Signing time:             Sat 13 Jun 2026 04:00:29 +0000
Manifest this update:     Sat 13 Jun 2026 04:00:29 +0000
Manifest next update:     Sun 14 Jun 2026 04:00:29 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: d8KJpzlEWDrt5dMu9wV3eNpYzzjeardtkXbl/bJ9y60=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 04:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:23:68:2e:63:9f:49:f4:d9:9f:94:ec:78:c6:fa:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Jun 13 04:00:29 2026 GMT
            Not After : Jun 14 04:00:29 2026 GMT
        Subject: CN=6acb386a6813bd8549801d8c7c368675178d8f27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:3c:ed:22:2e:3a:54:54:30:45:d3:3f:e2:f6:
                    89:9d:c0:b4:dc:4a:eb:13:47:3c:51:c3:5d:57:25:
                    77:16:58:64:fd:2a:8e:6c:24:a9:4d:5f:5b:1a:5c:
                    b9:db:6a:e2:b7:d3:18:5f:03:8e:59:e1:b9:bc:80:
                    5b:dc:2c:ec:fb:18:24:e9:4c:c3:b8:e3:70:eb:0e:
                    35:7f:dd:8d:1d:9c:23:39:c9:7b:f0:c9:cf:56:a7:
                    31:a7:2f:e4:10:da:91:d0:43:37:6f:7c:e5:61:2a:
                    4e:a0:7b:a5:49:8d:29:25:70:2f:1d:6a:e3:0b:cb:
                    9b:d9:0a:76:0c:0f:f7:05:92:d4:a8:78:e4:0e:8b:
                    b0:c3:88:58:a6:31:89:4c:aa:99:cd:67:7e:0e:d8:
                    47:1b:09:80:a4:3a:a7:a0:fa:79:07:2f:f8:79:8d:
                    ec:f1:b1:4d:eb:31:bd:c8:dd:63:29:28:93:9e:44:
                    a0:17:5f:21:53:f0:5e:0e:ed:ed:04:1a:84:57:87:
                    3c:db:fb:37:8a:59:a0:ab:96:b4:17:29:0d:d1:25:
                    02:96:65:e2:c2:06:ab:9d:50:8b:70:3f:4f:b5:b4:
                    c3:25:b3:06:1e:40:85:9f:f6:e2:99:ba:b5:8b:7e:
                    3c:3c:61:44:a1:b1:eb:ed:ec:d6:6f:61:3c:e3:92:
                    bb:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:CB:38:6A:68:13:BD:85:49:80:1D:8C:7C:36:86:75:17:8D:8F:27
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:74:d6:9a:10:c7:1b:9f:bc:e7:2f:cc:7b:e6:8f:27:61:79:
         d6:da:b4:d7:9d:cc:17:5e:72:aa:ef:d8:03:40:14:6d:56:9d:
         c2:e6:c4:28:96:f3:41:e3:98:83:42:94:0e:39:35:af:05:4f:
         f7:1b:78:7b:01:a2:30:56:58:a4:78:77:ac:9d:03:04:6d:9f:
         a6:a4:62:43:5d:96:7a:4c:89:a0:b2:87:cb:3e:17:17:b1:48:
         92:22:9d:73:66:c0:2e:9b:4a:f2:87:8f:12:56:dd:c2:52:c0:
         26:5f:30:83:00:bb:0f:63:78:32:3c:c6:0d:d9:c6:c4:51:c3:
         dc:11:99:5f:51:86:68:9d:c7:c1:ec:97:1b:9f:b5:b6:aa:35:
         7d:2d:c7:76:e3:44:59:d7:76:fa:92:83:3e:dc:74:e3:a2:4c:
         b0:a9:50:b3:52:b2:5a:5d:02:0a:97:cb:79:a6:b4:be:0d:ff:
         bc:00:b4:73:e3:c9:d9:6e:c4:39:75:66:0e:fe:e9:3e:71:98:
         0f:b4:e3:d1:99:d7:fa:ef:c8:89:bf:61:03:35:55:27:46:90:
         96:ab:81:5d:f1:87:8f:dd:f6:bc:9c:ef:ba:50:b6:0f:58:b8:
         5a:3e:0c:1c:b5:6a:54:6c:dc:3d:82:b8:ad:50:60:a8:76:9b:
         87:24:a5:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/I2guY59J9NmflOx4xvpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjYwNjEzMDQwMDI5WhcNMjYwNjE0MDQwMDI5WjAzMTEwLwYDVQQD
Eyg2YWNiMzg2YTY4MTNiZDg1NDk4MDFkOGM3YzM2ODY3NTE3OGQ4ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TztIi46VFQwRdM/4vaJncC03Err
E0c8UcNdVyV3Flhk/SqObCSpTV9bGly522rit9MYXwOOWeG5vIBb3Czs+xgk6UzD
uONw6w41f92NHZwjOcl78MnPVqcxpy/kENqR0EM3b3zlYSpOoHulSY0pJXAvHWrj
C8ub2Qp2DA/3BZLUqHjkDouww4hYpjGJTKqZzWd+DthHGwmApDqnoPp5By/4eY3s
8bFN6zG9yN1jKSiTnkSgF18hU/BeDu3tBBqEV4c82/s3ilmgq5a0FykN0SUClmXi
wgarnVCLcD9PtbTDJbMGHkCFn/bimbq1i348PGFEobHr7ezWb2E845K7LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrLOGpoE72FSYAdjHw2hnUXjY8nMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbXTWmhDH
G5+85y/Me+aPJ2F51tq0153MF15yqu/YA0AUbVadwubEKJbzQeOYg0KUDjk1rwVP
9xt4ewGiMFZYpHh3rJ0DBG2fpqRiQ12WekyJoLKHyz4XF7FIkiKdc2bALptK8oeP
ElbdwlLAJl8wgwC7D2N4MjzGDdnGxFHD3BGZX1GGaJ3HweyXG5+1tqo1fS3HduNE
Wdd2+pKDPtx046JMsKlQs1KyWl0CCpfLeaa0vg3/vAC0c+PJ2W7EOXVmDv7pPnGY
D7Tj0ZnX+u/Iib9hAzVVJ0aQlquBXfGHj932vJzvulC2D1i4Wj4MHLVqVGzcPYK4
rVBgqHabhySl8Q==
-----END CERTIFICATE-----