Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft
File:                     AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft (raw, json)
Hash identifier:          SLdodzKDkldaWzV3dN4ZEzq7TQ47UHXDmfaljO1Bva0=
Subject key identifier:   49:68:FD:BC:39:4C:1E:68:BF:41:DA:76:4E:38:E5:E2:15:4F:3B:4E
Authority key identifier: 03:1C:8E:8C:C0:75:C2:D0:43:13:B9:11:D9:3D:61:FE:2A:9A:DE:A2
Certificate issuer:       /CN=031c8e8cc075c2d04313b911d93d61fe2a9adea2
Certificate serial:       019EC06D969FB1D69BFB5E4E0C4AD0AC9FB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AxyOjMB1wtBDE7kR2T1h_iqa3qI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft
Manifest number:          08D9
Signing time:             Sat 13 Jun 2026 10:01:07 +0000
Manifest this update:     Sat 13 Jun 2026 10:01:07 +0000
Manifest next update:     Sun 14 Jun 2026 10:01:07 +0000
Files and hashes:         1: AxyOjMB1wtBDE7kR2T1h_iqa3qI.crl (hash: cF2rcoikWbywbQ8b12JU9yCcuWzhpGMGGNeePIZPvxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AxyOjMB1wtBDE7kR2T1h_iqa3qI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6d:96:9f:b1:d6:9b:fb:5e:4e:0c:4a:d0:ac:9f:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=031c8e8cc075c2d04313b911d93d61fe2a9adea2
        Validity
            Not Before: Jun 13 10:01:07 2026 GMT
            Not After : Jun 14 10:01:07 2026 GMT
        Subject: CN=4968fdbc394c1e68bf41da764e38e5e2154f3b4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:cd:b9:1b:20:8b:f0:0b:fb:f2:7c:03:94:63:
                    36:e1:01:f2:42:c5:26:b7:66:da:32:86:11:54:69:
                    68:87:7a:b3:cb:0a:f4:64:6a:64:ec:77:4e:71:ee:
                    3a:db:69:97:aa:55:ee:6c:6c:2c:4b:08:e5:c4:3b:
                    c9:79:12:ef:71:64:58:1b:e4:12:04:9d:1f:c8:dd:
                    69:e5:1e:b1:88:c4:f6:2d:ce:7d:b7:53:7f:25:35:
                    2e:48:06:42:d3:d3:45:a3:07:fd:1c:97:07:88:11:
                    57:15:2c:93:34:d1:00:eb:1a:b8:5e:cd:70:0a:ca:
                    26:88:c7:60:5a:6e:ff:99:59:ee:16:30:22:9d:da:
                    d9:97:4d:8c:99:92:8f:93:9d:10:08:b6:0f:b2:5b:
                    d0:3b:98:42:49:75:f9:c4:bd:87:c7:99:e7:a4:6c:
                    b7:a8:fc:23:1f:af:d0:96:3d:f2:06:7a:57:f7:1c:
                    08:0d:6e:fe:65:a8:4c:1d:0e:1b:f6:9f:71:df:9b:
                    37:e5:47:0a:b8:59:cb:fb:63:64:72:b1:fb:1e:47:
                    c2:fe:00:9a:c8:f0:2b:50:99:62:05:77:36:ab:87:
                    42:5f:d7:6f:9b:55:00:91:e5:40:f6:cf:80:f0:b7:
                    bc:35:f5:fb:ee:7d:b0:a9:6b:66:26:3c:af:16:09:
                    67:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:68:FD:BC:39:4C:1E:68:BF:41:DA:76:4E:38:E5:E2:15:4F:3B:4E
            X509v3 Authority Key Identifier:
                keyid:03:1C:8E:8C:C0:75:C2:D0:43:13:B9:11:D9:3D:61:FE:2A:9A:DE:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AxyOjMB1wtBDE7kR2T1h_iqa3qI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/75213d-01a4-4b61-b594-6268cedabd84/1/AxyOjMB1wtBDE7kR2T1h_iqa3qI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:43:58:5d:d0:b5:0c:71:6b:d4:97:a8:b6:de:c5:f9:c3:8c:
         46:bd:17:f4:5a:97:a6:e9:00:d5:e9:23:3c:12:82:fd:05:3c:
         9f:c6:30:5f:b7:cd:6b:a7:69:69:7d:e9:b1:1d:f6:bc:f1:92:
         e1:bf:be:01:f6:73:e4:29:8d:41:b6:de:75:7f:6b:a7:45:77:
         4a:60:17:cb:ea:4c:ce:93:3a:2f:5e:ef:70:c3:9e:62:b1:87:
         60:2f:0d:ad:ae:34:f4:bb:32:de:4d:1a:9a:a3:1f:a2:1e:13:
         c8:0f:12:47:db:6f:ce:cc:1b:ac:a0:0f:90:5a:f7:d1:8a:8f:
         e5:91:d3:3a:78:b5:b8:7f:00:08:2f:77:ba:cc:ae:bd:8a:5c:
         a3:86:2c:ed:53:68:60:1d:00:d2:a8:cc:4c:5a:09:86:96:14:
         b6:ed:c2:9f:c0:fa:ab:76:ba:1b:ac:48:73:46:4d:a2:43:2d:
         a4:e1:d7:49:fb:55:d5:cb:09:a0:3b:c1:cc:bb:a7:b3:b9:d5:
         5b:f1:f9:a5:d5:57:ff:45:2f:74:95:d4:56:9f:3c:99:c7:13:
         6e:bd:ae:95:a7:6e:1b:98:3f:41:65:ed:7b:d8:7f:6f:48:e5:
         3d:8e:1d:0d:73:27:f6:c8:c7:c9:90:b1:52:ea:48:1a:50:65:
         34:93:2b:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbZafsdab+15ODErQrJ+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMWM4ZThjYzA3NWMyZDA0MzEzYjkxMWQ5M2Q2MWZlMmE5
YWRlYTIwHhcNMjYwNjEzMTAwMTA3WhcNMjYwNjE0MTAwMTA3WjAzMTEwLwYDVQQD
Eyg0OTY4ZmRiYzM5NGMxZTY4YmY0MWRhNzY0ZTM4ZTVlMjE1NGYzYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz825GyCL8Av78nwDlGM24QHyQsUm
t2baMoYRVGloh3qzywr0ZGpk7HdOce4622mXqlXubGwsSwjlxDvJeRLvcWRYG+QS
BJ0fyN1p5R6xiMT2Lc59t1N/JTUuSAZC09NFowf9HJcHiBFXFSyTNNEA6xq4Xs1w
CsomiMdgWm7/mVnuFjAindrZl02MmZKPk50QCLYPslvQO5hCSXX5xL2Hx5nnpGy3
qPwjH6/Qlj3yBnpX9xwIDW7+ZahMHQ4b9p9x35s35UcKuFnL+2NkcrH7HkfC/gCa
yPArUJliBXc2q4dCX9dvm1UAkeVA9s+A8Le8NfX77n2wqWtmJjyvFglnzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElo/bw5TB5ov0Hadk445eIVTztOMB8GA1UdIwQY
MBaAFAMcjozAdcLQQxO5Edk9Yf4qmt6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXh5T2pNQjF3dEJERTdrUjJUMWhfaXFhM3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy83NTIxM2QtMDFhNC00YjYxLWI1OTQt
NjI2OGNlZGFiZDg0LzEvQXh5T2pNQjF3dEJERTdrUjJUMWhfaXFhM3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy83NTIxM2QtMDFhNC00YjYxLWI1OTQtNjI2OGNlZGFiZDg0
LzEvQXh5T2pNQjF3dEJERTdrUjJUMWhfaXFhM3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHUNYXdC1
DHFr1Jeott7F+cOMRr0X9FqXpukA1ekjPBKC/QU8n8YwX7fNa6dpaX3psR32vPGS
4b++AfZz5CmNQbbedX9rp0V3SmAXy+pMzpM6L17vcMOeYrGHYC8Nra409Lsy3k0a
mqMfoh4TyA8SR9tvzswbrKAPkFr30YqP5ZHTOni1uH8ACC93usyuvYpco4Ys7VNo
YB0A0qjMTFoJhpYUtu3Cn8D6q3a6G6xIc0ZNokMtpOHXSftV1csJoDvBzLuns7nV
W/H5pdVX/0UvdJXUVp88mccTbr2uladuG5g/QWXte9h/b0jlPY4dDXMn9sjHyZCx
UupIGlBlNJMrEA==
-----END CERTIFICATE-----