Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
File:                     4KM3CoQbiT57aPhqOTNjWC4QVkg.mft (raw, json)
Hash identifier:          B1FGjs+uz6XG/EWRg3SoJ3LzUC1IdvZyGeI32L5eOTU=
Subject key identifier:   7C:CD:60:EA:0E:46:B6:DE:25:61:6C:77:B2:A5:29:54:1A:25:E1:AA
Authority key identifier: E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48
Certificate issuer:       /CN=e0a3370a841b893e7b68f86a393363582e105648
Certificate serial:       019EBEEC46E4D0DD65E90E51246AA3456E94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
Manifest number:          0E33
Signing time:             Sat 13 Jun 2026 03:00:15 +0000
Manifest this update:     Sat 13 Jun 2026 03:00:15 +0000
Manifest next update:     Sun 14 Jun 2026 03:00:15 +0000
Files and hashes:         1: 4KM3CoQbiT57aPhqOTNjWC4QVkg.crl (hash: TeIh4uJxdw3hzHMa1qSLWgRvdNX+AC5ze4wGv3weX54=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:ec:46:e4:d0:dd:65:e9:0e:51:24:6a:a3:45:6e:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0a3370a841b893e7b68f86a393363582e105648
        Validity
            Not Before: Jun 13 03:00:15 2026 GMT
            Not After : Jun 14 03:00:15 2026 GMT
        Subject: CN=7ccd60ea0e46b6de25616c77b2a529541a25e1aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:88:45:1c:be:55:af:6b:74:5e:94:96:62:b6:
                    44:18:a3:4d:7e:ca:c0:af:77:18:cc:6c:b6:cd:7a:
                    29:2a:57:ae:2f:bc:e7:7e:35:bb:ca:59:e5:c0:9e:
                    e8:84:20:96:d6:51:90:04:da:26:47:06:ca:cb:b6:
                    44:53:23:25:50:02:11:dc:e3:b3:be:05:ab:f2:87:
                    23:2e:ac:c1:37:f9:97:69:43:78:d0:c4:1f:be:6a:
                    a5:49:98:30:f0:ed:3e:11:55:90:78:26:de:43:84:
                    97:05:62:40:be:b7:61:c4:98:ad:e8:1a:d7:37:f7:
                    b3:15:d1:ae:d0:5e:bd:3d:c8:c3:01:c0:aa:ef:3e:
                    2a:bb:7d:04:2a:83:e3:a0:00:86:86:91:94:1d:9b:
                    77:f7:66:64:5e:a3:82:2a:eb:a7:39:70:98:c1:9d:
                    b2:48:57:53:5c:78:19:87:d3:8e:b4:81:45:53:55:
                    40:f3:7e:f3:ac:59:99:72:14:c6:b4:ee:76:21:e4:
                    d2:13:c3:40:bb:51:79:28:30:dc:cf:dc:ad:44:31:
                    7d:8c:ec:84:17:6b:3e:fd:2f:bf:8b:9c:04:73:ff:
                    36:39:27:7c:37:f3:a5:bc:bd:78:13:cd:54:c8:7f:
                    b8:e3:09:9a:35:8f:f0:c0:e7:a3:2c:a0:f3:82:ed:
                    a6:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:CD:60:EA:0E:46:B6:DE:25:61:6C:77:B2:A5:29:54:1A:25:E1:AA
            X509v3 Authority Key Identifier:
                keyid:E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:b2:ca:c7:82:42:4a:99:4d:b6:cc:72:51:04:48:7b:c7:da:
         1e:2c:73:52:8d:a1:b7:9c:b5:dd:89:f5:a3:59:34:77:c6:32:
         76:34:3e:90:40:6a:f1:8f:d5:19:dd:c8:05:72:62:23:b4:3d:
         89:b7:9d:71:10:d5:0a:49:0d:26:14:e2:91:d2:94:44:af:0e:
         32:46:74:b9:f5:a8:aa:de:62:e0:43:60:a8:a9:32:93:db:cd:
         ed:9b:b9:8b:55:18:e1:ea:c6:3f:8c:c6:a8:41:87:4e:52:6a:
         e7:bf:4a:3f:c2:a7:d2:89:19:bc:54:47:8a:a8:10:e2:8f:00:
         4e:68:f2:6e:46:52:3a:f4:20:29:bd:30:8f:84:b1:f3:76:e2:
         da:c8:93:a8:60:98:b0:6d:23:03:3d:bc:a4:41:91:b0:cb:b1:
         b7:43:4e:56:e6:b5:dc:8f:94:e6:03:6f:26:7d:6c:7c:1e:64:
         6b:ae:27:ae:fc:ae:9a:59:37:c2:67:10:06:78:16:12:71:25:
         51:15:41:0b:83:0d:0b:6b:8a:2d:9e:18:60:37:a4:5e:3a:36:
         6c:38:e9:3a:24:ef:61:5d:79:33:f7:bd:91:0c:78:8e:c0:96:
         fc:9e:2a:11:59:40:e4:ae:90:1f:fb:90:a2:54:20:b8:68:d2:
         9e:26:f8:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+7Ebk0N1l6Q5RJGqjRW6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTMzNzBhODQxYjg5M2U3YjY4Zjg2YTM5MzM2MzU4MmUx
MDU2NDgwHhcNMjYwNjEzMDMwMDE1WhcNMjYwNjE0MDMwMDE1WjAzMTEwLwYDVQQD
Eyg3Y2NkNjBlYTBlNDZiNmRlMjU2MTZjNzdiMmE1Mjk1NDFhMjVlMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsohFHL5Vr2t0XpSWYrZEGKNNfsrA
r3cYzGy2zXopKleuL7znfjW7ylnlwJ7ohCCW1lGQBNomRwbKy7ZEUyMlUAIR3OOz
vgWr8ocjLqzBN/mXaUN40MQfvmqlSZgw8O0+EVWQeCbeQ4SXBWJAvrdhxJit6BrX
N/ezFdGu0F69PcjDAcCq7z4qu30EKoPjoACGhpGUHZt392ZkXqOCKuunOXCYwZ2y
SFdTXHgZh9OOtIFFU1VA837zrFmZchTGtO52IeTSE8NAu1F5KDDcz9ytRDF9jOyE
F2s+/S+/i5wEc/82OSd8N/OlvL14E81UyH+44wmaNY/wwOejLKDzgu2moQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHzNYOoORrbeJWFsd7KlKVQaJeGqMB8GA1UdIwQY
MBaAFOCjNwqEG4k+e2j4ajkzY1guEFZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgt
YzNlZGI0ZDhmNzFlLzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgtYzNlZGI0ZDhmNzFl
LzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARLLKx4JC
SplNtsxyUQRIe8faHixzUo2ht5y13Yn1o1k0d8YydjQ+kEBq8Y/VGd3IBXJiI7Q9
ibedcRDVCkkNJhTikdKURK8OMkZ0ufWoqt5i4ENgqKkyk9vN7Zu5i1UY4erGP4zG
qEGHTlJq579KP8Kn0okZvFRHiqgQ4o8ATmjybkZSOvQgKb0wj4Sx83bi2siTqGCY
sG0jAz28pEGRsMuxt0NOVua13I+U5gNvJn1sfB5ka64nrvyumlk3wmcQBngWEnEl
URVBC4MNC2uKLZ4YYDekXjo2bDjpOiTvYV15M/e9kQx4jsCW/J4qEVlA5K6QH/uQ
olQguGjSnib4mQ==
-----END CERTIFICATE-----