Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          hwdkexjIBWIgy54owcHQST4MM3qkXlsFsiq7k0Ms504=
Subject key identifier:   29:EE:C2:42:A6:F6:05:E2:5D:E9:37:3D:E6:DC:8C:C9:5A:27:A9:84
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       019EBE7F02291BE78439D30FEF7032ECCF4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          14A4
Signing time:             Sat 13 Jun 2026 01:00:55 +0000
Manifest this update:     Sat 13 Jun 2026 01:00:55 +0000
Manifest next update:     Sun 14 Jun 2026 01:00:55 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: 5BcRzpt8Lb69jF7AENkhr30lyC5HOCVkLo+O3jz683E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:02:29:1b:e7:84:39:d3:0f:ef:70:32:ec:cf:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: Jun 13 01:00:55 2026 GMT
            Not After : Jun 14 01:00:55 2026 GMT
        Subject: CN=29eec242a6f605e25de9373de6dc8cc95a27a984
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:02:58:ac:e9:02:7b:70:1a:f3:cd:09:84:f0:
                    ab:c2:fc:d3:0e:f0:21:19:d8:7e:7b:ba:64:d2:e7:
                    c6:9f:c3:8f:7a:4d:30:e2:eb:8a:eb:3d:54:d7:6a:
                    b7:e7:49:4c:72:05:57:39:03:93:3e:e7:fc:d0:17:
                    4f:d1:5b:fd:16:5f:64:2b:76:a4:72:04:9f:6c:cf:
                    9f:2f:95:10:84:c6:49:49:c0:b7:58:52:20:fe:72:
                    49:5b:db:84:3b:0c:21:cf:dd:6b:bd:63:a7:d0:ef:
                    f5:a6:60:53:04:32:a5:b1:7f:5f:61:19:32:49:5e:
                    b1:82:b4:a3:29:94:02:d9:78:96:d8:32:bc:08:9c:
                    61:c1:e0:76:74:d8:42:b1:73:7e:e7:4e:32:6a:b8:
                    ad:70:2a:4c:cf:17:52:c4:1b:ea:62:6a:81:12:40:
                    bd:90:ba:0c:09:dd:90:f0:6c:1c:aa:05:16:cb:b2:
                    f7:b1:60:c6:50:12:77:af:e0:95:06:38:a1:58:bf:
                    41:18:c5:1a:a3:cc:fa:f1:e3:b6:ff:72:70:d9:d1:
                    a9:09:dc:d2:11:aa:41:af:f2:b7:d2:74:a6:09:a6:
                    f5:91:6b:e7:17:cc:88:82:d2:a1:f4:ff:95:f5:9c:
                    73:79:2d:0d:18:e4:d6:b5:7f:ac:42:15:de:22:47:
                    aa:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:EE:C2:42:A6:F6:05:E2:5D:E9:37:3D:E6:DC:8C:C9:5A:27:A9:84
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:b8:a3:2f:c1:4c:67:04:09:cb:55:91:eb:88:86:33:c6:d6:
         bb:fe:20:91:a0:dc:1f:d6:78:c0:de:0c:af:96:0a:8f:79:e0:
         ab:d0:ed:23:53:25:59:d3:c2:ed:b8:95:47:32:eb:21:37:77:
         76:b8:e0:31:0d:3e:ce:35:70:bb:3c:6d:f1:68:24:b2:bb:7b:
         ae:e0:95:91:40:98:bc:b2:9b:bf:f5:5a:82:00:f3:72:ae:fb:
         2b:eb:f8:d8:fc:7f:19:28:0b:60:95:65:f1:f6:56:d0:3f:6a:
         d3:3c:69:0f:e6:19:be:96:6d:f2:9f:2c:49:08:4d:e4:17:65:
         95:bd:36:6f:af:5d:d2:70:3f:bc:b6:ff:e3:11:99:7c:92:8e:
         14:72:6e:b0:f1:20:a9:c0:ce:99:3d:95:02:e0:ea:f0:cc:23:
         9e:1a:33:4d:a0:9f:67:75:de:4f:a7:9c:42:d3:f7:e9:7b:05:
         ae:ff:2b:fd:87:e8:4b:49:a8:c6:d5:e3:e2:63:26:f4:95:25:
         2d:4b:8f:d0:6c:27:e7:2c:67:12:d5:94:76:d2:9e:6b:d4:4b:
         03:cf:ab:33:dc:29:87:64:e3:a2:34:ec:c4:ac:a9:1a:ef:23:
         d7:37:56:00:97:c9:84:20:ce:e7:72:a1:70:ca:a4:26:f7:ac:
         99:f8:51:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+fwIpG+eEOdMP73Ay7M9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjYwNjEzMDEwMDU1WhcNMjYwNjE0MDEwMDU1WjAzMTEwLwYDVQQD
EygyOWVlYzI0MmE2ZjYwNWUyNWRlOTM3M2RlNmRjOGNjOTVhMjdhOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAJYrOkCe3Aa880JhPCrwvzTDvAh
Gdh+e7pk0ufGn8OPek0w4uuK6z1U12q350lMcgVXOQOTPuf80BdP0Vv9Fl9kK3ak
cgSfbM+fL5UQhMZJScC3WFIg/nJJW9uEOwwhz91rvWOn0O/1pmBTBDKlsX9fYRky
SV6xgrSjKZQC2XiW2DK8CJxhweB2dNhCsXN+504yaritcCpMzxdSxBvqYmqBEkC9
kLoMCd2Q8GwcqgUWy7L3sWDGUBJ3r+CVBjihWL9BGMUao8z68eO2/3Jw2dGpCdzS
EapBr/K30nSmCab1kWvnF8yIgtKh9P+V9ZxzeS0NGOTWtX+sQhXeIkeqLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnuwkKm9gXiXek3PebcjMlaJ6mEMB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVrijL8FM
ZwQJy1WR64iGM8bWu/4gkaDcH9Z4wN4Mr5YKj3ngq9DtI1MlWdPC7biVRzLrITd3
drjgMQ0+zjVwuzxt8Wgksrt7ruCVkUCYvLKbv/VaggDzcq77K+v42Px/GSgLYJVl
8fZW0D9q0zxpD+YZvpZt8p8sSQhN5Bdllb02b69d0nA/vLb/4xGZfJKOFHJusPEg
qcDOmT2VAuDq8MwjnhozTaCfZ3XeT6ecQtP36XsFrv8r/YfoS0moxtXj4mMm9JUl
LUuP0Gwn5yxnEtWUdtKea9RLA8+rM9wph2TjojTsxKypGu8j1zdWAJfJhCDO53Kh
cMqkJvesmfhR6w==
-----END CERTIFICATE-----