Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          SDNWSXl8250UP38jEQ4UHpJ1bdSRk6uq3X41pOvXUbY=
Subject key identifier:   65:4A:D8:7F:5A:42:A7:CA:50:B2:37:79:85:66:FB:8D:76:78:14:63
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       019EC1EDA2EB15CDEC270B4B6450C4F703D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          072C
Signing time:             Sat 13 Jun 2026 17:00:36 +0000
Manifest this update:     Sat 13 Jun 2026 17:00:36 +0000
Manifest next update:     Sun 14 Jun 2026 17:00:36 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: 6caEddvdLWw8yN4ePe7+pfEF3K39ZC3fVShzx+SPQt8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 10:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c1:ed:a2:eb:15:cd:ec:27:0b:4b:64:50:c4:f7:03:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Jun 13 17:00:36 2026 GMT
            Not After : Jun 14 17:00:36 2026 GMT
        Subject: CN=654ad87f5a42a7ca50b237798566fb8d76781463
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:85:ad:3b:0d:06:42:a5:5d:b2:1b:ad:dc:7d:
                    b3:1b:67:b9:ba:b0:90:fa:9f:e3:88:e5:37:07:d0:
                    29:75:93:3f:20:9a:30:62:8a:b2:9b:f0:ba:db:e2:
                    ac:ef:3e:51:75:10:e4:0a:91:60:fb:fb:a3:5a:71:
                    fe:64:a1:a1:8b:1a:1c:aa:ae:00:fa:51:a1:47:43:
                    e8:71:1f:32:d0:3b:39:2e:9d:1b:38:3f:80:10:c3:
                    7a:8d:42:c8:14:69:c3:ac:84:79:a9:66:43:fa:17:
                    b1:7a:16:6d:7b:a6:86:c2:36:43:76:04:bc:3f:c4:
                    bb:ca:6a:5f:48:6d:f9:de:20:c6:b8:04:cb:b3:ec:
                    1a:ae:38:8a:1b:0f:69:4c:14:d4:03:a7:43:e4:d7:
                    ee:20:81:fc:b0:b4:94:f8:dc:d0:e9:d4:94:6f:4a:
                    6f:14:89:dc:6f:8d:b6:20:a7:ce:5f:59:ae:7f:dc:
                    87:9a:fa:6d:37:3d:14:6a:b4:50:07:62:98:13:e6:
                    ef:97:2e:5b:ff:2c:44:2d:f5:05:6a:ce:cd:d7:1b:
                    f7:cf:e8:8f:0c:a2:e1:5a:75:f4:d5:db:b4:b0:0a:
                    09:af:07:d1:28:d1:3f:03:4f:1b:17:b1:54:9d:17:
                    4d:9e:1d:29:46:74:d3:3b:7c:a4:c9:be:fc:9e:8c:
                    cb:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:4A:D8:7F:5A:42:A7:CA:50:B2:37:79:85:66:FB:8D:76:78:14:63
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:5d:8d:9c:31:6f:1b:4d:47:ad:71:28:54:59:46:fa:97:75:
         9e:b4:00:8f:97:41:fc:34:33:a8:0f:d3:78:74:2e:64:37:86:
         c5:ec:92:dc:e8:fa:e0:1c:27:3c:e4:68:1f:d7:05:1b:8d:64:
         5c:49:89:1f:17:bf:fd:34:6c:67:f0:2c:45:af:11:02:16:4f:
         4b:e6:c5:42:8d:2b:1a:ce:3f:1f:94:51:6a:04:ae:ad:62:59:
         36:48:64:b5:f5:b6:b4:94:2b:60:8a:e0:8e:2f:d5:1d:49:25:
         b5:21:d3:23:cb:6f:de:bc:46:e1:e3:1c:c7:3b:ab:69:e7:72:
         01:aa:29:34:1a:34:c1:4f:f5:ee:c8:c7:d6:ef:0d:98:5e:30:
         9b:dc:9a:31:71:e9:61:8c:d3:2f:e2:11:21:36:1b:d4:f5:28:
         19:17:2b:f1:c6:71:54:be:19:d8:62:aa:e7:76:69:47:dd:47:
         b1:78:0d:67:52:42:dc:33:39:a0:26:eb:87:8b:be:d8:bb:2d:
         3f:be:50:c5:20:2a:8e:52:5f:94:97:6a:39:b0:2a:55:3d:3f:
         bf:ca:73:b8:1e:2f:1d:57:52:c5:3d:f3:ff:85:3c:08:b7:94:
         b4:3a:78:8a:c6:f7:92:ce:2f:32:94:10:ea:b4:93:c5:e2:d1:
         b7:0a:2c:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7B7aLrFc3sJwtLZFDE9wPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjYwNjEzMTcwMDM2WhcNMjYwNjE0MTcwMDM2WjAzMTEwLwYDVQQD
Eyg2NTRhZDg3ZjVhNDJhN2NhNTBiMjM3Nzk4NTY2ZmI4ZDc2NzgxNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYWtOw0GQqVdshut3H2zG2e5urCQ
+p/jiOU3B9ApdZM/IJowYoqym/C62+Ks7z5RdRDkCpFg+/ujWnH+ZKGhixocqq4A
+lGhR0PocR8y0Ds5Lp0bOD+AEMN6jULIFGnDrIR5qWZD+hexehZte6aGwjZDdgS8
P8S7ympfSG353iDGuATLs+warjiKGw9pTBTUA6dD5NfuIIH8sLSU+NzQ6dSUb0pv
FIncb422IKfOX1muf9yHmvptNz0UarRQB2KYE+bvly5b/yxELfUFas7N1xv3z+iP
DKLhWnX01du0sAoJrwfRKNE/A08bF7FUnRdNnh0pRnTTO3ykyb78nozLnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVK2H9aQqfKULI3eYVm+412eBRjMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgF2NnDFv
G01HrXEoVFlG+pd1nrQAj5dB/DQzqA/TeHQuZDeGxeyS3Oj64BwnPORoH9cFG41k
XEmJHxe//TRsZ/AsRa8RAhZPS+bFQo0rGs4/H5RRagSurWJZNkhktfW2tJQrYIrg
ji/VHUkltSHTI8tv3rxG4eMcxzuraedyAaopNBo0wU/17sjH1u8NmF4wm9yaMXHp
YYzTL+IRITYb1PUoGRcr8cZxVL4Z2GKq53ZpR91HsXgNZ1JC3DM5oCbrh4u+2Lst
P75QxSAqjlJflJdqObAqVT0/v8pzuB4vHVdSxT3z/4U8CLeUtDp4isb3ks4vMpQQ
6rSTxeLRtwosvA==
-----END CERTIFICATE-----