Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
File:                     AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json)
Hash identifier:          5TR99T9tLcnJ6fAk0F5ulO0xsuXPGLzZenzQ0yRseNE=
Subject key identifier:   F0:BB:0C:A2:89:73:A7:4F:24:B0:97:B3:84:CB:57:BB:C8:F3:71:DD
Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C
Certificate issuer:       /CN=0248417c7fe9ccec5b9daacc08fce799d673088c
Certificate serial:       019EC06E46EA51B30B5CB469A2CF84E8AD67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
Manifest number:          1190
Signing time:             Sat 13 Jun 2026 10:01:52 +0000
Manifest this update:     Sat 13 Jun 2026 10:01:52 +0000
Manifest next update:     Sun 14 Jun 2026 10:01:52 +0000
Files and hashes:         1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: rkORR0Y5TGB6xv79JQU1ry2FuXDhaJNzBGAArmGei54=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6e:46:ea:51:b3:0b:5c:b4:69:a2:cf:84:e8:ad:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c
        Validity
            Not Before: Jun 13 10:01:52 2026 GMT
            Not After : Jun 14 10:01:52 2026 GMT
        Subject: CN=f0bb0ca28973a74f24b097b384cb57bbc8f371dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:24:b6:19:d8:e8:04:1f:6f:de:d8:0c:8f:e1:
                    46:02:5b:21:8f:3e:ae:8c:5e:64:d5:cf:29:40:23:
                    db:04:e7:2c:18:99:6b:2e:87:4c:18:3d:f4:a0:df:
                    7d:3d:6a:75:cc:d6:90:06:4e:81:5a:32:c8:09:e8:
                    a2:5a:cc:fd:e3:a2:60:b4:90:8b:66:8c:0b:94:1b:
                    c5:61:22:d8:70:0d:c0:0f:9b:9f:f5:ee:8c:11:30:
                    35:23:b1:29:9e:e7:3b:c4:1d:45:a9:cf:76:42:3f:
                    a2:30:a2:ba:c2:fe:25:ec:c9:1f:e8:b1:e2:85:f0:
                    02:67:56:bc:cf:f5:0e:0f:64:a2:5b:77:e4:8d:92:
                    2d:d5:9a:3a:89:14:ae:20:ec:00:44:1e:a4:e4:f5:
                    a8:4e:c0:68:21:ac:54:97:ee:b8:45:ca:ca:d2:f2:
                    8f:dd:8d:7d:6b:2d:04:05:9e:fa:c0:08:76:3a:c4:
                    42:59:69:bd:ae:c7:d1:67:df:8b:4f:f2:e0:3d:90:
                    2c:3e:07:58:9e:94:3e:35:5f:fa:65:16:ba:2f:6b:
                    e5:57:b2:bc:91:70:cb:c9:23:4f:0a:e7:cb:35:fa:
                    62:ed:76:ec:98:88:c0:2e:0d:74:71:3c:cf:07:9c:
                    53:4b:16:0b:49:61:52:c5:05:03:39:fa:fa:f9:d6:
                    f9:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:BB:0C:A2:89:73:A7:4F:24:B0:97:B3:84:CB:57:BB:C8:F3:71:DD
            X509v3 Authority Key Identifier:
                keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:26:56:8b:06:6b:99:fa:c0:78:0a:01:77:b1:b6:55:6e:c1:
         0e:42:c0:7d:9e:79:57:1a:c2:1f:dd:e8:48:6e:e1:e7:d7:51:
         2c:4c:ec:93:60:b6:1e:76:48:1d:5b:6e:dd:5c:30:79:18:b0:
         d9:01:37:a9:88:ed:bf:b3:6b:19:57:1d:82:48:fa:6f:45:95:
         c3:72:56:d7:5e:d2:3c:b0:36:c1:92:74:ba:a5:07:f2:a4:7e:
         fa:08:fe:5e:5d:80:b6:b5:0c:18:4d:db:a8:e6:73:5d:1f:cd:
         e1:87:31:f6:1e:d0:f6:64:39:9d:07:be:8e:bf:f3:01:6e:2a:
         16:3f:77:e8:fd:8e:be:40:f7:8a:27:fa:81:8a:de:f3:cf:d2:
         03:45:85:28:f4:e7:2c:06:dd:b4:82:3a:b6:9c:d1:78:42:ce:
         9b:8e:d6:7e:a6:68:f3:13:9a:64:4d:8b:20:ca:ed:41:e2:4c:
         86:11:bd:5d:b6:31:76:21:e9:f4:68:b0:c3:27:8b:90:59:7d:
         cd:e2:dd:38:0b:66:e3:47:f0:4a:e6:65:7b:1c:93:5a:b1:1b:
         b4:ea:af:df:2a:59:b0:51:18:71:fc:78:a9:e1:3e:87:60:9d:
         b9:46:7a:2a:76:3a:55:c7:f9:41:0d:ae:a5:9a:ba:6a:f0:b0:
         ee:23:e2:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbkbqUbMLXLRpos+E6K1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3
MzA4OGMwHhcNMjYwNjEzMTAwMTUyWhcNMjYwNjE0MTAwMTUyWjAzMTEwLwYDVQQD
EyhmMGJiMGNhMjg5NzNhNzRmMjRiMDk3YjM4NGNiNTdiYmM4ZjM3MWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziS2GdjoBB9v3tgMj+FGAlshjz6u
jF5k1c8pQCPbBOcsGJlrLodMGD30oN99PWp1zNaQBk6BWjLICeiiWsz946JgtJCL
ZowLlBvFYSLYcA3AD5uf9e6META1I7Epnuc7xB1Fqc92Qj+iMKK6wv4l7Mkf6LHi
hfACZ1a8z/UOD2SiW3fkjZIt1Zo6iRSuIOwARB6k5PWoTsBoIaxUl+64RcrK0vKP
3Y19ay0EBZ76wAh2OsRCWWm9rsfRZ9+LT/LgPZAsPgdYnpQ+NV/6ZRa6L2vlV7K8
kXDLySNPCufLNfpi7XbsmIjALg10cTzPB5xTSxYLSWFSxQUDOfr6+db5mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPC7DKKJc6dPJLCXs4TLV7vI83HdMB8GA1UdIwQY
MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt
NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2
LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcyZWiwZr
mfrAeAoBd7G2VW7BDkLAfZ55VxrCH93oSG7h59dRLEzsk2C2HnZIHVtu3VwweRiw
2QE3qYjtv7NrGVcdgkj6b0WVw3JW117SPLA2wZJ0uqUH8qR++gj+Xl2AtrUMGE3b
qOZzXR/N4Ycx9h7Q9mQ5nQe+jr/zAW4qFj936P2OvkD3iif6gYre88/SA0WFKPTn
LAbdtII6tpzReELOm47WfqZo8xOaZE2LIMrtQeJMhhG9XbYxdiHp9GiwwyeLkFl9
zeLdOAtm40fwSuZlexyTWrEbtOqv3ypZsFEYcfx4qeE+h2CduUZ6KnY6Vcf5QQ2u
pZq6avCw7iPiCw==
-----END CERTIFICATE-----