Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
File:                     0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json)
Hash identifier:          09JdsGrE3BhGplRhc7D1mkeTQCQCTT+0mIq6x2xAVCE=
Subject key identifier:   07:2D:BF:74:C4:76:2D:21:91:65:A6:B6:50:82:75:1D:30:1C:09:CC
Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A
Certificate issuer:       /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
Certificate serial:       019EC06DB8A600F6D02CBB7D423571AB94BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
Manifest number:          10BA
Signing time:             Sat 13 Jun 2026 10:01:16 +0000
Manifest this update:     Sat 13 Jun 2026 10:01:16 +0000
Manifest next update:     Sun 14 Jun 2026 10:01:16 +0000
Files and hashes:         1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: rj4sSh3o+WSkafjaAtA/S/o+DUjYcadB/GYhkTry6ZY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6d:b8:a6:00:f6:d0:2c:bb:7d:42:35:71:ab:94:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
        Validity
            Not Before: Jun 13 10:01:16 2026 GMT
            Not After : Jun 14 10:01:16 2026 GMT
        Subject: CN=072dbf74c4762d219165a6b65082751d301c09cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:99:69:8a:48:6b:c3:03:dc:c4:2c:03:b5:17:
                    c9:9c:84:bf:44:57:19:9a:b8:44:95:7c:e2:60:74:
                    4e:d7:d0:26:86:37:33:10:39:20:8e:11:8c:bd:65:
                    50:6f:69:ab:c2:26:0d:69:03:ed:7c:16:96:7c:6a:
                    65:b9:a8:dc:dc:b4:dd:d2:7e:ad:81:43:3d:6d:5d:
                    c6:fb:1f:a2:fe:3e:50:3e:50:42:35:72:02:ef:f0:
                    88:42:ff:60:41:55:01:b9:91:75:eb:c7:64:43:ac:
                    e1:a4:24:57:a5:60:ae:76:ca:c2:49:85:f8:60:8d:
                    4a:03:aa:6c:3b:4f:8d:96:af:c1:47:2b:c0:dd:7f:
                    19:ce:5f:5f:11:9a:ab:0d:f4:57:6d:51:80:4c:b5:
                    0b:d7:ee:14:49:c9:eb:d2:4e:9b:be:47:4d:31:e3:
                    8c:e7:1c:2a:c4:22:b6:61:48:f5:00:82:f6:1b:29:
                    cc:ca:f6:6d:f3:0c:20:84:19:c3:6d:47:94:9f:bf:
                    66:53:8a:0b:e5:47:2a:97:17:a3:3a:44:a9:c2:f4:
                    6a:46:aa:d2:7a:0d:1b:90:cf:ef:21:65:fd:c1:1c:
                    a4:b7:28:dc:82:94:68:04:a1:6a:a1:af:40:3f:2a:
                    e8:7a:fb:5f:f9:ce:39:07:68:18:51:2f:da:94:45:
                    82:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:2D:BF:74:C4:76:2D:21:91:65:A6:B6:50:82:75:1D:30:1C:09:CC
            X509v3 Authority Key Identifier:
                keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:2a:7c:3a:fd:50:3f:f4:bd:61:62:f3:49:9e:43:11:3e:e4:
         c7:86:0c:9c:5a:3d:33:bc:fe:5f:37:fc:a3:35:2e:c0:d5:4f:
         19:6b:7f:99:a7:00:7a:68:fe:60:ca:7e:b9:ad:4f:f2:0b:9a:
         97:3b:74:97:94:a1:b1:47:a1:56:a1:d1:e3:42:7a:12:e8:de:
         5e:bb:bd:ab:7d:bb:c9:8b:d9:11:4c:3f:77:39:da:7c:7b:b4:
         b8:ec:f3:b8:7f:58:a7:e8:f4:ae:eb:cd:35:34:a7:32:69:01:
         1b:4f:7d:30:85:4d:0d:e2:fb:03:e9:02:e4:20:60:5c:23:42:
         e2:6d:41:b5:c7:dd:e4:a9:ba:2f:57:0a:7e:57:10:25:ad:f5:
         f8:0c:9d:e1:88:03:0b:6a:28:d6:06:8f:55:4c:1e:1e:a2:8c:
         b3:2a:a8:dc:50:fd:12:d7:07:8e:bd:11:2b:17:54:8e:3c:68:
         cb:35:c4:bc:7a:c9:a4:79:16:a3:d2:47:be:28:55:cf:ae:f5:
         61:e0:04:7f:51:2d:eb:8f:1b:d1:8b:c9:58:fe:4b:7f:d3:87:
         5e:cf:41:10:aa:7b:04:99:52:33:2b:83:94:5b:9f:a0:ee:e9:
         75:f6:4b:db:55:04:e2:7b:dd:31:54:ee:a8:8e:8f:84:61:c9:
         b4:40:56:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbbimAPbQLLt9QjVxq5S9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1
ODdmM2EwHhcNMjYwNjEzMTAwMTE2WhcNMjYwNjE0MTAwMTE2WjAzMTEwLwYDVQQD
EygwNzJkYmY3NGM0NzYyZDIxOTE2NWE2YjY1MDgyNzUxZDMwMWMwOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnplpikhrwwPcxCwDtRfJnIS/RFcZ
mrhElXziYHRO19AmhjczEDkgjhGMvWVQb2mrwiYNaQPtfBaWfGpluajc3LTd0n6t
gUM9bV3G+x+i/j5QPlBCNXIC7/CIQv9gQVUBuZF168dkQ6zhpCRXpWCudsrCSYX4
YI1KA6psO0+Nlq/BRyvA3X8Zzl9fEZqrDfRXbVGATLUL1+4UScnr0k6bvkdNMeOM
5xwqxCK2YUj1AIL2GynMyvZt8wwghBnDbUeUn79mU4oL5UcqlxejOkSpwvRqRqrS
eg0bkM/vIWX9wRyktyjcgpRoBKFqoa9APyroevtf+c45B2gYUS/alEWCXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFActv3TEdi0hkWWmtlCCdR0wHAnMMB8GA1UdIwQY
MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct
YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0
LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANSp8Ov1Q
P/S9YWLzSZ5DET7kx4YMnFo9M7z+Xzf8ozUuwNVPGWt/macAemj+YMp+ua1P8gua
lzt0l5ShsUehVqHR40J6EujeXru9q327yYvZEUw/dznafHu0uOzzuH9Yp+j0ruvN
NTSnMmkBG099MIVNDeL7A+kC5CBgXCNC4m1Btcfd5Km6L1cKflcQJa31+Ayd4YgD
C2oo1gaPVUweHqKMsyqo3FD9EtcHjr0RKxdUjjxoyzXEvHrJpHkWo9JHvihVz671
YeAEf1Et648b0YvJWP5Lf9OHXs9BEKp7BJlSMyuDlFufoO7pdfZL21UE4nvdMVTu
qI6PhGHJtEBWzQ==
-----END CERTIFICATE-----