Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          PsZ6OfyzXPydmgPBNHA5zL9nCV8UUOMjmuxcb+avUGc=
Subject key identifier:   D0:D5:CE:82:49:F3:40:B9:3A:CD:1C:30:18:49:F2:C6:3D:0C:9B:E2
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019EC1B6CE11E1F15A2DD0046D02124B0D67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          128C
Signing time:             Sat 13 Jun 2026 16:00:43 +0000
Manifest this update:     Sat 13 Jun 2026 16:00:43 +0000
Manifest next update:     Sun 14 Jun 2026 16:00:43 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: ok6S4qGWHESUvfZ/mWjanYkmX972fXnpISgpKpKN9AU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 10:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c1:b6:ce:11:e1:f1:5a:2d:d0:04:6d:02:12:4b:0d:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Jun 13 16:00:43 2026 GMT
            Not After : Jun 14 16:00:43 2026 GMT
        Subject: CN=d0d5ce8249f340b93acd1c301849f2c63d0c9be2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:6e:58:9b:69:92:5a:ad:5d:8d:72:cf:96:c5:
                    78:a0:ae:1b:cd:cf:eb:56:6f:e1:1e:25:8b:90:b2:
                    cb:74:12:dd:cd:17:94:5f:66:ef:7c:07:04:ae:2f:
                    67:70:45:12:b2:be:b1:2a:38:be:05:79:5e:59:74:
                    14:1f:9b:72:5f:5e:2d:01:47:a3:1b:40:84:dc:2e:
                    2c:cd:f9:d6:c7:c2:44:ae:07:ab:66:9f:1c:cc:cd:
                    03:12:61:3e:b1:bf:58:aa:3a:70:da:08:b3:54:b3:
                    28:8f:5c:b5:96:ca:29:32:94:62:ce:d5:7f:9f:36:
                    b0:68:74:4c:b6:3b:e7:65:8f:48:92:ce:1a:38:c0:
                    29:70:0f:2e:28:8e:65:3c:8a:66:82:d2:50:8e:88:
                    9b:4a:c3:8a:72:1c:23:37:18:2a:5f:89:d9:e3:64:
                    d8:11:a7:7f:2d:18:d2:7c:76:c4:2f:f4:05:7e:4b:
                    0b:40:39:d3:fe:c5:9a:81:07:f0:60:ea:5c:ff:cc:
                    6f:a3:fa:3f:b1:a7:2f:24:1e:41:8d:62:d4:fa:26:
                    66:d5:a3:31:51:7a:dc:aa:5e:e2:b3:8c:f1:be:12:
                    26:16:9d:d7:51:86:93:01:7f:04:7c:6d:68:6d:1e:
                    ba:79:46:1c:31:3f:4d:32:f3:17:59:00:75:e6:d1:
                    73:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:D5:CE:82:49:F3:40:B9:3A:CD:1C:30:18:49:F2:C6:3D:0C:9B:E2
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:06:5a:db:72:98:76:1b:bb:16:cd:84:63:3a:0d:dd:e6:a6:
         89:e4:51:96:bc:21:8b:f7:4d:54:34:7c:68:16:5f:88:85:2a:
         94:4b:af:bc:89:55:8f:7a:5e:c7:74:a2:95:bd:9b:62:9e:c7:
         e3:c3:01:c1:b5:ea:54:f6:e3:ad:35:be:9d:b7:9a:7e:03:7e:
         42:47:43:ca:ee:4d:7e:ed:f5:5e:3a:36:d7:cd:6e:29:96:62:
         2a:09:78:4f:76:ff:e1:88:ff:29:c3:9b:aa:90:1f:51:7f:ff:
         38:f7:e6:d2:58:6d:74:41:35:c8:6e:b6:fe:71:dc:66:d5:47:
         91:00:a6:de:a8:07:d9:cb:03:e5:23:bb:b5:f3:25:1d:a9:1e:
         b0:10:be:34:1f:7f:a0:c9:e7:a8:06:2f:2d:ca:a0:75:a1:bf:
         78:ca:f6:72:98:e1:50:7f:bf:00:08:a8:15:75:da:46:b2:dd:
         76:b8:3a:7f:4d:75:8a:21:02:7f:a7:79:9f:ef:ee:b6:3f:77:
         d3:1d:12:84:b0:55:32:15:15:87:37:62:4e:25:8f:f5:eb:cb:
         5f:a1:3d:94:79:36:ff:78:6a:1b:f6:0a:f3:b8:69:ce:7e:22:
         ce:6e:9f:9a:4b:21:8b:1e:3b:63:76:ab:f3:6f:ab:8d:4d:6e:
         33:ad:e3:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7Bts4R4fFaLdAEbQISSw1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjYwNjEzMTYwMDQzWhcNMjYwNjE0MTYwMDQzWjAzMTEwLwYDVQQD
EyhkMGQ1Y2U4MjQ5ZjM0MGI5M2FjZDFjMzAxODQ5ZjJjNjNkMGM5YmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqW5Ym2mSWq1djXLPlsV4oK4bzc/r
Vm/hHiWLkLLLdBLdzReUX2bvfAcEri9ncEUSsr6xKji+BXleWXQUH5tyX14tAUej
G0CE3C4szfnWx8JErgerZp8czM0DEmE+sb9Yqjpw2gizVLMoj1y1lsopMpRiztV/
nzawaHRMtjvnZY9Iks4aOMApcA8uKI5lPIpmgtJQjoibSsOKchwjNxgqX4nZ42TY
Ead/LRjSfHbEL/QFfksLQDnT/sWagQfwYOpc/8xvo/o/sacvJB5BjWLU+iZm1aMx
UXrcql7is4zxvhImFp3XUYaTAX8EfG1obR66eUYcMT9NMvMXWQB15tFz2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDVzoJJ80C5Os0cMBhJ8sY9DJviMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnAZa23KY
dhu7Fs2EYzoN3eamieRRlrwhi/dNVDR8aBZfiIUqlEuvvIlVj3pex3Silb2bYp7H
48MBwbXqVPbjrTW+nbeafgN+QkdDyu5Nfu31Xjo2181uKZZiKgl4T3b/4Yj/KcOb
qpAfUX//OPfm0lhtdEE1yG62/nHcZtVHkQCm3qgH2csD5SO7tfMlHakesBC+NB9/
oMnnqAYvLcqgdaG/eMr2cpjhUH+/AAioFXXaRrLddrg6f011iiECf6d5n+/utj93
0x0ShLBVMhUVhzdiTiWP9evLX6E9lHk2/3hqG/YK87hpzn4izm6fmkshix47Y3ar
82+rjU1uM63jWg==
-----END CERTIFICATE-----