Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          gj95MyUZcXz/tSXzVvAYAe+p+ZeoMORtP0gBwm6E1oM=
Subject key identifier:   88:F6:76:71:73:13:D6:64:60:AE:F6:D7:21:AB:17:45:EC:6E:EC:B8
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       019EC06E0114D73BEBFD31CDC94DD3BF2FAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          18E9
Signing time:             Sat 13 Jun 2026 10:01:35 +0000
Manifest this update:     Sat 13 Jun 2026 10:01:35 +0000
Manifest next update:     Sun 14 Jun 2026 10:01:35 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: Sye9aIAfWafmCF7qVZsU6YxL+quLOb1jaWuAWEOXnZs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6e:01:14:d7:3b:eb:fd:31:cd:c9:4d:d3:bf:2f:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Jun 13 10:01:35 2026 GMT
            Not After : Jun 14 10:01:35 2026 GMT
        Subject: CN=88f676717313d66460aef6d721ab1745ec6eecb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4a:a4:00:54:0e:75:ff:d5:ec:a5:39:a8:af:
                    6a:fa:87:c7:7e:23:18:8c:c6:de:2b:79:77:ad:5e:
                    9e:0a:23:35:95:60:c8:c9:53:9e:61:42:09:92:54:
                    32:78:3f:26:5c:c6:b0:96:ac:4f:97:e7:af:f9:6b:
                    bb:b1:b1:94:a4:79:6b:58:86:1d:ce:10:e4:01:0d:
                    e4:97:8f:f1:28:71:2b:9b:f0:02:52:0a:fd:c1:90:
                    02:7e:25:e4:48:06:a8:54:4e:cf:d6:19:e5:a3:2e:
                    d4:d2:28:6b:0a:84:e3:b4:9d:52:da:8c:7a:14:d2:
                    5a:4b:2e:ff:d1:a1:b1:2c:6d:59:19:03:a2:fd:ac:
                    99:7e:58:9b:3e:a0:46:8b:43:f7:87:4c:25:e5:54:
                    22:80:ae:f7:4f:ec:df:ed:72:29:49:14:43:81:73:
                    a6:13:84:db:3c:b6:cd:b0:bb:46:62:9a:c3:93:eb:
                    d9:18:62:51:6b:25:2b:b7:ef:12:cd:b2:20:a4:5e:
                    ed:62:52:db:0e:5b:fb:70:5d:9b:dd:65:7f:1b:87:
                    17:c8:94:3c:8c:bd:98:26:24:e5:b2:ca:dd:bf:3a:
                    99:0a:b4:52:9c:19:55:51:31:f8:ad:12:60:c0:cd:
                    71:6d:6f:95:8c:0f:74:76:5d:67:bf:27:1e:ef:15:
                    4e:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:F6:76:71:73:13:D6:64:60:AE:F6:D7:21:AB:17:45:EC:6E:EC:B8
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:f3:dc:28:dd:87:12:c1:e9:3f:c7:24:68:6b:d2:b5:eb:1c:
         e5:9e:79:53:99:3f:e9:43:05:0d:b3:ac:ea:c8:d4:24:d1:5a:
         5b:07:f7:c7:7a:c3:e0:a4:07:eb:15:92:64:3d:4e:c4:18:60:
         9a:41:24:0b:8b:06:8c:c8:50:06:0f:f3:05:9b:45:c1:6b:d9:
         4c:47:fd:e5:45:96:b0:f2:4e:9f:ef:3e:39:0a:98:49:4a:f3:
         54:ad:2e:39:73:3e:a7:30:91:4b:71:e4:ed:35:98:30:d4:d0:
         6c:94:3b:97:71:7d:be:4e:0a:70:bd:a7:cf:17:e9:87:c8:ff:
         46:26:e5:9a:fb:70:6d:7b:16:78:26:41:c4:3d:cd:c8:51:5e:
         c0:b1:98:7f:69:73:ef:0a:aa:59:89:b8:d0:63:2d:e9:2d:8f:
         e9:84:9a:e4:00:16:76:4f:2f:13:ee:35:09:53:1e:c8:b9:39:
         a4:4b:3b:bb:ad:3c:4d:26:b7:67:05:95:cc:06:6a:90:91:a8:
         37:c8:cb:33:ee:e1:76:03:3f:40:d6:61:0a:86:fe:da:ae:36:
         d5:eb:6f:cf:6c:ec:a9:8d:50:fb:5a:8f:f3:ca:ca:db:e4:6d:
         34:0c:26:51:78:6e:6d:89:aa:0d:e0:60:6b:83:1f:bd:13:3e:
         d9:0c:15:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbgEU1zvr/THNyU3Tvy+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjYwNjEzMTAwMTM1WhcNMjYwNjE0MTAwMTM1WjAzMTEwLwYDVQQD
Eyg4OGY2NzY3MTczMTNkNjY0NjBhZWY2ZDcyMWFiMTc0NWVjNmVlY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkqkAFQOdf/V7KU5qK9q+ofHfiMY
jMbeK3l3rV6eCiM1lWDIyVOeYUIJklQyeD8mXMawlqxPl+ev+Wu7sbGUpHlrWIYd
zhDkAQ3kl4/xKHErm/ACUgr9wZACfiXkSAaoVE7P1hnloy7U0ihrCoTjtJ1S2ox6
FNJaSy7/0aGxLG1ZGQOi/ayZflibPqBGi0P3h0wl5VQigK73T+zf7XIpSRRDgXOm
E4TbPLbNsLtGYprDk+vZGGJRayUrt+8SzbIgpF7tYlLbDlv7cF2b3WV/G4cXyJQ8
jL2YJiTlssrdvzqZCrRSnBlVUTH4rRJgwM1xbW+VjA90dl1nvyce7xVORwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIj2dnFzE9ZkYK721yGrF0Xsbuy4MB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAy/PcKN2H
EsHpP8ckaGvStesc5Z55U5k/6UMFDbOs6sjUJNFaWwf3x3rD4KQH6xWSZD1OxBhg
mkEkC4sGjMhQBg/zBZtFwWvZTEf95UWWsPJOn+8+OQqYSUrzVK0uOXM+pzCRS3Hk
7TWYMNTQbJQ7l3F9vk4KcL2nzxfph8j/RiblmvtwbXsWeCZBxD3NyFFewLGYf2lz
7wqqWYm40GMt6S2P6YSa5AAWdk8vE+41CVMeyLk5pEs7u608TSa3ZwWVzAZqkJGo
N8jLM+7hdgM/QNZhCob+2q421etvz2zsqY1Q+1qP88rK2+RtNAwmUXhubYmqDeBg
a4MfvRM+2QwVjg==
-----END CERTIFICATE-----