Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
File:                     CIAqhiH4eCf9WXI85my1nDj5HyE.mft (raw, json)
Hash identifier:          2Ub1GMZvaIL2nUfg7JTWVm0YNWtkROd9zWKPXK/tlfo=
Subject key identifier:   42:A3:93:2D:CC:6D:AD:9A:02:37:49:02:B7:8F:C6:F2:6D:86:DE:54
Authority key identifier: 08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21
Certificate issuer:       /CN=08802a8621f87827fd59723ce66cb59c38f91f21
Certificate serial:       019EBEED5DF5578F425A398F39783765DB50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
Manifest number:          0CB1
Signing time:             Sat 13 Jun 2026 03:01:27 +0000
Manifest this update:     Sat 13 Jun 2026 03:01:27 +0000
Manifest next update:     Sun 14 Jun 2026 03:01:27 +0000
Files and hashes:         1: CIAqhiH4eCf9WXI85my1nDj5HyE.crl (hash: xUX+bzXTmEFuld+crZFkfyYHwIGD4S72LoP4FVkf5og=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:ed:5d:f5:57:8f:42:5a:39:8f:39:78:37:65:db:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08802a8621f87827fd59723ce66cb59c38f91f21
        Validity
            Not Before: Jun 13 03:01:27 2026 GMT
            Not After : Jun 14 03:01:27 2026 GMT
        Subject: CN=42a3932dcc6dad9a02374902b78fc6f26d86de54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:c6:ec:9f:e1:9b:00:ad:a2:a4:2f:9f:0e:66:
                    01:43:13:a0:8f:64:c2:bd:6f:6a:a7:a6:95:e0:36:
                    12:c9:c7:91:9e:e7:44:f3:1f:f7:94:90:11:d4:74:
                    2f:0e:3e:f7:04:5f:c9:11:fe:27:48:68:99:59:1e:
                    d5:9d:73:06:25:9f:ce:07:49:93:45:6a:75:fb:31:
                    6a:5d:b3:f4:b5:45:29:4a:49:5d:33:34:f7:28:1c:
                    fe:39:66:c1:72:8e:16:19:96:01:0f:d2:e8:69:ad:
                    aa:1a:fa:c7:2d:04:f9:cc:e8:db:9d:a1:fa:a0:ae:
                    59:9e:2f:ed:78:9e:13:95:64:55:23:b6:12:83:06:
                    4e:4e:4f:c8:0c:ae:27:ca:06:b8:27:59:c0:7c:0b:
                    36:92:f5:0c:05:64:5a:c6:6d:bd:26:6c:15:cf:78:
                    32:1f:8f:52:69:30:02:f9:2e:0b:bf:4f:4b:3c:6b:
                    24:fc:9c:15:ea:7c:f7:4e:bd:c5:c7:15:b2:55:a9:
                    b2:50:02:1f:38:4a:e0:43:22:99:36:79:74:25:35:
                    ea:ce:c9:e0:c7:63:ca:b1:34:72:32:16:69:82:31:
                    58:d3:cd:3f:71:6d:14:0d:b6:6b:86:19:d4:5f:b8:
                    55:05:a4:08:3e:ad:f1:35:a0:54:6e:a9:bf:85:78:
                    e9:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:A3:93:2D:CC:6D:AD:9A:02:37:49:02:B7:8F:C6:F2:6D:86:DE:54
            X509v3 Authority Key Identifier:
                keyid:08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:ae:3e:5a:04:bc:c3:af:49:2a:96:f7:77:51:22:66:e5:d0:
         48:f5:a9:52:c9:ef:a0:c1:07:85:c6:bd:b0:f7:8b:78:47:ed:
         eb:d2:81:13:6b:65:24:b1:43:7d:64:ca:b0:de:06:0d:f3:36:
         b7:1d:c5:b2:f3:b5:f9:61:1a:0b:86:60:9e:c8:dd:b1:3f:3d:
         a3:87:9b:51:2c:23:51:a3:8a:33:cb:84:e2:e6:76:82:ee:2a:
         dd:6c:b4:df:ef:40:45:d1:00:07:69:84:ee:29:ef:6e:a9:25:
         a2:7a:d7:4f:5d:b4:c9:91:3a:4b:0f:f1:c6:9e:19:4d:92:20:
         ab:ab:55:99:19:84:3d:cb:ac:d2:9b:9f:2f:d1:af:e9:c7:87:
         71:26:0b:74:53:58:02:73:cd:d8:ef:58:cd:21:66:78:97:78:
         25:00:02:2d:e2:a7:d3:63:6f:1f:27:3b:02:c9:83:70:0a:3f:
         6e:33:28:8d:b6:60:1a:f9:de:cb:c4:35:f2:00:4c:ee:46:8d:
         f1:f9:09:e9:07:e3:53:25:40:f3:90:1b:5c:97:4b:35:1c:1f:
         92:8a:a1:c6:02:a8:e5:55:c4:be:57:ae:bb:2d:ed:c4:cc:c1:
         94:a5:92:9a:9b:88:69:d7:13:82:0b:95:99:56:ab:d5:26:d9:
         67:9d:70:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+7V31V49CWjmPOXg3ZdtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODAyYTg2MjFmODc4MjdmZDU5NzIzY2U2NmNiNTljMzhm
OTFmMjEwHhcNMjYwNjEzMDMwMTI3WhcNMjYwNjE0MDMwMTI3WjAzMTEwLwYDVQQD
Eyg0MmEzOTMyZGNjNmRhZDlhMDIzNzQ5MDJiNzhmYzZmMjZkODZkZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMbsn+GbAK2ipC+fDmYBQxOgj2TC
vW9qp6aV4DYSyceRnudE8x/3lJAR1HQvDj73BF/JEf4nSGiZWR7VnXMGJZ/OB0mT
RWp1+zFqXbP0tUUpSkldMzT3KBz+OWbBco4WGZYBD9Loaa2qGvrHLQT5zOjbnaH6
oK5Zni/teJ4TlWRVI7YSgwZOTk/IDK4nyga4J1nAfAs2kvUMBWRaxm29JmwVz3gy
H49SaTAC+S4Lv09LPGsk/JwV6nz3Tr3FxxWyVamyUAIfOErgQyKZNnl0JTXqzsng
x2PKsTRyMhZpgjFY080/cW0UDbZrhhnUX7hVBaQIPq3xNaBUbqm/hXjp5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKjky3Mba2aAjdJArePxvJtht5UMB8GA1UdIwQY
MBaAFAiAKoYh+Hgn/VlyPOZstZw4+R8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2Et
ZjE2Zjk5NGVjZjQzLzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2EtZjE2Zjk5NGVjZjQz
LzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABq4+WgS8
w69JKpb3d1EiZuXQSPWpUsnvoMEHhca9sPeLeEft69KBE2tlJLFDfWTKsN4GDfM2
tx3FsvO1+WEaC4ZgnsjdsT89o4ebUSwjUaOKM8uE4uZ2gu4q3Wy03+9ARdEAB2mE
7invbqklonrXT120yZE6Sw/xxp4ZTZIgq6tVmRmEPcus0pufL9Gv6ceHcSYLdFNY
AnPN2O9YzSFmeJd4JQACLeKn02NvHyc7AsmDcAo/bjMojbZgGvney8Q18gBM7kaN
8fkJ6QfjUyVA85AbXJdLNRwfkoqhxgKo5VXEvleuuy3txMzBlKWSmpuIadcTgguV
mVar1SbZZ51w8w==
-----END CERTIFICATE-----