Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
File:                     2Gcf4VfnflYoTFTVLi3w1_4609k.mft (raw, json)
Hash identifier:          9Hua8CmaO/Kw0myXiW2l9O+FgdRCV+1dYBJusZQTWtQ=
Subject key identifier:   CD:8C:8B:DF:AE:50:3F:AB:E0:99:D0:C5:91:5B:86:C0:B1:8E:B2:9B
Authority key identifier: D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9
Certificate issuer:       /CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
Certificate serial:       019EBFC881D4078AD81163411263975525E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
Manifest number:          15EB
Signing time:             Sat 13 Jun 2026 07:00:49 +0000
Manifest this update:     Sat 13 Jun 2026 07:00:49 +0000
Manifest next update:     Sun 14 Jun 2026 07:00:49 +0000
Files and hashes:         1: 2Gcf4VfnflYoTFTVLi3w1_4609k.crl (hash: FaTsBetj5ajrXIApnpUh3Hjw0+FsHwZQ7a0h4sIWtRU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 07:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:c8:81:d4:07:8a:d8:11:63:41:12:63:97:55:25:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8671fe157e77e56284c54d52e2df0d7fe3ad3d9
        Validity
            Not Before: Jun 13 07:00:49 2026 GMT
            Not After : Jun 14 07:00:49 2026 GMT
        Subject: CN=cd8c8bdfae503fabe099d0c5915b86c0b18eb29b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:01:fd:ac:1f:ba:9b:e5:77:23:25:52:f8:96:
                    89:4b:fc:db:f1:0b:34:39:7a:57:2e:cf:8d:00:2f:
                    e1:a7:d5:d8:3f:d4:d4:77:db:d2:72:cb:47:14:d5:
                    f0:bf:2d:ea:e8:28:8d:85:8f:72:9a:a7:bd:24:87:
                    3e:ea:f5:3c:2d:41:4f:ff:67:ff:e4:22:08:13:d1:
                    4e:81:2a:a3:cc:1f:0a:e9:86:03:5a:bb:c0:9d:9b:
                    d7:6d:bf:a6:94:54:b1:b6:0e:4b:e3:aa:3a:99:30:
                    fc:e9:6d:0b:0b:15:99:b8:bd:bb:6a:b7:1f:de:7d:
                    bf:14:ac:34:7e:8e:f1:33:e4:11:4a:ba:00:f1:4b:
                    f2:7e:c6:3c:4a:a8:72:98:af:b5:5b:c1:36:b5:87:
                    1d:69:3c:b4:0d:50:13:24:3f:62:aa:4c:61:81:bf:
                    24:b3:c7:fa:79:f3:92:2d:89:09:19:4b:8a:b9:a4:
                    62:91:81:01:e5:f7:f2:e5:98:28:d0:81:4f:24:72:
                    07:81:1b:43:4f:a6:d8:e9:d7:74:e3:29:c7:fa:f4:
                    6d:3d:f7:28:f9:81:6a:88:b8:fa:68:07:8e:79:fd:
                    b1:18:78:9a:70:8f:80:43:d9:be:82:e7:1b:35:a2:
                    e1:a4:25:9d:c9:49:53:25:f4:29:5f:69:b4:d0:a8:
                    38:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:8C:8B:DF:AE:50:3F:AB:E0:99:D0:C5:91:5B:86:C0:B1:8E:B2:9B
            X509v3 Authority Key Identifier:
                keyid:D8:67:1F:E1:57:E7:7E:56:28:4C:54:D5:2E:2D:F0:D7:FE:3A:D3:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Gcf4VfnflYoTFTVLi3w1_4609k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/768b72-2a77-42b9-8b0c-1eabffaaff19/1/2Gcf4VfnflYoTFTVLi3w1_4609k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:90:c6:1e:81:57:a8:fd:34:9b:0d:3a:f7:52:5c:0f:d9:7b:
         19:5c:cf:82:d2:4e:9b:e5:29:a0:43:6a:dc:0c:de:c6:13:39:
         8b:13:2d:c1:a1:8a:31:df:41:71:da:55:b1:57:4e:34:c8:b4:
         f4:b9:1a:5f:52:51:a1:30:1e:ba:3c:b0:b5:24:dc:88:58:4f:
         48:61:3b:31:0a:a0:3c:bc:ed:fa:0b:70:14:13:2d:b5:dc:94:
         6e:5e:26:23:19:a0:d6:07:0e:87:d9:75:aa:a8:8d:34:31:c8:
         91:f3:5b:0a:62:f1:dd:f7:78:9a:b4:fc:ab:40:51:fb:2b:93:
         85:b8:14:de:85:7f:d9:0b:aa:a4:8b:3b:f3:8f:f8:c3:6b:a7:
         6e:34:64:58:c4:b7:46:14:03:48:8c:43:26:98:9a:1b:24:31:
         2b:3c:99:44:5f:90:4e:fe:d7:b3:0c:6e:4d:29:e8:f9:97:e1:
         d3:6c:b6:d2:80:87:5b:76:61:91:b0:6e:65:17:11:aa:5d:44:
         4c:d6:87:7d:6e:d5:40:d7:e1:71:0a:98:d0:14:b2:20:a6:20:
         5f:6c:f4:b4:f3:87:f8:bf:68:b6:0d:dc:af:c2:78:41:b5:a2:
         16:55:59:20:b7:27:8b:56:03:e0:22:39:26:64:5f:cd:0a:85:
         c0:9a:a8:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/yIHUB4rYEWNBEmOXVSXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcxZmUxNTdlNzdlNTYyODRjNTRkNTJlMmRmMGQ3ZmUz
YWQzZDkwHhcNMjYwNjEzMDcwMDQ5WhcNMjYwNjE0MDcwMDQ5WjAzMTEwLwYDVQQD
EyhjZDhjOGJkZmFlNTAzZmFiZTA5OWQwYzU5MTViODZjMGIxOGViMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwH9rB+6m+V3IyVS+JaJS/zb8Qs0
OXpXLs+NAC/hp9XYP9TUd9vScstHFNXwvy3q6CiNhY9ymqe9JIc+6vU8LUFP/2f/
5CIIE9FOgSqjzB8K6YYDWrvAnZvXbb+mlFSxtg5L46o6mTD86W0LCxWZuL27arcf
3n2/FKw0fo7xM+QRSroA8UvyfsY8SqhymK+1W8E2tYcdaTy0DVATJD9iqkxhgb8k
s8f6efOSLYkJGUuKuaRikYEB5ffy5Zgo0IFPJHIHgRtDT6bY6dd04ynH+vRtPfco
+YFqiLj6aAeOef2xGHiacI+AQ9m+gucbNaLhpCWdyUlTJfQpX2m00Kg40wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM2Mi9+uUD+r4JnQxZFbhsCxjrKbMB8GA1UdIwQY
MBaAFNhnH+FX535WKExU1S4t8Nf+OtPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMt
MWVhYmZmYWFmZjE5LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83NjhiNzItMmE3Ny00MmI5LThiMGMtMWVhYmZmYWFmZjE5
LzEvMkdjZjRWZm5mbFlvVEZUVkxpM3cxXzQ2MDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACZDGHoFX
qP00mw0691JcD9l7GVzPgtJOm+UpoENq3AzexhM5ixMtwaGKMd9BcdpVsVdONMi0
9LkaX1JRoTAeujywtSTciFhPSGE7MQqgPLzt+gtwFBMttdyUbl4mIxmg1gcOh9l1
qqiNNDHIkfNbCmLx3fd4mrT8q0BR+yuThbgU3oV/2QuqpIs784/4w2unbjRkWMS3
RhQDSIxDJpiaGyQxKzyZRF+QTv7XswxuTSno+Zfh02y20oCHW3ZhkbBuZRcRql1E
TNaHfW7VQNfhcQqY0BSyIKYgX2z0tPOH+L9otg3cr8J4QbWiFlVZILcni1YD4CI5
JmRfzQqFwJqokA==
-----END CERTIFICATE-----