Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          g9V/e3R2G/3PdLgKqJq8V4vHTfX6z7tIfgjlDo0nko0=
Subject key identifier:   BB:10:C1:44:45:84:63:DB:8B:94:DD:72:C2:13:78:9E:12:CC:46:49
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       019EC0DBC1F73FB5903D8BEE4C1499D46637
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          1691
Signing time:             Sat 13 Jun 2026 12:01:27 +0000
Manifest this update:     Sat 13 Jun 2026 12:01:27 +0000
Manifest next update:     Sun 14 Jun 2026 12:01:27 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: 82sxDmp7WFvcjYnQy0hv9HPueY+resUAHqBkMAbCOr0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 12:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:db:c1:f7:3f:b5:90:3d:8b:ee:4c:14:99:d4:66:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: Jun 13 12:01:27 2026 GMT
            Not After : Jun 14 12:01:27 2026 GMT
        Subject: CN=bb10c144458463db8b94dd72c213789e12cc4649
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:b7:db:1e:7f:d8:07:1d:91:24:e5:55:bd:8d:
                    24:f3:f9:14:75:e9:5d:7d:0b:56:98:1d:4e:52:cc:
                    29:40:a6:db:6f:ad:71:72:a8:9e:a3:93:d0:3b:67:
                    58:0f:88:a5:3b:79:f8:63:d1:b8:a3:0c:33:01:1c:
                    f5:87:06:bd:4d:4e:01:0b:df:87:ff:70:1a:92:dd:
                    a5:65:80:d2:a1:29:c3:c6:f5:5d:e3:16:54:7b:fa:
                    72:cf:35:bc:bd:90:57:76:0f:26:b5:17:f5:49:20:
                    62:e2:3d:91:bb:77:2a:67:29:ac:69:1d:24:07:28:
                    02:ac:3f:94:0f:49:35:aa:b1:03:6c:c1:d0:7c:3f:
                    01:42:97:e7:f4:fe:79:e7:98:30:fe:96:72:40:3d:
                    3b:84:77:fe:86:2f:87:3a:0c:d0:5f:4b:a5:0b:41:
                    c8:4a:a1:53:11:87:06:6f:41:8b:1d:7a:d5:62:67:
                    3f:98:09:ac:61:5a:c7:fc:78:58:a6:c6:0d:73:32:
                    6c:af:29:71:04:e5:58:6c:93:a7:cc:fe:87:8b:eb:
                    d3:6a:ed:b5:4c:c9:ed:e5:76:95:33:2b:d3:02:33:
                    ef:f2:5c:14:19:0f:01:b8:81:f4:7b:16:f5:20:c4:
                    da:01:43:cb:a0:88:88:03:0c:fe:aa:2e:d9:eb:5c:
                    61:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:10:C1:44:45:84:63:DB:8B:94:DD:72:C2:13:78:9E:12:CC:46:49
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:5e:bd:10:88:5c:6e:ea:3e:ce:44:a2:4e:58:c4:0d:29:7e:
         34:e0:95:bc:71:74:d5:81:d1:69:18:dd:6f:1f:e0:3e:bb:68:
         85:cc:6b:37:a9:c5:2e:26:4f:f6:1d:8b:02:90:ba:6b:ac:2f:
         6a:0f:70:f7:89:ca:30:b2:d1:7b:4b:b4:e4:0c:93:9b:99:78:
         21:82:be:e1:cc:fe:dc:66:94:a9:0e:e7:7a:56:e6:bf:7d:f4:
         90:67:05:10:59:9f:04:40:49:d7:d4:02:ce:45:d0:44:ab:6a:
         a3:4c:dd:fd:df:45:0d:16:c5:88:da:90:2b:7d:84:9d:6c:c8:
         ab:4c:59:28:45:5a:ba:6c:9f:50:dc:9e:bb:d2:19:13:ed:70:
         89:d6:bf:a2:1f:72:ca:ec:a9:7c:3f:ba:1f:da:6e:94:ea:4c:
         2e:aa:48:2c:b6:59:51:2b:b4:21:d7:5c:1d:94:62:d5:1f:c4:
         4c:10:3c:78:d5:6d:68:ca:e9:13:65:ad:25:26:91:59:4d:db:
         77:f0:f2:bf:3d:74:07:f8:41:e7:c3:a7:f8:aa:69:b1:7f:3d:
         f1:e7:70:05:00:d2:b0:07:55:ea:05:ea:4b:bd:0e:40:eb:55:
         df:09:9a:5c:a7:3b:3a:2b:9e:30:98:af:87:d0:9f:0d:9f:1e:
         7a:a0:fe:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7A28H3P7WQPYvuTBSZ1GY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjYwNjEzMTIwMTI3WhcNMjYwNjE0MTIwMTI3WjAzMTEwLwYDVQQD
EyhiYjEwYzE0NDQ1ODQ2M2RiOGI5NGRkNzJjMjEzNzg5ZTEyY2M0NjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybfbHn/YBx2RJOVVvY0k8/kUdeld
fQtWmB1OUswpQKbbb61xcqieo5PQO2dYD4ilO3n4Y9G4owwzARz1hwa9TU4BC9+H
/3Aakt2lZYDSoSnDxvVd4xZUe/pyzzW8vZBXdg8mtRf1SSBi4j2Ru3cqZymsaR0k
BygCrD+UD0k1qrEDbMHQfD8BQpfn9P5555gw/pZyQD07hHf+hi+HOgzQX0ulC0HI
SqFTEYcGb0GLHXrVYmc/mAmsYVrH/HhYpsYNczJsrylxBOVYbJOnzP6Hi+vTau21
TMnt5XaVMyvTAjPv8lwUGQ8BuIH0exb1IMTaAUPLoIiIAwz+qi7Z61xh9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsQwURFhGPbi5TdcsITeJ4SzEZJMB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQF69EIhc
buo+zkSiTljEDSl+NOCVvHF01YHRaRjdbx/gPrtohcxrN6nFLiZP9h2LApC6a6wv
ag9w94nKMLLRe0u05AyTm5l4IYK+4cz+3GaUqQ7nelbmv330kGcFEFmfBEBJ19QC
zkXQRKtqo0zd/d9FDRbFiNqQK32EnWzIq0xZKEVaumyfUNyeu9IZE+1wida/oh9y
yuypfD+6H9pulOpMLqpILLZZUSu0IddcHZRi1R/ETBA8eNVtaMrpE2WtJSaRWU3b
d/Dyvz10B/hB58On+KppsX898edwBQDSsAdV6gXqS70OQOtV3wmaXKc7OiueMJiv
h9CfDZ8eeqD+yg==
-----END CERTIFICATE-----