Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
File:                     1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft (raw, json)
Hash identifier:          sN/QDxRzuBNIKUwzwCsznbKeFdkX3xflXgycBE92Jxs=
Subject key identifier:   59:00:1D:AF:AA:FA:48:D5:05:B0:95:13:4B:9D:29:DB:F1:EA:1C:1D
Authority key identifier: D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21
Certificate issuer:       /CN=d60ce3443860a7f70d43350776909a4810a48621
Certificate serial:       019EC06DEB5C8CBE0C1D23511C2AC54F4A97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
Manifest number:          0E9F
Signing time:             Sat 13 Jun 2026 10:01:29 +0000
Manifest this update:     Sat 13 Jun 2026 10:01:29 +0000
Manifest next update:     Sun 14 Jun 2026 10:01:29 +0000
Files and hashes:         1: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl (hash: fok6Qv/b60iIQXYswE1H/Z90sB5v9lpySviOCJFFuIQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 10:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6d:eb:5c:8c:be:0c:1d:23:51:1c:2a:c5:4f:4a:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60ce3443860a7f70d43350776909a4810a48621
        Validity
            Not Before: Jun 13 10:01:29 2026 GMT
            Not After : Jun 14 10:01:29 2026 GMT
        Subject: CN=59001dafaafa48d505b095134b9d29dbf1ea1c1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e8:c3:ec:fc:bd:7f:aa:c9:76:48:0b:89:ad:
                    0d:9f:d9:2e:8b:86:0f:cd:95:9f:9d:0e:88:b0:c8:
                    75:ff:d0:6f:69:cd:55:ce:97:64:11:e0:b4:3f:cb:
                    1a:53:1b:be:47:0d:f9:7d:50:c6:81:21:51:bb:f5:
                    81:d5:25:df:57:fb:f5:25:89:e7:30:92:0e:71:fb:
                    64:09:a5:0d:80:c9:30:c2:dc:83:cd:e7:f9:86:9e:
                    27:ac:9a:87:9a:be:51:1e:a1:57:c3:bd:c2:c2:7f:
                    bd:c9:ea:be:c6:2a:c1:7f:d0:8b:ca:59:af:da:f7:
                    e1:f4:29:ce:08:64:20:3f:b3:d9:d3:e3:8a:b8:59:
                    39:1c:40:a1:d1:0c:d0:4a:7e:28:02:29:90:17:3e:
                    34:b0:c6:43:58:fd:0a:88:ac:65:ca:b0:cf:71:34:
                    d3:9b:91:b9:27:13:4a:c5:df:41:c4:fe:6e:87:3d:
                    33:6b:b7:f3:1b:bd:39:b1:12:03:84:72:08:e5:f2:
                    6f:27:cf:b1:fd:7f:08:ed:68:2f:29:4f:aa:dd:ff:
                    d9:5c:76:90:ee:b2:96:c5:1a:0b:5c:5f:6f:e4:a0:
                    27:2d:15:4d:0e:28:14:45:3b:36:98:69:75:ac:f8:
                    16:25:e9:bf:1e:69:86:14:61:9c:05:67:08:aa:6e:
                    60:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:00:1D:AF:AA:FA:48:D5:05:B0:95:13:4B:9D:29:DB:F1:EA:1C:1D
            X509v3 Authority Key Identifier:
                keyid:D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:38:35:bf:28:f0:4c:e9:b0:17:3c:72:7e:e2:66:ae:81:93:
         52:26:a4:32:1b:72:67:f1:75:19:3b:74:9f:94:38:15:9f:f0:
         b6:46:1d:30:f8:6a:11:1c:75:7c:cf:0a:87:60:82:74:d0:d3:
         46:21:d0:94:c2:39:92:0a:e3:8f:c9:f2:76:79:25:f4:26:7f:
         84:a2:b4:a2:5b:f2:62:bf:57:88:63:a7:19:df:b4:17:5f:5e:
         12:23:b4:e4:11:b3:75:b3:a5:8e:a8:70:11:db:ee:fb:7f:e8:
         5b:d4:d3:76:61:07:10:f8:b6:7b:58:fa:78:1f:55:18:84:3e:
         e6:6b:7d:54:01:15:03:c6:20:9f:52:37:80:e2:e7:f4:54:1d:
         0c:e5:2d:61:86:76:b9:6b:c4:64:cc:6d:43:76:be:1b:de:f0:
         d1:89:c9:c7:0c:b5:ce:65:20:36:b5:02:b2:65:05:42:f9:75:
         78:b3:53:91:bb:7a:f9:ed:4b:c6:b5:6b:54:9d:24:56:32:48:
         0c:f2:c6:39:ab:05:15:8d:d2:fb:4f:a6:ef:17:07:11:bd:51:
         62:e6:22:27:21:0c:89:6a:99:56:98:d3:61:76:1b:b4:0c:68:
         4d:ba:84:a8:96:4a:2a:1a:4c:8d:b6:eb:60:62:b7:50:66:44:
         38:c3:36:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbetcjL4MHSNRHCrFT0qXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGNlMzQ0Mzg2MGE3ZjcwZDQzMzUwNzc2OTA5YTQ4MTBh
NDg2MjEwHhcNMjYwNjEzMTAwMTI5WhcNMjYwNjE0MTAwMTI5WjAzMTEwLwYDVQQD
Eyg1OTAwMWRhZmFhZmE0OGQ1MDViMDk1MTM0YjlkMjlkYmYxZWExYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmejD7Py9f6rJdkgLia0Nn9kui4YP
zZWfnQ6IsMh1/9Bvac1VzpdkEeC0P8saUxu+Rw35fVDGgSFRu/WB1SXfV/v1JYnn
MJIOcftkCaUNgMkwwtyDzef5hp4nrJqHmr5RHqFXw73Cwn+9yeq+xirBf9CLylmv
2vfh9CnOCGQgP7PZ0+OKuFk5HECh0QzQSn4oAimQFz40sMZDWP0KiKxlyrDPcTTT
m5G5JxNKxd9BxP5uhz0za7fzG705sRIDhHII5fJvJ8+x/X8I7WgvKU+q3f/ZXHaQ
7rKWxRoLXF9v5KAnLRVNDigURTs2mGl1rPgWJem/HmmGFGGcBWcIqm5gAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkAHa+q+kjVBbCVE0udKdvx6hwdMB8GA1UdIwQY
MBaAFNYM40Q4YKf3DUM1B3aQmkgQpIYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTct
ZGFmZmU1MmI5ZjBkLzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTctZGFmZmU1MmI5ZjBk
LzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfTg1vyjw
TOmwFzxyfuJmroGTUiakMhtyZ/F1GTt0n5Q4FZ/wtkYdMPhqERx1fM8Kh2CCdNDT
RiHQlMI5kgrjj8nydnkl9CZ/hKK0olvyYr9XiGOnGd+0F19eEiO05BGzdbOljqhw
Edvu+3/oW9TTdmEHEPi2e1j6eB9VGIQ+5mt9VAEVA8Ygn1I3gOLn9FQdDOUtYYZ2
uWvEZMxtQ3a+G97w0YnJxwy1zmUgNrUCsmUFQvl1eLNTkbt6+e1LxrVrVJ0kVjJI
DPLGOasFFY3S+0+m7xcHEb1RYuYiJyEMiWqZVpjTYXYbtAxoTbqEqJZKKhpMjbbr
YGK3UGZEOMM2Ew==
-----END CERTIFICATE-----