Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
File:                     DZxWoYyYei0aLnBEt-MbMhv3rBY.mft (raw, json)
Hash identifier:          JYT01jQGY7SyrzJUrjQhpsDJRstydxE1SCKh1/04NrM=
Subject key identifier:   2A:5C:8C:9D:8A:FF:84:FA:B0:1C:0C:DB:AB:45:3A:31:EB:C9:FA:EB
Authority key identifier: 0D:9C:56:A1:8C:98:7A:2D:1A:2E:70:44:B7:E3:1B:32:1B:F7:AC:16
Certificate issuer:       /CN=0d9c56a18c987a2d1a2e7044b7e31b321bf7ac16
Certificate serial:       019EC06E4A65858504257D3E3B0CC757014E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
Manifest number:          0AEB
Signing time:             Sat 13 Jun 2026 10:01:53 +0000
Manifest this update:     Sat 13 Jun 2026 10:01:53 +0000
Manifest next update:     Sun 14 Jun 2026 10:01:53 +0000
Files and hashes:         1: DZxWoYyYei0aLnBEt-MbMhv3rBY.crl (hash: EEEyyX1w/g9eqA2Ef2asQhyWM9CY44wdOiowPwgmH6k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 08:43:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c0:6e:4a:65:85:85:04:25:7d:3e:3b:0c:c7:57:01:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d9c56a18c987a2d1a2e7044b7e31b321bf7ac16
        Validity
            Not Before: Jun 13 10:01:53 2026 GMT
            Not After : Jun 14 10:01:53 2026 GMT
        Subject: CN=2a5c8c9d8aff84fab01c0cdbab453a31ebc9faeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:0f:bb:d1:32:1d:ef:6b:ae:74:f2:36:8b:f2:
                    3d:94:35:94:00:20:2b:d5:32:90:f0:f5:30:d5:8a:
                    37:dc:35:3c:8b:b5:df:5c:46:0a:44:52:2d:c6:6e:
                    a3:75:6a:ab:8d:4b:48:9c:7a:96:8e:7d:16:e5:40:
                    21:c0:1d:15:a9:02:e6:a7:14:07:c8:c5:91:1d:8b:
                    ce:45:50:15:82:5e:3d:b6:d0:47:1b:ec:54:7e:6f:
                    b4:e8:f0:4b:b4:22:3e:15:f9:bb:3a:b9:0b:d0:80:
                    2c:86:a5:9b:2c:80:7a:8b:8b:12:4d:39:62:fb:d9:
                    53:b4:d4:94:ab:bc:45:d4:3f:92:e5:9d:e6:64:d2:
                    06:52:a1:e3:17:2a:05:8f:ac:b3:59:57:bb:18:9c:
                    11:8f:fb:41:21:21:c1:14:eb:99:dc:6c:aa:66:fa:
                    c0:64:85:6e:9b:ae:54:f6:83:41:04:4f:f7:79:9a:
                    a8:f0:69:44:b0:74:de:75:87:f8:2f:99:65:b3:a5:
                    19:28:e2:8a:ca:cd:f8:6e:a7:62:d5:76:8c:58:dd:
                    e4:d4:01:3a:08:d4:39:83:57:ea:08:7b:6f:d3:bd:
                    7a:4d:17:ef:c8:65:63:37:ae:95:7a:57:b2:d4:b7:
                    32:00:a9:cd:dc:a5:2c:8d:d3:74:42:2e:23:47:de:
                    12:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:5C:8C:9D:8A:FF:84:FA:B0:1C:0C:DB:AB:45:3A:31:EB:C9:FA:EB
            X509v3 Authority Key Identifier:
                keyid:0D:9C:56:A1:8C:98:7A:2D:1A:2E:70:44:B7:E3:1B:32:1B:F7:AC:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:94:7e:29:04:69:37:13:d2:49:6e:0a:53:4b:a5:27:8c:b9:
         75:f4:59:54:c8:c2:fd:67:1f:dc:e1:8e:b2:bf:f2:84:03:66:
         a6:83:2e:01:97:8a:a6:ec:54:9a:6f:31:f4:27:7c:58:20:52:
         dc:2f:b2:a6:89:55:c4:b6:09:66:59:8c:85:18:c9:89:5b:cc:
         df:9f:62:ac:38:4a:3f:5c:4d:76:49:32:a3:b0:38:2f:91:88:
         6f:1d:72:b5:69:a7:18:74:29:4a:f6:50:02:0f:06:f0:a9:4f:
         7e:09:f0:42:dc:15:18:f2:65:7d:1c:c3:71:c2:fe:c3:67:7e:
         59:52:a2:56:9e:9e:09:1a:5b:6c:6e:72:36:4a:96:55:3c:31:
         21:d2:70:71:a6:05:b8:16:92:44:0f:b3:a5:e7:e1:17:a2:58:
         10:b9:27:a8:13:14:44:33:94:3c:17:0a:63:e1:14:83:5c:fa:
         d4:55:e1:52:35:88:ea:91:de:35:76:fd:16:85:09:27:a0:0e:
         0b:88:08:0d:4a:a7:b6:29:32:de:35:af:cb:98:e8:ff:50:84:
         1e:dd:fb:4f:5a:c1:7f:e7:df:c0:30:0e:3e:15:bf:fa:cf:c2:
         4d:7b:e3:bf:54:1b:a3:4e:76:b0:aa:69:78:86:b1:b9:41:41:
         88:b9:83:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7AbkplhYUEJX0+OwzHVwFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOWM1NmExOGM5ODdhMmQxYTJlNzA0NGI3ZTMxYjMyMWJm
N2FjMTYwHhcNMjYwNjEzMTAwMTUzWhcNMjYwNjE0MTAwMTUzWjAzMTEwLwYDVQQD
EygyYTVjOGM5ZDhhZmY4NGZhYjAxYzBjZGJhYjQ1M2EzMWViYzlmYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxA+70TId72uudPI2i/I9lDWUACAr
1TKQ8PUw1Yo33DU8i7XfXEYKRFItxm6jdWqrjUtInHqWjn0W5UAhwB0VqQLmpxQH
yMWRHYvORVAVgl49ttBHG+xUfm+06PBLtCI+Ffm7OrkL0IAshqWbLIB6i4sSTTli
+9lTtNSUq7xF1D+S5Z3mZNIGUqHjFyoFj6yzWVe7GJwRj/tBISHBFOuZ3GyqZvrA
ZIVum65U9oNBBE/3eZqo8GlEsHTedYf4L5lls6UZKOKKys34bqdi1XaMWN3k1AE6
CNQ5g1fqCHtv0716TRfvyGVjN66Veley1LcyAKnN3KUsjdN0Qi4jR94SdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpcjJ2K/4T6sBwM26tFOjHryfrrMB8GA1UdIwQY
MBaAFA2cVqGMmHotGi5wRLfjGzIb96wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iZDFiOGYtZDA2NS00Y2M3LTlhMWYt
NDVhYjNmNTIwZjAwLzEvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iZDFiOGYtZDA2NS00Y2M3LTlhMWYtNDVhYjNmNTIwZjAw
LzEvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB5R+KQRp
NxPSSW4KU0ulJ4y5dfRZVMjC/Wcf3OGOsr/yhANmpoMuAZeKpuxUmm8x9Cd8WCBS
3C+ypolVxLYJZlmMhRjJiVvM359irDhKP1xNdkkyo7A4L5GIbx1ytWmnGHQpSvZQ
Ag8G8KlPfgnwQtwVGPJlfRzDccL+w2d+WVKiVp6eCRpbbG5yNkqWVTwxIdJwcaYF
uBaSRA+zpefhF6JYELknqBMURDOUPBcKY+EUg1z61FXhUjWI6pHeNXb9FoUJJ6AO
C4gIDUqntiky3jWvy5jo/1CEHt37T1rBf+ffwDAOPhW/+s/CTXvjv1Qbo052sKpp
eIaxuUFBiLmDeQ==
-----END CERTIFICATE-----