Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          tQssKiR+FoieOBNkrWZl1LNNWhz2YXyV814QV2lnY5s=
Subject key identifier:   92:87:B8:88:2D:2B:DF:B7:67:F0:9B:3F:96:C6:83:F0:F3:6A:EA:F4
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       019EC2C97178E7463FE9A405FC36709FF649
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          0C32
Signing time:             Sat 13 Jun 2026 21:00:42 +0000
Manifest this update:     Sat 13 Jun 2026 21:00:42 +0000
Manifest next update:     Sun 14 Jun 2026 21:00:42 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: Y0XLlukY57YXWqkb8oAXBiCu3jpme9NUI6Cwzn1qwqA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 17:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c2:c9:71:78:e7:46:3f:e9:a4:05:fc:36:70:9f:f6:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Jun 13 21:00:42 2026 GMT
            Not After : Jun 14 21:00:42 2026 GMT
        Subject: CN=9287b8882d2bdfb767f09b3f96c683f0f36aeaf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:3d:b6:33:dc:c9:51:54:e4:1e:cc:3a:4e:8f:
                    94:75:3c:e7:76:01:f9:29:7c:f7:7f:2d:24:59:21:
                    0c:f7:f8:ed:18:18:13:65:44:3a:e0:8a:73:f6:44:
                    78:f9:a4:e4:8d:dd:9c:9f:ac:6f:77:50:9e:26:ef:
                    9e:ea:c0:ae:50:b0:e9:7a:76:21:79:38:f1:2c:19:
                    97:74:9b:38:38:8a:2d:3f:f5:e2:2f:17:e2:c6:13:
                    fe:91:a5:ee:00:a0:50:30:02:99:12:3d:06:41:ee:
                    5a:5e:49:31:a1:c2:a4:f7:49:bd:c1:59:7a:68:61:
                    8c:5a:f2:6b:e1:ba:3d:de:75:f3:f3:9a:fc:3e:6c:
                    98:49:34:1c:c0:b6:2f:57:db:90:db:fc:1c:6a:4d:
                    9e:1d:8a:e2:b4:09:e2:ab:aa:6c:5e:d1:93:7d:a5:
                    ba:66:61:61:4c:50:20:ee:f1:51:5b:c1:d9:f8:d9:
                    e4:9c:de:16:25:88:c9:f0:bc:bd:13:4c:89:19:55:
                    eb:0c:9e:c1:f6:b4:cf:a4:b1:5e:7b:04:6c:bc:d9:
                    04:c2:0c:bd:bf:d0:7d:0c:c2:f4:2b:f0:48:a8:26:
                    ee:56:9e:98:4d:8d:ee:f1:aa:20:64:4f:cf:b6:cd:
                    c3:95:f2:35:97:57:25:ec:8a:5a:5a:c2:dc:78:9a:
                    ac:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:87:B8:88:2D:2B:DF:B7:67:F0:9B:3F:96:C6:83:F0:F3:6A:EA:F4
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:f9:69:27:e2:63:9f:20:e4:12:7c:75:3d:3b:84:85:73:c7:
         41:73:7f:e2:34:1b:f7:b7:9e:85:99:91:6a:3a:9c:2b:29:b9:
         9a:41:92:f9:0d:94:56:83:18:92:5f:8f:59:77:64:6d:48:c0:
         a4:67:a8:13:e5:50:3d:71:c5:ec:4b:f7:59:cc:7f:09:af:6b:
         65:be:dd:be:31:18:df:96:30:25:ed:2e:2a:69:62:71:ce:1b:
         be:f3:c9:f8:6b:c7:8b:9f:6c:45:6a:0f:b7:89:33:57:b1:47:
         26:f5:b2:ca:58:64:df:0d:49:e2:be:1a:19:d1:2d:e6:d1:5f:
         78:7f:fa:59:42:ee:d7:c2:41:99:b9:ea:93:87:dc:53:f3:92:
         55:34:6d:2d:07:56:11:d8:e2:d4:96:09:21:00:a7:13:4a:ad:
         19:4b:de:65:c3:20:2e:53:ce:9b:19:98:10:de:5c:2c:89:b0:
         32:98:14:46:12:1b:27:e9:20:ef:23:00:c8:31:81:02:03:e0:
         a1:15:be:f9:a2:b7:7c:79:67:cd:04:d7:c9:7a:6a:32:ea:28:
         a5:4b:f0:02:8e:b3:a5:18:a1:02:41:d7:98:39:b9:fc:94:ba:
         ae:3a:f8:48:d2:9d:05:79:3a:34:8d:41:ef:e2:a3:59:a6:fb:
         41:35:f4:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7CyXF450Y/6aQF/DZwn/ZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjYwNjEzMjEwMDQyWhcNMjYwNjE0MjEwMDQyWjAzMTEwLwYDVQQD
Eyg5Mjg3Yjg4ODJkMmJkZmI3NjdmMDliM2Y5NmM2ODNmMGYzNmFlYWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz22M9zJUVTkHsw6To+UdTzndgH5
KXz3fy0kWSEM9/jtGBgTZUQ64Ipz9kR4+aTkjd2cn6xvd1CeJu+e6sCuULDpenYh
eTjxLBmXdJs4OIotP/XiLxfixhP+kaXuAKBQMAKZEj0GQe5aXkkxocKk90m9wVl6
aGGMWvJr4bo93nXz85r8PmyYSTQcwLYvV9uQ2/wcak2eHYritAniq6psXtGTfaW6
ZmFhTFAg7vFRW8HZ+NnknN4WJYjJ8Ly9E0yJGVXrDJ7B9rTPpLFeewRsvNkEwgy9
v9B9DML0K/BIqCbuVp6YTY3u8aogZE/Pts3DlfI1l1cl7IpaWsLceJqsGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKHuIgtK9+3Z/CbP5bGg/Dzaur0MB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQflpJ+Jj
nyDkEnx1PTuEhXPHQXN/4jQb97eehZmRajqcKym5mkGS+Q2UVoMYkl+PWXdkbUjA
pGeoE+VQPXHF7Ev3Wcx/Ca9rZb7dvjEY35YwJe0uKmlicc4bvvPJ+GvHi59sRWoP
t4kzV7FHJvWyylhk3w1J4r4aGdEt5tFfeH/6WULu18JBmbnqk4fcU/OSVTRtLQdW
Edji1JYJIQCnE0qtGUveZcMgLlPOmxmYEN5cLImwMpgURhIbJ+kg7yMAyDGBAgPg
oRW++aK3fHlnzQTXyXpqMuoopUvwAo6zpRihAkHXmDm5/JS6rjr4SNKdBXk6NI1B
7+KjWab7QTX0IA==
-----END CERTIFICATE-----