Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          umaVVNM/144vrrftjOnfsEceLTV3y5+k9pPOYdwHnpA=
Subject key identifier:   14:2B:9A:34:71:48:9C:F9:04:52:EC:A8:BE:28:0A:F4:23:EA:54:81
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       019EC17FDDDAB9946B0938D94F9B778BACF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          0987
Signing time:             Sat 13 Jun 2026 15:00:42 +0000
Manifest this update:     Sat 13 Jun 2026 15:00:42 +0000
Manifest next update:     Sun 14 Jun 2026 15:00:42 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: 5RMOWxK8JB4ylD8q9bX3nkW+05Qmsth48kk7Z1pGxBg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 10:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c1:7f:dd:da:b9:94:6b:09:38:d9:4f:9b:77:8b:ac:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Jun 13 15:00:42 2026 GMT
            Not After : Jun 14 15:00:42 2026 GMT
        Subject: CN=142b9a3471489cf90452eca8be280af423ea5481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b0:c1:ed:bf:dc:7f:a1:73:31:4b:f6:77:61:
                    48:63:79:06:ff:32:88:12:53:fb:28:6b:9f:8d:4a:
                    66:b3:43:bd:b0:94:6c:1d:49:c3:09:bf:17:37:bc:
                    9c:08:80:57:91:51:4b:28:0d:2b:91:ec:6a:73:49:
                    18:7c:bd:9a:42:5f:7f:c3:39:a1:2c:df:c4:aa:44:
                    32:84:e9:5b:4b:2d:7a:0b:92:d4:c0:f0:33:c6:b9:
                    ed:87:53:6f:09:06:4a:d1:a7:61:70:ef:9e:f1:8b:
                    b4:f2:82:7f:f6:3b:7a:34:26:10:f5:65:24:53:46:
                    0a:bd:77:50:e9:3e:35:20:bc:a0:1a:f1:46:4b:6b:
                    31:db:ac:5c:f1:2d:9b:56:5a:61:a2:2c:63:40:37:
                    aa:ba:56:a1:35:23:43:9a:d1:a6:3e:ad:0a:a9:6b:
                    23:c6:b3:41:33:34:fb:e8:2b:81:0b:6f:cb:b9:fa:
                    9d:31:4a:6b:70:77:3a:d9:a5:13:96:85:69:14:55:
                    e7:27:14:bf:95:7e:7f:33:78:fc:fe:64:e3:63:d6:
                    79:35:af:cb:f3:d2:2f:fd:66:7c:e1:09:d0:39:b0:
                    42:32:b9:50:2f:70:a3:f3:67:c6:1e:59:4e:7a:ba:
                    13:b4:3b:d8:8d:75:00:46:bb:dd:0d:7a:53:0c:c5:
                    77:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:2B:9A:34:71:48:9C:F9:04:52:EC:A8:BE:28:0A:F4:23:EA:54:81
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:5d:94:8a:86:61:3d:44:f6:c3:a6:67:85:2d:8c:e9:07:13:
         6b:34:0d:11:df:bf:e6:f6:fe:52:ad:6e:80:41:12:07:de:d6:
         76:f6:84:f5:d8:0b:a4:3c:de:5e:ea:73:04:2f:b9:39:56:59:
         f9:40:16:7c:14:1e:d2:78:02:b9:51:5a:52:c9:27:cc:00:b5:
         eb:eb:b7:59:a3:6e:6e:28:81:70:d5:44:a2:ea:ae:f0:a9:72:
         d7:09:a1:51:f6:c7:08:cc:1d:02:7b:16:86:f9:b5:fb:8b:e5:
         25:e8:f7:c5:92:71:ae:76:09:29:4d:5b:b0:0d:ad:b1:bc:05:
         f3:fd:0f:0e:76:00:19:60:4c:ed:27:9c:a1:66:a5:2f:ed:71:
         bd:0a:db:01:c4:01:2c:bd:72:ab:e3:6c:49:1a:fe:78:9e:b1:
         b6:c0:3e:f4:27:bf:49:d8:ce:19:c8:75:21:06:63:1b:98:6e:
         49:bd:21:b1:33:d2:bf:ed:88:c2:34:ec:bf:17:b2:ba:d7:26:
         81:66:7e:2a:ad:41:56:d5:70:61:5d:44:59:d8:a5:a9:18:b0:
         43:96:8f:c5:df:2b:89:d7:c1:e5:ad:f3:1c:21:b5:83:44:08:
         80:da:0e:36:02:cd:24:81:e8:74:66:cb:14:3e:db:be:2b:81:
         24:f6:d1:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7Bf93auZRrCTjZT5t3i6z1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjYwNjEzMTUwMDQyWhcNMjYwNjE0MTUwMDQyWjAzMTEwLwYDVQQD
EygxNDJiOWEzNDcxNDg5Y2Y5MDQ1MmVjYThiZTI4MGFmNDIzZWE1NDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbDB7b/cf6FzMUv2d2FIY3kG/zKI
ElP7KGufjUpms0O9sJRsHUnDCb8XN7ycCIBXkVFLKA0rkexqc0kYfL2aQl9/wzmh
LN/EqkQyhOlbSy16C5LUwPAzxrnth1NvCQZK0adhcO+e8Yu08oJ/9jt6NCYQ9WUk
U0YKvXdQ6T41ILygGvFGS2sx26xc8S2bVlphoixjQDequlahNSNDmtGmPq0KqWsj
xrNBMzT76CuBC2/LufqdMUprcHc62aUTloVpFFXnJxS/lX5/M3j8/mTjY9Z5Na/L
89Iv/WZ84QnQObBCMrlQL3Cj82fGHllOeroTtDvYjXUARrvdDXpTDMV3RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQrmjRxSJz5BFLsqL4oCvQj6lSBMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPF2UioZh
PUT2w6ZnhS2M6QcTazQNEd+/5vb+Uq1ugEESB97WdvaE9dgLpDzeXupzBC+5OVZZ
+UAWfBQe0ngCuVFaUsknzAC16+u3WaNubiiBcNVEouqu8Kly1wmhUfbHCMwdAnsW
hvm1+4vlJej3xZJxrnYJKU1bsA2tsbwF8/0PDnYAGWBM7SecoWalL+1xvQrbAcQB
LL1yq+NsSRr+eJ6xtsA+9Ce/SdjOGch1IQZjG5huSb0hsTPSv+2IwjTsvxeyutcm
gWZ+Kq1BVtVwYV1EWdilqRiwQ5aPxd8ridfB5a3zHCG1g0QIgNoONgLNJIHodGbL
FD7bviuBJPbR/Q==
-----END CERTIFICATE-----