Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          DnXc9Kv5KthuRJy69f2J7AZUmiI4AZCzRqP6GRb57O8=
Subject key identifier:   9D:30:F0:58:6D:99:7B:0B:08:55:7B:2F:7A:A2:EA:5B:70:80:7D:A7
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019EBE7F656940A8E7B917B389D22BD34774
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          1422
Signing time:             Sat 13 Jun 2026 01:01:20 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:20 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:20 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: YsYkjMN8KvRrE0h2gh6v5ckfLqBFIYzzOae7wfQP4Co=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:65:69:40:a8:e7:b9:17:b3:89:d2:2b:d3:47:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Jun 13 01:01:20 2026 GMT
            Not After : Jun 14 01:01:20 2026 GMT
        Subject: CN=9d30f0586d997b0b08557b2f7aa2ea5b70807da7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:6d:51:f2:66:33:95:0b:40:26:47:cf:5c:6c:
                    d4:26:49:76:de:b6:dc:a7:31:8a:ed:27:5d:3d:32:
                    86:a7:e7:f9:75:b7:1e:51:8e:d7:45:c5:47:91:a0:
                    5a:36:7d:bc:72:22:81:37:12:c4:99:36:b5:d3:0d:
                    9b:65:ed:73:6c:40:e1:c2:8e:57:e7:75:ed:81:27:
                    1c:c4:b3:7a:e4:ac:28:8c:cd:ea:83:0a:c2:9f:14:
                    44:53:c2:0e:8d:d7:33:5c:aa:4b:99:12:9f:e6:54:
                    c5:59:32:3b:a0:cf:77:55:d1:06:8a:40:a2:7c:91:
                    5c:51:db:04:1e:80:1c:c9:6c:66:49:0e:0d:4b:d9:
                    84:43:ae:14:4c:3e:61:df:ff:6a:8d:f2:21:f6:a7:
                    02:8d:fd:c2:aa:0a:f1:99:c3:03:98:4d:03:7a:d4:
                    44:e8:fa:dd:ad:5b:2f:b8:7c:a6:fb:91:35:73:d3:
                    8a:7a:0c:ef:82:14:54:ce:4f:ef:7c:44:5b:40:53:
                    57:54:64:d9:c5:d2:bd:63:03:dd:e4:09:ee:52:58:
                    c6:ca:67:d4:ea:12:f6:b2:33:f0:43:87:1b:a5:1e:
                    fb:c9:82:5f:91:17:2f:e8:8e:52:63:17:7e:37:25:
                    04:5e:3a:21:74:56:73:bb:7d:bf:85:7c:5a:02:de:
                    0b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:30:F0:58:6D:99:7B:0B:08:55:7B:2F:7A:A2:EA:5B:70:80:7D:A7
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:37:94:55:d0:4d:20:71:07:4d:88:e7:28:87:88:65:a4:dd:
         02:ed:d5:6d:c3:73:e6:04:15:39:54:2e:d3:39:c2:25:c3:3e:
         86:a7:b5:74:bd:f3:33:0b:2f:9b:dd:51:23:e5:b0:1e:ab:45:
         1e:93:47:a4:4a:db:f4:d4:09:c4:08:3f:26:75:54:ec:9d:56:
         12:76:ce:24:6d:5a:c9:e9:44:26:d9:31:8b:3f:82:96:2d:1a:
         bd:77:33:0e:47:30:c4:62:27:bf:e9:62:de:2a:dc:6e:b4:b3:
         32:c0:df:82:71:7a:97:10:92:58:57:c0:6e:1e:65:f7:d6:ce:
         46:4c:17:e9:bc:58:e3:d3:78:08:84:ae:81:ad:b9:e3:cf:11:
         15:59:20:49:02:da:d9:58:b0:13:ee:dc:9b:38:5b:da:2f:17:
         28:11:6c:81:4b:a4:81:59:8c:44:46:11:0f:02:8b:a0:ae:ec:
         aa:62:15:5a:52:4c:05:f3:28:5d:32:32:7f:24:a1:f9:14:25:
         e0:17:12:96:3d:67:b5:1d:bd:18:3e:01:cb:aa:0f:0a:76:33:
         fc:0b:39:94:2b:13:3f:b5:ff:4c:3c:86:4e:de:93:d0:94:83:
         2d:11:e5:ca:09:c0:72:b5:e3:b3:02:fa:62:c3:50:4d:0c:70:
         58:56:3c:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+f2VpQKjnuRezidIr00d0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjYwNjEzMDEwMTIwWhcNMjYwNjE0MDEwMTIwWjAzMTEwLwYDVQQD
Eyg5ZDMwZjA1ODZkOTk3YjBiMDg1NTdiMmY3YWEyZWE1YjcwODA3ZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW1R8mYzlQtAJkfPXGzUJkl23rbc
pzGK7SddPTKGp+f5dbceUY7XRcVHkaBaNn28ciKBNxLEmTa10w2bZe1zbEDhwo5X
53XtgSccxLN65KwojM3qgwrCnxREU8IOjdczXKpLmRKf5lTFWTI7oM93VdEGikCi
fJFcUdsEHoAcyWxmSQ4NS9mEQ64UTD5h3/9qjfIh9qcCjf3CqgrxmcMDmE0DetRE
6PrdrVsvuHym+5E1c9OKegzvghRUzk/vfERbQFNXVGTZxdK9YwPd5AnuUljGymfU
6hL2sjPwQ4cbpR77yYJfkRcv6I5SYxd+NyUEXjohdFZzu32/hXxaAt4LiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0w8FhtmXsLCFV7L3qi6ltwgH2nMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASjeUVdBN
IHEHTYjnKIeIZaTdAu3VbcNz5gQVOVQu0znCJcM+hqe1dL3zMwsvm91RI+WwHqtF
HpNHpErb9NQJxAg/JnVU7J1WEnbOJG1ayelEJtkxiz+Cli0avXczDkcwxGInv+li
3ircbrSzMsDfgnF6lxCSWFfAbh5l99bORkwX6bxY49N4CISuga25488RFVkgSQLa
2ViwE+7cmzhb2i8XKBFsgUukgVmMREYRDwKLoK7sqmIVWlJMBfMoXTIyfySh+RQl
4BcSlj1ntR29GD4By6oPCnYz/As5lCsTP7X/TDyGTt6T0JSDLRHlygnAcrXjswL6
YsNQTQxwWFY8PA==
-----END CERTIFICATE-----