Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File:                     D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier:          KqHIuQOe/IRB+goYHsFFYjGUUvyZWI/Lb550uNHO7IU=
Subject key identifier:   02:20:11:32:15:70:28:38:00:BA:2C:F5:DB:13:DD:9B:F8:4C:78:F0
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer:       /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial:       019EBF238103DB68E0F1CA604323F6D96BC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number:          0A3E
Signing time:             Sat 13 Jun 2026 04:00:35 +0000
Manifest this update:     Sat 13 Jun 2026 04:00:35 +0000
Manifest next update:     Sun 14 Jun 2026 04:00:35 +0000
Files and hashes:         1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: yak3d+/iHVwA83PMyuzAGPL0BL5TcSZ51qTJ839bjDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:23:81:03:db:68:e0:f1:ca:60:43:23:f6:d9:6b:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
        Validity
            Not Before: Jun 13 04:00:35 2026 GMT
            Not After : Jun 14 04:00:35 2026 GMT
        Subject: CN=022011321570283800ba2cf5db13dd9bf84c78f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:4e:63:68:42:68:f0:59:0e:37:35:f5:35:e4:
                    d9:1b:3d:0e:17:75:e6:9b:93:5f:19:fe:d3:b8:3d:
                    c2:5f:dd:58:02:b1:d9:ce:1f:62:73:2e:c9:e8:ff:
                    af:d1:fa:9c:2d:66:22:95:44:e0:9b:2e:b6:19:09:
                    c9:45:a7:f0:0a:17:0a:13:31:82:0e:f8:67:50:16:
                    1f:97:02:c6:9c:f0:ae:08:35:61:a8:89:52:38:72:
                    8f:43:2c:94:b2:56:7f:e9:db:8c:1b:5d:8f:7d:d3:
                    44:80:50:0b:88:72:cb:09:22:33:82:ba:3d:30:2e:
                    c0:19:66:0c:12:d5:55:fb:4d:3d:a9:ba:f6:b5:cc:
                    e8:96:52:80:91:2f:26:60:d3:28:3a:cd:b3:43:2e:
                    62:eb:e9:83:1d:ed:90:c8:b2:71:3a:a9:5b:6c:61:
                    ec:cc:e1:52:13:4c:fb:76:c7:8c:d2:07:f6:3d:86:
                    99:bf:bd:b5:04:9d:e5:87:ae:2e:33:3b:be:72:f3:
                    8f:c9:e3:f8:75:3b:50:48:2d:4c:f4:50:44:cf:cc:
                    aa:2e:cf:fa:9c:15:c8:be:4c:ce:aa:20:01:53:03:
                    88:72:57:ca:38:3d:6b:e7:35:62:1c:95:b7:0f:f8:
                    b0:2b:d5:f5:e2:67:f5:cf:30:26:d6:bf:14:2a:bb:
                    75:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:20:11:32:15:70:28:38:00:BA:2C:F5:DB:13:DD:9B:F8:4C:78:F0
            X509v3 Authority Key Identifier:
                keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:50:78:df:03:13:3b:93:32:00:75:ac:2b:5a:ec:0e:61:f6:
         e4:f3:09:9c:7f:49:c0:d4:34:47:83:57:f9:e4:0d:bf:65:6c:
         f4:ca:13:99:dc:bb:97:63:29:39:ac:40:e7:ee:d9:19:7d:40:
         cb:75:3c:db:ba:2d:92:f8:bc:46:45:49:94:fb:83:99:46:20:
         63:50:04:11:e1:5d:ce:77:2f:7f:9a:7c:62:de:1f:a5:7d:c8:
         22:66:f4:d9:3b:43:98:e3:2a:9e:4b:4e:ad:a5:d0:fe:4b:34:
         38:e6:75:a1:e3:35:6c:72:4e:c6:ef:01:53:93:a3:41:98:09:
         6a:70:da:12:ab:a4:19:e0:b1:95:d5:5c:a2:de:6f:52:a7:b0:
         68:46:9f:52:07:ae:86:34:e7:92:fb:71:07:91:09:48:40:ce:
         2d:85:5d:7a:d1:61:9b:99:80:59:5f:f8:56:42:22:6b:e4:25:
         c7:e2:da:bd:0d:48:d5:83:e5:c5:95:fb:28:97:08:26:5f:74:
         12:30:8c:64:40:df:d9:f5:e5:1f:a6:4c:bc:5b:a6:5b:17:dd:
         3c:c9:fb:b6:6b:01:0c:22:26:49:9f:a7:78:9b:0f:c0:3c:35:
         7c:20:88:e5:a5:d2:10:eb:fa:ba:25:8c:39:65:fb:a0:a6:1a:
         a0:d6:d9:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/I4ED22jg8cpgQyP22WvJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjYwNjEzMDQwMDM1WhcNMjYwNjE0MDQwMDM1WjAzMTEwLwYDVQQD
EygwMjIwMTEzMjE1NzAyODM4MDBiYTJjZjVkYjEzZGQ5YmY4NGM3OGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU5jaEJo8FkONzX1NeTZGz0OF3Xm
m5NfGf7TuD3CX91YArHZzh9icy7J6P+v0fqcLWYilUTgmy62GQnJRafwChcKEzGC
DvhnUBYflwLGnPCuCDVhqIlSOHKPQyyUslZ/6duMG12PfdNEgFALiHLLCSIzgro9
MC7AGWYMEtVV+009qbr2tczollKAkS8mYNMoOs2zQy5i6+mDHe2QyLJxOqlbbGHs
zOFSE0z7dseM0gf2PYaZv721BJ3lh64uMzu+cvOPyeP4dTtQSC1M9FBEz8yqLs/6
nBXIvkzOqiABUwOIclfKOD1r5zViHJW3D/iwK9X14mf1zzAm1r8UKrt1wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIgETIVcCg4ALos9dsT3Zv4THjwMB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn1B43wMT
O5MyAHWsK1rsDmH25PMJnH9JwNQ0R4NX+eQNv2Vs9MoTmdy7l2MpOaxA5+7ZGX1A
y3U827otkvi8RkVJlPuDmUYgY1AEEeFdzncvf5p8Yt4fpX3IImb02TtDmOMqnktO
raXQ/ks0OOZ1oeM1bHJOxu8BU5OjQZgJanDaEqukGeCxldVcot5vUqewaEafUgeu
hjTnkvtxB5EJSEDOLYVdetFhm5mAWV/4VkIia+Qlx+LavQ1I1YPlxZX7KJcIJl90
EjCMZEDf2fXlH6ZMvFumWxfdPMn7tmsBDCImSZ+neJsPwDw1fCCI5aXSEOv6uiWM
OWX7oKYaoNbZJw==
-----END CERTIFICATE-----