Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          z8Bk0+2529+t+YgE9XvD7aWkYpUYQ7O1IglMXlxgv24=
Subject key identifier:   AA:20:BE:B0:D7:CF:BE:13:A9:91:36:13:E7:41:62:57:07:52:68:79
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       019F1943BC1CCE9F61D3D6A58EA1AEB0C9EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          1069
Signing time:             Tue 30 Jun 2026 16:01:37 +0000
Manifest this update:     Tue 30 Jun 2026 16:01:37 +0000
Manifest next update:     Wed 01 Jul 2026 16:01:37 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: YDfh0ek/aSICPLBHD61FP7jl/5cLRugQ1u420/+UIhw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:43:bc:1c:ce:9f:61:d3:d6:a5:8e:a1:ae:b0:c9:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: Jun 30 16:01:37 2026 GMT
            Not After : Jul  1 16:01:37 2026 GMT
        Subject: CN=aa20beb0d7cfbe13a9913613e741625707526879
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:4a:52:b8:b6:e4:bf:98:75:b8:c1:49:7e:f7:
                    f3:40:e0:bf:f6:cc:af:99:45:51:f2:b6:d0:25:af:
                    9b:a5:e9:97:14:15:80:17:a5:c6:db:2e:a4:73:cf:
                    7a:7a:b5:b1:29:cf:04:96:5f:f6:00:b3:c6:1b:83:
                    18:e2:f2:7d:b4:e1:88:ff:45:e6:f0:eb:16:af:27:
                    d1:79:f2:d7:2a:fe:ac:4e:9b:2e:0f:0e:5e:c2:af:
                    33:78:b7:79:88:ef:31:11:2d:55:91:79:03:dd:f1:
                    f8:5f:3d:8f:4c:09:81:46:e3:aa:82:b2:e3:84:ad:
                    0f:4e:b6:50:5c:e1:75:2d:61:a9:fc:73:78:34:2e:
                    4b:f8:ef:c3:8e:24:ec:64:49:ee:42:28:eb:0e:f3:
                    2f:c8:fa:ed:2f:92:8d:4c:51:01:71:8f:02:a3:b3:
                    4c:48:d4:34:70:be:a6:0e:8d:8e:0c:82:c5:b3:8e:
                    8c:bb:97:4f:27:ed:cc:8e:3e:c4:27:a2:56:13:d4:
                    dc:a4:30:e9:29:11:df:7d:e9:91:fa:37:e8:ee:6d:
                    c8:94:e3:73:2c:78:eb:12:c6:94:ed:c2:2f:78:99:
                    a2:e4:ea:0f:56:3f:2d:0d:3a:91:ad:17:db:09:db:
                    e7:a6:9a:2e:0e:f2:e5:81:99:e3:d8:f9:4e:9d:1d:
                    9d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:20:BE:B0:D7:CF:BE:13:A9:91:36:13:E7:41:62:57:07:52:68:79
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:b7:ed:93:c8:e1:a4:40:db:f0:3a:c0:3e:f3:ee:f4:dc:72:
         bf:60:dc:93:5b:8f:4f:de:3a:b2:7d:df:f1:3b:d3:83:e4:f4:
         0d:58:dc:d6:fa:98:66:d3:8c:c1:23:11:e1:69:75:a4:7f:90:
         25:a2:a3:15:fd:e2:29:7b:bb:80:76:54:64:8e:0f:92:3a:7b:
         9b:da:05:cd:82:a1:21:45:7d:e0:8d:f4:2d:b6:c9:f9:17:52:
         ed:cd:2a:cf:7d:b0:49:1a:47:11:d4:bf:c6:bd:71:83:f9:b7:
         1e:80:22:6a:b3:d8:02:29:10:d0:c4:99:ad:c3:5e:8c:99:64:
         81:5d:23:c7:35:5b:59:50:a1:81:c4:0a:f9:88:03:53:f2:bf:
         f2:b4:eb:cf:28:29:5f:6b:96:43:80:bb:10:02:14:14:09:e8:
         60:2f:4e:b2:f9:26:31:28:be:5e:aa:ee:d6:6a:d8:5f:6c:0c:
         65:eb:6c:4b:0f:69:d8:68:a3:ec:ab:b9:85:44:29:fc:ae:bc:
         3f:25:a2:ec:8e:1e:33:8a:90:50:c8:40:ff:79:e6:74:f1:c1:
         f4:ba:62:b6:b7:08:32:b4:29:74:d0:3c:b9:fd:7d:41:74:de:
         ab:7d:a6:e5:8a:fb:1e:0c:7c:18:b3:b7:47:10:62:5b:21:ff:
         3c:d6:69:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQ7wczp9h09aljqGusMnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjYwNjMwMTYwMTM3WhcNMjYwNzAxMTYwMTM3WjAzMTEwLwYDVQQD
EyhhYTIwYmViMGQ3Y2ZiZTEzYTk5MTM2MTNlNzQxNjI1NzA3NTI2ODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0pSuLbkv5h1uMFJfvfzQOC/9syv
mUVR8rbQJa+bpemXFBWAF6XG2y6kc896erWxKc8Ell/2ALPGG4MY4vJ9tOGI/0Xm
8OsWryfRefLXKv6sTpsuDw5ewq8zeLd5iO8xES1VkXkD3fH4Xz2PTAmBRuOqgrLj
hK0PTrZQXOF1LWGp/HN4NC5L+O/DjiTsZEnuQijrDvMvyPrtL5KNTFEBcY8Co7NM
SNQ0cL6mDo2ODILFs46Mu5dPJ+3Mjj7EJ6JWE9TcpDDpKRHffemR+jfo7m3IlONz
LHjrEsaU7cIveJmi5OoPVj8tDTqRrRfbCdvnppouDvLlgZnj2PlOnR2dzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKogvrDXz74TqZE2E+dBYlcHUmh5MB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACLftk8jh
pEDb8DrAPvPu9Nxyv2Dck1uPT946sn3f8TvTg+T0DVjc1vqYZtOMwSMR4Wl1pH+Q
JaKjFf3iKXu7gHZUZI4Pkjp7m9oFzYKhIUV94I30LbbJ+RdS7c0qz32wSRpHEdS/
xr1xg/m3HoAiarPYAikQ0MSZrcNejJlkgV0jxzVbWVChgcQK+YgDU/K/8rTrzygp
X2uWQ4C7EAIUFAnoYC9OsvkmMSi+Xqru1mrYX2wMZetsSw9p2Gij7Ku5hUQp/K68
PyWi7I4eM4qQUMhA/3nmdPHB9LpitrcIMrQpdNA8uf19QXTeq32m5Yr7Hgx8GLO3
RxBiWyH/PNZpuQ==
-----END CERTIFICATE-----