Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          zuacuLXRXhNhlevcsAq8grLm1+XqEDvIUNCLwZSN2Is=
Subject key identifier:   A8:FE:C3:75:46:BB:E2:48:B6:EF:D5:8C:3E:03:61:68:1A:61:83:2F
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       019F19439D862625B50382ECE5B12A23E1F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          0A14
Signing time:             Tue 30 Jun 2026 16:01:29 +0000
Manifest this update:     Tue 30 Jun 2026 16:01:29 +0000
Manifest next update:     Wed 01 Jul 2026 16:01:29 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: QYcdlPReTWvPhSWg2nRXQhCl3+zv2zPfoITVRpgPguo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:43:9d:86:26:25:b5:03:82:ec:e5:b1:2a:23:e1:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Jun 30 16:01:29 2026 GMT
            Not After : Jul  1 16:01:29 2026 GMT
        Subject: CN=a8fec37546bbe248b6efd58c3e0361681a61832f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:d1:98:4e:aa:99:22:38:13:ce:fc:4a:bb:2c:
                    e6:5e:c6:12:f0:5b:da:f1:06:4f:43:08:03:7b:17:
                    89:5e:97:a9:79:05:f1:17:61:00:c2:0d:35:ff:4e:
                    7a:5c:5e:58:fb:62:d0:0a:26:b3:25:2e:01:54:08:
                    70:4b:aa:87:1e:d6:64:45:7d:fb:ea:2b:5a:3f:b8:
                    65:4e:4f:c1:76:be:2c:20:1a:ca:a1:5d:95:5a:92:
                    00:dd:1d:0a:93:81:64:1b:37:c7:7d:9b:5a:56:58:
                    5a:0d:93:86:3e:d5:f3:d5:a0:55:67:f5:1c:70:c6:
                    65:70:79:0e:da:94:87:f9:fa:7c:de:42:71:95:e7:
                    3d:98:9b:b3:0f:66:84:33:33:8c:05:5e:1f:02:0a:
                    91:77:bc:85:f7:47:3a:4f:69:ea:3a:00:eb:8a:6f:
                    8c:95:0e:ec:09:d9:40:5a:01:56:69:b4:d3:ec:bd:
                    a1:c1:4d:a8:68:17:79:af:cf:1f:9c:73:c4:ad:15:
                    b5:84:06:b2:04:76:7a:54:b4:23:27:bc:26:19:7d:
                    39:cb:32:9a:09:04:e1:c4:c6:b2:20:b2:c0:41:6f:
                    d1:79:ac:be:8c:ea:00:2e:01:b2:f7:28:9b:11:6b:
                    fc:43:8b:38:e5:bf:93:89:57:fc:cb:77:66:7d:d5:
                    00:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:FE:C3:75:46:BB:E2:48:B6:EF:D5:8C:3E:03:61:68:1A:61:83:2F
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:d3:3d:e6:79:65:8a:fd:2c:d5:8f:d5:92:e7:0b:1e:d1:61:
         a6:fd:31:d8:f9:ba:52:69:9e:64:35:80:a8:6b:2b:d8:b1:60:
         b3:01:fc:52:5a:9d:a0:aa:1a:22:bb:fe:88:4e:f6:59:86:72:
         07:12:7b:f2:5a:a3:a8:f3:b1:bc:56:37:0a:47:1b:e7:41:f7:
         e6:e4:cb:9a:60:1d:02:cd:53:9c:36:f1:7f:31:fe:ec:b3:b9:
         04:d0:52:19:f9:ed:14:49:93:76:1a:cc:a7:d9:c0:17:54:5f:
         ee:23:a0:9d:51:b3:27:89:67:e3:8b:46:1e:20:0d:96:00:3b:
         ac:55:63:cd:af:4f:4b:27:27:b6:13:d9:77:4f:fb:34:e4:88:
         7b:5a:dd:d4:11:c9:49:c6:d5:f2:e4:39:68:e8:a4:57:44:90:
         db:12:fe:c8:c3:7c:95:a0:6c:3b:f9:be:60:4c:d6:a1:1e:62:
         ea:1a:28:b0:92:cf:14:b4:55:b8:f5:91:d4:6a:e1:47:e4:16:
         f3:d8:b7:2a:30:c5:a7:2e:35:74:b4:08:cd:ce:49:a8:2b:5c:
         cd:74:55:7f:34:21:8a:bb:0c:f5:74:0e:b6:ed:c0:04:03:1b:
         80:77:54:ea:05:cc:af:94:a8:e9:6c:22:e2:46:bb:1a:63:4c:
         8b:1e:3d:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQ52GJiW1A4Ls5bEqI+HwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjYwNjMwMTYwMTI5WhcNMjYwNzAxMTYwMTI5WjAzMTEwLwYDVQQD
EyhhOGZlYzM3NTQ2YmJlMjQ4YjZlZmQ1OGMzZTAzNjE2ODFhNjE4MzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdGYTqqZIjgTzvxKuyzmXsYS8Fva
8QZPQwgDexeJXpepeQXxF2EAwg01/056XF5Y+2LQCiazJS4BVAhwS6qHHtZkRX37
6itaP7hlTk/Bdr4sIBrKoV2VWpIA3R0Kk4FkGzfHfZtaVlhaDZOGPtXz1aBVZ/Uc
cMZlcHkO2pSH+fp83kJxlec9mJuzD2aEMzOMBV4fAgqRd7yF90c6T2nqOgDrim+M
lQ7sCdlAWgFWabTT7L2hwU2oaBd5r88fnHPErRW1hAayBHZ6VLQjJ7wmGX05yzKa
CQThxMayILLAQW/Reay+jOoALgGy9yibEWv8Q4s45b+TiVf8y3dmfdUAkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKj+w3VGu+JItu/VjD4DYWgaYYMvMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR9M95nll
iv0s1Y/VkucLHtFhpv0x2Pm6UmmeZDWAqGsr2LFgswH8UlqdoKoaIrv+iE72WYZy
BxJ78lqjqPOxvFY3Ckcb50H35uTLmmAdAs1TnDbxfzH+7LO5BNBSGfntFEmTdhrM
p9nAF1Rf7iOgnVGzJ4ln44tGHiANlgA7rFVjza9PSycnthPZd0/7NOSIe1rd1BHJ
ScbV8uQ5aOikV0SQ2xL+yMN8laBsO/m+YEzWoR5i6hoosJLPFLRVuPWR1GrhR+QW
89i3KjDFpy41dLQIzc5JqCtczXRVfzQhirsM9XQOtu3ABAMbgHdU6gXMr5So6Wwi
4ka7GmNMix49mQ==
-----END CERTIFICATE-----