Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          KGvAxhpBB/TJRUQAHI04USijm3mi3SZOuoQ3MoIwz1w=
Subject key identifier:   60:8F:2C:84:22:74:AE:C1:8A:D2:0D:E1:9E:B2:58:AB:B2:14:FB:38
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       019F1830A5220E5BD56C4ADC4832C951AAA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          1067
Signing time:             Tue 30 Jun 2026 11:01:08 +0000
Manifest this update:     Tue 30 Jun 2026 11:01:08 +0000
Manifest next update:     Wed 01 Jul 2026 11:01:08 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: 1c4wBb9bsBs8STIwtPP83dFGaJYtuKngzy7bM0s1gDE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 11:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:30:a5:22:0e:5b:d5:6c:4a:dc:48:32:c9:51:aa:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Jun 30 11:01:08 2026 GMT
            Not After : Jul  1 11:01:08 2026 GMT
        Subject: CN=608f2c842274aec18ad20de19eb258abb214fb38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a1:ab:19:ff:3d:37:03:45:0e:0f:38:73:dc:
                    1f:74:4e:44:d9:ec:b2:d6:2b:f4:10:7e:4d:80:27:
                    38:f0:ab:86:dd:40:a7:ee:18:0a:44:e5:d8:02:8d:
                    c2:46:74:a3:f5:e0:a6:2e:86:3b:03:20:cd:e8:77:
                    95:d4:c9:11:32:66:77:63:bc:af:12:d0:1e:e8:4d:
                    a3:7d:9b:e2:9b:c2:dd:32:59:fb:6a:e2:f4:91:16:
                    01:9e:cc:9c:fb:27:9c:9e:d9:81:32:7a:ac:16:f2:
                    bf:50:35:9f:00:8a:9e:5d:46:6d:6c:76:87:4c:17:
                    75:ab:d5:c4:03:29:59:3c:64:d9:f0:dc:ac:dd:72:
                    58:76:7c:97:f0:50:65:ab:e8:d8:d3:e6:81:b2:34:
                    5f:15:2f:92:d9:22:7f:5e:fd:7a:01:11:83:65:ef:
                    c7:a4:bb:bf:36:d1:8e:1b:7c:e3:a0:f1:02:66:1b:
                    71:d8:49:d7:a5:a9:b9:3b:ab:22:fa:ea:49:b7:24:
                    da:f9:fc:59:1f:2c:11:30:49:ff:9c:fa:8b:e9:b8:
                    23:be:98:34:8c:1e:be:ba:28:df:cb:ac:6b:7b:84:
                    ee:22:12:58:ee:ae:98:f5:bb:f3:59:e0:f1:ec:5e:
                    5b:26:aa:ff:7c:80:4d:82:3c:a2:08:2c:07:68:13:
                    db:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:8F:2C:84:22:74:AE:C1:8A:D2:0D:E1:9E:B2:58:AB:B2:14:FB:38
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:86:74:88:7b:ab:ee:ba:dd:45:12:cd:18:bb:1c:45:07:ad:
         8c:13:6f:ae:ad:0d:c8:e6:2d:a6:4e:1b:5b:c7:21:57:c9:5d:
         db:fe:fb:1c:09:86:3f:0b:b9:a9:67:24:3a:b6:d0:d4:7d:58:
         8a:7b:db:da:c9:d6:5d:ea:29:49:79:5f:6d:21:23:85:14:f3:
         5d:88:be:b4:3f:e9:7c:f1:03:6b:7e:7c:a3:31:51:f2:5d:a6:
         b0:a5:6d:91:eb:6d:58:d4:50:05:d7:04:0c:9f:1b:d8:98:57:
         c4:c6:7b:d5:3d:11:0d:5f:62:f8:68:e6:61:55:4f:bd:e6:54:
         7e:a7:20:c2:45:01:03:fb:51:4e:e5:91:3b:36:a8:b0:4e:50:
         4e:34:48:3f:13:48:89:40:7c:b2:c2:39:0c:70:6c:f0:5c:4d:
         0a:71:11:17:99:01:93:6a:ae:4e:bd:4a:30:de:ff:a2:f0:3e:
         92:98:05:63:c2:9a:39:b5:35:85:e0:f5:3b:15:9d:9e:09:3b:
         85:be:ba:da:64:6b:00:78:4b:29:8e:78:6d:9f:99:55:b3:cd:
         8c:be:e3:e3:6c:d0:f3:a6:b6:d7:2d:0f:80:09:8d:1f:68:4f:
         c3:1e:4f:d3:8e:a6:1d:cb:c0:33:ce:f1:b5:f6:9a:e6:2a:85:
         97:8c:f5:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8YMKUiDlvVbErcSDLJUaqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjYwNjMwMTEwMTA4WhcNMjYwNzAxMTEwMTA4WjAzMTEwLwYDVQQD
Eyg2MDhmMmM4NDIyNzRhZWMxOGFkMjBkZTE5ZWIyNThhYmIyMTRmYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqGrGf89NwNFDg84c9wfdE5E2eyy
1iv0EH5NgCc48KuG3UCn7hgKROXYAo3CRnSj9eCmLoY7AyDN6HeV1MkRMmZ3Y7yv
EtAe6E2jfZvim8LdMln7auL0kRYBnsyc+yecntmBMnqsFvK/UDWfAIqeXUZtbHaH
TBd1q9XEAylZPGTZ8Nys3XJYdnyX8FBlq+jY0+aBsjRfFS+S2SJ/Xv16ARGDZe/H
pLu/NtGOG3zjoPECZhtx2EnXpam5O6si+upJtyTa+fxZHywRMEn/nPqL6bgjvpg0
jB6+uijfy6xre4TuIhJY7q6Y9bvzWeDx7F5bJqr/fIBNgjyiCCwHaBPbswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCPLIQidK7BitIN4Z6yWKuyFPs4MB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYYZ0iHur
7rrdRRLNGLscRQetjBNvrq0NyOYtpk4bW8chV8ld2/77HAmGPwu5qWckOrbQ1H1Y
invb2snWXeopSXlfbSEjhRTzXYi+tD/pfPEDa358ozFR8l2msKVtkettWNRQBdcE
DJ8b2JhXxMZ71T0RDV9i+GjmYVVPveZUfqcgwkUBA/tRTuWROzaosE5QTjRIPxNI
iUB8ssI5DHBs8FxNCnERF5kBk2quTr1KMN7/ovA+kpgFY8KaObU1heD1OxWdngk7
hb662mRrAHhLKY54bZ+ZVbPNjL7j42zQ86a21y0PgAmNH2hPwx5P046mHcvAM87x
tfaa5iqFl4z13Q==
-----END CERTIFICATE-----