Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          cs9u4TmKDRfBaXyubdWnhxKmqVuOTLN+9SzaMJ6xRa0=
Subject key identifier:   35:08:0F:39:63:94:1C:F3:4D:ED:96:85:9D:AF:1C:18:71:4B:33:82
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       019F19443A3F6534A5E19AA98AFC1EEB9338
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          14D3
Signing time:             Tue 30 Jun 2026 16:02:09 +0000
Manifest this update:     Tue 30 Jun 2026 16:02:09 +0000
Manifest next update:     Wed 01 Jul 2026 16:02:09 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: yEyFlW1Idt4bdPWeAKCpzeMNNinlz1Zg3M+q0D+xAbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:44:3a:3f:65:34:a5:e1:9a:a9:8a:fc:1e:eb:93:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: Jun 30 16:02:09 2026 GMT
            Not After : Jul  1 16:02:09 2026 GMT
        Subject: CN=35080f3963941cf34ded96859daf1c18714b3382
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:f5:6e:99:69:ab:e3:30:c9:27:94:ac:ad:44:
                    05:a8:dd:78:13:8e:65:98:da:b5:62:47:63:a2:9f:
                    ba:1c:8b:c9:75:25:8c:3f:ec:76:90:73:2f:c4:be:
                    9f:17:e9:11:96:44:ae:7f:d5:a2:49:a1:61:b8:e8:
                    07:d4:31:59:50:77:22:9d:9b:90:ec:4b:4d:7f:bb:
                    d9:91:6e:c9:c3:c6:1f:52:5d:a9:14:ef:8a:85:6b:
                    bc:30:75:a6:c4:51:79:ab:34:71:67:f0:50:4b:db:
                    8b:76:83:fa:76:39:d1:c0:45:c0:da:c9:35:4b:39:
                    04:94:61:eb:7a:6b:93:ad:04:55:25:b7:55:01:90:
                    d9:04:b8:96:9f:39:2b:ff:d1:fc:d7:15:c9:61:88:
                    23:89:27:ab:15:6e:d4:40:a5:2d:2f:4b:1f:52:32:
                    7f:4d:81:55:08:d7:57:6f:cf:66:b6:ca:ac:25:f6:
                    22:4a:72:68:b1:dc:cf:4a:12:2f:19:f2:f4:f9:63:
                    b7:6d:19:2a:c1:22:79:37:d7:bc:44:d8:70:40:78:
                    9f:aa:ac:57:63:1f:7e:0b:a7:cf:aa:c0:66:fe:87:
                    9e:4e:e1:3a:de:9e:a0:af:f9:04:25:ae:9a:fa:55:
                    4b:c1:26:c6:c7:de:34:0f:e5:50:b1:c1:1c:fd:eb:
                    29:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:08:0F:39:63:94:1C:F3:4D:ED:96:85:9D:AF:1C:18:71:4B:33:82
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:ed:97:89:e3:50:5d:a7:82:36:d5:ef:d7:ab:ba:e6:da:a6:
         4f:ad:ae:f6:ed:7e:60:ba:f7:76:ba:d5:c5:ee:3c:35:24:29:
         37:cc:2a:c4:53:ba:7c:b7:f3:26:51:fa:da:99:5f:b2:a5:66:
         84:7d:f6:9a:1d:4c:cf:70:2f:9e:d1:3c:c8:b2:2f:5d:42:c8:
         e7:17:0a:98:4a:c3:89:74:1a:78:be:df:de:3e:db:42:25:b3:
         a5:fc:53:6c:88:88:16:a5:db:5b:d4:1d:f8:26:84:1e:d4:af:
         a9:a3:81:c7:b3:d6:40:6d:f4:87:fd:91:02:ce:74:4d:69:74:
         2e:b4:f6:6c:d5:2a:4d:be:17:4e:08:93:67:51:a6:10:d1:db:
         cf:37:c1:fe:11:df:73:04:e0:94:14:a7:17:56:72:0a:bd:a7:
         3d:7e:c7:3d:06:0b:ff:c5:15:34:0e:b6:a8:db:f7:65:c8:95:
         a5:8a:18:df:29:b1:9d:b8:a0:7c:0a:55:85:01:9d:ea:c0:19:
         4f:aa:b5:84:d5:25:48:f6:d5:14:8f:2b:7c:9f:5d:25:55:78:
         7a:7e:aa:2c:04:3a:f7:47:74:88:8f:8d:a9:14:b5:34:ac:cf:
         b5:3e:29:c8:c3:09:4d:ac:e7:19:3a:ec:2f:6b:07:d0:ac:86:
         38:ff:7f:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZRDo/ZTSl4Zqpivwe65M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjYwNjMwMTYwMjA5WhcNMjYwNzAxMTYwMjA5WjAzMTEwLwYDVQQD
EygzNTA4MGYzOTYzOTQxY2YzNGRlZDk2ODU5ZGFmMWMxODcxNGIzMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvVumWmr4zDJJ5SsrUQFqN14E45l
mNq1Ykdjop+6HIvJdSWMP+x2kHMvxL6fF+kRlkSuf9WiSaFhuOgH1DFZUHcinZuQ
7EtNf7vZkW7Jw8YfUl2pFO+KhWu8MHWmxFF5qzRxZ/BQS9uLdoP6djnRwEXA2sk1
SzkElGHremuTrQRVJbdVAZDZBLiWnzkr/9H81xXJYYgjiSerFW7UQKUtL0sfUjJ/
TYFVCNdXb89mtsqsJfYiSnJosdzPShIvGfL0+WO3bRkqwSJ5N9e8RNhwQHifqqxX
Yx9+C6fPqsBm/oeeTuE63p6gr/kEJa6a+lVLwSbGx940D+VQscEc/esp2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUIDzljlBzzTe2WhZ2vHBhxSzOCMB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIO2XieNQ
XaeCNtXv16u65tqmT62u9u1+YLr3drrVxe48NSQpN8wqxFO6fLfzJlH62plfsqVm
hH32mh1Mz3AvntE8yLIvXULI5xcKmErDiXQaeL7f3j7bQiWzpfxTbIiIFqXbW9Qd
+CaEHtSvqaOBx7PWQG30h/2RAs50TWl0LrT2bNUqTb4XTgiTZ1GmENHbzzfB/hHf
cwTglBSnF1ZyCr2nPX7HPQYL/8UVNA62qNv3ZciVpYoY3ymxnbigfApVhQGd6sAZ
T6q1hNUlSPbVFI8rfJ9dJVV4en6qLAQ690d0iI+NqRS1NKzPtT4pyMMJTaznGTrs
L2sH0KyGOP9/WQ==
-----END CERTIFICATE-----