Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
File:                     0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json)
Hash identifier:          nnX+7Y/7RPBecIGsWEGMpjv1MEnaVYdvQWOuP69d7Z4=
Subject key identifier:   39:D6:EC:A1:B6:EF:59:56:66:B4:00:C9:61:AF:37:0F:E6:CA:9B:94
Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A
Certificate issuer:       /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
Certificate serial:       019F17551AEABE93FCE02E87B4BE11DA4D05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
Manifest number:          10E7
Signing time:             Tue 30 Jun 2026 07:01:20 +0000
Manifest this update:     Tue 30 Jun 2026 07:01:20 +0000
Manifest next update:     Wed 01 Jul 2026 07:01:20 +0000
Files and hashes:         1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: X4cc2uRlp/U/oJCkqoPU0NWaR2GNUk3jluP7MiwCg+M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 07:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:55:1a:ea:be:93:fc:e0:2e:87:b4:be:11:da:4d:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
        Validity
            Not Before: Jun 30 07:01:20 2026 GMT
            Not After : Jul  1 07:01:20 2026 GMT
        Subject: CN=39d6eca1b6ef595666b400c961af370fe6ca9b94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b3:40:25:cf:2f:d0:5b:a8:1e:5b:a2:11:58:
                    b2:83:d5:dd:08:6b:b0:6c:2a:93:ec:04:57:83:76:
                    38:2c:0e:01:4a:93:c0:69:95:01:11:45:15:6b:66:
                    ac:27:72:0e:54:8b:bc:96:aa:5b:30:34:a6:50:cf:
                    d4:37:96:12:40:fe:7a:ae:48:78:df:c5:03:97:f4:
                    e0:1e:c1:68:6d:f6:30:5d:f0:d2:4b:bc:83:2c:62:
                    bc:53:ad:5b:b4:92:cf:ae:ee:ac:2b:3d:da:bc:9f:
                    9b:10:3a:7e:e0:86:90:21:ec:67:e9:2a:ca:5b:26:
                    c7:b7:ee:85:d5:4e:14:e6:7e:cb:45:5c:d3:20:cd:
                    35:e9:14:17:3b:ac:64:ed:21:b0:5f:13:0b:18:25:
                    43:44:22:bd:8e:f9:6b:65:13:19:bc:e2:1d:09:0c:
                    70:37:43:ad:87:25:62:57:89:e2:ad:5c:5a:f1:67:
                    e6:01:b7:91:bc:fc:a2:63:90:f1:f7:01:2a:48:0b:
                    9c:e8:29:2c:f4:7e:e0:a9:18:04:bc:b2:24:7b:d7:
                    99:a8:44:a8:76:ba:35:e1:6e:44:a9:e6:49:7b:a9:
                    32:c3:dc:18:d1:91:d3:42:91:f3:b4:88:d9:82:b7:
                    d3:cf:50:2a:7f:5e:ec:ef:a5:17:de:43:6d:ac:f1:
                    55:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:D6:EC:A1:B6:EF:59:56:66:B4:00:C9:61:AF:37:0F:E6:CA:9B:94
            X509v3 Authority Key Identifier:
                keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:01:ea:b2:64:bd:e0:14:95:21:e9:6d:20:40:58:be:af:df:
         bd:8e:82:0f:93:d7:41:af:a2:62:2f:7b:df:32:8f:48:bc:26:
         99:6a:35:5c:8d:f8:31:e5:f8:d7:eb:47:48:e5:50:67:2e:f1:
         74:14:f2:a6:3a:9d:95:be:df:4b:c6:73:f8:07:64:36:21:f4:
         df:58:e9:bb:05:bf:90:b2:5e:bc:34:36:84:ea:91:cb:6b:e7:
         b5:bf:8e:89:5b:33:c5:5b:1c:08:f5:e1:e2:5a:5e:72:bf:3c:
         5b:f9:e8:d4:2d:f9:90:04:90:ba:b3:d3:49:52:d3:2d:7d:1f:
         f2:8c:a3:29:41:e5:d5:17:51:d0:76:47:9f:3a:0a:26:6a:4e:
         21:cf:ce:82:46:87:34:3f:0a:60:f4:84:de:af:42:99:10:2c:
         09:09:96:f7:7f:b1:8e:57:99:3e:f0:84:0a:b9:ed:78:d4:e0:
         cd:be:8e:c8:32:d4:2d:b8:cc:45:a6:42:60:59:f8:26:43:82:
         9d:2e:80:5f:09:45:72:3c:8d:82:be:f6:1d:1f:24:f4:90:6d:
         c2:71:8b:b5:6e:c4:e5:98:99:12:f7:e9:60:f1:09:aa:ee:77:
         ef:40:55:04:a6:b8:a7:2b:af:22:ab:ed:c2:0c:b8:2a:37:9c:
         0c:5b:83:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XVRrqvpP84C6HtL4R2k0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1
ODdmM2EwHhcNMjYwNjMwMDcwMTIwWhcNMjYwNzAxMDcwMTIwWjAzMTEwLwYDVQQD
EygzOWQ2ZWNhMWI2ZWY1OTU2NjZiNDAwYzk2MWFmMzcwZmU2Y2E5Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbNAJc8v0FuoHluiEViyg9XdCGuw
bCqT7ARXg3Y4LA4BSpPAaZUBEUUVa2asJ3IOVIu8lqpbMDSmUM/UN5YSQP56rkh4
38UDl/TgHsFobfYwXfDSS7yDLGK8U61btJLPru6sKz3avJ+bEDp+4IaQIexn6SrK
WybHt+6F1U4U5n7LRVzTIM016RQXO6xk7SGwXxMLGCVDRCK9jvlrZRMZvOIdCQxw
N0OthyViV4nirVxa8WfmAbeRvPyiY5Dx9wEqSAuc6Cks9H7gqRgEvLIke9eZqESo
dro14W5EqeZJe6kyw9wY0ZHTQpHztIjZgrfTz1Aqf17s76UX3kNtrPFVSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDnW7KG271lWZrQAyWGvNw/mypuUMB8GA1UdIwQY
MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct
YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0
LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADwHqsmS9
4BSVIeltIEBYvq/fvY6CD5PXQa+iYi973zKPSLwmmWo1XI34MeX41+tHSOVQZy7x
dBTypjqdlb7fS8Zz+AdkNiH031jpuwW/kLJevDQ2hOqRy2vntb+OiVszxVscCPXh
4lpecr88W/no1C35kASQurPTSVLTLX0f8oyjKUHl1RdR0HZHnzoKJmpOIc/OgkaH
ND8KYPSE3q9CmRAsCQmW93+xjleZPvCECrnteNTgzb6OyDLULbjMRaZCYFn4JkOC
nS6AXwlFcjyNgr72HR8k9JBtwnGLtW7E5ZiZEvfpYPEJqu5370BVBKa4pyuvIqvt
wgy4KjecDFuDWA==
-----END CERTIFICATE-----