Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          lv6B7T0V6Gx5ROQ+TaJEjVtlPXX9nRKBaplNsF3u1mI=
Subject key identifier:   FC:ED:0C:C3:6E:5D:F8:37:1B:24:A2:44:FE:96:B5:DD:27:70:62:67
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       019F19438471C2429214D9A076CB73627DE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0F12
Signing time:             Tue 30 Jun 2026 16:01:22 +0000
Manifest this update:     Tue 30 Jun 2026 16:01:22 +0000
Manifest next update:     Wed 01 Jul 2026 16:01:22 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: /7xsguwIAOD8/t1WwnpyWVdpUVKbj43gLSi6jzTwbTU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:43:84:71:c2:42:92:14:d9:a0:76:cb:73:62:7d:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: Jun 30 16:01:22 2026 GMT
            Not After : Jul  1 16:01:22 2026 GMT
        Subject: CN=fced0cc36e5df8371b24a244fe96b5dd27706267
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:39:0e:e2:ba:4e:9c:93:07:39:dc:9c:5a:e2:
                    8c:d5:3f:3e:b3:a1:5c:4c:54:63:95:9f:c0:e3:79:
                    89:4a:ee:b6:16:66:6a:a7:9d:76:5a:08:ed:fb:92:
                    7e:66:6d:d2:11:c4:8e:8c:00:5e:38:0f:d7:1d:b7:
                    0b:af:c3:fe:74:f2:1f:1f:b2:87:e1:70:68:8a:83:
                    89:19:c3:70:ff:88:62:ff:25:08:dc:3e:b7:78:67:
                    4d:ee:51:77:c0:83:83:84:4c:fe:73:b5:aa:5b:d6:
                    6a:8b:ab:c5:6c:bd:fe:8b:6a:b6:52:5f:49:a6:11:
                    c3:7c:a3:06:2e:b0:28:0d:9a:b8:59:6e:0d:cf:ca:
                    55:90:75:38:f8:92:b6:b1:c6:d2:81:8d:30:ee:2f:
                    fd:aa:6c:d1:fe:0a:1b:99:7b:3c:a6:39:67:d1:6a:
                    7f:53:2e:03:b5:0a:66:2b:6d:81:ad:b5:e7:55:ff:
                    f6:a1:77:d3:a2:4a:48:0b:de:7b:9c:f5:e2:14:54:
                    b7:a0:d6:7a:04:d3:1b:fe:73:8e:ae:64:2e:a2:db:
                    0d:ef:24:52:97:f3:dd:04:4d:54:25:23:6a:c5:89:
                    7a:4d:61:a0:83:14:9d:6f:2e:eb:5d:45:b9:3a:f6:
                    18:7e:bd:ce:fb:d8:b3:d7:94:b0:8b:56:03:c7:81:
                    36:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:ED:0C:C3:6E:5D:F8:37:1B:24:A2:44:FE:96:B5:DD:27:70:62:67
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:6b:16:45:cf:46:33:37:62:f6:b7:a3:86:e2:5c:06:48:e3:
         15:3a:41:f9:ba:e7:1d:f1:4a:22:2f:f5:9a:7d:d5:da:a6:2a:
         d8:7c:40:3a:f5:3c:8c:73:c4:3f:5e:90:37:36:2b:60:a5:bc:
         68:61:3d:12:46:10:d3:23:11:0a:db:31:6c:96:10:cb:86:fb:
         6f:a7:e9:be:76:2c:5b:b2:8e:a0:5d:c2:12:79:8e:dc:70:e4:
         8b:e1:de:e9:40:c6:23:cb:f7:65:01:d6:38:55:19:f4:bd:aa:
         2a:b5:d1:6f:7b:bb:8a:79:c7:af:4d:e8:22:b4:58:5b:83:19:
         e3:91:0f:8f:ab:96:23:ca:f7:6b:ca:fa:20:0a:b8:d1:28:17:
         88:1a:af:e9:2a:8e:88:ce:ef:17:12:29:40:50:a6:c7:b9:81:
         99:5d:75:7a:ab:0b:b3:8a:3c:b5:75:fc:22:78:ba:43:ce:e6:
         f3:33:e8:54:c3:d1:be:08:90:cc:21:e6:ca:ed:fe:3d:1b:04:
         ab:a6:e7:82:f1:a4:c0:1f:39:4b:1f:59:7d:c7:ea:9d:30:8d:
         02:1a:c4:af:b4:da:dc:21:c6:de:72:a5:0f:e8:2a:91:bc:29:
         b9:77:87:b9:83:1b:e6:ce:31:53:0e:de:0d:d4:79:9c:d7:ac:
         22:bf:0c:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQ4RxwkKSFNmgdstzYn3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjYwNjMwMTYwMTIyWhcNMjYwNzAxMTYwMTIyWjAzMTEwLwYDVQQD
EyhmY2VkMGNjMzZlNWRmODM3MWIyNGEyNDRmZTk2YjVkZDI3NzA2MjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DkO4rpOnJMHOdycWuKM1T8+s6Fc
TFRjlZ/A43mJSu62FmZqp512Wgjt+5J+Zm3SEcSOjABeOA/XHbcLr8P+dPIfH7KH
4XBoioOJGcNw/4hi/yUI3D63eGdN7lF3wIODhEz+c7WqW9Zqi6vFbL3+i2q2Ul9J
phHDfKMGLrAoDZq4WW4Nz8pVkHU4+JK2scbSgY0w7i/9qmzR/gobmXs8pjln0Wp/
Uy4DtQpmK22BrbXnVf/2oXfTokpIC957nPXiFFS3oNZ6BNMb/nOOrmQuotsN7yRS
l/PdBE1UJSNqxYl6TWGggxSdby7rXUW5OvYYfr3O+9iz15Swi1YDx4E2AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPztDMNuXfg3GySiRP6Wtd0ncGJnMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcmsWRc9G
Mzdi9rejhuJcBkjjFTpB+brnHfFKIi/1mn3V2qYq2HxAOvU8jHPEP16QNzYrYKW8
aGE9EkYQ0yMRCtsxbJYQy4b7b6fpvnYsW7KOoF3CEnmO3HDki+He6UDGI8v3ZQHW
OFUZ9L2qKrXRb3u7innHr03oIrRYW4MZ45EPj6uWI8r3a8r6IAq40SgXiBqv6SqO
iM7vFxIpQFCmx7mBmV11eqsLs4o8tXX8Ini6Q87m8zPoVMPRvgiQzCHmyu3+PRsE
q6bngvGkwB85Sx9ZfcfqnTCNAhrEr7Ta3CHG3nKlD+gqkbwpuXeHuYMb5s4xUw7e
DdR5nNesIr8MQQ==
-----END CERTIFICATE-----