Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
File:                     0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json)
Hash identifier:          SthmXH1QYOhbMk52YOFSmKF5L3Bmp+fImOhNavk7nqM=
Subject key identifier:   8F:6C:DB:AD:DC:74:7E:8F:53:E2:A0:D6:10:EE:32:D0:26:54:01:13
Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D
Certificate issuer:       /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
Certificate serial:       019F17F9E623480928D8E48354F5C76F247D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
Manifest number:          18C3
Signing time:             Tue 30 Jun 2026 10:01:21 +0000
Manifest this update:     Tue 30 Jun 2026 10:01:21 +0000
Manifest next update:     Wed 01 Jul 2026 10:01:21 +0000
Files and hashes:         1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: cSol15uOpvNtHtQlrH641tA0QEbyUgg6Ev110lct0tM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 10:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:f9:e6:23:48:09:28:d8:e4:83:54:f5:c7:6f:24:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
        Validity
            Not Before: Jun 30 10:01:21 2026 GMT
            Not After : Jul  1 10:01:21 2026 GMT
        Subject: CN=8f6cdbaddc747e8f53e2a0d610ee32d026540113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:3f:5e:f6:ab:27:71:b2:ed:df:2e:2f:88:2c:
                    87:16:16:02:93:46:9b:56:f7:fe:d6:ac:c7:c3:eb:
                    fa:9e:e9:bd:bb:6a:e8:70:a1:bf:d0:1e:07:fb:36:
                    8a:ec:75:40:7e:ae:ef:77:bb:12:00:bf:17:f6:58:
                    cb:c0:5d:13:d5:1c:12:c5:80:f8:c1:da:64:01:9e:
                    39:64:86:03:8c:7b:89:9c:d8:f7:a4:3c:3c:df:23:
                    94:de:e6:2a:06:c8:fa:2c:e2:ce:4e:33:06:c2:6c:
                    2f:34:cd:c0:85:67:72:10:2f:69:2c:4e:5f:0f:e7:
                    81:a9:eb:c7:01:fc:a4:0c:24:04:4c:42:4e:ea:55:
                    86:1d:68:fd:1e:f6:f6:0a:42:9e:04:d2:12:00:cc:
                    14:fa:b1:9b:a3:35:c5:70:91:08:26:4c:86:2b:c8:
                    5d:2b:78:ec:82:4d:04:3a:b8:a8:3b:41:74:df:89:
                    5f:75:06:02:89:97:07:47:36:9d:38:6f:19:03:00:
                    5e:74:16:a0:2c:b1:bf:1b:5e:c5:09:4c:ad:93:8e:
                    fa:23:ae:0b:9b:05:ba:4b:b2:41:ef:86:7d:16:9a:
                    23:3e:05:02:98:51:d9:1b:24:e1:1a:9a:af:26:79:
                    a7:67:7d:d5:7e:7b:10:2d:18:67:99:31:12:4d:06:
                    29:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:6C:DB:AD:DC:74:7E:8F:53:E2:A0:D6:10:EE:32:D0:26:54:01:13
            X509v3 Authority Key Identifier:
                keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:e8:87:cd:1f:2c:d5:ab:69:b0:89:1f:8f:f2:d7:da:9b:62:
         a1:dd:09:d2:fb:0a:37:32:67:20:10:fe:71:13:13:aa:43:4d:
         43:57:0e:3a:d0:e8:4d:cf:a9:13:ca:55:44:91:51:59:45:91:
         5f:7b:78:04:ab:ff:5e:e8:47:69:2d:4f:9c:7c:31:58:91:30:
         b9:e2:cd:aa:3d:7b:51:ee:72:31:5b:7c:de:63:21:a1:5b:99:
         59:e9:12:5f:25:f7:43:f9:01:85:a3:4f:f4:a3:e6:7b:7b:92:
         98:44:b2:c5:96:e9:9a:58:6f:c7:96:04:2e:47:ed:5d:29:26:
         97:ed:92:74:53:84:14:fa:d5:41:d3:30:a7:d8:c6:2a:c9:68:
         b8:eb:d0:cb:65:41:d0:b7:e5:36:1c:1f:d4:d7:dc:e1:93:ea:
         1f:00:bf:46:25:ed:c9:7a:7f:99:18:7c:c6:32:fa:90:18:1f:
         83:12:4a:6a:4e:79:cc:9e:da:55:b8:c3:de:12:ce:43:f8:05:
         4a:94:4e:1c:5f:a3:49:d6:9b:f8:f2:8b:f6:11:10:12:e5:8f:
         91:43:ec:28:57:39:a4:92:f2:52:68:8e:77:1f:f9:88:c0:4a:
         90:c4:f7:1a:45:fb:a3:77:22:40:39:ad:76:3e:62:60:5c:12:
         a7:7d:cf:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8X+eYjSAko2OSDVPXHbyR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw
NzQ5N2QwHhcNMjYwNjMwMTAwMTIxWhcNMjYwNzAxMTAwMTIxWjAzMTEwLwYDVQQD
Eyg4ZjZjZGJhZGRjNzQ3ZThmNTNlMmEwZDYxMGVlMzJkMDI2NTQwMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz9e9qsncbLt3y4viCyHFhYCk0ab
Vvf+1qzHw+v6num9u2rocKG/0B4H+zaK7HVAfq7vd7sSAL8X9ljLwF0T1RwSxYD4
wdpkAZ45ZIYDjHuJnNj3pDw83yOU3uYqBsj6LOLOTjMGwmwvNM3AhWdyEC9pLE5f
D+eBqevHAfykDCQETEJO6lWGHWj9Hvb2CkKeBNISAMwU+rGbozXFcJEIJkyGK8hd
K3jsgk0EOrioO0F034lfdQYCiZcHRzadOG8ZAwBedBagLLG/G17FCUytk476I64L
mwW6S7JB74Z9FpojPgUCmFHZGyThGpqvJnmnZ33VfnsQLRhnmTESTQYp0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9s263cdH6PU+Kg1hDuMtAmVAETMB8GA1UdIwQY
MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt
ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0
LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABeiHzR8s
1atpsIkfj/LX2ptiod0J0vsKNzJnIBD+cRMTqkNNQ1cOOtDoTc+pE8pVRJFRWUWR
X3t4BKv/XuhHaS1PnHwxWJEwueLNqj17Ue5yMVt83mMhoVuZWekSXyX3Q/kBhaNP
9KPme3uSmESyxZbpmlhvx5YELkftXSkml+2SdFOEFPrVQdMwp9jGKslouOvQy2VB
0LflNhwf1Nfc4ZPqHwC/RiXtyXp/mRh8xjL6kBgfgxJKak55zJ7aVbjD3hLOQ/gF
SpROHF+jSdab+PKL9hEQEuWPkUPsKFc5pJLyUmiOdx/5iMBKkMT3GkX7o3ciQDmt
dj5iYFwSp33Pcg==
-----END CERTIFICATE-----