Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
File:                     4T3UuB8fx53U2mQo-cKgJzRX_wY.mft (raw, json)
Hash identifier:          QoUpDFKn1ns9q9bOVrwxT1ihanGT2fu5mEpVRbA3NfE=
Subject key identifier:   38:D8:10:2F:4C:7A:84:D4:DB:14:B0:A1:67:EB:80:77:CD:0F:E6:8A
Authority key identifier: E1:3D:D4:B8:1F:1F:C7:9D:D4:DA:64:28:F9:C2:A0:27:34:57:FF:06
Certificate issuer:       /CN=e13dd4b81f1fc79dd4da6428f9c2a0273457ff06
Certificate serial:       019F189EC6501994C8F8BC250D71AF26E389
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
Manifest number:          0801
Signing time:             Tue 30 Jun 2026 13:01:26 +0000
Manifest this update:     Tue 30 Jun 2026 13:01:26 +0000
Manifest next update:     Wed 01 Jul 2026 13:01:26 +0000
Files and hashes:         1: 4T3UuB8fx53U2mQo-cKgJzRX_wY.crl (hash: XuPrO23pAxlMz1ZJisCNLgcg7jgmSRXcIIZf5qNxbfk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 13:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:9e:c6:50:19:94:c8:f8:bc:25:0d:71:af:26:e3:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e13dd4b81f1fc79dd4da6428f9c2a0273457ff06
        Validity
            Not Before: Jun 30 13:01:26 2026 GMT
            Not After : Jul  1 13:01:26 2026 GMT
        Subject: CN=38d8102f4c7a84d4db14b0a167eb8077cd0fe68a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:d0:f6:b9:23:f6:21:4e:03:62:51:60:97:1c:
                    0f:fc:0f:9c:9c:47:d7:8f:5c:36:a1:41:ec:64:a7:
                    65:06:c3:a5:b0:60:b0:67:69:0a:98:b4:90:23:f5:
                    ae:de:d3:e0:95:34:2c:4f:b9:18:38:30:d1:01:00:
                    74:d1:ff:34:68:4f:af:2a:07:32:ea:6e:f4:d9:a5:
                    b1:d2:4d:79:ab:2e:95:0b:a8:3b:be:68:ff:1b:4d:
                    5c:dd:df:f3:95:65:57:18:b8:64:9a:37:a9:45:d4:
                    83:a2:7b:45:19:a2:9f:a4:9d:03:92:13:27:c6:d5:
                    76:da:c9:a0:09:6c:79:c8:90:fb:73:77:d1:34:05:
                    d5:81:40:8c:fa:e4:c7:7a:d4:e5:e8:9f:c9:57:b1:
                    73:18:7f:b5:81:15:5d:b9:2f:f1:80:de:87:88:20:
                    65:09:fb:25:43:a7:81:87:cd:7f:ed:d6:67:8e:91:
                    01:63:d4:87:04:85:77:fd:a5:c6:f7:73:0c:3e:17:
                    68:95:26:c1:1b:ed:ce:be:8e:5b:bf:21:36:24:e0:
                    71:ed:c5:d9:2a:86:a5:24:40:83:04:39:aa:bc:6a:
                    53:65:eb:dc:0b:34:f3:56:05:f5:5a:0e:c6:b5:9d:
                    6b:5d:9f:5f:80:10:10:8d:96:8f:f4:a5:c4:d6:81:
                    58:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:D8:10:2F:4C:7A:84:D4:DB:14:B0:A1:67:EB:80:77:CD:0F:E6:8A
            X509v3 Authority Key Identifier:
                keyid:E1:3D:D4:B8:1F:1F:C7:9D:D4:DA:64:28:F9:C2:A0:27:34:57:FF:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:c1:87:0b:9e:c7:84:23:35:54:d5:07:ac:47:89:b7:b3:03:
         77:6e:56:3f:47:9e:8e:0f:b7:ab:6a:9c:33:c5:8e:dd:51:55:
         f3:b3:27:08:03:bd:60:b7:59:9b:b2:83:dd:e1:db:5e:5d:ce:
         23:e1:be:80:28:d8:2f:4d:44:9f:08:80:72:f1:7e:05:c3:75:
         97:78:96:ba:79:26:82:d1:0c:da:21:ec:91:7e:62:62:2c:4d:
         4c:03:bc:f4:d9:e8:f2:84:38:59:2a:c4:75:1b:31:ac:48:b2:
         89:85:47:d4:83:cc:d4:0e:5b:2f:4d:a8:17:10:05:43:45:35:
         b0:e6:94:9e:da:27:5d:25:bd:2c:fe:12:46:25:a3:16:ea:9e:
         a4:2d:a3:38:6c:94:86:4e:b5:88:93:6b:c1:06:58:54:07:69:
         2b:e3:fe:e6:8a:5c:0a:72:6e:59:ff:bf:26:40:5e:85:f4:8b:
         9a:56:73:7a:38:a0:81:33:9c:50:42:7c:78:dd:c2:01:b6:b7:
         81:ce:fd:76:6b:7d:72:70:e1:fc:e7:32:de:9a:a8:93:ee:f5:
         6b:0b:8e:10:4b:96:ce:b9:39:c0:ef:6c:63:93:33:f2:80:bf:
         df:66:d2:35:ed:b8:76:cb:ab:14:50:61:83:19:a6:f7:24:d8:
         60:f1:cf:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8YnsZQGZTI+LwlDXGvJuOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxM2RkNGI4MWYxZmM3OWRkNGRhNjQyOGY5YzJhMDI3MzQ1
N2ZmMDYwHhcNMjYwNjMwMTMwMTI2WhcNMjYwNzAxMTMwMTI2WjAzMTEwLwYDVQQD
EygzOGQ4MTAyZjRjN2E4NGQ0ZGIxNGIwYTE2N2ViODA3N2NkMGZlNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptD2uSP2IU4DYlFglxwP/A+cnEfX
j1w2oUHsZKdlBsOlsGCwZ2kKmLSQI/Wu3tPglTQsT7kYODDRAQB00f80aE+vKgcy
6m702aWx0k15qy6VC6g7vmj/G01c3d/zlWVXGLhkmjepRdSDontFGaKfpJ0DkhMn
xtV22smgCWx5yJD7c3fRNAXVgUCM+uTHetTl6J/JV7FzGH+1gRVduS/xgN6HiCBl
CfslQ6eBh81/7dZnjpEBY9SHBIV3/aXG93MMPhdolSbBG+3Ovo5bvyE2JOBx7cXZ
KoalJECDBDmqvGpTZevcCzTzVgX1Wg7GtZ1rXZ9fgBAQjZaP9KXE1oFY/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjYEC9MeoTU2xSwoWfrgHfND+aKMB8GA1UdIwQY
MBaAFOE91LgfH8ed1NpkKPnCoCc0V/8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wYjViZDctNjAzYi00YTVjLThhOTgt
ZDU2Mzk1OWQyNzdkLzEvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wYjViZDctNjAzYi00YTVjLThhOTgtZDU2Mzk1OWQyNzdk
LzEvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABcGHC57H
hCM1VNUHrEeJt7MDd25WP0eejg+3q2qcM8WO3VFV87MnCAO9YLdZm7KD3eHbXl3O
I+G+gCjYL01EnwiAcvF+BcN1l3iWunkmgtEM2iHskX5iYixNTAO89Nno8oQ4WSrE
dRsxrEiyiYVH1IPM1A5bL02oFxAFQ0U1sOaUntonXSW9LP4SRiWjFuqepC2jOGyU
hk61iJNrwQZYVAdpK+P+5opcCnJuWf+/JkBehfSLmlZzejiggTOcUEJ8eN3CAba3
gc79dmt9cnDh/Ocy3pqok+71awuOEEuWzrk5wO9sY5Mz8oC/32bSNe24dsurFFBh
gxmm9yTYYPHPGg==
-----END CERTIFICATE-----