Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          xHvkfoGdxFaZkfRCeNKCPvkG00ET6C663PSL4Jp3BF0=
Subject key identifier:   57:A5:BB:B8:44:37:51:EE:4B:41:60:27:2A:94:BD:30:7B:8F:FD:E1
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019F189E389A52EE345AA5C847AC0A7C1BDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          12B9
Signing time:             Tue 30 Jun 2026 13:00:50 +0000
Manifest this update:     Tue 30 Jun 2026 13:00:50 +0000
Manifest next update:     Wed 01 Jul 2026 13:00:50 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: vQyWnCQWwBSUxZqoyy64Jx1x8LbrjaYmJFQ3eiEmdkk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 13:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:9e:38:9a:52:ee:34:5a:a5:c8:47:ac:0a:7c:1b:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Jun 30 13:00:50 2026 GMT
            Not After : Jul  1 13:00:50 2026 GMT
        Subject: CN=57a5bbb8443751ee4b4160272a94bd307b8ffde1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:84:20:d8:71:f3:cc:25:14:5c:88:dd:f7:f6:
                    a4:35:16:cc:11:9d:39:ca:73:78:64:54:13:f5:88:
                    b0:4d:a3:21:cc:18:d9:08:86:bd:e6:cb:2f:99:ce:
                    60:fc:a9:5b:5e:75:5e:5c:2b:f6:0d:b0:9a:35:33:
                    0b:17:34:e7:0b:c0:33:bc:50:a8:24:3a:77:00:ac:
                    a6:ff:e3:4e:93:20:ff:c1:54:2f:7d:10:dd:a1:fe:
                    fd:a1:6a:a5:f1:05:5d:31:bd:1e:4f:09:e2:f1:0f:
                    54:f5:ea:c2:89:44:d9:ff:55:8f:f7:2d:88:c5:4f:
                    82:1a:8b:d9:0f:bc:3f:7e:12:52:30:81:dd:7d:37:
                    67:0c:b2:65:15:ff:5f:89:f8:1c:c1:70:14:61:8b:
                    12:29:f8:59:9f:59:11:a2:ea:7e:56:ac:6a:db:36:
                    e6:87:1e:1a:11:29:4c:43:ca:a0:c3:25:40:58:57:
                    d7:31:37:ae:54:54:0b:32:18:68:9e:5b:1a:a9:56:
                    81:e4:23:5c:2a:77:8b:c8:48:42:14:61:69:b0:ee:
                    bb:5c:3e:51:34:77:89:ed:37:25:7a:e9:8c:ac:c7:
                    94:eb:21:4e:d9:54:01:a9:50:cf:66:05:f4:58:85:
                    bd:18:25:18:83:86:2a:b4:ab:5e:bd:b1:21:f2:92:
                    a2:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:A5:BB:B8:44:37:51:EE:4B:41:60:27:2A:94:BD:30:7B:8F:FD:E1
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:18:be:ef:80:06:3b:c9:62:9b:47:4c:22:ac:ae:9a:e7:27:
         d1:31:14:06:dd:63:1a:1c:0e:6a:3d:2e:f1:f2:8f:3e:8a:7d:
         ae:17:33:28:2e:46:41:36:27:fb:7e:06:05:fd:a8:f6:08:97:
         ff:d8:18:41:67:85:98:1c:c7:34:0c:64:7f:65:c4:bc:26:31:
         51:74:44:01:a8:15:bb:89:48:26:cb:81:f8:a9:8d:df:4f:72:
         9a:86:e4:69:dd:e2:86:b4:23:3d:41:75:70:6a:05:01:12:30:
         80:1c:b7:24:19:0c:54:02:62:52:49:fc:3c:7e:34:59:73:10:
         f2:c2:fb:3d:50:ab:66:b2:60:96:f1:ef:da:a8:1a:96:d4:00:
         ee:cf:82:34:85:bd:2a:a1:c3:06:16:78:a3:3f:37:75:70:01:
         66:aa:d3:c1:a0:5a:9a:71:a5:07:9b:90:66:f7:1f:90:fa:c7:
         44:3c:aa:23:53:d0:b3:92:2b:d6:a4:d1:d9:f3:e1:c8:22:09:
         48:4b:97:85:eb:d3:95:59:f0:66:a7:47:6a:aa:53:1b:c7:0f:
         14:1c:5a:e5:9f:97:8a:e5:4f:65:c1:38:f7:29:6d:00:7b:c0:
         aa:b6:83:2d:d9:f1:35:95:66:41:34:34:ed:e7:f5:64:3a:3d:
         f2:43:f8:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8YnjiaUu40WqXIR6wKfBvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjYwNjMwMTMwMDUwWhcNMjYwNzAxMTMwMDUwWjAzMTEwLwYDVQQD
Eyg1N2E1YmJiODQ0Mzc1MWVlNGI0MTYwMjcyYTk0YmQzMDdiOGZmZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIQg2HHzzCUUXIjd9/akNRbMEZ05
ynN4ZFQT9YiwTaMhzBjZCIa95ssvmc5g/KlbXnVeXCv2DbCaNTMLFzTnC8AzvFCo
JDp3AKym/+NOkyD/wVQvfRDdof79oWql8QVdMb0eTwni8Q9U9erCiUTZ/1WP9y2I
xU+CGovZD7w/fhJSMIHdfTdnDLJlFf9fifgcwXAUYYsSKfhZn1kRoup+Vqxq2zbm
hx4aESlMQ8qgwyVAWFfXMTeuVFQLMhhonlsaqVaB5CNcKneLyEhCFGFpsO67XD5R
NHeJ7TcleumMrMeU6yFO2VQBqVDPZgX0WIW9GCUYg4YqtKtevbEh8pKihwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFelu7hEN1HuS0FgJyqUvTB7j/3hMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmhi+74AG
O8lim0dMIqyumucn0TEUBt1jGhwOaj0u8fKPPop9rhczKC5GQTYn+34GBf2o9giX
/9gYQWeFmBzHNAxkf2XEvCYxUXREAagVu4lIJsuB+KmN309ymobkad3ihrQjPUF1
cGoFARIwgBy3JBkMVAJiUkn8PH40WXMQ8sL7PVCrZrJglvHv2qgaltQA7s+CNIW9
KqHDBhZ4oz83dXABZqrTwaBamnGlB5uQZvcfkPrHRDyqI1PQs5Ir1qTR2fPhyCIJ
SEuXhevTlVnwZqdHaqpTG8cPFBxa5Z+XiuVPZcE49yltAHvAqraDLdnxNZVmQTQ0
7ef1ZDo98kP4gA==
-----END CERTIFICATE-----