Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
File:                     9kixVYLTS9UXCp3RO4EyW6uuXjo.mft (raw, json)
Hash identifier:          c7+FAGyMsnGN5LlZbVAhoj1Z4vjTLPsANyD7VIp+Ro8=
Subject key identifier:   3C:56:DC:40:90:8F:93:5A:A9:5B:15:9A:84:56:2C:C8:F0:7E:93:30
Authority key identifier: F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A
Certificate issuer:       /CN=f648b15582d34bd5170a9dd13b81325babae5e3a
Certificate serial:       019F189E7639D42E3E844B5D4774FA7CF2EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
Manifest number:          1988
Signing time:             Tue 30 Jun 2026 13:01:05 +0000
Manifest this update:     Tue 30 Jun 2026 13:01:05 +0000
Manifest next update:     Wed 01 Jul 2026 13:01:05 +0000
Files and hashes:         1: 9kixVYLTS9UXCp3RO4EyW6uuXjo.crl (hash: FfYF7P+mnkAGsPr92/ApD4xKAGCUB7cfg9nSRf74MqE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 13:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:9e:76:39:d4:2e:3e:84:4b:5d:47:74:fa:7c:f2:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f648b15582d34bd5170a9dd13b81325babae5e3a
        Validity
            Not Before: Jun 30 13:01:05 2026 GMT
            Not After : Jul  1 13:01:05 2026 GMT
        Subject: CN=3c56dc40908f935aa95b159a84562cc8f07e9330
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:05:b0:7c:f8:7f:57:88:70:fa:e0:67:bf:4c:
                    ec:c2:38:df:9d:5b:a2:57:b0:f1:ff:e2:d4:aa:38:
                    77:4e:0c:33:c6:ea:78:e8:75:6e:4c:06:24:8b:aa:
                    c8:ce:c3:b3:39:e1:95:c0:a7:5b:79:2c:be:b1:95:
                    0a:54:b6:c5:ce:c5:3f:67:88:f8:8d:dc:f2:b1:68:
                    ca:5f:ec:15:4e:db:85:d7:e1:95:63:33:ca:54:11:
                    a5:75:56:4b:68:d7:2f:6c:47:ec:aa:e8:94:2b:b1:
                    15:e3:61:98:20:76:02:fe:3f:f5:2d:d5:6c:ab:08:
                    fc:c0:07:ca:a6:9f:ae:5f:b5:c9:6c:3e:05:34:85:
                    b7:aa:9b:f8:fc:ea:4b:41:3d:6b:fd:9a:da:23:f9:
                    5a:10:5e:3a:16:a7:94:c6:a5:64:23:82:1a:e7:08:
                    22:95:e9:82:e0:94:fd:f2:62:2c:57:b9:b6:e3:cf:
                    1a:f6:23:05:51:d4:d3:e1:96:00:90:fa:f4:ac:5c:
                    6c:56:09:6c:59:c0:8b:a4:18:e0:5e:b3:08:26:bb:
                    dc:bf:36:e4:55:c9:87:53:36:bf:ca:11:68:ad:9f:
                    5a:fe:72:66:73:7d:84:d1:6f:ea:4a:19:e0:a2:3f:
                    50:96:c4:97:94:5e:a1:78:6a:cb:92:52:d9:9b:65:
                    a9:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:56:DC:40:90:8F:93:5A:A9:5B:15:9A:84:56:2C:C8:F0:7E:93:30
            X509v3 Authority Key Identifier:
                keyid:F6:48:B1:55:82:D3:4B:D5:17:0A:9D:D1:3B:81:32:5B:AB:AE:5E:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9kixVYLTS9UXCp3RO4EyW6uuXjo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d8f672-539f-401d-9dc7-62799b90231b/1/9kixVYLTS9UXCp3RO4EyW6uuXjo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:f9:42:e9:6d:52:70:c1:a1:eb:89:a2:48:d5:73:d6:7d:76:
         c7:3e:31:64:7f:04:18:ae:f9:2f:2e:ab:0d:86:ef:69:6b:e5:
         e7:40:8c:ac:ff:38:e1:65:7b:03:0a:73:74:ae:3b:c4:12:ac:
         15:05:0f:c0:79:1d:ae:b3:49:62:f1:03:f4:a8:1a:42:9a:91:
         30:64:01:fa:01:25:ca:02:c9:3b:54:e1:17:16:f0:1c:e8:92:
         10:cb:0f:de:d3:f6:4d:02:89:7c:83:6f:7a:f7:21:0b:af:e0:
         ed:dd:e7:48:36:5a:21:05:6a:27:ad:eb:92:e2:32:21:25:06:
         65:e0:67:aa:fe:c3:fc:b5:7d:bd:6e:bd:99:de:d4:02:5f:44:
         a2:ad:19:47:e4:eb:48:8a:a2:98:a6:d6:32:b5:b8:ce:d8:73:
         0e:65:d3:95:c9:22:96:3d:ec:15:52:a5:c1:b5:08:c0:97:9b:
         56:0f:2f:63:03:44:3d:15:fb:e2:6e:18:c4:57:15:47:e8:4a:
         5a:b0:09:3f:e9:3c:08:5d:9c:92:a4:d2:86:32:df:77:cf:ba:
         0f:20:09:87:8d:5a:a3:5a:ba:8b:8c:1d:64:8e:2e:19:b9:68:
         a0:77:45:5d:c9:1e:f4:a0:34:12:f0:6e:cb:1b:be:79:89:85:
         22:ff:60:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8YnnY51C4+hEtdR3T6fPLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NDhiMTU1ODJkMzRiZDUxNzBhOWRkMTNiODEzMjViYWJh
ZTVlM2EwHhcNMjYwNjMwMTMwMTA1WhcNMjYwNzAxMTMwMTA1WjAzMTEwLwYDVQQD
EygzYzU2ZGM0MDkwOGY5MzVhYTk1YjE1OWE4NDU2MmNjOGYwN2U5MzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQWwfPh/V4hw+uBnv0zswjjfnVui
V7Dx/+LUqjh3Tgwzxup46HVuTAYki6rIzsOzOeGVwKdbeSy+sZUKVLbFzsU/Z4j4
jdzysWjKX+wVTtuF1+GVYzPKVBGldVZLaNcvbEfsquiUK7EV42GYIHYC/j/1LdVs
qwj8wAfKpp+uX7XJbD4FNIW3qpv4/OpLQT1r/ZraI/laEF46FqeUxqVkI4Ia5wgi
lemC4JT98mIsV7m2488a9iMFUdTT4ZYAkPr0rFxsVglsWcCLpBjgXrMIJrvcvzbk
VcmHUza/yhForZ9a/nJmc32E0W/qShngoj9QlsSXlF6heGrLklLZm2WpbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDxW3ECQj5NaqVsVmoRWLMjwfpMwMB8GA1UdIwQY
MBaAFPZIsVWC00vVFwqd0TuBMlurrl46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzct
NjI3OTliOTAyMzFiLzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kOGY2NzItNTM5Zi00MDFkLTlkYzctNjI3OTliOTAyMzFi
LzEvOWtpeFZZTFRTOVVYQ3AzUk80RXlXNnV1WGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFvlC6W1S
cMGh64miSNVz1n12xz4xZH8EGK75Ly6rDYbvaWvl50CMrP844WV7AwpzdK47xBKs
FQUPwHkdrrNJYvED9KgaQpqRMGQB+gElygLJO1ThFxbwHOiSEMsP3tP2TQKJfINv
evchC6/g7d3nSDZaIQVqJ63rkuIyISUGZeBnqv7D/LV9vW69md7UAl9Eoq0ZR+Tr
SIqimKbWMrW4zthzDmXTlckilj3sFVKlwbUIwJebVg8vYwNEPRX74m4YxFcVR+hK
WrAJP+k8CF2ckqTShjLfd8+6DyAJh41ao1q6i4wdZI4uGblooHdFXcke9KA0EvBu
yxu+eYmFIv9glg==
-----END CERTIFICATE-----