Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          6PDCSFlzeNHYj4swSwWpkTbgKABICoinkUTZlkXxP4E=
Subject key identifier:   66:90:43:C9:2A:EC:33:44:88:A4:EE:85:E4:EC:D6:D2:6B:96:35:15
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       019F17C2B3196EF6B1CDE01C9F4C691D5901
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          12B0
Signing time:             Tue 30 Jun 2026 09:01:03 +0000
Manifest this update:     Tue 30 Jun 2026 09:01:03 +0000
Manifest next update:     Wed 01 Jul 2026 09:01:03 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: FvNNuxIJQ0l2QUt/OFk9XLcR/SNqBG/hqo6AkOsN74A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 09:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:c2:b3:19:6e:f6:b1:cd:e0:1c:9f:4c:69:1d:59:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Jun 30 09:01:03 2026 GMT
            Not After : Jul  1 09:01:03 2026 GMT
        Subject: CN=669043c92aec334488a4ee85e4ecd6d26b963515
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:1d:c5:8d:16:dd:9c:30:cb:a8:2f:33:78:48:
                    d9:98:c0:a6:fa:cd:6a:56:f7:c1:fa:6c:f6:a6:70:
                    87:b1:15:d1:91:94:f1:8c:12:b6:45:43:5f:af:6c:
                    48:05:fe:c0:56:56:5a:30:20:e2:9b:9a:dc:f5:27:
                    e6:76:c1:37:72:0f:a0:df:fd:89:6d:1f:df:71:5b:
                    df:28:fd:4a:4d:ff:34:1f:67:c7:79:4c:d2:e0:d7:
                    40:33:16:96:1d:f7:93:cc:f7:a5:9a:c1:9f:bf:2c:
                    b9:ee:ec:7c:30:f3:a7:3a:6c:5f:cc:8b:36:5f:87:
                    62:83:df:83:4a:58:7e:1e:ce:69:79:c9:c3:b6:75:
                    0d:92:73:03:af:d1:55:06:4a:03:7c:47:60:56:bd:
                    8a:bd:1c:c6:05:79:57:27:6e:36:2a:70:92:fa:ba:
                    df:5a:86:60:7c:bd:64:4e:a0:de:a9:c8:3f:d8:6c:
                    aa:e7:14:a6:bb:42:87:74:a6:42:b2:5a:62:db:af:
                    5e:08:7f:77:03:e9:60:0a:d8:de:18:f1:a7:78:45:
                    c3:77:62:cd:a1:d4:47:a7:e7:69:79:82:7a:62:97:
                    69:03:60:88:b4:e2:1c:92:f3:e6:b1:ce:87:d6:be:
                    51:f8:d4:f3:9f:bb:85:ea:52:c5:37:66:d3:b5:76:
                    47:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:90:43:C9:2A:EC:33:44:88:A4:EE:85:E4:EC:D6:D2:6B:96:35:15
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:fd:de:53:5b:42:b1:7b:9e:9c:91:8c:7f:ea:62:de:ba:2b:
         c2:78:f3:33:2d:9e:88:9f:d5:1d:f4:e6:7f:e7:ea:16:e6:04:
         44:dd:5a:fa:30:0f:3b:b0:56:c8:b3:b9:96:bf:58:99:9c:78:
         c1:31:e4:72:95:c2:bf:c1:4b:ac:f4:78:85:c3:e1:82:78:42:
         fd:2c:42:33:81:4e:49:8b:4a:fe:fc:e9:64:ae:8b:6c:f6:0b:
         9a:cf:b4:7d:34:14:27:8e:60:1b:47:7b:26:5d:fa:7f:30:4b:
         5d:85:fe:2e:1a:28:1f:54:f7:88:27:5e:e8:4f:12:be:b8:88:
         4e:42:f8:8e:dc:d6:7f:d5:fd:85:d4:92:4d:98:df:8e:35:da:
         31:ff:09:ff:59:b5:ce:e2:89:96:7f:96:bc:01:9a:24:cd:e7:
         f2:05:bd:a1:41:d8:ca:ce:60:a3:18:f1:ed:51:bf:6d:09:86:
         2a:f0:05:24:bd:f1:e1:0e:67:b6:4c:cb:92:f2:ef:b0:49:4e:
         ea:98:ce:5f:bd:8b:1d:38:3e:c6:8b:bb:9e:21:42:00:6f:b7:
         54:b7:5d:54:fb:cd:70:80:e0:c6:ea:7b:c2:2a:39:74:ad:05:
         5b:e5:44:89:fd:90:04:6d:df:70:54:a1:6f:e9:d7:a4:98:05:
         1f:7d:b6:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XwrMZbvaxzeAcn0xpHVkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjYwNjMwMDkwMTAzWhcNMjYwNzAxMDkwMTAzWjAzMTEwLwYDVQQD
Eyg2NjkwNDNjOTJhZWMzMzQ0ODhhNGVlODVlNGVjZDZkMjZiOTYzNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnh3FjRbdnDDLqC8zeEjZmMCm+s1q
VvfB+mz2pnCHsRXRkZTxjBK2RUNfr2xIBf7AVlZaMCDim5rc9SfmdsE3cg+g3/2J
bR/fcVvfKP1KTf80H2fHeUzS4NdAMxaWHfeTzPelmsGfvyy57ux8MPOnOmxfzIs2
X4dig9+DSlh+Hs5pecnDtnUNknMDr9FVBkoDfEdgVr2KvRzGBXlXJ242KnCS+rrf
WoZgfL1kTqDeqcg/2Gyq5xSmu0KHdKZCslpi269eCH93A+lgCtjeGPGneEXDd2LN
odRHp+dpeYJ6YpdpA2CItOIckvPmsc6H1r5R+NTzn7uF6lLFN2bTtXZHLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGaQQ8kq7DNEiKTuheTs1tJrljUVMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdP3eU1tC
sXuenJGMf+pi3rorwnjzMy2eiJ/VHfTmf+fqFuYERN1a+jAPO7BWyLO5lr9YmZx4
wTHkcpXCv8FLrPR4hcPhgnhC/SxCM4FOSYtK/vzpZK6LbPYLms+0fTQUJ45gG0d7
Jl36fzBLXYX+LhooH1T3iCde6E8SvriITkL4jtzWf9X9hdSSTZjfjjXaMf8J/1m1
zuKJln+WvAGaJM3n8gW9oUHYys5goxjx7VG/bQmGKvAFJL3x4Q5ntkzLkvLvsElO
6pjOX72LHTg+xou7niFCAG+3VLddVPvNcIDgxup7wio5dK0FW+VEif2QBG3fcFSh
b+nXpJgFH322Ng==
-----END CERTIFICATE-----