Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          9/xWlsxJE5VI7t/kmLck3dlgvrEsJUGSq7TZryO6KAs=
Subject key identifier:   A0:14:12:F3:85:1C:CE:39:26:B2:BB:BD:02:89:20:B6:DD:35:A5:9A
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       019F194428C1D7A4E98D24459E89B2D08CE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          1917
Signing time:             Tue 30 Jun 2026 16:02:05 +0000
Manifest this update:     Tue 30 Jun 2026 16:02:05 +0000
Manifest next update:     Wed 01 Jul 2026 16:02:05 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: Y51Fzjnk2uP4m6tFpMVKY3CnvgGPnfEX65kjwQGfu40=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:44:28:c1:d7:a4:e9:8d:24:45:9e:89:b2:d0:8c:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Jun 30 16:02:05 2026 GMT
            Not After : Jul  1 16:02:05 2026 GMT
        Subject: CN=a01412f3851cce3926b2bbbd028920b6dd35a59a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f3:6d:ed:dc:68:8f:e7:7e:4f:05:59:2b:08:
                    7e:ce:7b:92:22:9f:6f:25:56:7b:d3:ad:1f:e7:32:
                    8f:61:7a:2a:6c:2a:9c:57:42:92:5d:60:82:92:61:
                    9c:36:25:8d:46:f6:62:dd:7a:5a:2a:d2:cf:df:2c:
                    4e:4c:8d:07:57:9c:a5:be:1d:98:d8:7f:78:45:79:
                    93:83:fe:20:22:99:db:0c:00:6d:68:66:da:1b:8c:
                    6e:48:31:e1:e7:af:31:14:a9:de:02:91:30:22:32:
                    79:ea:cd:8e:90:91:42:ae:31:2d:14:00:1a:2d:05:
                    5d:47:9f:a2:64:4b:a0:26:fb:1a:90:6c:16:05:bf:
                    54:08:1d:20:2d:af:24:be:6e:e3:09:92:17:75:0f:
                    61:5f:52:ab:7e:7e:20:85:6e:ea:71:b6:b3:72:bf:
                    be:f0:71:e3:68:f2:85:c7:64:2d:23:47:2c:a8:72:
                    5d:63:8b:4b:00:1d:9e:ef:8a:ae:83:2e:70:b5:59:
                    7b:a4:43:02:36:c4:2a:18:7c:eb:f5:26:09:67:a6:
                    c9:dc:ba:d0:8a:7c:58:c6:bc:7d:ea:eb:1f:b1:83:
                    9a:79:23:76:4f:23:89:ab:d0:84:6d:ff:c8:0c:81:
                    c2:b5:bb:ac:7a:81:87:06:27:fa:39:cb:49:3c:bf:
                    50:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:14:12:F3:85:1C:CE:39:26:B2:BB:BD:02:89:20:B6:DD:35:A5:9A
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:92:24:fd:ec:b3:5c:35:ac:c0:1f:51:1b:f7:60:36:fb:40:
         ee:0b:9f:c2:fc:d9:f6:9f:73:d3:44:21:3e:14:53:01:bf:e4:
         36:eb:c7:4b:71:4b:77:d3:f3:72:42:8b:81:cf:d3:fb:a7:7a:
         4a:43:31:9f:15:8e:46:e7:dd:1c:a2:3e:3e:17:77:a9:1d:04:
         d0:ff:95:94:1a:b4:82:15:e4:6f:2b:b7:b4:4a:3b:d7:70:c0:
         9e:ac:ee:2c:7d:39:4a:c8:3f:3e:47:fa:b8:ec:a7:44:58:b9:
         c4:5f:5d:ff:56:00:3a:bd:96:50:3b:eb:bc:1c:40:33:62:18:
         0d:e4:3a:a8:b7:94:08:9f:6a:7a:f3:f9:c3:4d:da:43:4b:f0:
         6e:62:9d:f1:ab:77:2c:3f:82:63:be:85:43:fd:07:0d:62:9b:
         a2:f3:13:34:68:23:9d:b3:78:76:f6:07:d7:56:19:e3:96:38:
         fe:e9:16:80:a0:32:5d:32:d8:8b:8f:00:8b:37:ba:e5:7b:c5:
         ca:99:ef:0e:9b:d8:ed:f3:4e:ba:72:67:99:46:e5:0c:e2:6a:
         0f:54:10:4a:76:e7:b4:5b:ec:40:a5:70:b6:d9:48:d6:a3:ce:
         de:63:95:72:da:44:97:3c:da:96:3e:e9:70:4e:59:70:6f:c3:
         bc:59:39:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZRCjB16TpjSRFnomy0IznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjYwNjMwMTYwMjA1WhcNMjYwNzAxMTYwMjA1WjAzMTEwLwYDVQQD
EyhhMDE0MTJmMzg1MWNjZTM5MjZiMmJiYmQwMjg5MjBiNmRkMzVhNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovNt7dxoj+d+TwVZKwh+znuSIp9v
JVZ7060f5zKPYXoqbCqcV0KSXWCCkmGcNiWNRvZi3XpaKtLP3yxOTI0HV5ylvh2Y
2H94RXmTg/4gIpnbDABtaGbaG4xuSDHh568xFKneApEwIjJ56s2OkJFCrjEtFAAa
LQVdR5+iZEugJvsakGwWBb9UCB0gLa8kvm7jCZIXdQ9hX1Krfn4ghW7qcbazcr++
8HHjaPKFx2QtI0csqHJdY4tLAB2e74qugy5wtVl7pEMCNsQqGHzr9SYJZ6bJ3LrQ
inxYxrx96usfsYOaeSN2TyOJq9CEbf/IDIHCtbuseoGHBif6OctJPL9QcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAUEvOFHM45JrK7vQKJILbdNaWaMB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJIk/eyz
XDWswB9RG/dgNvtA7gufwvzZ9p9z00QhPhRTAb/kNuvHS3FLd9PzckKLgc/T+6d6
SkMxnxWORufdHKI+Phd3qR0E0P+VlBq0ghXkbyu3tEo713DAnqzuLH05Ssg/Pkf6
uOynRFi5xF9d/1YAOr2WUDvrvBxAM2IYDeQ6qLeUCJ9qevP5w03aQ0vwbmKd8at3
LD+CY76FQ/0HDWKbovMTNGgjnbN4dvYH11YZ45Y4/ukWgKAyXTLYi48Aize65XvF
ypnvDpvY7fNOunJnmUblDOJqD1QQSnbntFvsQKVwttlI1qPO3mOVctpElzzalj7p
cE5ZcG/DvFk5fg==
-----END CERTIFICATE-----