Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          OjDuafswB5m5/RnTYGF4TFdVpCp7tu+22lUR0W61vdA=
Subject key identifier:   13:87:C9:C7:6A:B3:14:26:5B:FE:97:0D:6B:37:32:9D:F9:D3:55:62
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019F190D359D0B90ED6CB64A9CFE520ACE73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          1517
Signing time:             Tue 30 Jun 2026 15:02:03 +0000
Manifest this update:     Tue 30 Jun 2026 15:02:03 +0000
Manifest next update:     Wed 01 Jul 2026 15:02:03 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: LeLuwz2DiMyruhmgEFSAEr2ZMuQjJgZ2siEQIhjVi3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:0d:35:9d:0b:90:ed:6c:b6:4a:9c:fe:52:0a:ce:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Jun 30 15:02:03 2026 GMT
            Not After : Jul  1 15:02:03 2026 GMT
        Subject: CN=1387c9c76ab314265bfe970d6b37329df9d35562
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:a9:97:ee:6d:72:17:6b:73:34:a5:63:b4:a2:
                    1f:32:c5:d4:08:23:da:ac:e3:59:62:9d:3c:54:8a:
                    91:a0:07:9b:17:70:79:86:b8:0d:5a:76:00:1a:b6:
                    57:ce:50:9b:32:88:30:80:07:88:8c:77:fe:2d:73:
                    83:55:86:f8:c3:7c:e6:63:4f:84:60:eb:bf:4d:e7:
                    33:7e:42:a7:86:36:63:f4:e6:30:6f:c2:0a:97:8f:
                    d5:2d:3a:9c:bc:85:36:91:39:f3:fa:bf:2d:3f:20:
                    49:5b:87:41:cf:77:72:f4:c5:60:9b:ca:67:ea:d4:
                    82:ab:08:2b:2c:dd:2e:cf:e3:7b:d4:c7:c5:20:40:
                    6a:96:ec:9c:67:83:1e:d9:89:0b:3a:e3:b9:58:41:
                    68:49:ea:ff:f3:bb:32:88:7f:36:cf:66:be:38:02:
                    9a:1b:ba:42:f0:80:20:71:a0:a3:93:a6:42:77:d6:
                    f1:1d:63:0a:fd:44:a6:92:80:29:21:4f:b0:2d:3c:
                    dd:85:57:e2:1d:fd:03:a9:05:d2:1e:a8:32:63:b5:
                    21:0c:81:65:f6:a4:6e:06:3f:8f:3c:e6:a7:aa:bd:
                    a8:f5:e0:49:b3:fe:89:67:8a:5a:f2:06:3d:fe:16:
                    be:20:34:78:f4:ab:82:bb:c2:be:df:4c:ed:ea:2f:
                    ab:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:87:C9:C7:6A:B3:14:26:5B:FE:97:0D:6B:37:32:9D:F9:D3:55:62
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:28:10:a1:88:65:22:f3:32:26:42:b8:a3:af:20:a0:67:3e:
         65:62:23:f3:1e:1f:49:49:ea:ee:ea:9e:6f:a0:c2:18:fc:fe:
         7e:28:c4:10:84:6e:9d:5e:55:eb:c9:e4:81:fc:00:17:5e:0d:
         3f:c3:f0:23:89:e0:58:51:eb:be:a5:6d:78:a9:c1:79:61:1a:
         f7:93:a4:45:09:3f:06:79:8a:74:2d:5b:1c:44:d9:46:f9:cc:
         6d:ec:c8:18:6b:cd:0e:bf:27:6a:cb:bf:d7:e8:92:f0:46:d9:
         2f:cd:2f:b5:80:2a:c2:3d:ef:b4:35:33:95:35:55:a6:eb:1e:
         9f:91:80:ae:68:11:4e:cb:d3:58:bc:ca:55:5d:1b:88:1d:49:
         b6:e5:37:0c:4b:12:e0:97:a9:73:23:87:4f:59:dd:09:95:9f:
         dd:9e:a5:40:a7:1e:9c:cb:85:6b:eb:17:8f:6d:5f:96:98:ad:
         b6:56:20:65:1c:0a:cf:65:e1:e0:78:34:5a:95:a2:f1:0e:c9:
         df:ff:06:0d:dc:d7:9e:c3:f8:3f:a4:60:2b:1f:7a:e5:64:74:
         bb:bd:9d:a9:fe:4b:ca:d0:92:97:c3:99:2d:04:0e:a6:2b:36:
         b6:84:a3:dc:b6:cf:a4:94:af:b3:17:0a:79:91:8f:f8:c0:7c:
         e0:98:52:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZDTWdC5DtbLZKnP5SCs5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjYwNjMwMTUwMjAzWhcNMjYwNzAxMTUwMjAzWjAzMTEwLwYDVQQD
EygxMzg3YzljNzZhYjMxNDI2NWJmZTk3MGQ2YjM3MzI5ZGY5ZDM1NTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzamX7m1yF2tzNKVjtKIfMsXUCCPa
rONZYp08VIqRoAebF3B5hrgNWnYAGrZXzlCbMogwgAeIjHf+LXODVYb4w3zmY0+E
YOu/TeczfkKnhjZj9OYwb8IKl4/VLTqcvIU2kTnz+r8tPyBJW4dBz3dy9MVgm8pn
6tSCqwgrLN0uz+N71MfFIEBqluycZ4Me2YkLOuO5WEFoSer/87syiH82z2a+OAKa
G7pC8IAgcaCjk6ZCd9bxHWMK/USmkoApIU+wLTzdhVfiHf0DqQXSHqgyY7UhDIFl
9qRuBj+PPOanqr2o9eBJs/6JZ4pa8gY9/ha+IDR49KuCu8K+30zt6i+r0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOHycdqsxQmW/6XDWs3Mp3501ViMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtygQoYhl
IvMyJkK4o68goGc+ZWIj8x4fSUnq7uqeb6DCGPz+fijEEIRunV5V68nkgfwAF14N
P8PwI4ngWFHrvqVteKnBeWEa95OkRQk/BnmKdC1bHETZRvnMbezIGGvNDr8nasu/
1+iS8EbZL80vtYAqwj3vtDUzlTVVpusen5GArmgRTsvTWLzKVV0biB1JtuU3DEsS
4JepcyOHT1ndCZWf3Z6lQKcenMuFa+sXj21flpittlYgZRwKz2Xh4Hg0WpWi8Q7J
3/8GDdzXnsP4P6RgKx965WR0u72dqf5LytCSl8OZLQQOpis2toSj3LbPpJSvsxcK
eZGP+MB84JhS9Q==
-----END CERTIFICATE-----