Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft
File:                     Z8QeB5653PX62eXUjdzjlpd7eXc.mft (raw, json)
Hash identifier:          W0n+TgCs8p1115c3J6fStZN/hXsQImwJSZQPij6ftdE=
Subject key identifier:   FE:09:A9:A1:87:F2:38:3B:F6:70:64:63:C0:27:3E:D7:CE:2F:60:A9
Authority key identifier: 67:C4:1E:07:9E:B9:DC:F5:FA:D9:E5:D4:8D:DC:E3:96:97:7B:79:77
Certificate issuer:       /CN=67c41e079eb9dcf5fad9e5d48ddce396977b7977
Certificate serial:       019EB8B3BDE9BE1AB51BD240859AEFD6421A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z8QeB5653PX62eXUjdzjlpd7eXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft
Manifest number:          1952
Signing time:             Thu 11 Jun 2026 22:00:47 +0000
Manifest this update:     Thu 11 Jun 2026 22:00:47 +0000
Manifest next update:     Fri 12 Jun 2026 22:00:47 +0000
Files and hashes:         1: Z8QeB5653PX62eXUjdzjlpd7eXc.crl (hash: KD8zO6tRYqcMjYSXyxkksyBKB1GExgFWmZ46rpsktXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z8QeB5653PX62eXUjdzjlpd7eXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 20:26:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b8:b3:bd:e9:be:1a:b5:1b:d2:40:85:9a:ef:d6:42:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67c41e079eb9dcf5fad9e5d48ddce396977b7977
        Validity
            Not Before: Jun 11 22:00:47 2026 GMT
            Not After : Jun 12 22:00:47 2026 GMT
        Subject: CN=fe09a9a187f2383bf6706463c0273ed7ce2f60a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:20:11:ee:c7:cc:a2:cd:4f:74:64:69:eb:7c:
                    f9:fc:10:8d:2e:02:05:92:90:63:f1:35:d6:91:34:
                    53:f2:fa:1d:ee:96:9e:8c:3d:f9:56:db:11:36:99:
                    ac:9f:31:1d:77:e7:dc:4b:7d:cb:90:ee:1f:02:60:
                    10:fe:1d:cd:2a:ef:62:ce:1a:be:0a:4b:6f:1c:71:
                    ec:40:70:51:eb:56:21:03:cf:e1:a9:6d:29:a5:eb:
                    e6:ad:ff:5d:86:d1:5f:39:19:b8:ab:68:c3:aa:60:
                    1c:fe:42:dd:3a:4f:7f:0d:25:95:92:90:91:b9:29:
                    c5:4f:32:a8:a0:aa:07:0d:a2:b4:36:47:0b:1c:7e:
                    4a:9c:27:9d:ab:f0:d7:19:b6:f0:0b:b1:f7:2b:5e:
                    56:a1:45:a5:a7:49:39:c3:7d:89:f0:66:86:74:14:
                    02:2e:48:9e:da:ab:71:d4:ad:3c:a4:69:74:19:98:
                    da:22:93:3c:d3:f6:0d:46:fe:f8:c5:43:3f:24:2e:
                    c0:1a:65:2c:88:0e:e3:13:bc:73:9b:f8:5d:c0:99:
                    58:2a:a7:87:3d:ba:60:80:14:b7:e1:f9:06:b7:de:
                    a4:48:e4:08:a9:97:1c:fa:14:76:26:ec:27:a0:ce:
                    2a:19:c9:15:a6:81:05:9f:f8:24:77:ea:be:63:93:
                    9c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:09:A9:A1:87:F2:38:3B:F6:70:64:63:C0:27:3E:D7:CE:2F:60:A9
            X509v3 Authority Key Identifier:
                keyid:67:C4:1E:07:9E:B9:DC:F5:FA:D9:E5:D4:8D:DC:E3:96:97:7B:79:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8QeB5653PX62eXUjdzjlpd7eXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:ad:7f:bd:97:4c:c9:11:2e:2f:57:21:22:60:dd:36:5f:69:
         f5:7f:94:78:48:5c:22:ba:4c:72:7f:40:b9:40:3d:41:10:77:
         67:c5:28:58:d6:3d:5a:4a:ba:e7:ae:ee:08:b8:0d:3f:dc:a4:
         d5:32:f1:b7:32:32:a6:45:27:55:5a:c3:c9:91:ea:94:30:90:
         cf:3f:5d:ac:8a:f4:16:2f:05:8b:e0:fc:c3:45:7d:76:33:a0:
         4e:8e:01:31:fd:cf:3a:a8:03:1b:12:28:cd:d8:93:8a:49:f2:
         4e:7f:ce:37:b6:b1:d6:cb:64:8d:3f:48:2a:d3:9d:8d:f0:92:
         c3:ee:da:b8:d4:d2:13:bf:b1:da:73:0c:37:8c:9a:82:81:38:
         53:4a:21:9c:51:30:15:ec:9d:1f:68:f2:3f:59:e8:22:11:bd:
         8c:54:16:bf:30:6b:7e:96:2b:e6:8b:e7:9d:74:ee:bd:2c:30:
         7e:0b:78:b0:31:92:9a:c4:7c:ce:e5:a4:6e:1b:bb:6d:52:0e:
         cb:a8:97:4e:1a:f5:58:10:e1:85:ea:a4:64:31:01:61:2f:e3:
         51:8a:f7:47:7b:57:05:db:c9:3c:1f:9b:28:b5:e1:24:32:84:
         bc:66:4e:b4:87:5e:0c:72:97:32:fc:e0:0d:69:d3:51:cb:0c:
         4d:ca:a6:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ64s73pvhq1G9JAhZrv1kIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YzQxZTA3OWViOWRjZjVmYWQ5ZTVkNDhkZGNlMzk2OTc3
Yjc5NzcwHhcNMjYwNjExMjIwMDQ3WhcNMjYwNjEyMjIwMDQ3WjAzMTEwLwYDVQQD
EyhmZTA5YTlhMTg3ZjIzODNiZjY3MDY0NjNjMDI3M2VkN2NlMmY2MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriAR7sfMos1PdGRp63z5/BCNLgIF
kpBj8TXWkTRT8vod7paejD35VtsRNpmsnzEdd+fcS33LkO4fAmAQ/h3NKu9izhq+
CktvHHHsQHBR61YhA8/hqW0ppevmrf9dhtFfORm4q2jDqmAc/kLdOk9/DSWVkpCR
uSnFTzKooKoHDaK0NkcLHH5KnCedq/DXGbbwC7H3K15WoUWlp0k5w32J8GaGdBQC
Lkie2qtx1K08pGl0GZjaIpM80/YNRv74xUM/JC7AGmUsiA7jE7xzm/hdwJlYKqeH
PbpggBS34fkGt96kSOQIqZcc+hR2JuwnoM4qGckVpoEFn/gkd+q+Y5OcIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4JqaGH8jg79nBkY8AnPtfOL2CpMB8GA1UdIwQY
MBaAFGfEHgeeudz1+tnl1I3c45aXe3l3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhRZUI1NjUzUFg2MmVYVWpkempscGQ3ZVhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8wNjE5ZGItZWQ4ZS00NDNkLTk0ZDgt
ZDY0MzE0ZGEwYmI5LzEvWjhRZUI1NjUzUFg2MmVYVWpkempscGQ3ZVhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8wNjE5ZGItZWQ4ZS00NDNkLTk0ZDgtZDY0MzE0ZGEwYmI5
LzEvWjhRZUI1NjUzUFg2MmVYVWpkempscGQ3ZVhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr61/vZdM
yREuL1chImDdNl9p9X+UeEhcIrpMcn9AuUA9QRB3Z8UoWNY9Wkq6567uCLgNP9yk
1TLxtzIypkUnVVrDyZHqlDCQzz9drIr0Fi8Fi+D8w0V9djOgTo4BMf3POqgDGxIo
zdiTiknyTn/ON7ax1stkjT9IKtOdjfCSw+7auNTSE7+x2nMMN4yagoE4U0ohnFEw
FeydH2jyP1noIhG9jFQWvzBrfpYr5ovnnXTuvSwwfgt4sDGSmsR8zuWkbhu7bVIO
y6iXThr1WBDhheqkZDEBYS/jUYr3R3tXBdvJPB+bKLXhJDKEvGZOtIdeDHKXMvzg
DWnTUcsMTcqmBw==
-----END CERTIFICATE-----