Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
File:                     iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft (raw, json)
Hash identifier:          i1RnjXNefR1VooTm0eyQXPuAuBrO6FDnvlo65Old7yw=
Subject key identifier:   0D:AD:D7:16:D1:26:59:F8:D4:50:C9:79:2E:B4:16:DA:13:41:8B:FB
Authority key identifier: 89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6
Certificate issuer:       /CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
Certificate serial:       019EB9C67C9257910A67F9C774AFFC045C23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
Manifest number:          092E
Signing time:             Fri 12 Jun 2026 03:00:53 +0000
Manifest this update:     Fri 12 Jun 2026 03:00:53 +0000
Manifest next update:     Sat 13 Jun 2026 03:00:53 +0000
Files and hashes:         1: iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl (hash: pq/QiqTIQDpOoICsauM+I2b82q9U54WX7YgrYPgKcn0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 20:26:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b9:c6:7c:92:57:91:0a:67:f9:c7:74:af:fc:04:5c:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
        Validity
            Not Before: Jun 12 03:00:53 2026 GMT
            Not After : Jun 13 03:00:53 2026 GMT
        Subject: CN=0dadd716d12659f8d450c9792eb416da13418bfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:3a:b6:30:4e:40:7d:80:bb:40:aa:46:1e:73:
                    55:bb:cc:e1:6c:5c:12:67:de:86:24:b7:7e:9e:72:
                    fe:44:2e:3e:27:47:c2:49:68:85:cf:fe:02:f8:e3:
                    53:47:a9:5c:ae:0e:01:11:6c:a3:9c:af:e4:b5:7d:
                    88:65:17:35:29:83:14:cf:3c:2b:fe:42:7b:e3:ab:
                    24:ac:06:27:95:1f:67:31:10:fc:1b:00:81:3b:76:
                    7a:93:83:58:cd:b4:0a:fc:3d:57:0e:e7:f3:02:a0:
                    01:da:2e:fc:f0:a7:b0:ef:91:d4:ee:0f:d0:50:2e:
                    36:1c:02:5b:5b:c8:fa:30:90:20:9c:ea:3c:88:b6:
                    eb:0f:60:9a:56:7e:dd:9d:cd:4f:3c:83:48:c2:db:
                    60:9e:1c:ab:65:8c:cd:06:74:92:ef:0c:87:29:c1:
                    aa:7b:1f:ba:21:7c:b5:22:37:ff:69:50:79:5d:f7:
                    cc:ee:06:26:a7:e6:e2:1b:81:78:d2:cf:fe:0e:3e:
                    7e:70:7c:18:6d:fb:5c:ef:be:05:3a:46:38:ca:81:
                    29:93:3a:9b:89:31:03:53:37:28:37:db:85:6b:c1:
                    dc:60:a9:86:6c:cf:90:79:ea:98:dd:66:05:6c:f2:
                    d6:f2:65:8b:d7:a1:b0:f9:6a:c3:64:dc:53:30:f6:
                    c9:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:AD:D7:16:D1:26:59:F8:D4:50:C9:79:2E:B4:16:DA:13:41:8B:FB
            X509v3 Authority Key Identifier:
                keyid:89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d4:2d:ff:bf:f2:4c:b0:d9:b7:37:1e:0c:cf:6e:09:52:5a:9d:
         82:a1:a6:6a:3b:dd:48:a6:d8:ee:ac:67:1e:41:84:cd:aa:4a:
         27:48:ff:ee:42:e0:5f:57:1e:e7:13:33:8a:52:0c:78:80:60:
         fd:fb:88:cc:ee:55:69:6b:dc:e4:93:aa:f5:33:39:65:37:f1:
         3b:71:93:d2:6a:a7:61:dc:2a:97:7a:95:34:e3:bb:e3:73:e0:
         dd:61:0a:e1:7d:d4:4f:6b:26:e9:e6:ad:3c:dd:70:0c:49:29:
         ed:a8:bb:7a:1d:e4:85:34:5d:d0:11:1c:44:19:15:24:b4:b2:
         55:49:7b:36:2c:c4:68:8d:ee:6d:38:55:18:49:50:ee:50:2d:
         37:72:ab:a1:db:2b:44:2d:30:18:71:83:b6:8a:a8:69:4c:af:
         ff:a2:0d:a6:1e:6f:42:11:87:f5:80:d8:56:1e:ef:83:fb:e0:
         9b:fc:d9:b7:a9:21:87:b6:dd:4e:33:5f:ae:f8:7c:35:ca:58:
         fb:3e:f2:74:55:94:0d:9c:87:27:79:84:54:5c:6f:c9:b5:35:
         21:0f:ea:0a:06:df:a6:6b:fe:8d:9e:4e:f6:c5:77:f7:d0:d9:
         96:2a:10:54:e7:9e:25:9d:91:e3:dc:b1:4f:44:07:6e:2a:0b:
         37:08:cc:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ65xnySV5EKZ/nHdK/8BFwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MGYzZmFiMjM0OWMwMWIxYWM4ZmQwYjkyMWM2MDMxOGNl
MTg0ZDYwHhcNMjYwNjEyMDMwMDUzWhcNMjYwNjEzMDMwMDUzWjAzMTEwLwYDVQQD
EygwZGFkZDcxNmQxMjY1OWY4ZDQ1MGM5NzkyZWI0MTZkYTEzNDE4YmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTq2ME5AfYC7QKpGHnNVu8zhbFwS
Z96GJLd+nnL+RC4+J0fCSWiFz/4C+ONTR6lcrg4BEWyjnK/ktX2IZRc1KYMUzzwr
/kJ746skrAYnlR9nMRD8GwCBO3Z6k4NYzbQK/D1XDufzAqAB2i788Kew75HU7g/Q
UC42HAJbW8j6MJAgnOo8iLbrD2CaVn7dnc1PPINIwttgnhyrZYzNBnSS7wyHKcGq
ex+6IXy1Ijf/aVB5XffM7gYmp+biG4F40s/+Dj5+cHwYbftc774FOkY4yoEpkzqb
iTEDUzcoN9uFa8HcYKmGbM+QeeqY3WYFbPLW8mWL16Gw+WrDZNxTMPbJHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2t1xbRJln41FDJeS60FtoTQYv7MB8GA1UdIwQY
MBaAFIkPP6sjScAbGsj9C5IcYDGM4YTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDIt
OTM1OWQ4ZGUyOTc1LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDItOTM1OWQ4ZGUyOTc1
LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1C3/v/JM
sNm3Nx4Mz24JUlqdgqGmajvdSKbY7qxnHkGEzapKJ0j/7kLgX1ce5xMzilIMeIBg
/fuIzO5VaWvc5JOq9TM5ZTfxO3GT0mqnYdwql3qVNOO743Pg3WEK4X3UT2sm6eat
PN1wDEkp7ai7eh3khTRd0BEcRBkVJLSyVUl7NizEaI3ubThVGElQ7lAtN3Krodsr
RC0wGHGDtoqoaUyv/6INph5vQhGH9YDYVh7vg/vgm/zZt6khh7bdTjNfrvh8NcpY
+z7ydFWUDZyHJ3mEVFxvybU1IQ/qCgbfpmv+jZ5O9sV399DZlioQVOeeJZ2R49yx
T0QHbioLNwjMqQ==
-----END CERTIFICATE-----