Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
File:                     qCYCgPNU92LV7fNMisgW4cIHG1k.mft (raw, json)
Hash identifier:          kgubS85Ki42+mlAFiw0yxdPAV+f85wt21sRWbv5InSg=
Subject key identifier:   52:13:8C:99:4F:4A:99:95:DD:CD:A4:36:E9:3D:15:7B:95:92:7E:FB
Authority key identifier: A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59
Certificate issuer:       /CN=a8260280f354f762d5edf34c8ac816e1c2071b59
Certificate serial:       019EC525D08EEF9053B724DFEC97F6702710
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
Manifest number:          195A
Signing time:             Sun 14 Jun 2026 08:00:50 +0000
Manifest this update:     Sun 14 Jun 2026 08:00:50 +0000
Manifest next update:     Mon 15 Jun 2026 08:00:50 +0000
Files and hashes:         1: qCYCgPNU92LV7fNMisgW4cIHG1k.crl (hash: U0oyrbVIwzhrjsduQd+z4Xj24Dknk2QyX8O8vhJTMCU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 15 Jun 2026 04:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:c5:25:d0:8e:ef:90:53:b7:24:df:ec:97:f6:70:27:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8260280f354f762d5edf34c8ac816e1c2071b59
        Validity
            Not Before: Jun 14 08:00:50 2026 GMT
            Not After : Jun 15 08:00:50 2026 GMT
        Subject: CN=52138c994f4a9995ddcda436e93d157b95927efb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ee:f1:9c:71:a9:a7:d5:af:30:39:cf:61:71:
                    be:e1:60:91:7c:9c:04:d8:77:65:a7:c9:70:f3:f8:
                    f9:2d:64:3c:ec:7f:47:c8:a7:07:9c:80:02:93:5e:
                    18:7e:5f:cf:37:32:e5:b5:51:93:8c:94:cd:be:33:
                    57:78:83:ae:64:2c:24:46:c4:91:87:ad:c2:ae:84:
                    a8:ac:3e:6b:38:52:d2:30:97:6e:c1:bb:a4:dd:66:
                    d7:3d:ff:5d:da:25:54:1c:55:14:63:d8:bd:85:00:
                    96:64:a3:6a:1c:e3:7f:26:c5:66:de:a4:81:8d:42:
                    7b:7e:c0:76:cd:5c:d5:05:20:24:2e:7d:76:ba:f4:
                    9e:8f:5c:fe:64:62:4f:f3:6e:0b:5d:01:4d:67:93:
                    77:3c:8b:95:06:75:14:3a:fd:b6:ac:15:e9:8c:07:
                    98:1f:55:0a:fe:66:7e:5f:ee:ef:c6:58:34:5f:f7:
                    55:ab:5a:62:31:e0:88:7d:9f:18:62:de:6b:9e:18:
                    ac:61:4b:bf:6e:be:ef:78:17:61:31:8f:01:7e:d8:
                    38:dd:92:29:64:82:04:e4:b4:ae:eb:ea:b6:9e:1c:
                    c8:aa:60:e3:39:81:e2:17:9e:dd:44:fd:31:6a:db:
                    d8:bd:72:ce:71:1b:3a:fc:db:75:51:e8:89:d6:15:
                    36:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:13:8C:99:4F:4A:99:95:DD:CD:A4:36:E9:3D:15:7B:95:92:7E:FB
            X509v3 Authority Key Identifier:
                keyid:A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d0:3a:da:2d:e7:7f:9e:51:d3:40:bf:fb:01:1b:50:c2:d2:b0:
         27:df:aa:df:79:98:23:9c:32:68:d4:06:b2:b3:e6:60:3e:bd:
         e1:5d:be:09:a7:db:9e:57:b5:65:42:83:95:4f:fa:56:63:58:
         77:3e:f4:d7:89:24:39:3a:50:b4:19:22:74:b9:f8:b1:2f:78:
         0b:4a:e5:81:9b:5a:90:c1:2b:78:a2:c6:82:cf:31:b9:fc:b5:
         9c:3d:58:32:2a:05:e5:03:59:23:b8:65:e5:e4:77:05:49:14:
         c8:32:32:87:ad:cd:fb:56:ab:9b:56:5c:18:73:57:e4:3e:7d:
         62:81:76:cd:60:45:b5:d3:e2:ba:b7:5d:06:13:43:a7:40:18:
         79:02:1d:08:38:4b:1c:48:95:f1:80:ed:32:7a:64:d5:35:09:
         38:6d:89:7e:30:fe:64:05:d8:02:75:ea:55:ab:a1:8b:6b:c5:
         92:01:f2:ea:8b:34:d5:2e:0f:19:0a:03:8d:70:14:7e:3b:60:
         33:09:19:12:d2:88:9c:33:1a:e9:00:08:2c:6f:ac:6b:82:5d:
         56:85:f3:c3:6f:8c:fd:aa:91:2a:ea:11:58:d3:e2:ea:53:5f:
         c3:84:34:11:a9:73:2b:25:a9:60:21:d0:7e:f6:12:6c:8b:05:
         66:9c:a6:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7FJdCO75BTtyTf7Jf2cCcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjYwMjgwZjM1NGY3NjJkNWVkZjM0YzhhYzgxNmUxYzIw
NzFiNTkwHhcNMjYwNjE0MDgwMDUwWhcNMjYwNjE1MDgwMDUwWjAzMTEwLwYDVQQD
Eyg1MjEzOGM5OTRmNGE5OTk1ZGRjZGE0MzZlOTNkMTU3Yjk1OTI3ZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu7xnHGpp9WvMDnPYXG+4WCRfJwE
2Hdlp8lw8/j5LWQ87H9HyKcHnIACk14Yfl/PNzLltVGTjJTNvjNXeIOuZCwkRsSR
h63CroSorD5rOFLSMJduwbuk3WbXPf9d2iVUHFUUY9i9hQCWZKNqHON/JsVm3qSB
jUJ7fsB2zVzVBSAkLn12uvSej1z+ZGJP824LXQFNZ5N3PIuVBnUUOv22rBXpjAeY
H1UK/mZ+X+7vxlg0X/dVq1piMeCIfZ8YYt5rnhisYUu/br7veBdhMY8Bftg43ZIp
ZIIE5LSu6+q2nhzIqmDjOYHiF57dRP0xatvYvXLOcRs6/Nt1UeiJ1hU2WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFITjJlPSpmV3c2kNuk9FXuVkn77MB8GA1UdIwQY
MBaAFKgmAoDzVPdi1e3zTIrIFuHCBxtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEt
MTgzYTQ3YTQ1YjJhLzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEtMTgzYTQ3YTQ1YjJh
LzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0DraLed/
nlHTQL/7ARtQwtKwJ9+q33mYI5wyaNQGsrPmYD694V2+Cafbnle1ZUKDlU/6VmNY
dz7014kkOTpQtBkidLn4sS94C0rlgZtakMEreKLGgs8xufy1nD1YMioF5QNZI7hl
5eR3BUkUyDIyh63N+1arm1ZcGHNX5D59YoF2zWBFtdPiurddBhNDp0AYeQIdCDhL
HEiV8YDtMnpk1TUJOG2JfjD+ZAXYAnXqVauhi2vFkgHy6os01S4PGQoDjXAUfjtg
MwkZEtKInDMa6QAILG+sa4JdVoXzw2+M/aqRKuoRWNPi6lNfw4Q0EalzKyWpYCHQ
fvYSbIsFZpymCQ==
-----END CERTIFICATE-----