Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
File:                     wKopmx5fodUSbfrXXf1Km65EOhc.mft (raw, json)
Hash identifier:          rFXmpmrv9yeMFFbVW33pdC/wM7y/Xb/zjRwR7iSyHp4=
Subject key identifier:   8D:17:1A:F3:18:BA:6C:82:D6:22:4D:61:7C:BF:A9:41:E4:D4:5C:1C
Authority key identifier: C0:AA:29:9B:1E:5F:A1:D5:12:6D:FA:D7:5D:FD:4A:9B:AE:44:3A:17
Certificate issuer:       /CN=c0aa299b1e5fa1d5126dfad75dfd4a9bae443a17
Certificate serial:       019EE8FC72D17DB194386368BFF78F9F4540
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
Manifest number:          08A9
Signing time:             Sun 21 Jun 2026 07:01:58 +0000
Manifest this update:     Sun 21 Jun 2026 07:01:58 +0000
Manifest next update:     Mon 22 Jun 2026 07:01:58 +0000
Files and hashes:         1: wKopmx5fodUSbfrXXf1Km65EOhc.crl (hash: 0glM9S6IaOQxj8ovGWXd1CV6tZD5I/M4GTLsp7OCyaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 22 Jun 2026 07:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:e8:fc:72:d1:7d:b1:94:38:63:68:bf:f7:8f:9f:45:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0aa299b1e5fa1d5126dfad75dfd4a9bae443a17
        Validity
            Not Before: Jun 21 07:01:58 2026 GMT
            Not After : Jun 22 07:01:58 2026 GMT
        Subject: CN=8d171af318ba6c82d6224d617cbfa941e4d45c1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:76:1e:54:29:52:36:e6:c5:07:c5:54:50:fa:
                    b0:07:1f:e0:22:d1:1a:5a:fa:37:2f:a7:39:66:27:
                    37:54:fd:eb:d4:34:50:e7:f3:d4:16:37:9a:23:a1:
                    67:e6:06:17:d5:63:3d:4c:01:c4:18:2d:f2:e6:e3:
                    63:50:19:36:d4:f1:c5:1a:8c:68:ce:c9:a5:0e:b6:
                    aa:9d:eb:80:03:63:cd:82:68:55:ec:89:c2:58:1a:
                    37:d0:1d:3c:57:2d:12:db:e3:88:c3:ff:65:37:f5:
                    0a:54:8a:45:bf:06:2b:0a:6b:23:2f:e9:76:24:21:
                    22:71:21:d5:65:ac:64:0e:89:f8:bb:a4:da:2d:c7:
                    69:d2:6a:7e:02:c5:01:64:f6:8e:b4:bb:5d:92:d3:
                    ef:9c:20:c1:1a:7b:71:51:83:c1:93:30:9d:67:e4:
                    a8:6e:fe:36:b0:0b:b6:a3:39:88:86:49:cc:5e:48:
                    86:d7:1d:19:a5:9f:0a:76:ac:62:c5:c2:88:df:2c:
                    84:8f:60:5a:57:b1:5d:9a:93:5a:d4:1d:61:91:54:
                    57:3b:b2:ad:af:72:3e:98:3e:a1:fc:89:41:87:23:
                    d9:1e:95:af:b8:7a:56:3a:05:37:e6:64:04:c5:d2:
                    3a:ea:2e:f8:83:66:69:79:5e:70:34:8f:df:3f:20:
                    3a:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:17:1A:F3:18:BA:6C:82:D6:22:4D:61:7C:BF:A9:41:E4:D4:5C:1C
            X509v3 Authority Key Identifier:
                keyid:C0:AA:29:9B:1E:5F:A1:D5:12:6D:FA:D7:5D:FD:4A:9B:AE:44:3A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wKopmx5fodUSbfrXXf1Km65EOhc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2fc804-2477-4d6b-8137-704a995e3db6/1/wKopmx5fodUSbfrXXf1Km65EOhc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:98:11:4c:25:4e:e6:32:23:98:98:f2:49:a9:70:28:83:de:
         07:c5:6a:f5:fe:25:7a:d3:de:6f:f8:19:1d:4a:0c:c3:3d:47:
         25:e7:dd:ef:62:c9:33:67:24:18:89:0b:88:4a:e8:cb:ff:e0:
         46:a4:4e:1d:c7:2d:e9:02:ad:08:1d:69:f9:77:40:ee:39:67:
         06:26:ca:f5:e7:34:08:43:78:20:bc:47:d8:5e:ff:77:20:27:
         8b:cc:fe:88:e4:a8:e0:f6:31:ad:b9:cc:01:ed:99:16:8a:96:
         8d:a7:49:18:88:16:bb:d9:c2:b0:1e:88:e3:80:ed:e4:c5:0a:
         69:7b:5e:07:c3:09:d0:ed:79:00:a0:53:f3:97:1e:ce:12:e4:
         82:b3:05:e1:9a:b3:af:c5:e2:3e:c8:5a:07:06:46:b5:2b:87:
         b5:34:58:51:a6:89:f6:c3:63:7b:32:13:99:9c:df:09:c6:4c:
         2c:38:dc:08:94:02:e1:80:3d:58:75:71:97:b3:77:a6:21:06:
         50:26:68:52:b8:e0:e1:76:3b:46:0a:d8:d8:99:72:f9:e4:dc:
         6d:00:b6:be:3b:dd:bb:9c:af:b7:7c:ca:9b:6d:d1:05:c3:7c:
         5a:1c:3f:a4:3a:85:1d:30:14:f0:2f:36:1a:f0:5a:f6:cb:e4:
         86:e7:f3:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7o/HLRfbGUOGNov/ePn0VAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYWEyOTliMWU1ZmExZDUxMjZkZmFkNzVkZmQ0YTliYWU0
NDNhMTcwHhcNMjYwNjIxMDcwMTU4WhcNMjYwNjIyMDcwMTU4WjAzMTEwLwYDVQQD
Eyg4ZDE3MWFmMzE4YmE2YzgyZDYyMjRkNjE3Y2JmYTk0MWU0ZDQ1YzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nYeVClSNubFB8VUUPqwBx/gItEa
Wvo3L6c5Zic3VP3r1DRQ5/PUFjeaI6Fn5gYX1WM9TAHEGC3y5uNjUBk21PHFGoxo
zsmlDraqneuAA2PNgmhV7InCWBo30B08Vy0S2+OIw/9lN/UKVIpFvwYrCmsjL+l2
JCEicSHVZaxkDon4u6TaLcdp0mp+AsUBZPaOtLtdktPvnCDBGntxUYPBkzCdZ+So
bv42sAu2ozmIhknMXkiG1x0ZpZ8KdqxixcKI3yyEj2BaV7FdmpNa1B1hkVRXO7Kt
r3I+mD6h/IlBhyPZHpWvuHpWOgU35mQExdI66i74g2ZpeV5wNI/fPyA63wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0XGvMYumyC1iJNYXy/qUHk1FwcMB8GA1UdIwQY
MBaAFMCqKZseX6HVEm361139SpuuRDoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yZmM4MDQtMjQ3Ny00ZDZiLTgxMzct
NzA0YTk5NWUzZGI2LzEvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yZmM4MDQtMjQ3Ny00ZDZiLTgxMzctNzA0YTk5NWUzZGI2
LzEvd0tvcG14NWZvZFVTYmZyWFhmMUttNjVFT2hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWpgRTCVO
5jIjmJjySalwKIPeB8Vq9f4letPeb/gZHUoMwz1HJefd72LJM2ckGIkLiEroy//g
RqROHcct6QKtCB1p+XdA7jlnBibK9ec0CEN4ILxH2F7/dyAni8z+iOSo4PYxrbnM
Ae2ZFoqWjadJGIgWu9nCsB6I44Dt5MUKaXteB8MJ0O15AKBT85cezhLkgrMF4Zqz
r8XiPshaBwZGtSuHtTRYUaaJ9sNjezITmZzfCcZMLDjcCJQC4YA9WHVxl7N3piEG
UCZoUrjg4XY7RgrY2Jly+eTcbQC2vjvdu5yvt3zKm23RBcN8Whw/pDqFHTAU8C82
GvBa9svkhufzBQ==
-----END CERTIFICATE-----