Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
File:                     9XGHM6rUPvapm9jZUEog3YkCLo8.mft (raw, json)
Hash identifier:          jta594MnxhQt2io3pX3sBuQjbfbsil592pmUw/YJgOw=
Subject key identifier:   10:4E:F9:CF:66:C3:19:4F:03:DE:18:3B:7E:28:93:65:B8:1A:43:B1
Authority key identifier: F5:71:87:33:AA:D4:3E:F6:A9:9B:D8:D9:50:4A:20:DD:89:02:2E:8F
Certificate issuer:       /CN=f5718733aad43ef6a99bd8d9504a20dd89022e8f
Certificate serial:       019F189EEA748BB489CE082A7FE804EE7A1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
Manifest number:          1687
Signing time:             Tue 30 Jun 2026 13:01:35 +0000
Manifest this update:     Tue 30 Jun 2026 13:01:35 +0000
Manifest next update:     Wed 01 Jul 2026 13:01:35 +0000
Files and hashes:         1: 9XGHM6rUPvapm9jZUEog3YkCLo8.crl (hash: OEh0pIxkmsLH9yKPXjOQ22hMrqPKXQ1CSC4Tn6xsH48=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 13:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:9e:ea:74:8b:b4:89:ce:08:2a:7f:e8:04:ee:7a:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5718733aad43ef6a99bd8d9504a20dd89022e8f
        Validity
            Not Before: Jun 30 13:01:35 2026 GMT
            Not After : Jul  1 13:01:35 2026 GMT
        Subject: CN=104ef9cf66c3194f03de183b7e289365b81a43b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:aa:20:0a:5e:20:33:ce:11:fa:f2:d8:1c:06:
                    8a:63:e5:48:68:88:8b:a5:56:af:89:09:8a:bd:6f:
                    ef:f7:8d:66:fa:e3:3d:bc:6a:5e:fe:18:be:03:34:
                    2f:77:df:ad:9f:f0:d2:96:f1:28:09:fa:98:81:8d:
                    5c:98:b7:f8:91:e9:7c:bc:75:bf:18:d5:3e:04:be:
                    f1:c4:61:0e:a9:9f:69:67:4e:67:76:a8:f6:14:f8:
                    00:52:2b:66:5e:13:92:bc:15:a5:27:67:fc:ff:19:
                    2a:22:ad:ba:e2:80:85:0c:af:14:f6:a0:93:cd:01:
                    0c:15:30:cc:e2:dc:a1:11:12:28:b6:6c:63:ba:0e:
                    f5:c5:28:f8:a9:2d:08:ec:80:4e:e6:35:4b:15:6c:
                    40:37:71:50:68:eb:f6:90:b4:08:4d:9f:9f:e4:9b:
                    d0:fa:95:4b:48:3a:93:76:d2:87:40:d1:17:a8:56:
                    bc:b4:c7:d8:0a:c0:2a:93:16:ab:0f:2b:53:1a:e5:
                    6b:87:64:5d:39:77:71:cc:41:ca:6e:c7:18:ee:07:
                    64:32:69:15:51:e8:dc:1d:b8:1b:e7:db:da:e3:e9:
                    d3:e5:45:a7:10:a0:d2:db:b2:76:e9:f6:fb:77:3b:
                    8a:62:4e:f5:47:0d:45:8b:c6:9d:c1:13:df:26:b3:
                    d8:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:4E:F9:CF:66:C3:19:4F:03:DE:18:3B:7E:28:93:65:B8:1A:43:B1
            X509v3 Authority Key Identifier:
                keyid:F5:71:87:33:AA:D4:3E:F6:A9:9B:D8:D9:50:4A:20:DD:89:02:2E:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XGHM6rUPvapm9jZUEog3YkCLo8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/23337c-3758-40b6-a9c8-d725fa6732b6/1/9XGHM6rUPvapm9jZUEog3YkCLo8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:ab:08:8f:09:91:7b:5f:46:f4:a9:b7:60:3d:5b:90:2e:e1:
         19:1a:9e:39:8f:ed:d3:c3:b2:b5:d3:8b:0d:0b:f3:6c:4e:df:
         f1:89:11:44:5a:b6:16:2f:5e:dd:72:7b:f2:4e:51:01:73:c7:
         3b:02:5c:2e:d3:83:5e:28:57:71:b4:41:62:11:38:1f:05:35:
         fe:a5:ae:dd:4f:e0:1b:fd:b4:f8:9b:5b:fa:05:02:d4:b7:63:
         62:79:df:b6:11:55:6f:0e:90:d9:57:41:f1:1a:3a:b6:12:86:
         51:73:ae:9d:6a:fd:49:98:52:f1:bb:b8:89:88:44:60:e3:93:
         09:8d:8f:00:8d:8e:71:6b:48:57:10:54:9e:bd:c9:4b:ae:c8:
         35:d5:6e:54:e5:cb:11:b1:84:4a:77:be:ac:21:34:6f:8b:95:
         ff:58:e4:eb:d7:a0:d9:5b:0c:21:19:8c:f3:a8:82:00:e4:e4:
         9b:cb:c8:49:78:af:a4:1b:5e:4b:e1:53:76:f3:5a:3b:0f:c5:
         f4:7e:5d:1f:76:67:45:ec:04:fb:02:e9:53:ae:02:1d:ca:cc:
         78:75:dd:bf:32:be:d4:b6:79:12:b5:35:ff:71:da:1c:19:69:
         03:b7:66:c6:b2:39:ef:1d:36:7e:fe:c4:8b:a5:56:09:64:ff:
         b9:17:80:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Ynup0i7SJzggqf+gE7nodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzE4NzMzYWFkNDNlZjZhOTliZDhkOTUwNGEyMGRkODkw
MjJlOGYwHhcNMjYwNjMwMTMwMTM1WhcNMjYwNzAxMTMwMTM1WjAzMTEwLwYDVQQD
EygxMDRlZjljZjY2YzMxOTRmMDNkZTE4M2I3ZTI4OTM2NWI4MWE0M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qogCl4gM84R+vLYHAaKY+VIaIiL
pVaviQmKvW/v941m+uM9vGpe/hi+AzQvd9+tn/DSlvEoCfqYgY1cmLf4kel8vHW/
GNU+BL7xxGEOqZ9pZ05ndqj2FPgAUitmXhOSvBWlJ2f8/xkqIq264oCFDK8U9qCT
zQEMFTDM4tyhERIotmxjug71xSj4qS0I7IBO5jVLFWxAN3FQaOv2kLQITZ+f5JvQ
+pVLSDqTdtKHQNEXqFa8tMfYCsAqkxarDytTGuVrh2RdOXdxzEHKbscY7gdkMmkV
UejcHbgb59va4+nT5UWnEKDS27J26fb7dzuKYk71Rw1Fi8adwRPfJrPY7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBBO+c9mwxlPA94YO34ok2W4GkOxMB8GA1UdIwQY
MBaAFPVxhzOq1D72qZvY2VBKIN2JAi6PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzMzN2MtMzc1OC00MGI2LWE5Yzgt
ZDcyNWZhNjczMmI2LzEvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzMzN2MtMzc1OC00MGI2LWE5YzgtZDcyNWZhNjczMmI2
LzEvOVhHSE02clVQdmFwbTlqWlVFb2czWWtDTG84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl6sIjwmR
e19G9Km3YD1bkC7hGRqeOY/t08OytdOLDQvzbE7f8YkRRFq2Fi9e3XJ78k5RAXPH
OwJcLtODXihXcbRBYhE4HwU1/qWu3U/gG/20+Jtb+gUC1LdjYnnfthFVbw6Q2VdB
8Ro6thKGUXOunWr9SZhS8bu4iYhEYOOTCY2PAI2OcWtIVxBUnr3JS67INdVuVOXL
EbGESne+rCE0b4uV/1jk69eg2VsMIRmM86iCAOTkm8vISXivpBteS+FTdvNaOw/F
9H5dH3ZnRewE+wLpU64CHcrMeHXdvzK+1LZ5ErU1/3HaHBlpA7dmxrI57x02fv7E
i6VWCWT/uReA3g==
-----END CERTIFICATE-----