Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
File:                     20iBY9r1DbZG3k3yTTTLrJk_RX8.mft (raw, json)
Hash identifier:          MOGe9JEXvBgvAQR/+zE8vuw6Y9DkZQwATk0rIj4wIvg=
Subject key identifier:   53:D6:5C:24:72:1D:BA:8E:B0:EE:ED:63:8D:EF:3B:D0:D7:D8:D1:B9
Authority key identifier: DB:48:81:63:DA:F5:0D:B6:46:DE:4D:F2:4D:34:CB:AC:99:3F:45:7F
Certificate issuer:       /CN=db488163daf50db646de4df24d34cbac993f457f
Certificate serial:       019F189F0CF79E4743B121BFB054568D60EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
Manifest number:          1986
Signing time:             Tue 30 Jun 2026 13:01:44 +0000
Manifest this update:     Tue 30 Jun 2026 13:01:44 +0000
Manifest next update:     Wed 01 Jul 2026 13:01:44 +0000
Files and hashes:         1: 20iBY9r1DbZG3k3yTTTLrJk_RX8.crl (hash: oxi+YTA5VPOZ+pSlRR3kP9ochrcnGbgoRSCK0HLaZrk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 13:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:9f:0c:f7:9e:47:43:b1:21:bf:b0:54:56:8d:60:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db488163daf50db646de4df24d34cbac993f457f
        Validity
            Not Before: Jun 30 13:01:44 2026 GMT
            Not After : Jul  1 13:01:44 2026 GMT
        Subject: CN=53d65c24721dba8eb0eeed638def3bd0d7d8d1b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:30:a9:cb:fa:92:2f:52:97:10:be:ba:e2:98:
                    a8:09:d8:6b:3a:4c:c3:bc:be:be:fa:95:a6:e5:b9:
                    10:3f:26:b0:9c:a4:88:a2:14:35:02:b4:ce:e0:0d:
                    f6:92:00:6d:45:80:7d:21:a4:ac:67:b5:33:21:5e:
                    0c:e2:9a:f3:51:d8:3b:0f:5c:d6:5b:02:04:3e:49:
                    25:7e:55:ec:ac:35:97:5e:d4:d2:a9:e0:b7:ac:9d:
                    29:3b:f6:a9:f5:3e:be:86:9d:b2:cc:11:70:33:82:
                    ea:dd:19:bf:98:36:23:a6:51:25:ab:dd:38:c2:98:
                    9e:9a:3f:3a:8f:61:bf:ca:55:ca:27:8a:41:e0:a9:
                    67:05:9b:e2:59:27:84:d6:7a:e4:2e:81:09:e7:c6:
                    db:85:9e:94:02:47:94:14:f0:2d:5a:0e:e4:ae:00:
                    c9:ac:89:7a:06:b6:d5:25:6f:36:da:15:e3:27:96:
                    4a:86:d0:41:6a:96:47:09:03:77:f3:73:f9:78:37:
                    3c:66:39:9d:e6:a3:0d:af:51:d9:7b:4d:f9:7b:84:
                    e9:5c:e6:bc:17:7f:12:63:01:5d:e6:7c:a2:b8:2b:
                    e4:dd:8b:a3:24:e9:75:3a:82:b3:dd:52:df:79:f9:
                    81:d3:b1:02:61:4a:24:81:f3:1c:07:34:5e:71:00:
                    a5:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:D6:5C:24:72:1D:BA:8E:B0:EE:ED:63:8D:EF:3B:D0:D7:D8:D1:B9
            X509v3 Authority Key Identifier:
                keyid:DB:48:81:63:DA:F5:0D:B6:46:DE:4D:F2:4D:34:CB:AC:99:3F:45:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:da:7f:e7:94:4c:42:bd:a8:af:32:5b:db:86:58:5a:ac:c5:
         89:db:f7:27:09:20:95:8d:9a:a3:c8:95:a9:3d:86:34:3c:ed:
         45:a0:e0:a4:6f:dd:39:04:1e:4f:72:73:c8:af:ff:35:bd:30:
         21:e5:5f:ea:fe:c2:11:a7:07:73:75:15:9b:a0:04:41:8f:85:
         d1:ac:0e:21:75:cd:d7:20:a5:71:9f:e6:3b:6e:19:4e:ea:be:
         04:16:e5:e6:1d:ae:1f:c5:16:3e:21:b4:70:51:07:a6:c7:a2:
         b3:86:dd:8a:bb:56:2d:41:19:9d:de:04:d7:de:f1:72:88:73:
         f0:6a:4b:ce:28:63:a1:03:e4:5f:50:82:7b:f4:b9:47:15:ad:
         cf:04:35:ef:83:49:ee:5a:3d:48:cd:d9:61:d2:59:84:99:17:
         f5:ec:d2:39:10:66:31:c8:39:b5:01:90:81:97:0c:00:74:19:
         85:d0:c5:be:cd:fe:b5:17:58:00:99:8b:66:e0:21:41:ce:06:
         b1:86:92:98:0a:34:d9:21:36:69:17:01:74:5c:bb:ab:c5:c2:
         9e:ad:a6:ca:61:45:52:61:3b:d1:5e:1d:0b:58:59:5f:a3:2e:
         9b:0b:26:ea:69:c2:c8:dc:97:a9:16:bc:d4:57:65:40:a4:af:
         b1:93:83:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Ynwz3nkdDsSG/sFRWjWDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDg4MTYzZGFmNTBkYjY0NmRlNGRmMjRkMzRjYmFjOTkz
ZjQ1N2YwHhcNMjYwNjMwMTMwMTQ0WhcNMjYwNzAxMTMwMTQ0WjAzMTEwLwYDVQQD
Eyg1M2Q2NWMyNDcyMWRiYThlYjBlZWVkNjM4ZGVmM2JkMGQ3ZDhkMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDCpy/qSL1KXEL664pioCdhrOkzD
vL6++pWm5bkQPyawnKSIohQ1ArTO4A32kgBtRYB9IaSsZ7UzIV4M4przUdg7D1zW
WwIEPkklflXsrDWXXtTSqeC3rJ0pO/ap9T6+hp2yzBFwM4Lq3Rm/mDYjplElq904
wpiemj86j2G/ylXKJ4pB4KlnBZviWSeE1nrkLoEJ58bbhZ6UAkeUFPAtWg7krgDJ
rIl6BrbVJW822hXjJ5ZKhtBBapZHCQN383P5eDc8Zjmd5qMNr1HZe035e4TpXOa8
F38SYwFd5nyiuCvk3YujJOl1OoKz3VLfefmB07ECYUokgfMcBzRecQClKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPWXCRyHbqOsO7tY43vO9DX2NG5MB8GA1UdIwQY
MBaAFNtIgWPa9Q22Rt5N8k00y6yZP0V/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy80ZTVjMTAtNzFlZC00ZGViLWI0ZTAt
MTlkNTdmZjFmYmQ5LzEvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy80ZTVjMTAtNzFlZC00ZGViLWI0ZTAtMTlkNTdmZjFmYmQ5
LzEvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh9p/55RM
Qr2orzJb24ZYWqzFidv3JwkglY2ao8iVqT2GNDztRaDgpG/dOQQeT3JzyK//Nb0w
IeVf6v7CEacHc3UVm6AEQY+F0awOIXXN1yClcZ/mO24ZTuq+BBbl5h2uH8UWPiG0
cFEHpseis4bdirtWLUEZnd4E197xcohz8GpLzihjoQPkX1CCe/S5RxWtzwQ174NJ
7lo9SM3ZYdJZhJkX9ezSORBmMcg5tQGQgZcMAHQZhdDFvs3+tRdYAJmLZuAhQc4G
sYaSmAo02SE2aRcBdFy7q8XCnq2mymFFUmE70V4dC1hZX6Mumwsm6mnCyNyXqRa8
1FdlQKSvsZOD5Q==
-----END CERTIFICATE-----