Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
File:                     7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft (raw, json)
Hash identifier:          dbfXiV5O2JlD7FD8gXpZPETgUtdUJPCmO0CL+iEMEts=
Subject key identifier:   7C:CF:2B:6A:B4:D6:48:A9:C3:B5:39:23:39:F2:46:F6:92:1E:18:24
Authority key identifier: EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48
Certificate issuer:       /CN=ecf5d512f91044b786a15589a624a8d8cb929e48
Certificate serial:       019F1755051F33D41FF801BAE434FDF20F96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
Manifest number:          1639
Signing time:             Tue 30 Jun 2026 07:01:15 +0000
Manifest this update:     Tue 30 Jun 2026 07:01:15 +0000
Manifest next update:     Wed 01 Jul 2026 07:01:15 +0000
Files and hashes:         1: 7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl (hash: YsLqQT2cM//0AFtRAcQaz9ZBtBDbEa3RNGC9XZmomLc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 07:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:55:05:1f:33:d4:1f:f8:01:ba:e4:34:fd:f2:0f:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecf5d512f91044b786a15589a624a8d8cb929e48
        Validity
            Not Before: Jun 30 07:01:15 2026 GMT
            Not After : Jul  1 07:01:15 2026 GMT
        Subject: CN=7ccf2b6ab4d648a9c3b5392339f246f6921e1824
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:98:1b:81:6a:b4:b4:29:9f:d2:ed:e0:05:43:
                    86:55:f7:c0:9d:49:f7:f0:47:07:78:f9:48:55:14:
                    34:4a:1e:89:fc:d5:4c:f8:7b:af:ed:45:a0:ec:df:
                    e3:ae:6e:fd:29:f3:59:af:9d:7c:59:5a:5c:db:2a:
                    96:9d:38:00:c2:ab:d4:7c:c8:b9:ed:cb:09:87:fc:
                    e3:4d:99:5b:d1:6a:e5:92:46:5c:bc:1f:1d:cc:30:
                    e4:b3:2e:8b:ca:b8:a4:54:45:b7:d7:e9:23:58:12:
                    11:36:7a:4a:48:23:6a:12:2a:19:33:fa:e7:1c:31:
                    ed:02:9f:de:ba:67:f2:5a:b8:c9:1a:e2:f6:0b:26:
                    a4:cf:b0:39:4b:b8:f2:3f:1e:af:2c:47:79:d0:74:
                    36:67:7a:e3:c3:00:cb:47:18:ee:cd:02:81:c4:68:
                    68:ba:e4:87:98:f0:9e:2d:b4:70:4e:46:35:5c:22:
                    c6:18:c4:01:95:52:3c:38:42:d9:65:59:3c:24:2d:
                    2a:2d:76:74:72:ef:95:80:15:f0:e7:2f:34:b4:88:
                    fc:14:c3:a0:e0:12:22:a8:d3:b5:dc:b9:0b:82:8a:
                    a4:78:2d:64:59:84:b7:5d:55:84:de:37:1d:ea:f2:
                    d9:cc:ec:e4:0e:0e:ab:28:f3:12:12:f5:52:38:34:
                    56:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:CF:2B:6A:B4:D6:48:A9:C3:B5:39:23:39:F2:46:F6:92:1E:18:24
            X509v3 Authority Key Identifier:
                keyid:EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:14:b9:ce:2d:7a:6a:ad:6b:f1:02:0f:10:48:3d:86:4c:2a:
         63:29:ac:59:e9:ec:d9:07:5c:62:b5:fb:ad:71:24:10:86:ab:
         69:58:71:15:4d:8f:a8:ce:8e:45:bb:64:fd:25:71:e8:88:9d:
         56:90:1f:bd:67:b8:4b:ce:6d:b5:4e:21:a0:8c:00:de:2b:3e:
         c3:c9:99:b4:a1:dd:54:a8:c4:f6:57:00:83:8d:52:fc:93:4a:
         e3:b9:f7:7e:d1:bd:c2:d2:d8:08:bf:0b:5a:62:7b:e2:da:3e:
         96:7f:0a:2a:cd:cc:ff:00:ec:8f:19:26:86:99:ba:84:9f:0e:
         1c:97:df:d3:7d:30:c9:fb:d8:63:d2:e4:04:8d:b7:9a:f5:40:
         b1:39:f7:4c:e4:3e:fb:4c:74:68:48:8e:c3:26:59:76:bb:f2:
         52:36:38:6e:11:60:b6:7e:79:a1:d3:3b:21:5f:09:b7:4d:d4:
         97:11:80:54:6c:9a:a9:ae:37:3c:6f:0a:c3:bf:d3:77:b9:41:
         28:be:ba:18:f7:5d:69:52:d3:37:e2:9e:6b:36:0d:94:59:29:
         be:fb:0c:1b:f5:4c:39:5e:b7:26:06:e9:5a:ec:e4:a3:cf:a0:
         d2:b7:e1:30:14:b2:0f:4f:37:e6:8d:e7:8b:1d:6e:cb:c9:2e:
         af:22:69:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XVQUfM9Qf+AG65DT98g+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjVkNTEyZjkxMDQ0Yjc4NmExNTU4OWE2MjRhOGQ4Y2I5
MjllNDgwHhcNMjYwNjMwMDcwMTE1WhcNMjYwNzAxMDcwMTE1WjAzMTEwLwYDVQQD
Eyg3Y2NmMmI2YWI0ZDY0OGE5YzNiNTM5MjMzOWYyNDZmNjkyMWUxODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JgbgWq0tCmf0u3gBUOGVffAnUn3
8EcHePlIVRQ0Sh6J/NVM+Huv7UWg7N/jrm79KfNZr518WVpc2yqWnTgAwqvUfMi5
7csJh/zjTZlb0WrlkkZcvB8dzDDksy6LyrikVEW31+kjWBIRNnpKSCNqEioZM/rn
HDHtAp/eumfyWrjJGuL2Cyakz7A5S7jyPx6vLEd50HQ2Z3rjwwDLRxjuzQKBxGho
uuSHmPCeLbRwTkY1XCLGGMQBlVI8OELZZVk8JC0qLXZ0cu+VgBXw5y80tIj8FMOg
4BIiqNO13LkLgoqkeC1kWYS3XVWE3jcd6vLZzOzkDg6rKPMSEvVSODRWwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHzPK2q01kipw7U5IznyRvaSHhgkMB8GA1UdIwQY
MBaAFOz11RL5EES3hqFViaYkqNjLkp5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUt
YzE0ODFkZjdkYTQxLzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUtYzE0ODFkZjdkYTQx
LzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxS5zi16
aq1r8QIPEEg9hkwqYymsWens2QdcYrX7rXEkEIaraVhxFU2PqM6ORbtk/SVx6Iid
VpAfvWe4S85ttU4hoIwA3is+w8mZtKHdVKjE9lcAg41S/JNK47n3ftG9wtLYCL8L
WmJ74to+ln8KKs3M/wDsjxkmhpm6hJ8OHJff030wyfvYY9LkBI23mvVAsTn3TOQ+
+0x0aEiOwyZZdrvyUjY4bhFgtn55odM7IV8Jt03UlxGAVGyaqa43PG8Kw7/Td7lB
KL66GPddaVLTN+KeazYNlFkpvvsMG/VMOV63JgbpWuzko8+g0rfhMBSyD0835o3n
ix1uy8kuryJppw==
-----END CERTIFICATE-----