Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          BYsrm9B9qQbnHzoVOcalKYaCq7bXmEVCanZFMz/0Pik=
Subject key identifier:   2A:B1:05:3F:D9:BF:31:CA:95:08:7B:A7:9B:AB:D6:16:51:EE:B6:E9
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       019F194421843568B7133B18C724C21E6C93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          1985
Signing time:             Tue 30 Jun 2026 16:02:02 +0000
Manifest this update:     Tue 30 Jun 2026 16:02:02 +0000
Manifest next update:     Wed 01 Jul 2026 16:02:02 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: ZI/aU9NeCJUqL0hBGGQcBieU1GVHSA/3XTS2bii6Uq4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:44:21:84:35:68:b7:13:3b:18:c7:24:c2:1e:6c:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Jun 30 16:02:02 2026 GMT
            Not After : Jul  1 16:02:02 2026 GMT
        Subject: CN=2ab1053fd9bf31ca95087ba79babd61651eeb6e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:a6:62:8a:a2:4a:7e:01:c6:11:93:23:fa:f5:
                    3c:c3:29:6b:c6:6c:53:67:92:39:aa:0d:e6:0c:b4:
                    c7:4b:4b:e3:f5:e1:b5:a5:e1:19:aa:36:96:76:8d:
                    41:13:6a:2e:bd:de:70:05:16:41:ba:e5:ca:db:77:
                    27:80:c4:c4:59:bf:bf:ea:c1:be:f0:2b:27:a9:3f:
                    ca:37:90:d1:0c:a0:9a:dd:9a:0e:c5:19:cd:1d:8c:
                    0c:04:62:08:99:84:31:ca:04:eb:e3:e2:6a:0b:bf:
                    2a:cb:25:cf:7e:6a:2a:fc:34:8d:d6:09:a0:f8:2a:
                    84:03:49:67:f5:b6:d9:a7:9e:84:92:dd:7a:d9:87:
                    dd:1f:8a:ba:2c:25:81:eb:f7:61:c8:b6:0c:dc:30:
                    02:e6:10:c1:8e:10:8d:af:ff:15:42:60:0a:89:4e:
                    eb:26:ac:98:79:66:df:f2:71:a1:52:9a:fe:8a:5d:
                    1a:6a:59:1f:d1:b0:81:e1:cd:10:46:28:35:3a:3e:
                    91:52:47:bb:29:0f:c4:24:68:79:0c:3b:5d:9f:18:
                    b2:26:9c:3e:bb:8b:5e:0b:f3:56:ee:72:47:88:8c:
                    bb:63:ad:e7:76:8b:37:eb:6b:5e:06:46:91:22:d6:
                    f7:c2:75:44:c1:a5:30:c5:2c:b1:89:a5:9f:9f:dc:
                    3c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:B1:05:3F:D9:BF:31:CA:95:08:7B:A7:9B:AB:D6:16:51:EE:B6:E9
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:a8:29:d6:e9:2b:df:6f:99:e3:4e:eb:ce:d7:5f:a0:2a:8b:
         2d:7e:e4:a4:f9:0c:cd:11:e8:2f:b3:74:c9:70:87:8f:1c:85:
         c6:8f:98:94:2c:b7:7a:37:d8:a5:6b:88:d8:c2:f6:04:5c:bb:
         e7:10:aa:3e:31:a9:87:13:e1:bb:03:a0:19:19:9f:ac:2a:53:
         82:34:68:72:12:f3:b4:6f:e2:b9:7d:0a:87:8f:ea:78:cf:81:
         48:ad:fb:12:35:16:1a:88:a6:7a:99:4e:9a:fd:e5:80:6b:de:
         6a:22:fe:57:fb:0f:36:57:d0:83:03:17:cc:1e:1e:da:62:32:
         35:e4:f7:27:f6:b7:34:1f:a0:22:55:33:1d:20:4c:23:53:bf:
         23:f2:b5:14:98:4b:73:89:80:9c:ee:7e:52:e6:5e:79:b4:73:
         8a:8b:b6:dc:d9:d9:53:27:9c:4e:ea:ad:40:bb:f6:eb:d3:9f:
         be:2f:2b:89:b0:3c:b7:fa:ab:4b:53:84:d3:c8:25:a4:fe:0f:
         dd:df:be:b1:f6:4a:63:4d:ee:a1:b3:1b:21:06:ea:15:4b:c6:
         0f:74:54:22:eb:a4:f1:d9:ed:72:50:4f:9f:70:b6:bc:24:dc:
         2d:77:ca:b4:19:20:a0:d7:0b:a0:6e:11:6d:fc:59:c3:b9:ae:
         92:09:aa:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZRCGENWi3EzsYxyTCHmyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjYwNjMwMTYwMjAyWhcNMjYwNzAxMTYwMjAyWjAzMTEwLwYDVQQD
EygyYWIxMDUzZmQ5YmYzMWNhOTUwODdiYTc5YmFiZDYxNjUxZWViNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqZiiqJKfgHGEZMj+vU8wylrxmxT
Z5I5qg3mDLTHS0vj9eG1peEZqjaWdo1BE2ouvd5wBRZBuuXK23cngMTEWb+/6sG+
8CsnqT/KN5DRDKCa3ZoOxRnNHYwMBGIImYQxygTr4+JqC78qyyXPfmoq/DSN1gmg
+CqEA0ln9bbZp56Ekt162YfdH4q6LCWB6/dhyLYM3DAC5hDBjhCNr/8VQmAKiU7r
JqyYeWbf8nGhUpr+il0aalkf0bCB4c0QRig1Oj6RUke7KQ/EJGh5DDtdnxiyJpw+
u4teC/NW7nJHiIy7Y63ndos362teBkaRItb3wnVEwaUwxSyxiaWfn9w8IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqxBT/ZvzHKlQh7p5ur1hZR7rbpMB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABqgp1ukr
32+Z407rztdfoCqLLX7kpPkMzRHoL7N0yXCHjxyFxo+YlCy3ejfYpWuI2ML2BFy7
5xCqPjGphxPhuwOgGRmfrCpTgjRochLztG/iuX0Kh4/qeM+BSK37EjUWGoimeplO
mv3lgGveaiL+V/sPNlfQgwMXzB4e2mIyNeT3J/a3NB+gIlUzHSBMI1O/I/K1FJhL
c4mAnO5+UuZeebRziou23NnZUyecTuqtQLv269Ofvi8ribA8t/qrS1OE08glpP4P
3d++sfZKY03uobMbIQbqFUvGD3RUIuuk8dntclBPn3C2vCTcLXfKtBkgoNcLoG4R
bfxZw7mukgmqjw==
-----END CERTIFICATE-----