Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/76a463-0732-497a-948d-2931104c5f7a/1/1qcbToaUQX67vPYmi5yPljFwsfE.mft
File:                     1qcbToaUQX67vPYmi5yPljFwsfE.mft (raw, json)
Hash identifier:          /Gyhi2zqJtu8soqH8T2u8PcnUUlRH32+dxVWXDhqKi4=
Subject key identifier:   88:E4:BC:B8:02:2A:47:F9:56:6A:D7:D5:6C:C4:40:19:AD:C8:7F:50
Authority key identifier: D6:A7:1B:4E:86:94:41:7E:BB:BC:F6:26:8B:9C:8F:96:31:70:B1:F1
Certificate issuer:       /CN=d6a71b4e8694417ebbbcf6268b9c8f963170b1f1
Certificate serial:       019F183122EAC807DFD52E53AAA6DA5CB277
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1qcbToaUQX67vPYmi5yPljFwsfE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/76a463-0732-497a-948d-2931104c5f7a/1/1qcbToaUQX67vPYmi5yPljFwsfE.mft
Manifest number:          095C
Signing time:             Tue 30 Jun 2026 11:01:41 +0000
Manifest this update:     Tue 30 Jun 2026 11:01:41 +0000
Manifest next update:     Wed 01 Jul 2026 11:01:41 +0000
Files and hashes:         1: 1qcbToaUQX67vPYmi5yPljFwsfE.crl (hash: ri2VfN77JPIZEsdw75fgl/Sl4xYlQJOw5DejzpS1r2s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/76a463-0732-497a-948d-2931104c5f7a/1/1qcbToaUQX67vPYmi5yPljFwsfE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/76a463-0732-497a-948d-2931104c5f7a/1/1qcbToaUQX67vPYmi5yPljFwsfE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1qcbToaUQX67vPYmi5yPljFwsfE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 11:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:31:22:ea:c8:07:df:d5:2e:53:aa:a6:da:5c:b2:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d6a71b4e8694417ebbbcf6268b9c8f963170b1f1
        Validity
            Not Before: Jun 30 11:01:41 2026 GMT
            Not After : Jul  1 11:01:41 2026 GMT
        Subject: CN=88e4bcb8022a47f9566ad7d56cc44019adc87f50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:1b:38:ce:37:c7:42:02:11:01:f2:67:1f:0f:
                    7e:a4:5f:b2:35:0c:94:fd:ae:f3:c0:fe:36:ed:3c:
                    10:09:be:20:c6:ab:ea:77:dc:2f:38:81:c3:19:96:
                    19:0e:0a:1c:e6:76:79:03:2f:dd:0a:1f:d9:34:63:
                    4b:62:c0:9d:7c:59:e7:96:68:e0:e1:c3:4d:19:96:
                    c9:58:eb:b5:55:fc:1e:41:9c:d8:f2:f1:3e:07:dc:
                    30:4e:bd:a5:a1:13:a1:97:45:14:73:c3:c6:20:6e:
                    48:98:a3:f6:ea:6c:23:7d:6a:93:9c:f8:3e:2b:e0:
                    ca:01:ba:84:05:af:ff:12:cc:48:e3:a1:5a:dd:25:
                    12:92:16:e9:f1:82:a4:4f:21:6f:2b:e7:3a:33:2c:
                    a6:5c:00:1e:9f:b3:01:ad:0d:ca:88:8c:54:60:c9:
                    b9:d2:f1:de:81:c8:76:ba:82:54:d1:a2:0d:6d:26:
                    0c:34:39:af:71:8d:4e:38:a6:a3:90:3f:2c:dc:0a:
                    f6:1c:3b:f1:03:42:20:0c:55:08:03:19:99:3d:e4:
                    e1:ef:70:84:f0:23:5e:27:f0:03:92:01:1c:30:78:
                    09:42:42:e9:c3:55:83:a0:b7:5b:29:ca:01:b1:da:
                    94:1c:7a:7c:6f:f9:72:df:99:2f:1f:f2:88:5e:b4:
                    48:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:E4:BC:B8:02:2A:47:F9:56:6A:D7:D5:6C:C4:40:19:AD:C8:7F:50
            X509v3 Authority Key Identifier:
                keyid:D6:A7:1B:4E:86:94:41:7E:BB:BC:F6:26:8B:9C:8F:96:31:70:B1:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qcbToaUQX67vPYmi5yPljFwsfE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/76a463-0732-497a-948d-2931104c5f7a/1/1qcbToaUQX67vPYmi5yPljFwsfE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/76a463-0732-497a-948d-2931104c5f7a/1/1qcbToaUQX67vPYmi5yPljFwsfE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         f2:64:19:93:23:a7:0a:51:bd:be:29:8c:13:34:57:42:7f:ca:
         79:bf:15:1c:4c:ca:4f:77:84:53:f2:3d:64:d2:78:7d:49:c2:
         0d:4a:65:a1:1d:fd:78:3d:d7:b7:67:c9:2a:df:be:8b:95:08:
         34:a1:6d:d3:2a:80:0f:0f:a9:35:24:6c:00:cb:3f:80:e2:2c:
         4b:e6:2c:05:03:ab:05:70:f6:2e:13:3b:82:a7:75:2a:ad:c3:
         fc:0d:8c:7f:04:90:02:ef:d6:3e:28:aa:42:80:b9:8f:37:f7:
         68:11:d2:6b:ae:e2:90:42:68:1b:35:e6:b5:a9:e3:b2:98:1e:
         c0:90:75:d6:ea:af:e4:a2:c3:d8:fb:86:a2:2c:6e:a0:b7:70:
         6b:1c:ea:0a:81:d8:af:29:c2:96:46:5b:7a:56:b1:20:67:33:
         36:a2:e9:70:c5:0c:ef:df:a4:66:0d:8d:81:27:c7:41:2d:e3:
         87:65:12:f2:95:d0:50:e1:ba:09:c3:be:df:f4:60:e1:05:40:
         ca:d5:ac:47:d6:77:33:de:c2:0b:ff:34:52:ea:87:7e:31:4f:
         cb:67:02:4b:86:01:15:d9:b8:e2:c1:1c:54:7e:da:c4:46:80:
         ec:ab:61:32:ff:e3:a2:af:a6:bd:b0:90:92:66:52:51:a5:24:
         9c:05:7e:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8YMSLqyAff1S5TqqbaXLJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YTcxYjRlODY5NDQxN2ViYmJjZjYyNjhiOWM4Zjk2MzE3
MGIxZjEwHhcNMjYwNjMwMTEwMTQxWhcNMjYwNzAxMTEwMTQxWjAzMTEwLwYDVQQD
Eyg4OGU0YmNiODAyMmE0N2Y5NTY2YWQ3ZDU2Y2M0NDAxOWFkYzg3ZjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRs4zjfHQgIRAfJnHw9+pF+yNQyU
/a7zwP427TwQCb4gxqvqd9wvOIHDGZYZDgoc5nZ5Ay/dCh/ZNGNLYsCdfFnnlmjg
4cNNGZbJWOu1VfweQZzY8vE+B9wwTr2loROhl0UUc8PGIG5ImKP26mwjfWqTnPg+
K+DKAbqEBa//EsxI46Fa3SUSkhbp8YKkTyFvK+c6MyymXAAen7MBrQ3KiIxUYMm5
0vHegch2uoJU0aINbSYMNDmvcY1OOKajkD8s3Ar2HDvxA0IgDFUIAxmZPeTh73CE
8CNeJ/ADkgEcMHgJQkLpw1WDoLdbKcoBsdqUHHp8b/ly35kvH/KIXrRIWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjkvLgCKkf5VmrX1WzEQBmtyH9QMB8GA1UdIwQY
MBaAFNanG06GlEF+u7z2Joucj5YxcLHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFjYlRvYVVRWDY3dlBZbWk1eVBsakZ3c2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NmE0NjMtMDczMi00OTdhLTk0OGQt
MjkzMTEwNGM1ZjdhLzEvMXFjYlRvYVVRWDY3dlBZbWk1eVBsakZ3c2ZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NmE0NjMtMDczMi00OTdhLTk0OGQtMjkzMTEwNGM1Zjdh
LzEvMXFjYlRvYVVRWDY3dlBZbWk1eVBsakZ3c2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA8mQZkyOn
ClG9vimMEzRXQn/Keb8VHEzKT3eEU/I9ZNJ4fUnCDUploR39eD3Xt2fJKt++i5UI
NKFt0yqADw+pNSRsAMs/gOIsS+YsBQOrBXD2LhM7gqd1Kq3D/A2MfwSQAu/WPiiq
QoC5jzf3aBHSa67ikEJoGzXmtanjspgewJB11uqv5KLD2PuGoixuoLdwaxzqCoHY
rynClkZbelaxIGczNqLpcMUM79+kZg2NgSfHQS3jh2US8pXQUOG6CcO+3/Rg4QVA
ytWsR9Z3M97CC/80UuqHfjFPy2cCS4YBFdm44sEcVH7axEaA7KthMv/joq+mvbCQ
kmZSUaUknAV+Ig==
-----END CERTIFICATE-----