Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
File:                     ELZc9vpeH8roz4TJcB44vftjqrM.mft (raw, json)
Hash identifier:          xeBTgFjvVRyBmh+sdZdaklnezVyMqovohC56hjaBVCE=
Subject key identifier:   38:E0:3D:E8:28:07:76:8D:E3:56:CB:89:CB:92:04:1E:9B:CA:45:75
Authority key identifier: 10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3
Certificate issuer:       /CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
Certificate serial:       019F189F2C68EEF25FE0F3EA9D67EA3C67BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
Manifest number:          1234
Signing time:             Tue 30 Jun 2026 13:01:52 +0000
Manifest this update:     Tue 30 Jun 2026 13:01:52 +0000
Manifest next update:     Wed 01 Jul 2026 13:01:52 +0000
Files and hashes:         1: ELZc9vpeH8roz4TJcB44vftjqrM.crl (hash: OOU35vgEGYSYCzB8lvk3c3bQgiWGpvIJw4BYWP1wX5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 13:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:18:9f:2c:68:ee:f2:5f:e0:f3:ea:9d:67:ea:3c:67:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10b65cf6fa5e1fcae8cf84c9701e38bdfb63aab3
        Validity
            Not Before: Jun 30 13:01:52 2026 GMT
            Not After : Jul  1 13:01:52 2026 GMT
        Subject: CN=38e03de82807768de356cb89cb92041e9bca4575
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:72:dc:a2:fb:0d:fe:49:39:ea:4c:55:72:1c:
                    f7:16:1d:6d:2d:65:8d:58:79:52:f2:0e:07:82:be:
                    dc:71:54:a2:eb:22:f4:50:d1:11:fa:39:19:cc:ec:
                    24:19:ab:19:4b:13:72:5e:63:65:87:f3:df:a5:23:
                    69:98:d1:b9:fe:3a:c1:7f:c1:6d:24:b3:f3:f9:a7:
                    28:1a:83:65:09:b6:89:af:b1:64:da:23:6d:50:8a:
                    cb:09:fa:4c:7f:87:d4:d8:b9:9b:59:89:24:fe:36:
                    b0:59:d1:68:86:4d:0e:d6:8b:33:22:64:12:8e:20:
                    19:3c:75:c1:1d:2a:b5:65:9e:f2:22:e1:a6:e9:83:
                    74:b7:57:4f:b4:2f:dc:7a:0e:9e:ea:87:c6:c9:d9:
                    b0:03:ba:15:b2:98:52:a0:40:48:77:16:cf:b9:fa:
                    f7:5f:59:5b:af:12:11:ab:ff:c0:7b:59:41:9a:03:
                    4c:65:a2:78:d4:7a:33:dd:bb:12:96:ad:38:bb:30:
                    f7:76:fc:b4:38:59:84:a9:ef:10:16:e7:39:48:82:
                    c3:79:0a:fc:92:3a:9d:e1:d6:4a:e8:e9:b4:a4:78:
                    d4:08:75:0f:94:6b:ae:c0:a7:cf:e0:ce:46:47:36:
                    ff:ed:aa:2b:ab:31:b7:20:74:fc:fb:dc:97:17:89:
                    fb:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:E0:3D:E8:28:07:76:8D:E3:56:CB:89:CB:92:04:1E:9B:CA:45:75
            X509v3 Authority Key Identifier:
                keyid:10:B6:5C:F6:FA:5E:1F:CA:E8:CF:84:C9:70:1E:38:BD:FB:63:AA:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ELZc9vpeH8roz4TJcB44vftjqrM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8090c2-8180-4f3f-8142-a23855872b86/1/ELZc9vpeH8roz4TJcB44vftjqrM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:3c:b1:3f:91:fa:b6:4d:9b:48:0c:d4:ff:be:16:e1:61:8a:
         81:2d:8e:34:c7:e5:1b:54:b2:2a:ee:08:f4:44:e9:c1:da:7c:
         84:1d:52:35:70:22:30:a5:50:01:35:83:8d:01:a0:2e:8f:ed:
         90:f2:fc:1b:e9:d5:6b:d1:4a:48:8f:1c:fd:1f:87:7b:32:b0:
         22:c4:a4:a2:86:c1:a4:54:28:fc:61:bd:4f:99:d7:83:9c:db:
         49:72:ce:7f:4a:83:63:12:9f:59:81:c6:24:fc:64:12:df:6e:
         89:40:fb:9c:1d:67:9c:d3:40:6d:bc:17:1d:45:d8:4a:10:d8:
         a3:8f:41:ef:3b:01:c4:9a:ed:6e:5a:83:a4:be:32:2b:7f:6b:
         56:bc:0e:1b:cd:48:d1:ab:f4:42:47:9b:33:25:b6:b8:a1:6c:
         5b:e9:5f:a3:d4:76:62:4e:89:f4:2f:7e:fb:df:9b:4b:4b:46:
         a2:a5:e7:88:be:02:9d:27:92:90:06:71:1d:f9:16:00:c9:3a:
         dc:b4:4f:0e:3e:8a:bc:49:a8:e9:5a:0e:41:b9:58:4e:fb:e0:
         c0:13:17:34:a5:37:8d:6d:80:aa:b9:40:56:fd:8c:8e:5c:ca:
         be:71:fb:33:24:23:4e:60:54:08:1e:62:fb:78:0f:e7:67:ba:
         b5:3c:df:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Ynyxo7vJf4PPqnWfqPGe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYjY1Y2Y2ZmE1ZTFmY2FlOGNmODRjOTcwMWUzOGJkZmI2
M2FhYjMwHhcNMjYwNjMwMTMwMTUyWhcNMjYwNzAxMTMwMTUyWjAzMTEwLwYDVQQD
EygzOGUwM2RlODI4MDc3NjhkZTM1NmNiODljYjkyMDQxZTliY2E0NTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXLcovsN/kk56kxVchz3Fh1tLWWN
WHlS8g4Hgr7ccVSi6yL0UNER+jkZzOwkGasZSxNyXmNlh/PfpSNpmNG5/jrBf8Ft
JLPz+acoGoNlCbaJr7Fk2iNtUIrLCfpMf4fU2LmbWYkk/jawWdFohk0O1oszImQS
jiAZPHXBHSq1ZZ7yIuGm6YN0t1dPtC/ceg6e6ofGydmwA7oVsphSoEBIdxbPufr3
X1lbrxIRq//Ae1lBmgNMZaJ41Hoz3bsSlq04uzD3dvy0OFmEqe8QFuc5SILDeQr8
kjqd4dZK6Om0pHjUCHUPlGuuwKfP4M5GRzb/7aorqzG3IHT8+9yXF4n7mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjgPegoB3aN41bLicuSBB6bykV1MB8GA1UdIwQY
MBaAFBC2XPb6Xh/K6M+EyXAeOL37Y6qzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDIt
YTIzODU1ODcyYjg2LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MDkwYzItODE4MC00ZjNmLTgxNDItYTIzODU1ODcyYjg2
LzEvRUxaYzl2cGVIOHJvejRUSmNCNDR2ZnRqcXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATzyxP5H6
tk2bSAzU/74W4WGKgS2ONMflG1SyKu4I9ETpwdp8hB1SNXAiMKVQATWDjQGgLo/t
kPL8G+nVa9FKSI8c/R+HezKwIsSkoobBpFQo/GG9T5nXg5zbSXLOf0qDYxKfWYHG
JPxkEt9uiUD7nB1nnNNAbbwXHUXYShDYo49B7zsBxJrtblqDpL4yK39rVrwOG81I
0av0QkebMyW2uKFsW+lfo9R2Yk6J9C9++9+bS0tGoqXniL4CnSeSkAZxHfkWAMk6
3LRPDj6KvEmo6VoOQblYTvvgwBMXNKU3jW2AqrlAVv2MjlzKvnH7MyQjTmBUCB5i
+3gP52e6tTzfZQ==
-----END CERTIFICATE-----