Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          ZWCUCkY1bcba4nuYcInzeERLVgEn0QFj0JxmiVb9i34=
Subject key identifier:   60:C5:FC:44:77:91:6C:FC:5E:6E:7A:B6:FC:6C:79:58:35:66:48:D2
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       019E30A92E8C05C686C57A94AE2A81C32502
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          093C
Signing time:             Sat 16 May 2026 12:00:54 +0000
Manifest this update:     Sat 16 May 2026 12:00:54 +0000
Manifest next update:     Sun 17 May 2026 12:00:54 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: km0IpJcnTvgAGHUy71ud6g3+VBcQnAp/jB7F4+pMbMo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:a9:2e:8c:05:c6:86:c5:7a:94:ae:2a:81:c3:25:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: May 16 12:00:54 2026 GMT
            Not After : May 17 12:00:54 2026 GMT
        Subject: CN=60c5fc4477916cfc5e6e7ab6fc6c7958356648d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:96:9d:80:bd:d3:a8:99:6e:00:90:50:32:72:
                    29:df:38:6b:82:a1:65:34:78:8c:f4:c9:59:18:eb:
                    c2:78:dd:79:61:b7:b4:6a:66:e7:b5:0e:fd:c7:91:
                    5f:7a:60:65:56:c2:1f:1a:e8:04:5d:5c:99:cf:d5:
                    e5:72:64:a3:d4:c4:93:df:6d:ca:4d:46:85:f1:18:
                    b2:87:2d:bd:83:7b:81:2f:aa:99:ea:ae:f9:b9:42:
                    ff:d8:47:85:d2:0e:1c:d5:6d:b1:e5:1f:90:39:f1:
                    4a:f4:ff:3d:c7:56:28:db:bb:6d:83:ea:d5:8a:6f:
                    93:ca:da:65:20:79:a6:c0:9a:cb:e2:dc:a2:05:02:
                    c8:c6:ff:29:20:fb:d3:7d:86:fd:4c:da:8a:ca:82:
                    de:80:fc:d6:ee:9e:bd:00:d1:0f:dd:fa:76:90:3d:
                    63:ef:6d:c9:ca:60:56:4a:87:c7:01:7b:24:ab:d2:
                    31:17:68:3d:01:bf:17:d2:f2:dd:cb:e3:50:ec:2a:
                    d0:4a:8d:f7:78:7f:7c:3e:ae:2b:69:61:67:26:ac:
                    7c:6a:1a:c5:f7:c0:33:be:35:bb:d1:c9:7f:b8:2c:
                    19:58:b8:57:d8:b9:85:31:a1:d4:97:87:61:5f:f1:
                    7a:4b:d5:85:0d:d8:92:af:3f:d9:95:25:6c:4a:5b:
                    31:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:C5:FC:44:77:91:6C:FC:5E:6E:7A:B6:FC:6C:79:58:35:66:48:D2
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:a3:3d:43:a4:a5:4c:ac:ec:cc:8a:0d:68:e3:c9:08:38:32:
         2e:b4:93:d9:a6:d6:a7:e3:56:01:49:ef:17:83:70:27:80:ee:
         8a:64:3d:3f:9e:32:a2:ba:74:e3:53:a3:86:cc:19:46:d4:b5:
         55:77:9c:63:18:2e:6a:2d:c3:f8:e5:fe:c6:ae:c4:b4:d1:41:
         f8:1a:01:ef:e3:e6:fa:62:60:82:3f:93:9b:ff:e7:0e:5e:d4:
         05:b1:1a:cb:15:6f:ea:b7:05:46:a4:6b:84:71:03:8e:ac:37:
         5d:ad:6f:8c:60:43:0b:0e:32:25:b7:98:4c:46:e3:74:2f:ce:
         d6:3e:3a:5c:fc:fb:76:54:30:60:2a:32:fe:25:a4:01:5b:e8:
         85:5c:4a:ed:77:ac:e8:b2:0e:5f:a6:4b:92:37:07:d2:71:4d:
         ca:23:ee:96:5b:be:0a:a7:63:ba:a0:dc:b8:93:79:88:2c:32:
         ee:a7:6c:c4:13:f3:ab:7b:c3:74:89:fe:e2:8f:d5:02:5e:39:
         5b:20:a5:5b:9b:88:11:ca:94:d3:12:d7:45:e8:f6:fe:68:02:
         ba:50:42:c6:18:b4:c5:62:04:00:63:91:b3:5c:83:59:50:91:
         4a:ff:70:59:da:a3:21:d9:ff:62:59:c5:53:12:d7:06:58:e6:
         a2:43:65:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wqS6MBcaGxXqUriqBwyUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjYwNTE2MTIwMDU0WhcNMjYwNTE3MTIwMDU0WjAzMTEwLwYDVQQD
Eyg2MGM1ZmM0NDc3OTE2Y2ZjNWU2ZTdhYjZmYzZjNzk1ODM1NjY0OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JadgL3TqJluAJBQMnIp3zhrgqFl
NHiM9MlZGOvCeN15Ybe0ambntQ79x5FfemBlVsIfGugEXVyZz9XlcmSj1MST323K
TUaF8Riyhy29g3uBL6qZ6q75uUL/2EeF0g4c1W2x5R+QOfFK9P89x1Yo27ttg+rV
im+TytplIHmmwJrL4tyiBQLIxv8pIPvTfYb9TNqKyoLegPzW7p69ANEP3fp2kD1j
723JymBWSofHAXskq9IxF2g9Ab8X0vLdy+NQ7CrQSo33eH98Pq4raWFnJqx8ahrF
98AzvjW70cl/uCwZWLhX2LmFMaHUl4dhX/F6S9WFDdiSrz/ZlSVsSlsxWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDF/ER3kWz8Xm56tvxseVg1ZkjSMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlqM9Q6Sl
TKzszIoNaOPJCDgyLrST2abWp+NWAUnvF4NwJ4DuimQ9P54yorp041OjhswZRtS1
VXecYxguai3D+OX+xq7EtNFB+BoB7+Pm+mJggj+Tm//nDl7UBbEayxVv6rcFRqRr
hHEDjqw3Xa1vjGBDCw4yJbeYTEbjdC/O1j46XPz7dlQwYCoy/iWkAVvohVxK7Xes
6LIOX6ZLkjcH0nFNyiPullu+CqdjuqDcuJN5iCwy7qdsxBPzq3vDdIn+4o/VAl45
WyClW5uIEcqU0xLXRej2/mgCulBCxhi0xWIEAGORs1yDWVCRSv9wWdqjIdn/YlnF
UxLXBljmokNldg==
-----END CERTIFICATE-----