Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
File:                     435CoUa5C6fNMxrWoT7vHaL7pEA.mft (raw, json)
Hash identifier:          KeXNXwHcuxITkAZSfcMw95AIhj7gZCOTy1gNEO3Bclk=
Subject key identifier:   E7:F0:CE:39:F9:13:68:87:F3:5E:AB:39:5D:F6:08:EA:EC:92:82:FE
Authority key identifier: E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40
Certificate issuer:       /CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
Certificate serial:       019F17F94AD8F38CCF16ACB0FFE7C829081D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
Manifest number:          0B94
Signing time:             Tue 30 Jun 2026 10:00:41 +0000
Manifest this update:     Tue 30 Jun 2026 10:00:41 +0000
Manifest next update:     Wed 01 Jul 2026 10:00:41 +0000
Files and hashes:         1: 435CoUa5C6fNMxrWoT7vHaL7pEA.crl (hash: 0MRP5rxbpV7lWpbXGAUFiy4F94iZutBLB6hYYCBotYk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 10:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:f9:4a:d8:f3:8c:cf:16:ac:b0:ff:e7:c8:29:08:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
        Validity
            Not Before: Jun 30 10:00:41 2026 GMT
            Not After : Jul  1 10:00:41 2026 GMT
        Subject: CN=e7f0ce39f9136887f35eab395df608eaec9282fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:4b:ba:3b:3b:60:8e:b0:8d:de:66:a3:6f:1c:
                    da:c6:c0:2b:b9:a7:1a:37:8a:28:0c:55:75:88:3c:
                    d3:aa:a4:55:ae:3b:4a:b8:9b:fa:d4:00:58:56:be:
                    de:75:05:48:ae:a4:f7:47:eb:ff:e0:e6:32:a5:a8:
                    4d:cc:0c:c2:ac:11:ad:a9:34:1c:96:3f:6c:58:f7:
                    a8:23:54:c1:db:9f:27:bb:d3:cf:33:04:2a:67:cf:
                    1a:79:83:a5:a9:10:aa:ea:66:3f:05:f3:72:6c:ca:
                    83:80:d0:6b:0f:fb:b4:e4:1f:66:30:65:c1:d2:87:
                    97:46:30:56:6f:1f:e2:40:a7:d3:15:d1:25:d1:58:
                    2a:1c:f1:43:7e:78:04:9a:d0:dd:51:c8:aa:d1:a0:
                    23:c3:f6:56:a5:38:ed:2f:9d:cd:96:20:eb:19:e1:
                    4f:b3:9f:fe:35:d6:88:09:eb:46:58:ba:0a:c8:85:
                    a4:85:5e:77:98:ad:1f:a8:b7:63:fd:da:11:ba:ff:
                    e0:bc:f6:1b:3b:c3:2c:74:e4:b3:91:e1:7b:f6:81:
                    d3:14:90:96:c2:9c:66:80:db:dd:d9:7b:88:d4:e2:
                    0c:93:99:6d:fa:4b:63:b8:f9:87:f4:2c:ff:0d:60:
                    64:fe:a2:e8:5a:0d:47:e7:14:d7:4e:16:de:0e:0a:
                    d2:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:F0:CE:39:F9:13:68:87:F3:5E:AB:39:5D:F6:08:EA:EC:92:82:FE
            X509v3 Authority Key Identifier:
                keyid:E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:72:ba:e0:6d:37:80:90:6f:00:fb:7f:fe:9e:70:ab:d1:42:
         27:47:44:b5:81:8a:6a:31:57:22:d1:cf:d5:d9:e3:1f:b0:63:
         77:98:0d:12:f0:92:c7:17:a2:1b:cb:69:0d:94:9b:c6:d8:77:
         9d:98:c8:3a:5a:41:3f:dc:b6:d5:20:10:47:74:51:8e:fe:61:
         f4:f2:c9:69:ca:35:c5:a9:13:1e:e5:0d:90:bb:ef:29:96:39:
         b3:2d:34:30:ab:84:eb:21:f4:ff:a7:7e:ec:67:48:4c:1a:3b:
         47:2c:dc:4e:ba:bc:2d:da:f1:a1:4f:f7:8e:67:e2:74:b1:1c:
         e3:c1:e8:fd:11:e6:a1:7c:70:a2:59:37:82:ff:1e:d6:81:1e:
         ae:dd:15:79:de:6b:46:9d:74:61:ee:07:73:bd:59:3c:30:20:
         52:df:b0:2c:d2:11:16:07:de:eb:9e:27:19:fd:db:d7:84:b9:
         b7:b1:62:9d:29:43:ac:e6:28:da:14:db:40:3b:8c:e4:95:1f:
         89:eb:aa:e9:67:e7:1e:07:c7:e8:91:6c:7c:9b:5b:7e:38:e3:
         9c:e1:f1:34:9e:0f:b1:7c:9b:19:54:15:ca:57:2a:9d:27:de:
         83:65:4f:b6:70:10:44:40:14:3f:58:92:e7:04:47:6c:90:72:
         0d:81:3d:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8X+UrY84zPFqyw/+fIKQgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2U0MmExNDZiOTBiYTdjZDMzMWFkNmExM2VlZjFkYTJm
YmE0NDAwHhcNMjYwNjMwMTAwMDQxWhcNMjYwNzAxMTAwMDQxWjAzMTEwLwYDVQQD
EyhlN2YwY2UzOWY5MTM2ODg3ZjM1ZWFiMzk1ZGY2MDhlYWVjOTI4MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjku6OztgjrCN3majbxzaxsAruaca
N4ooDFV1iDzTqqRVrjtKuJv61ABYVr7edQVIrqT3R+v/4OYypahNzAzCrBGtqTQc
lj9sWPeoI1TB258nu9PPMwQqZ88aeYOlqRCq6mY/BfNybMqDgNBrD/u05B9mMGXB
0oeXRjBWbx/iQKfTFdEl0VgqHPFDfngEmtDdUciq0aAjw/ZWpTjtL53NliDrGeFP
s5/+NdaICetGWLoKyIWkhV53mK0fqLdj/doRuv/gvPYbO8MsdOSzkeF79oHTFJCW
wpxmgNvd2XuI1OIMk5lt+ktjuPmH9Cz/DWBk/qLoWg1H5xTXThbeDgrS8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfwzjn5E2iH816rOV32COrskoL+MB8GA1UdIwQY
MBaAFON+QqFGuQunzTMa1qE+7x2i+6RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYt
MDYzMjlmNmUwNDc1LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYtMDYzMjlmNmUwNDc1
LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ3K64G03
gJBvAPt//p5wq9FCJ0dEtYGKajFXItHP1dnjH7Bjd5gNEvCSxxeiG8tpDZSbxth3
nZjIOlpBP9y21SAQR3RRjv5h9PLJaco1xakTHuUNkLvvKZY5sy00MKuE6yH0/6d+
7GdITBo7RyzcTrq8LdrxoU/3jmfidLEc48Ho/RHmoXxwolk3gv8e1oEert0Ved5r
Rp10Ye4Hc71ZPDAgUt+wLNIRFgfe654nGf3b14S5t7FinSlDrOYo2hTbQDuM5JUf
ieuq6WfnHgfH6JFsfJtbfjjjnOHxNJ4PsXybGVQVylcqnSfeg2VPtnAQREAUP1iS
5wRHbJByDYE9IQ==
-----END CERTIFICATE-----