Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
File:                     Da7a5Z2cmvUe9UivsMlkOM73IRw.mft (raw, json)
Hash identifier:          SMAh74WFqcmpoKL1y08Q8iK9Py9xTSsA1iLfQeaujto=
Subject key identifier:   1D:E4:0C:63:A2:54:48:43:E3:F4:7F:C2:BE:16:E6:2B:DA:55:24:B3
Authority key identifier: 0D:AE:DA:E5:9D:9C:9A:F5:1E:F5:48:AF:B0:C9:64:38:CE:F7:21:1C
Certificate issuer:       /CN=0daedae59d9c9af51ef548afb0c96438cef7211c
Certificate serial:       019F17F95FCBA96D32733734FADC325A4CC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
Manifest number:          1984
Signing time:             Tue 30 Jun 2026 10:00:46 +0000
Manifest this update:     Tue 30 Jun 2026 10:00:46 +0000
Manifest next update:     Wed 01 Jul 2026 10:00:46 +0000
Files and hashes:         1: Da7a5Z2cmvUe9UivsMlkOM73IRw.crl (hash: zcV4582CP5tdFfTKEHRJ4AkXu+ao7kxVgCIstCnTL6E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 10:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:f9:5f:cb:a9:6d:32:73:37:34:fa:dc:32:5a:4c:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0daedae59d9c9af51ef548afb0c96438cef7211c
        Validity
            Not Before: Jun 30 10:00:46 2026 GMT
            Not After : Jul  1 10:00:46 2026 GMT
        Subject: CN=1de40c63a2544843e3f47fc2be16e62bda5524b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:fc:56:7e:51:04:2c:1a:98:3b:ac:74:31:4b:
                    f6:c0:d7:e6:4c:3c:bd:50:95:22:e2:72:27:77:9f:
                    99:d1:d2:d6:71:0a:07:45:98:14:4f:96:a8:a6:ba:
                    c2:ab:01:42:57:dc:64:c4:aa:3a:fc:bf:12:49:c7:
                    bf:e3:81:50:d5:40:47:f8:25:19:cd:7e:da:43:da:
                    8b:35:43:f6:c3:6b:c6:f7:e7:b2:2c:3b:db:cc:94:
                    a6:f6:b6:33:8c:aa:10:92:a6:48:1d:0a:77:e8:86:
                    7f:31:63:92:58:d7:d0:32:3e:84:c9:da:27:7b:0a:
                    3c:e1:a2:bd:e7:bb:21:a2:e6:de:e7:fb:ed:85:9f:
                    03:67:21:43:a5:53:3a:97:d1:f0:72:f7:0a:42:df:
                    be:44:37:bd:f1:25:c7:96:a7:fa:0b:2d:28:3e:09:
                    c9:e2:3e:f6:89:d4:ce:c5:3d:32:79:22:fb:76:68:
                    29:29:4f:7d:9b:51:13:f2:7a:10:5a:ec:db:b7:5b:
                    54:76:52:15:4d:12:c6:5d:0b:cb:ed:d7:08:6f:f9:
                    3a:2c:ff:74:19:7a:82:1d:03:9c:22:14:3d:26:1c:
                    81:f7:55:9e:86:23:b6:bc:71:72:0f:d9:e0:c6:d8:
                    74:94:c3:30:72:08:77:42:49:b5:01:53:cc:8d:73:
                    3d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:E4:0C:63:A2:54:48:43:E3:F4:7F:C2:BE:16:E6:2B:DA:55:24:B3
            X509v3 Authority Key Identifier:
                keyid:0D:AE:DA:E5:9D:9C:9A:F5:1E:F5:48:AF:B0:C9:64:38:CE:F7:21:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:24:c3:27:da:dc:a1:06:2c:f4:4f:40:d1:53:53:03:2a:ca:
         4f:a6:d7:6c:7b:03:28:47:c4:c2:e3:6f:07:e0:f6:3c:e0:c4:
         65:56:bb:e5:e0:37:15:9f:53:47:cc:38:7b:4f:77:dc:9e:4c:
         c0:46:5a:ce:eb:15:6a:3a:0e:6c:18:c2:a2:e2:14:45:3e:07:
         f6:3c:5c:56:43:d9:78:e4:fb:02:83:95:46:2a:c4:09:ff:e8:
         b4:16:89:39:0f:c4:18:89:bb:9f:b4:78:5c:6e:dd:c9:23:c1:
         01:cc:85:f1:cd:89:11:93:6f:35:c7:9e:5e:8b:f8:4b:1f:79:
         c3:0e:fb:43:01:2d:b0:13:fb:e0:30:b9:7d:22:ed:ef:3d:c1:
         83:90:10:d1:d2:cb:c0:85:a8:cc:48:f8:3e:5d:85:ab:c1:d1:
         05:ca:f9:84:f1:e6:d9:97:61:2c:61:08:9f:78:e5:2d:ff:c2:
         b5:64:0f:aa:a4:05:8f:e5:48:d1:17:f8:7a:6a:5b:55:7d:16:
         34:33:0f:91:b8:fb:ca:f8:0a:cc:1f:f8:c1:9f:a7:c6:1f:98:
         4d:ed:3b:f8:a2:7d:10:f1:97:76:a1:2b:7e:77:3a:a7:ce:54:
         c5:cd:64:be:ef:0d:16:28:f4:68:fe:8a:50:d0:a0:5f:6b:0d:
         80:d6:b5:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8X+V/LqW0yczc0+twyWkzCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYWVkYWU1OWQ5YzlhZjUxZWY1NDhhZmIwYzk2NDM4Y2Vm
NzIxMWMwHhcNMjYwNjMwMTAwMDQ2WhcNMjYwNzAxMTAwMDQ2WjAzMTEwLwYDVQQD
EygxZGU0MGM2M2EyNTQ0ODQzZTNmNDdmYzJiZTE2ZTYyYmRhNTUyNGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvxWflEELBqYO6x0MUv2wNfmTDy9
UJUi4nInd5+Z0dLWcQoHRZgUT5aoprrCqwFCV9xkxKo6/L8SSce/44FQ1UBH+CUZ
zX7aQ9qLNUP2w2vG9+eyLDvbzJSm9rYzjKoQkqZIHQp36IZ/MWOSWNfQMj6Eydon
ewo84aK957shoube5/vthZ8DZyFDpVM6l9HwcvcKQt++RDe98SXHlqf6Cy0oPgnJ
4j72idTOxT0yeSL7dmgpKU99m1ET8noQWuzbt1tUdlIVTRLGXQvL7dcIb/k6LP90
GXqCHQOcIhQ9JhyB91WehiO2vHFyD9ngxth0lMMwcgh3Qkm1AVPMjXM9QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3kDGOiVEhD4/R/wr4W5ivaVSSzMB8GA1UdIwQY
MBaAFA2u2uWdnJr1HvVIr7DJZDjO9yEcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjlkM2YtMTY5Ni00ZWQ0LTk2ZDIt
ZTdlYjgxN2VkZTMwLzEvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjlkM2YtMTY5Ni00ZWQ0LTk2ZDItZTdlYjgxN2VkZTMw
LzEvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAiTDJ9rc
oQYs9E9A0VNTAyrKT6bXbHsDKEfEwuNvB+D2PODEZVa75eA3FZ9TR8w4e0933J5M
wEZazusVajoObBjCouIURT4H9jxcVkPZeOT7AoOVRirECf/otBaJOQ/EGIm7n7R4
XG7dySPBAcyF8c2JEZNvNceeXov4Sx95ww77QwEtsBP74DC5fSLt7z3Bg5AQ0dLL
wIWozEj4Pl2Fq8HRBcr5hPHm2ZdhLGEIn3jlLf/CtWQPqqQFj+VI0Rf4empbVX0W
NDMPkbj7yvgKzB/4wZ+nxh+YTe07+KJ9EPGXdqErfnc6p85Uxc1kvu8NFij0aP6K
UNCgX2sNgNa1gg==
-----END CERTIFICATE-----