Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          vUH91CkuC+T+g320EJjtnx4YTYgo6pa2200UluIYGhQ=
Subject key identifier:   85:8C:2A:10:08:C4:75:19:97:12:D2:47:EF:F6:A5:E6:FF:CF:08:C9
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       019E1D90715E572DBABBBAC1FA0C8EAA8A3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          09FA
Signing time:             Tue 12 May 2026 19:01:05 +0000
Manifest this update:     Tue 12 May 2026 19:01:05 +0000
Manifest next update:     Wed 13 May 2026 19:01:05 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: uNPydeIQt42zVXEFUSQB45wWrBB5etAAH4uR1Li/c/o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:90:71:5e:57:2d:ba:bb:ba:c1:fa:0c:8e:aa:8a:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: May 12 19:01:05 2026 GMT
            Not After : May 13 19:01:05 2026 GMT
        Subject: CN=858c2a1008c475199712d247eff6a5e6ffcf08c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:cf:8b:a0:8d:36:ae:8c:92:a5:3d:14:ae:7c:
                    f0:33:24:78:9c:cc:4e:72:c5:d7:0a:2f:3e:d2:8a:
                    00:17:fb:2e:f3:e8:3c:cd:e9:48:47:bf:a3:81:75:
                    22:84:0d:d3:8e:4b:65:48:78:c8:9f:04:4c:62:5e:
                    fa:28:cc:cd:ae:ff:00:e0:fc:27:e8:4a:74:49:7f:
                    15:a1:88:b6:56:86:b0:d5:f9:46:53:9d:8c:32:b3:
                    6a:75:42:2f:63:4a:19:ad:d6:90:e8:14:b6:fc:48:
                    02:48:5f:0c:e3:b8:dc:28:a7:f0:10:8d:77:ad:cf:
                    35:d9:2f:db:0a:db:2a:c8:04:43:b1:97:97:96:bd:
                    f7:86:de:16:4e:fe:35:60:fd:8f:8b:8d:54:5b:45:
                    a1:3e:cc:37:a1:40:c4:a1:79:eb:51:e1:25:12:3c:
                    cc:5e:a1:58:ff:4f:e4:dc:8a:fd:97:ed:02:29:30:
                    6a:94:d1:b1:46:2a:81:63:d4:9d:0b:54:7c:8b:98:
                    71:9d:c3:50:49:3c:15:2a:d0:6a:54:67:84:e4:e4:
                    fe:97:13:21:9b:ef:98:5a:22:9c:10:7b:f7:6a:a3:
                    07:e0:4f:d4:93:0f:ed:91:33:90:d1:48:bb:6d:b1:
                    32:22:7d:e4:10:1e:37:3b:48:bf:41:6c:a5:ee:e1:
                    1d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:8C:2A:10:08:C4:75:19:97:12:D2:47:EF:F6:A5:E6:FF:CF:08:C9
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:a8:81:c1:43:fb:9d:32:da:ba:e7:66:bf:db:dd:d2:a0:79:
         ff:96:de:e0:9e:cf:9c:5d:86:88:f2:6d:1b:fd:d8:18:0f:7a:
         9e:70:2b:92:cb:66:05:82:0b:49:1a:7c:70:05:5c:13:30:98:
         b2:02:b4:63:b9:1b:29:7c:d7:f1:b7:1f:9f:30:6f:a2:2d:eb:
         49:dc:32:d2:d5:9c:1c:d2:31:f2:cf:c2:2e:85:b0:1f:1e:fc:
         1b:51:94:f6:4e:e8:bc:8e:ef:8e:17:08:21:fd:f8:a9:fb:58:
         72:b5:14:fd:8f:3e:32:8a:c8:4e:dc:32:7b:87:ba:ce:15:d1:
         4c:51:1c:a6:5a:5a:99:db:10:b8:ae:d7:d2:2e:8b:4c:7f:e4:
         ce:b7:be:0a:69:fb:e0:05:c8:9f:8b:27:b1:c1:e7:13:8e:20:
         df:f6:10:cb:e6:3c:22:82:48:a6:22:57:80:af:26:c6:cf:45:
         fb:88:9e:78:8c:36:0d:48:b7:8b:d0:66:e2:b9:20:55:8e:50:
         90:ce:2b:64:8b:3d:df:80:7d:2f:3a:ed:e7:fc:31:0b:8e:a2:
         58:90:aa:cd:2c:3e:1b:28:54:01:b6:33:ed:cb:ce:8e:0b:86:
         08:5b:14:8e:ff:4e:d2:98:db:d5:f1:e9:26:76:08:c7:3a:9a:
         4c:3f:ab:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dkHFeVy26u7rB+gyOqoo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjYwNTEyMTkwMTA1WhcNMjYwNTEzMTkwMTA1WjAzMTEwLwYDVQQD
Eyg4NThjMmExMDA4YzQ3NTE5OTcxMmQyNDdlZmY2YTVlNmZmY2YwOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc+LoI02roySpT0UrnzwMyR4nMxO
csXXCi8+0ooAF/su8+g8zelIR7+jgXUihA3TjktlSHjInwRMYl76KMzNrv8A4Pwn
6Ep0SX8VoYi2Voaw1flGU52MMrNqdUIvY0oZrdaQ6BS2/EgCSF8M47jcKKfwEI13
rc812S/bCtsqyARDsZeXlr33ht4WTv41YP2Pi41UW0WhPsw3oUDEoXnrUeElEjzM
XqFY/0/k3Ir9l+0CKTBqlNGxRiqBY9SdC1R8i5hxncNQSTwVKtBqVGeE5OT+lxMh
m++YWiKcEHv3aqMH4E/Ukw/tkTOQ0Ui7bbEyIn3kEB43O0i/QWyl7uEd1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWMKhAIxHUZlxLSR+/2peb/zwjJMB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW6iBwUP7
nTLauudmv9vd0qB5/5be4J7PnF2GiPJtG/3YGA96nnArkstmBYILSRp8cAVcEzCY
sgK0Y7kbKXzX8bcfnzBvoi3rSdwy0tWcHNIx8s/CLoWwHx78G1GU9k7ovI7vjhcI
If34qftYcrUU/Y8+MorITtwye4e6zhXRTFEcplpamdsQuK7X0i6LTH/kzre+Cmn7
4AXIn4snscHnE44g3/YQy+Y8IoJIpiJXgK8mxs9F+4ieeIw2DUi3i9Bm4rkgVY5Q
kM4rZIs934B9Lzrt5/wxC46iWJCqzSw+GyhUAbYz7cvOjguGCFsUjv9O0pjb1fHp
JnYIxzqaTD+r8w==
-----END CERTIFICATE-----