Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft
File:                     68Xg5EXZRzFUru10Rpss-6NmTjU.mft (raw, json)
Hash identifier:          prpTpUnRz2072ItUAAK8EBPnL7IchcrPEo1glvBhQ0M=
Subject key identifier:   54:23:80:A7:A0:59:24:DF:EA:C5:E4:0D:7B:B0:35:F2:68:61:E4:9A
Authority key identifier: EB:C5:E0:E4:45:D9:47:31:54:AE:ED:74:46:9B:2C:FB:A3:66:4E:35
Certificate issuer:       /CN=ebc5e0e445d9473154aeed74469b2cfba3664e35
Certificate serial:       019E1E34D74BF0D11000943AD770C0E44BCC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/68Xg5EXZRzFUru10Rpss-6NmTjU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft
Manifest number:          0C4A
Signing time:             Tue 12 May 2026 22:00:39 +0000
Manifest this update:     Tue 12 May 2026 22:00:39 +0000
Manifest next update:     Wed 13 May 2026 22:00:39 +0000
Files and hashes:         1: 68Xg5EXZRzFUru10Rpss-6NmTjU.crl (hash: aM2b41Tp/e8OU0mSspEO578PKDofyxraZguMTw33AUE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/68Xg5EXZRzFUru10Rpss-6NmTjU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:34:d7:4b:f0:d1:10:00:94:3a:d7:70:c0:e4:4b:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebc5e0e445d9473154aeed74469b2cfba3664e35
        Validity
            Not Before: May 12 22:00:39 2026 GMT
            Not After : May 13 22:00:39 2026 GMT
        Subject: CN=542380a7a05924dfeac5e40d7bb035f26861e49a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:85:5f:80:76:66:41:6e:33:88:c2:75:63:95:
                    82:a8:5b:7c:96:fb:af:6d:03:a0:2b:50:23:5e:db:
                    55:13:b1:4f:dc:c8:ec:d9:16:c6:6c:ca:aa:c9:b4:
                    ce:e2:90:a2:58:31:a7:16:96:a6:c3:ef:2a:b6:2b:
                    52:31:e2:53:39:8e:83:75:f9:e3:b0:ae:a3:9a:81:
                    fa:63:4a:cf:ac:ec:ca:d9:54:a1:11:22:22:03:f1:
                    e3:c1:61:f9:4c:12:6c:b6:4e:47:90:f4:e2:17:6c:
                    c5:ae:f8:ab:30:ea:7f:8c:b4:ac:49:fc:1b:f1:80:
                    00:e1:61:06:99:30:c9:b0:2d:eb:0e:68:b1:75:b8:
                    3f:7a:51:52:d2:b3:df:e0:51:af:58:b1:8a:e4:a7:
                    28:1b:e8:8f:17:1c:e4:40:be:1f:28:bd:70:2b:2d:
                    bc:30:8e:5d:c8:19:43:f6:d9:0b:ae:33:f9:fe:9a:
                    50:11:33:6b:d3:24:2b:19:15:4f:2c:24:7f:ad:9a:
                    31:6d:9c:17:dd:6f:e3:9d:d0:95:50:f5:a2:c1:c2:
                    3b:b6:e7:26:cd:28:5d:21:67:f8:70:9e:4f:f8:69:
                    23:16:ea:84:b4:5d:3a:92:45:ef:ef:2d:96:37:d4:
                    a5:9e:76:d6:4d:ea:3b:df:f4:82:17:1a:e1:4d:d2:
                    76:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:23:80:A7:A0:59:24:DF:EA:C5:E4:0D:7B:B0:35:F2:68:61:E4:9A
            X509v3 Authority Key Identifier:
                keyid:EB:C5:E0:E4:45:D9:47:31:54:AE:ED:74:46:9B:2C:FB:A3:66:4E:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/68Xg5EXZRzFUru10Rpss-6NmTjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:2a:65:d9:e6:a2:17:fb:b4:43:55:d6:c8:00:84:2d:42:23:
         96:d0:2b:b2:46:81:28:b7:1b:d1:ae:ca:88:76:9a:31:0f:e2:
         88:3a:a3:36:29:42:04:25:a9:b3:f9:0a:9d:79:8f:90:04:3e:
         50:d3:dc:92:b4:6a:ad:2d:d6:49:c6:9b:bc:3d:2c:2a:dc:c6:
         fd:e8:ed:86:b4:c9:aa:f5:67:e3:1b:8d:6d:c1:c3:48:62:85:
         73:90:52:eb:06:4f:3e:86:59:ca:68:0e:18:40:4a:1c:eb:02:
         2b:20:c0:72:a0:6e:f1:f6:d0:14:74:31:04:f8:a1:54:ca:af:
         7f:23:28:17:fe:c2:7c:4f:e6:d4:b7:d1:3f:35:83:7d:c6:2f:
         96:fa:32:ab:66:d7:93:9a:65:25:6b:29:48:2c:ac:47:78:92:
         51:77:9a:e4:cf:2c:09:23:12:1f:0f:3a:c7:10:90:74:0a:7e:
         31:6b:bb:24:95:4e:b2:ad:e7:1c:9f:d7:aa:bb:72:c3:6d:69:
         58:be:1b:5a:ca:9e:27:8e:9e:d4:36:72:bd:1f:14:66:9c:56:
         cb:0b:74:98:5a:72:fc:75:77:6d:47:82:36:52:81:32:50:6c:
         20:ae:f1:f1:3a:d7:59:82:0d:5a:98:02:e8:23:e0:c3:71:0c:
         40:d5:73:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNNdL8NEQAJQ613DA5EvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYzVlMGU0NDVkOTQ3MzE1NGFlZWQ3NDQ2OWIyY2ZiYTM2
NjRlMzUwHhcNMjYwNTEyMjIwMDM5WhcNMjYwNTEzMjIwMDM5WjAzMTEwLwYDVQQD
Eyg1NDIzODBhN2EwNTkyNGRmZWFjNWU0MGQ3YmIwMzVmMjY4NjFlNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIVfgHZmQW4ziMJ1Y5WCqFt8lvuv
bQOgK1AjXttVE7FP3Mjs2RbGbMqqybTO4pCiWDGnFpamw+8qtitSMeJTOY6Ddfnj
sK6jmoH6Y0rPrOzK2VShESIiA/HjwWH5TBJstk5HkPTiF2zFrvirMOp/jLSsSfwb
8YAA4WEGmTDJsC3rDmixdbg/elFS0rPf4FGvWLGK5KcoG+iPFxzkQL4fKL1wKy28
MI5dyBlD9tkLrjP5/ppQETNr0yQrGRVPLCR/rZoxbZwX3W/jndCVUPWiwcI7tucm
zShdIWf4cJ5P+GkjFuqEtF06kkXv7y2WN9SlnnbWTeo73/SCFxrhTdJ2MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQjgKegWSTf6sXkDXuwNfJoYeSaMB8GA1UdIwQY
MBaAFOvF4ORF2UcxVK7tdEabLPujZk41MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjhYZzVFWFpSekZVcnUxMFJwc3MtNk5tVGpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zMmFiZWUtY2Y3YS00NGY5LTg3NjUt
OGRlYzJlMTYzYTg2LzEvNjhYZzVFWFpSekZVcnUxMFJwc3MtNk5tVGpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8zMmFiZWUtY2Y3YS00NGY5LTg3NjUtOGRlYzJlMTYzYTg2
LzEvNjhYZzVFWFpSekZVcnUxMFJwc3MtNk5tVGpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFCpl2eai
F/u0Q1XWyACELUIjltArskaBKLcb0a7KiHaaMQ/iiDqjNilCBCWps/kKnXmPkAQ+
UNPckrRqrS3WScabvD0sKtzG/ejthrTJqvVn4xuNbcHDSGKFc5BS6wZPPoZZymgO
GEBKHOsCKyDAcqBu8fbQFHQxBPihVMqvfyMoF/7CfE/m1LfRPzWDfcYvlvoyq2bX
k5plJWspSCysR3iSUXea5M8sCSMSHw86xxCQdAp+MWu7JJVOsq3nHJ/Xqrtyw21p
WL4bWsqeJ46e1DZyvR8UZpxWywt0mFpy/HV3bUeCNlKBMlBsIK7x8TrXWYINWpgC
6CPgw3EMQNVz2g==
-----END CERTIFICATE-----