Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          +njyKTl5AEDKQ/50Jdxc+Nd0K9NIohRi3O7BYIE1Kqk=
Subject key identifier:   5D:AF:AE:82:01:2F:35:99:9A:79:5E:04:74:25:32:00:8B:F2:EA:06
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       019E1C46CC8746490C580329BAC143D27100
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          1894
Signing time:             Tue 12 May 2026 13:01:02 +0000
Manifest this update:     Tue 12 May 2026 13:01:02 +0000
Manifest next update:     Wed 13 May 2026 13:01:02 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: 80BaX50hHK/RUVaLw2LMSUic+qPkOYjEzaahqRw5Bo4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:46:cc:87:46:49:0c:58:03:29:ba:c1:43:d2:71:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: May 12 13:01:02 2026 GMT
            Not After : May 13 13:01:02 2026 GMT
        Subject: CN=5dafae82012f35999a795e04742532008bf2ea06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:74:40:70:47:89:73:63:34:bd:51:48:d7:cc:
                    d5:97:60:43:f8:02:48:8e:2b:c8:c1:c4:d7:5b:c5:
                    70:7c:52:1d:fc:32:82:c5:74:9f:a5:2c:05:fe:6e:
                    3c:81:4b:3c:4d:71:a9:6c:20:1d:62:12:ff:08:8a:
                    aa:be:cf:ad:ae:cf:ad:0f:91:a5:d0:52:bd:47:a3:
                    ce:ca:65:bd:86:45:98:53:d5:64:44:51:ab:86:bd:
                    4d:5f:d7:1a:fd:19:71:73:a2:8f:f2:cf:26:b9:f1:
                    55:c1:c3:41:0e:99:57:da:45:05:6b:38:81:a1:8a:
                    40:b8:2e:b1:c6:a7:b3:88:f8:d4:47:e7:3d:1b:6e:
                    32:e6:d5:92:2e:2b:65:64:ed:b9:fb:c3:84:7a:b2:
                    96:91:6f:46:ba:31:8d:f7:78:5b:4f:14:b6:9f:e5:
                    93:d4:4d:fb:cd:37:3c:d4:c9:79:ed:0d:ee:96:e0:
                    f7:20:c5:66:bc:d6:b6:c9:4c:f5:d8:a1:1b:a7:6d:
                    d3:8b:2f:5c:2c:2f:8c:72:f2:00:86:b7:22:f6:0a:
                    21:81:61:50:14:64:f7:ca:45:66:a1:e6:12:92:5f:
                    f5:5b:d0:86:2d:5c:df:84:08:82:d1:92:5e:c4:cd:
                    a3:3a:e2:e3:1a:31:41:fa:e0:df:21:9a:f2:cb:54:
                    24:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:AF:AE:82:01:2F:35:99:9A:79:5E:04:74:25:32:00:8B:F2:EA:06
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:c9:0d:f3:11:94:eb:3c:64:9c:d6:c9:93:48:da:a3:8e:cf:
         40:69:13:9a:8d:5c:3c:51:91:73:34:b2:25:23:2b:ef:47:e5:
         0f:f8:2f:f3:1e:b4:02:4c:b5:a7:d0:89:71:9b:a7:4c:68:a8:
         6c:e6:97:f0:19:12:a9:3c:20:e8:e3:59:ba:73:10:55:a8:ce:
         84:7e:b3:8d:f8:08:30:30:00:e1:13:e0:67:b5:64:ec:32:5a:
         09:7c:87:56:56:2e:5e:8b:1c:5d:81:cf:22:86:c1:db:7f:0a:
         8e:7c:bc:f8:0d:aa:5f:a4:00:dd:63:23:3f:14:d9:33:79:d2:
         64:03:f5:0e:a5:20:c4:b6:e3:29:00:53:1b:c3:1c:4e:04:6b:
         0c:2c:b7:f3:a7:48:95:3a:d1:73:64:36:53:a6:48:ab:74:f6:
         9f:4e:a1:54:e2:3d:b9:d1:7b:01:3b:c8:72:8d:50:2d:47:07:
         77:98:8b:59:59:b7:dd:92:3b:61:bf:3e:11:8c:6e:35:4a:94:
         4a:28:46:f0:2c:f8:0b:3e:44:27:00:21:4c:e8:a8:1a:88:f1:
         36:c2:8d:60:65:54:cf:fd:5e:31:9b:19:a7:1a:65:9f:bb:07:
         c1:f5:1a:97:4a:51:f6:9d:a5:e9:9f:ea:9b:f7:47:06:c8:44:
         77:ba:88:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRsyHRkkMWAMpusFD0nEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjYwNTEyMTMwMTAyWhcNMjYwNTEzMTMwMTAyWjAzMTEwLwYDVQQD
Eyg1ZGFmYWU4MjAxMmYzNTk5OWE3OTVlMDQ3NDI1MzIwMDhiZjJlYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnRAcEeJc2M0vVFI18zVl2BD+AJI
jivIwcTXW8VwfFId/DKCxXSfpSwF/m48gUs8TXGpbCAdYhL/CIqqvs+trs+tD5Gl
0FK9R6POymW9hkWYU9VkRFGrhr1NX9ca/Rlxc6KP8s8mufFVwcNBDplX2kUFaziB
oYpAuC6xxqeziPjUR+c9G24y5tWSLitlZO25+8OEerKWkW9GujGN93hbTxS2n+WT
1E37zTc81Ml57Q3uluD3IMVmvNa2yUz12KEbp23Tiy9cLC+McvIAhrci9gohgWFQ
FGT3ykVmoeYSkl/1W9CGLVzfhAiC0ZJexM2jOuLjGjFB+uDfIZryy1QkdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2vroIBLzWZmnleBHQlMgCL8uoGMB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg8kN8xGU
6zxknNbJk0jao47PQGkTmo1cPFGRczSyJSMr70flD/gv8x60Aky1p9CJcZunTGio
bOaX8BkSqTwg6ONZunMQVajOhH6zjfgIMDAA4RPgZ7Vk7DJaCXyHVlYuXoscXYHP
IobB238Kjny8+A2qX6QA3WMjPxTZM3nSZAP1DqUgxLbjKQBTG8McTgRrDCy386dI
lTrRc2Q2U6ZIq3T2n06hVOI9udF7ATvIco1QLUcHd5iLWVm33ZI7Yb8+EYxuNUqU
SihG8Cz4Cz5EJwAhTOioGojxNsKNYGVUz/1eMZsZpxpln7sHwfUal0pR9p2l6Z/q
m/dHBshEd7qIWA==
-----END CERTIFICATE-----