Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
File:                     8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft (raw, json)
Hash identifier:          jMqWEfJB+HkRASM5JZSed49wkg5BHS5dlhPGfVpeM0M=
Subject key identifier:   1F:4E:D4:61:51:F5:E7:0E:05:35:E3:8D:FC:8B:17:23:BC:16:BB:75
Authority key identifier: F0:8A:2C:EC:71:01:F2:17:73:DE:FC:59:16:C0:8B:01:C1:85:90:E7
Certificate issuer:       /CN=f08a2cec7101f21773defc5916c08b01c18590e7
Certificate serial:       019E1C102DC992A678C4CEF2240A4D48E466
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
Manifest number:          0221
Signing time:             Tue 12 May 2026 12:01:22 +0000
Manifest this update:     Tue 12 May 2026 12:01:22 +0000
Manifest next update:     Wed 13 May 2026 12:01:22 +0000
Files and hashes:         1: 8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl (hash: QGp7cbnMJaJwbR3gcmf3+EWqTBOUcKoEYZCDjvL4G1o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 12:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:10:2d:c9:92:a6:78:c4:ce:f2:24:0a:4d:48:e4:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f08a2cec7101f21773defc5916c08b01c18590e7
        Validity
            Not Before: May 12 12:01:22 2026 GMT
            Not After : May 13 12:01:22 2026 GMT
        Subject: CN=1f4ed46151f5e70e0535e38dfc8b1723bc16bb75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:1a:8f:82:7c:0c:31:b4:36:0e:26:71:d2:ac:
                    7e:56:0d:aa:9a:b3:79:be:66:62:4e:97:03:6a:83:
                    7e:54:65:f5:25:e8:97:a1:c5:c4:30:36:81:95:51:
                    49:c9:11:3e:63:cd:39:90:39:68:98:68:69:1b:2f:
                    a1:15:91:27:b7:d5:f8:3b:37:91:c4:3a:79:e8:bd:
                    73:21:7c:02:64:f5:c3:a1:4f:4e:7f:b1:72:57:7c:
                    84:c7:2c:4b:7e:78:b7:df:3a:90:bc:f5:3e:08:d2:
                    3e:cb:25:73:d9:01:1b:18:4e:32:10:73:48:d6:c2:
                    a6:be:bf:66:08:d6:8b:8f:94:9e:fc:3f:82:d1:48:
                    a1:74:0e:f4:71:98:fe:b9:45:f4:a8:04:7b:58:60:
                    ac:e4:88:3f:80:60:ff:5c:5a:39:04:3d:a3:8d:09:
                    d9:dd:4e:c9:7e:2f:d6:69:16:ac:2c:24:5e:4a:ac:
                    33:8e:48:9a:8f:34:05:b9:87:85:2b:07:a7:ee:6a:
                    e3:66:85:fe:c2:f2:78:59:be:85:1e:c1:1c:e6:aa:
                    05:18:d9:cd:93:a9:a9:c6:69:0d:a4:fb:82:54:dc:
                    c4:98:85:70:8f:24:a9:07:70:4f:d0:a7:dc:61:06:
                    58:e9:0c:f7:58:a3:e7:cc:d4:be:43:0b:21:e4:0b:
                    55:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:4E:D4:61:51:F5:E7:0E:05:35:E3:8D:FC:8B:17:23:BC:16:BB:75
            X509v3 Authority Key Identifier:
                keyid:F0:8A:2C:EC:71:01:F2:17:73:DE:FC:59:16:C0:8B:01:C1:85:90:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:2d:1b:68:d8:86:ff:5e:18:3c:83:f5:25:8e:44:96:af:c0:
         f0:c5:80:25:e6:72:56:b7:e8:11:82:bb:2c:34:ad:ad:88:71:
         c4:4d:c7:f4:92:be:82:97:49:68:e7:f7:58:1b:98:6b:47:f0:
         65:13:1c:f0:bd:58:0e:ae:a3:e1:e3:2c:98:83:48:b9:e7:17:
         1d:5b:46:5d:55:9d:ff:32:24:b6:c5:ed:55:b0:e7:22:e9:6a:
         dc:71:dd:35:25:ef:a5:60:fa:d7:55:81:7f:de:2f:5e:bf:5f:
         17:a2:81:c6:06:29:8a:d1:a1:7b:64:66:1d:6f:6f:03:67:84:
         d3:72:2a:ca:62:f5:98:97:e8:b3:41:01:59:6c:b8:6e:1e:3f:
         f3:09:0e:b0:4e:92:df:2b:e3:9f:b8:fc:63:2e:6d:80:6f:1f:
         e5:62:1b:4f:93:d1:d5:64:94:4f:2f:10:b1:ac:3a:80:cf:5f:
         d8:92:01:39:cc:1e:db:d1:18:c9:09:61:87:a7:0b:66:a0:f2:
         2d:96:bd:3d:3d:9a:16:ad:24:ac:8e:53:1c:33:3f:0a:21:22:
         9d:4d:da:e8:22:49:2e:f8:6a:d9:fb:de:89:f2:bd:d6:f3:63:
         18:65:85:93:ef:5f:48:47:88:b8:65:ce:a8:73:3a:18:50:a9:
         c6:0e:b7:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cEC3JkqZ4xM7yJApNSORmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwOGEyY2VjNzEwMWYyMTc3M2RlZmM1OTE2YzA4YjAxYzE4
NTkwZTcwHhcNMjYwNTEyMTIwMTIyWhcNMjYwNTEzMTIwMTIyWjAzMTEwLwYDVQQD
EygxZjRlZDQ2MTUxZjVlNzBlMDUzNWUzOGRmYzhiMTcyM2JjMTZiYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBqPgnwMMbQ2DiZx0qx+Vg2qmrN5
vmZiTpcDaoN+VGX1JeiXocXEMDaBlVFJyRE+Y805kDlomGhpGy+hFZEnt9X4OzeR
xDp56L1zIXwCZPXDoU9Of7FyV3yExyxLfni33zqQvPU+CNI+yyVz2QEbGE4yEHNI
1sKmvr9mCNaLj5Se/D+C0UihdA70cZj+uUX0qAR7WGCs5Ig/gGD/XFo5BD2jjQnZ
3U7Jfi/WaRasLCReSqwzjkiajzQFuYeFKwen7mrjZoX+wvJ4Wb6FHsEc5qoFGNnN
k6mpxmkNpPuCVNzEmIVwjySpB3BP0KfcYQZY6Qz3WKPnzNS+Qwsh5AtV8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9O1GFR9ecOBTXjjfyLFyO8Frt1MB8GA1UdIwQY
MBaAFPCKLOxxAfIXc978WRbAiwHBhZDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ZjI1MmQtNTllZC00YTIyLTlkOTct
NjViNjQwOGJkZmZlLzEvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ZjI1MmQtNTllZC00YTIyLTlkOTctNjViNjQwOGJkZmZl
LzEvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdS0baNiG
/14YPIP1JY5Elq/A8MWAJeZyVrfoEYK7LDStrYhxxE3H9JK+gpdJaOf3WBuYa0fw
ZRMc8L1YDq6j4eMsmINIuecXHVtGXVWd/zIktsXtVbDnIulq3HHdNSXvpWD611WB
f94vXr9fF6KBxgYpitGhe2RmHW9vA2eE03IqymL1mJfos0EBWWy4bh4/8wkOsE6S
3yvjn7j8Yy5tgG8f5WIbT5PR1WSUTy8Qsaw6gM9f2JIBOcwe29EYyQlhh6cLZqDy
LZa9PT2aFq0krI5THDM/CiEinU3a6CJJLvhq2fveifK91vNjGGWFk+9fSEeIuGXO
qHM6GFCpxg63Qg==
-----END CERTIFICATE-----