Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft
File:                     DOf4uSjz9S4LuXZD007OWeuWNKM.mft (raw, json)
Hash identifier:          Qozl6zjQQbYjUgX+tqw0t1OF8cY+yM/IjRDpi4T1nsI=
Subject key identifier:   CD:D9:D9:C9:13:B5:8E:C5:B5:CC:80:8B:80:2F:BE:26:91:35:FC:5F
Authority key identifier: 0C:E7:F8:B9:28:F3:F5:2E:0B:B9:76:43:D3:4E:CE:59:EB:96:34:A3
Certificate issuer:       /CN=0ce7f8b928f3f52e0bb97643d34ece59eb9634a3
Certificate serial:       019E1E356203280A30525F5E8370D5D18115
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOf4uSjz9S4LuXZD007OWeuWNKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft
Manifest number:          029A
Signing time:             Tue 12 May 2026 22:01:15 +0000
Manifest this update:     Tue 12 May 2026 22:01:15 +0000
Manifest next update:     Wed 13 May 2026 22:01:15 +0000
Files and hashes:         1: DOf4uSjz9S4LuXZD007OWeuWNKM.crl (hash: SB66cjOLYiE7/uWbLTgwESDbNcca+rfHsu3rNzFTT10=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DOf4uSjz9S4LuXZD007OWeuWNKM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:62:03:28:0a:30:52:5f:5e:83:70:d5:d1:81:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce7f8b928f3f52e0bb97643d34ece59eb9634a3
        Validity
            Not Before: May 12 22:01:15 2026 GMT
            Not After : May 13 22:01:15 2026 GMT
        Subject: CN=cdd9d9c913b58ec5b5cc808b802fbe269135fc5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:19:c3:dc:a1:68:6b:a8:d4:1d:99:1e:50:9f:
                    ba:aa:f4:37:a2:07:e1:c0:41:23:86:27:0f:f3:13:
                    76:84:ef:4c:67:58:2b:6f:37:11:ed:c8:29:12:2a:
                    12:2c:3a:3b:7e:a3:f6:71:70:25:ec:0a:ef:95:96:
                    2f:8f:43:0c:cf:e1:fb:f5:78:1b:3e:93:f0:02:1b:
                    b5:d1:ad:04:e3:a8:04:e8:55:d4:fd:11:3e:42:aa:
                    84:c6:01:57:2c:a3:b8:a3:95:90:55:e9:a6:25:65:
                    88:85:73:fb:d4:0d:63:1c:77:a1:89:47:e0:5e:35:
                    b6:90:69:11:b8:52:98:ef:c8:c4:91:da:07:86:89:
                    47:22:d9:0c:85:68:65:ec:dc:b3:93:07:f2:70:8e:
                    54:14:bf:9d:4f:a0:96:33:ab:90:71:cf:e8:2d:fb:
                    c0:93:e7:d2:45:e6:28:53:73:7a:69:96:42:b8:7d:
                    e3:68:2a:f7:ec:d5:b4:23:a7:29:bb:66:25:f8:07:
                    05:9e:44:f8:f4:cf:4b:20:65:8f:24:fa:ca:36:c3:
                    9f:33:99:40:49:dd:38:99:94:11:e9:10:dd:88:a3:
                    84:48:7b:6b:dc:fc:48:00:c6:ab:95:93:97:1f:f3:
                    29:4c:b9:1e:b7:42:51:f7:15:e0:60:87:36:6d:75:
                    95:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:D9:D9:C9:13:B5:8E:C5:B5:CC:80:8B:80:2F:BE:26:91:35:FC:5F
            X509v3 Authority Key Identifier:
                keyid:0C:E7:F8:B9:28:F3:F5:2E:0B:B9:76:43:D3:4E:CE:59:EB:96:34:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOf4uSjz9S4LuXZD007OWeuWNKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:11:c2:77:5d:cc:2e:f5:1c:2b:c6:ac:2d:54:95:51:f5:11:
         94:80:58:05:ab:2c:f1:15:ee:0e:d9:1b:7e:2d:18:a9:0d:e3:
         07:01:0b:9b:42:90:6f:af:44:ce:bd:5f:04:46:82:ea:01:95:
         dc:66:37:72:44:8e:62:a8:66:30:f5:df:f1:eb:de:81:39:52:
         2d:1b:74:a1:0e:b3:e2:49:1d:4e:16:d5:4b:03:dc:f5:9a:67:
         ff:5b:b5:82:35:76:cb:14:20:55:ca:c7:9a:fa:04:c1:09:3c:
         37:8d:ab:64:ac:6b:40:0f:d0:9f:26:3e:f9:53:12:8a:ef:ce:
         f6:0c:2d:e5:0f:05:86:23:36:14:3d:9d:02:e7:ce:0d:f6:40:
         87:42:28:d2:49:a7:da:a0:38:58:fa:03:a0:39:42:ba:e7:5a:
         c9:26:a9:35:45:c3:63:54:3d:53:e1:f1:17:b1:01:3a:bb:00:
         56:b0:92:95:6f:02:4c:03:42:f0:2f:8b:3b:b9:f8:f9:88:99:
         5b:12:f4:2c:07:90:12:07:b2:dc:f8:6b:19:21:c7:54:03:73:
         d5:ac:5d:f3:72:a2:32:b7:38:40:dd:72:30:e7:34:4f:c8:9a:
         b9:10:ca:e8:bf:a5:e1:2d:2e:26:5d:b0:42:c4:c2:80:8a:e8:
         d8:5e:ca:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNWIDKAowUl9eg3DV0YEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTdmOGI5MjhmM2Y1MmUwYmI5NzY0M2QzNGVjZTU5ZWI5
NjM0YTMwHhcNMjYwNTEyMjIwMTE1WhcNMjYwNTEzMjIwMTE1WjAzMTEwLwYDVQQD
EyhjZGQ5ZDljOTEzYjU4ZWM1YjVjYzgwOGI4MDJmYmUyNjkxMzVmYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRnD3KFoa6jUHZkeUJ+6qvQ3ogfh
wEEjhicP8xN2hO9MZ1grbzcR7cgpEioSLDo7fqP2cXAl7ArvlZYvj0MMz+H79Xgb
PpPwAhu10a0E46gE6FXU/RE+QqqExgFXLKO4o5WQVemmJWWIhXP71A1jHHehiUfg
XjW2kGkRuFKY78jEkdoHholHItkMhWhl7NyzkwfycI5UFL+dT6CWM6uQcc/oLfvA
k+fSReYoU3N6aZZCuH3jaCr37NW0I6cpu2Yl+AcFnkT49M9LIGWPJPrKNsOfM5lA
Sd04mZQR6RDdiKOESHtr3PxIAMarlZOXH/MpTLket0JR9xXgYIc2bXWVaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3Z2ckTtY7FtcyAi4AvviaRNfxfMB8GA1UdIwQY
MBaAFAzn+Lko8/UuC7l2Q9NOzlnrljSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9mNHVTano5UzRMdVhaRDAwN09XZXVXTktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iZTM1OTMtNzk3Mi00ZGEzLWFlMTYt
MjkzZWM2MzIyOTY2LzEvRE9mNHVTano5UzRMdVhaRDAwN09XZXVXTktNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iZTM1OTMtNzk3Mi00ZGEzLWFlMTYtMjkzZWM2MzIyOTY2
LzEvRE9mNHVTano5UzRMdVhaRDAwN09XZXVXTktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaRHCd13M
LvUcK8asLVSVUfURlIBYBass8RXuDtkbfi0YqQ3jBwELm0KQb69Ezr1fBEaC6gGV
3GY3ckSOYqhmMPXf8evegTlSLRt0oQ6z4kkdThbVSwPc9Zpn/1u1gjV2yxQgVcrH
mvoEwQk8N42rZKxrQA/QnyY++VMSiu/O9gwt5Q8FhiM2FD2dAufODfZAh0Io0kmn
2qA4WPoDoDlCuudaySapNUXDY1Q9U+HxF7EBOrsAVrCSlW8CTANC8C+LO7n4+YiZ
WxL0LAeQEgey3PhrGSHHVANz1axd83KiMrc4QN1yMOc0T8iauRDK6L+l4S0uJl2w
QsTCgIro2F7K0g==
-----END CERTIFICATE-----