Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
File:                     9h0r7udUOkGpCKGgHs_AqHJqOuI.mft (raw, json)
Hash identifier:          FM3oKxPaysbWXxU6NdKzo31OI+dY2OaYF2N3nZB2fHE=
Subject key identifier:   EE:C6:72:C4:A3:0A:F1:3C:DF:19:20:45:BC:AA:90:EB:32:4D:B8:25
Authority key identifier: F6:1D:2B:EE:E7:54:3A:41:A9:08:A1:A0:1E:CF:C0:A8:72:6A:3A:E2
Certificate issuer:       /CN=f61d2beee7543a41a908a1a01ecfc0a8726a3ae2
Certificate serial:       019E1F47AEBB849EF4401C20154FB2C5E1E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
Manifest number:          0DA8
Signing time:             Wed 13 May 2026 03:00:51 +0000
Manifest this update:     Wed 13 May 2026 03:00:51 +0000
Manifest next update:     Thu 14 May 2026 03:00:51 +0000
Files and hashes:         1: 9h0r7udUOkGpCKGgHs_AqHJqOuI.crl (hash: wJhl9xCihAfmdpPV30MB49RMcNQBasUr1tw/l5hDYkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 14 May 2026 03:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1f:47:ae:bb:84:9e:f4:40:1c:20:15:4f:b2:c5:e1:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f61d2beee7543a41a908a1a01ecfc0a8726a3ae2
        Validity
            Not Before: May 13 03:00:51 2026 GMT
            Not After : May 14 03:00:51 2026 GMT
        Subject: CN=eec672c4a30af13cdf192045bcaa90eb324db825
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:92:c9:90:26:e8:2d:3e:1a:c7:20:c6:2b:ef:
                    56:25:80:93:9b:56:ea:eb:a4:52:7f:60:7f:5c:a8:
                    6b:a1:43:47:b8:07:96:c1:1d:68:ad:ed:ac:94:22:
                    5a:17:9b:b2:f5:7e:be:5b:43:50:ff:80:aa:c1:2f:
                    fd:a4:91:c6:82:74:19:ba:61:a6:04:3f:54:88:34:
                    95:f5:e7:52:c7:f9:b8:7c:76:31:7f:14:1b:0b:36:
                    7d:c6:36:a2:52:9c:01:5e:ba:25:b0:23:c7:1e:e8:
                    89:54:3d:96:61:69:33:97:3c:52:aa:73:1a:6a:55:
                    39:c3:4d:40:0d:36:30:30:5a:fb:6f:30:40:66:a2:
                    ba:00:4e:33:30:ee:c3:0f:f5:cd:45:a4:c4:ae:bf:
                    fe:b3:6b:56:8c:68:2b:c7:81:a3:25:58:0e:e5:09:
                    19:9b:e3:63:57:e2:fa:97:fa:6e:de:51:5b:09:c5:
                    da:c4:5a:61:93:dc:29:27:c5:33:63:54:c8:18:8b:
                    a8:72:09:1b:05:f5:17:f9:ac:d5:d3:71:4d:9d:2e:
                    01:cd:1b:85:bc:01:a1:90:3f:92:e1:50:6c:87:c2:
                    3f:5b:37:b2:8b:d3:46:03:9b:4d:c9:c0:f2:7a:81:
                    f7:55:b2:f1:d0:21:06:66:f7:f5:48:b1:68:2b:34:
                    32:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:C6:72:C4:A3:0A:F1:3C:DF:19:20:45:BC:AA:90:EB:32:4D:B8:25
            X509v3 Authority Key Identifier:
                keyid:F6:1D:2B:EE:E7:54:3A:41:A9:08:A1:A0:1E:CF:C0:A8:72:6A:3A:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:45:d5:65:e5:ee:b5:70:5a:46:39:d1:6a:c2:5f:9e:04:1d:
         52:8d:a5:cf:3d:0b:4b:0c:d6:47:eb:28:a5:65:3c:f0:f9:bf:
         ed:f0:b1:54:50:31:e8:e7:b9:d4:33:f5:7d:75:7b:62:37:71:
         23:0c:dd:d8:a9:07:1c:1c:e2:e1:3c:de:b6:ad:8c:c4:70:dd:
         b4:98:d1:15:ab:95:31:d4:8b:de:fc:be:5c:eb:4d:97:1e:ab:
         4e:ad:ff:d5:55:aa:20:ea:20:48:46:26:1f:65:6a:71:34:8e:
         c8:a2:ff:74:57:c1:9f:fb:70:2c:8d:4d:a3:b7:83:94:1f:9b:
         ad:82:fa:ed:9d:6d:9a:7c:e8:5d:76:8e:a7:8c:77:1e:90:03:
         b2:69:da:25:5f:71:8b:e3:64:86:cd:e5:c1:d3:ec:7e:27:c0:
         6a:e1:3e:62:0a:2c:3f:c7:64:5a:d3:65:97:77:74:70:69:ff:
         c1:45:8c:29:a4:63:37:db:e6:5e:c5:f7:66:83:bd:58:da:63:
         9f:da:c4:67:16:54:72:84:0f:84:ac:02:73:16:d2:bf:12:64:
         dd:41:1c:e7:e2:9c:bd:a7:94:33:ae:39:b8:cc:00:16:6e:cf:
         ee:7c:11:4c:fd:a9:2a:8e:8d:c7:3a:1a:2a:93:8f:f8:ea:8e:
         46:5e:ac:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4fR667hJ70QBwgFU+yxeHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MWQyYmVlZTc1NDNhNDFhOTA4YTFhMDFlY2ZjMGE4NzI2
YTNhZTIwHhcNMjYwNTEzMDMwMDUxWhcNMjYwNTE0MDMwMDUxWjAzMTEwLwYDVQQD
EyhlZWM2NzJjNGEzMGFmMTNjZGYxOTIwNDViY2FhOTBlYjMyNGRiODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5LJkCboLT4axyDGK+9WJYCTm1bq
66RSf2B/XKhroUNHuAeWwR1ore2slCJaF5uy9X6+W0NQ/4CqwS/9pJHGgnQZumGm
BD9UiDSV9edSx/m4fHYxfxQbCzZ9xjaiUpwBXrolsCPHHuiJVD2WYWkzlzxSqnMa
alU5w01ADTYwMFr7bzBAZqK6AE4zMO7DD/XNRaTErr/+s2tWjGgrx4GjJVgO5QkZ
m+NjV+L6l/pu3lFbCcXaxFphk9wpJ8UzY1TIGIuocgkbBfUX+azV03FNnS4BzRuF
vAGhkD+S4VBsh8I/Wzeyi9NGA5tNycDyeoH3VbLx0CEGZvf1SLFoKzQyfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7GcsSjCvE83xkgRbyqkOsyTbglMB8GA1UdIwQY
MBaAFPYdK+7nVDpBqQihoB7PwKhyajriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xZWRmMTAtZDNkZi00MGY1LWI0YTMt
YTczMWU5ZTFlNTMzLzEvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xZWRmMTAtZDNkZi00MGY1LWI0YTMtYTczMWU5ZTFlNTMz
LzEvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANUXVZeXu
tXBaRjnRasJfngQdUo2lzz0LSwzWR+sopWU88Pm/7fCxVFAx6Oe51DP1fXV7Yjdx
Iwzd2KkHHBzi4Tzetq2MxHDdtJjRFauVMdSL3vy+XOtNlx6rTq3/1VWqIOogSEYm
H2VqcTSOyKL/dFfBn/twLI1No7eDlB+brYL67Z1tmnzoXXaOp4x3HpADsmnaJV9x
i+Nkhs3lwdPsfifAauE+YgosP8dkWtNll3d0cGn/wUWMKaRjN9vmXsX3ZoO9WNpj
n9rEZxZUcoQPhKwCcxbSvxJk3UEc5+KcvaeUM645uMwAFm7P7nwRTP2pKo6Nxzoa
KpOP+OqORl6s0Q==
-----END CERTIFICATE-----