Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
File:                     0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft (raw, json)
Hash identifier:          oTIwG1+VYFmVe778triRhBsHlzJDoJdmQKImsZTh9sc=
Subject key identifier:   62:B7:F5:49:3C:2F:B0:DA:DF:F5:67:34:F1:DE:57:72:16:F4:EC:47
Authority key identifier: D2:17:97:85:86:BF:F3:A6:77:7D:55:A9:A9:63:58:41:51:6D:43:B4
Certificate issuer:       /CN=d217978586bff3a6777d55a9a9635841516d43b4
Certificate serial:       019D2628984356BAD8D2A7C9096626893766
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
Manifest number:          0E19
Signing time:             Wed 25 Mar 2026 18:01:27 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:27 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:27 +0000
Files and hashes:         1: 0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl (hash: tG86xcRYqHSs89yONGiCr65NXpPtJdv5MRoThrQOW0o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:98:43:56:ba:d8:d2:a7:c9:09:66:26:89:37:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217978586bff3a6777d55a9a9635841516d43b4
        Validity
            Not Before: Mar 25 18:01:27 2026 GMT
            Not After : Mar 26 18:01:27 2026 GMT
        Subject: CN=62b7f5493c2fb0dadff56734f1de577216f4ec47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:c1:52:b0:74:16:70:1a:ed:e0:f3:0e:17:9a:
                    30:83:81:78:96:c1:58:1e:71:64:43:cf:e9:d9:bb:
                    57:d2:d0:97:7b:40:92:ae:a2:7b:9d:57:4e:b5:9a:
                    1d:9d:36:a6:f0:13:e5:68:c2:11:d9:92:c4:5b:15:
                    e8:50:f0:d0:93:d1:da:f8:80:2e:c7:35:51:05:7f:
                    99:66:8d:17:4f:33:0e:15:57:25:a5:c6:e0:04:d8:
                    21:aa:61:0c:16:5a:ba:b8:e4:76:32:cd:d3:b9:e8:
                    59:70:46:7e:6f:b7:5f:fb:e4:70:e6:58:b0:a4:c7:
                    53:c2:b2:f3:b7:76:25:54:db:a9:b9:42:e0:8e:f7:
                    ee:bd:0c:46:92:30:3d:f4:ae:5a:f6:21:99:11:b2:
                    9b:a7:fb:9a:33:21:b2:db:b1:c4:3b:a6:4b:98:bd:
                    92:ca:09:20:cc:94:a0:d6:3a:28:1a:af:f9:88:a2:
                    e2:a2:1e:cd:5b:76:ee:83:f0:18:3d:c5:b8:3f:e1:
                    71:3a:e5:94:82:95:fb:79:3f:e7:50:43:08:47:8e:
                    48:ff:34:d0:d7:dc:00:be:0f:d7:32:7f:a2:cd:93:
                    ae:01:bf:96:8e:3d:80:77:79:d6:55:bc:dd:b8:c9:
                    f0:85:81:16:2a:ba:96:04:b4:3a:56:ff:55:31:99:
                    1b:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B7:F5:49:3C:2F:B0:DA:DF:F5:67:34:F1:DE:57:72:16:F4:EC:47
            X509v3 Authority Key Identifier:
                keyid:D2:17:97:85:86:BF:F3:A6:77:7D:55:A9:A9:63:58:41:51:6D:43:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/790a78-4a2d-4f16-880a-4ce4d3b197d8/1/0heXhYa_86Z3fVWpqWNYQVFtQ7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:03:c3:22:6d:30:ed:a8:ef:cb:6d:1f:8d:8a:a5:1c:f1:49:
         e7:58:2f:d9:d9:ac:23:c1:e9:cd:69:68:91:65:ed:ae:8b:11:
         93:d5:2b:69:1e:ba:dd:e4:6a:42:86:2f:11:2d:90:2e:d4:08:
         40:c5:db:85:19:97:82:c4:c3:89:05:bf:72:20:0b:3e:2f:a9:
         24:ff:eb:5d:b4:f2:b8:a3:b3:ad:60:53:f8:d4:88:fb:59:bb:
         88:f2:fe:ac:bd:cf:c8:cc:85:12:fe:10:23:40:55:36:73:c0:
         f8:4f:bb:77:8e:df:d7:54:d6:92:e7:6f:f6:33:a5:56:09:f9:
         a2:41:64:a6:e4:53:af:03:51:dc:4c:2c:e1:79:a3:75:85:d6:
         91:ab:37:46:52:72:33:ed:a1:50:dd:f6:03:5c:e4:e4:96:28:
         a9:19:f8:42:18:a8:33:5b:51:13:d9:61:0a:8d:fa:16:30:8c:
         7c:a4:58:84:59:be:5b:ed:2e:d8:b0:80:44:5e:70:75:c6:ed:
         8c:0d:69:3c:44:c3:22:a3:bb:7a:32:81:32:85:2a:f0:1e:d8:
         a4:cf:3d:af:6a:d1:68:d3:16:29:f0:0d:9a:aa:d4:e5:b4:b4:
         9c:49:a9:f3:a2:fa:91:f5:64:27:16:cf:e2:f5:9a:c8:26:c7:
         1d:d0:e9:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKJhDVrrY0qfJCWYmiTdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTc5Nzg1ODZiZmYzYTY3NzdkNTVhOWE5NjM1ODQxNTE2
ZDQzYjQwHhcNMjYwMzI1MTgwMTI3WhcNMjYwMzI2MTgwMTI3WjAzMTEwLwYDVQQD
Eyg2MmI3ZjU0OTNjMmZiMGRhZGZmNTY3MzRmMWRlNTc3MjE2ZjRlYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksFSsHQWcBrt4PMOF5owg4F4lsFY
HnFkQ8/p2btX0tCXe0CSrqJ7nVdOtZodnTam8BPlaMIR2ZLEWxXoUPDQk9Ha+IAu
xzVRBX+ZZo0XTzMOFVclpcbgBNghqmEMFlq6uOR2Ms3TuehZcEZ+b7df++Rw5liw
pMdTwrLzt3YlVNupuULgjvfuvQxGkjA99K5a9iGZEbKbp/uaMyGy27HEO6ZLmL2S
ygkgzJSg1jooGq/5iKLioh7NW3bug/AYPcW4P+FxOuWUgpX7eT/nUEMIR45I/zTQ
19wAvg/XMn+izZOuAb+Wjj2Ad3nWVbzduMnwhYEWKrqWBLQ6Vv9VMZkbNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGK39Uk8L7Da3/VnNPHeV3IW9OxHMB8GA1UdIwQY
MBaAFNIXl4WGv/Omd31VqaljWEFRbUO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83OTBhNzgtNGEyZC00ZjE2LTg4MGEt
NGNlNGQzYjE5N2Q4LzEvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83OTBhNzgtNGEyZC00ZjE2LTg4MGEtNGNlNGQzYjE5N2Q4
LzEvMGhlWGhZYV84NlozZlZXcHFXTllRVkZ0UTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZQPDIm0w
7ajvy20fjYqlHPFJ51gv2dmsI8HpzWlokWXtrosRk9UraR663eRqQoYvES2QLtQI
QMXbhRmXgsTDiQW/ciALPi+pJP/rXbTyuKOzrWBT+NSI+1m7iPL+rL3PyMyFEv4Q
I0BVNnPA+E+7d47f11TWkudv9jOlVgn5okFkpuRTrwNR3Ews4XmjdYXWkas3RlJy
M+2hUN32A1zk5JYoqRn4QhioM1tRE9lhCo36FjCMfKRYhFm+W+0u2LCARF5wdcbt
jA1pPETDIqO7ejKBMoUq8B7YpM89r2rRaNMWKfANmqrU5bS0nEmp86L6kfVkJxbP
4vWayCbHHdDpYQ==
-----END CERTIFICATE-----