Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
File:                     1PhqmjxCnBvCbsBqOuTkF8p0394.mft (raw, json)
Hash identifier:          1aUuAogjGgWWWBHj6rMaNhGL099YOf+QkRl8ZtA7sFw=
Subject key identifier:   0B:5B:76:D3:DD:E8:C9:5E:1F:4A:FC:85:B9:A9:6B:92:5C:BC:2F:B7
Authority key identifier: D4:F8:6A:9A:3C:42:9C:1B:C2:6E:C0:6A:3A:E4:E4:17:CA:74:DF:DE
Certificate issuer:       /CN=d4f86a9a3c429c1bc26ec06a3ae4e417ca74dfde
Certificate serial:       019D25F10ACFCC1093DA39B6D777DC9A7D00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
Manifest number:          0B0D
Signing time:             Wed 25 Mar 2026 17:00:47 +0000
Manifest this update:     Wed 25 Mar 2026 17:00:47 +0000
Manifest next update:     Thu 26 Mar 2026 17:00:47 +0000
Files and hashes:         1: 1PhqmjxCnBvCbsBqOuTkF8p0394.crl (hash: hNeh9eXLlx5h1tRyL06h0dvBhkn3tVawJTwSDxN8PwQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:0a:cf:cc:10:93:da:39:b6:d7:77:dc:9a:7d:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4f86a9a3c429c1bc26ec06a3ae4e417ca74dfde
        Validity
            Not Before: Mar 25 17:00:47 2026 GMT
            Not After : Mar 26 17:00:47 2026 GMT
        Subject: CN=0b5b76d3dde8c95e1f4afc85b9a96b925cbc2fb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:fd:b9:bd:1b:67:87:e3:81:c7:3d:8b:52:19:
                    c9:40:52:43:f4:83:1a:ac:95:fb:74:e5:7f:51:c3:
                    94:0a:af:9c:94:5c:bd:53:f5:62:c5:23:14:90:43:
                    cc:cb:5f:5b:c3:b4:22:e7:0f:26:c5:ce:17:42:af:
                    00:49:e5:aa:ff:7b:89:f9:b5:6f:1c:dd:e0:82:bd:
                    b3:63:2d:98:d4:bb:d9:c9:27:64:20:eb:cb:cd:54:
                    94:6f:ef:e7:c9:bd:08:f2:fb:5d:2a:7b:9d:54:7b:
                    65:3c:63:bd:57:5f:36:31:71:cd:fd:11:02:18:24:
                    f8:fc:a3:d6:de:13:0c:94:a2:a6:40:22:d4:7a:a3:
                    6a:17:de:d9:7e:51:4c:d8:c8:ce:c1:1b:77:08:75:
                    3c:35:68:10:d0:ea:36:3d:ce:5b:59:45:10:6c:d4:
                    05:05:15:9e:7d:de:35:85:f1:ff:b1:d3:0b:29:59:
                    22:87:d1:b9:bc:3b:a3:3c:8c:f8:ed:ec:ad:b6:58:
                    89:a4:38:22:18:f7:c7:ff:73:a0:48:f4:bc:c6:df:
                    17:83:84:b4:8c:ab:c8:3f:58:6f:34:7b:99:c4:bc:
                    f3:af:95:0d:ad:4e:de:07:8b:ae:bb:7b:05:41:c4:
                    02:ab:15:3d:cd:60:1b:f3:12:92:d4:34:84:1c:e6:
                    a8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:5B:76:D3:DD:E8:C9:5E:1F:4A:FC:85:B9:A9:6B:92:5C:BC:2F:B7
            X509v3 Authority Key Identifier:
                keyid:D4:F8:6A:9A:3C:42:9C:1B:C2:6E:C0:6A:3A:E4:E4:17:CA:74:DF:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:13:66:81:50:9d:0b:d1:b2:41:8f:a3:01:31:44:72:52:9e:
         a6:fe:7e:92:47:49:96:c2:90:1f:e3:c1:4c:91:4b:04:f9:87:
         30:61:5c:7d:c1:fb:07:84:48:fa:c4:2c:ec:23:26:35:57:a7:
         5f:13:59:19:e1:3f:88:87:2d:c7:75:89:1d:2d:b5:f3:b8:a1:
         f8:80:6a:99:76:ac:4c:6f:46:bf:0e:cf:63:41:b0:03:b6:dd:
         cf:4c:af:db:20:31:34:53:98:f6:22:cc:16:ae:f3:fb:2c:9f:
         50:4d:53:42:49:a6:7c:92:ff:0f:3c:79:8c:9a:87:82:ec:45:
         50:4f:a7:c1:81:da:88:df:53:57:bd:d4:0f:4e:a3:40:27:6a:
         78:75:c6:d3:75:d6:c3:57:d5:d8:77:80:71:5e:1f:a2:0c:08:
         39:07:e0:29:8b:aa:64:63:53:3d:b1:73:8d:51:d9:c3:f8:cd:
         ba:cb:ed:fd:c7:59:5e:76:6b:f2:59:65:48:3a:45:59:86:92:
         a6:24:d9:0e:1b:ff:c1:f2:51:a9:27:ab:0a:b1:b9:5e:92:88:
         24:90:e2:f9:88:c3:21:c6:fc:7e:e9:d3:48:c8:dd:c3:c3:4d:
         0a:4c:15:f6:fc:14:65:09:b0:90:39:4a:42:7e:ee:9e:2d:1d:
         7d:a8:26:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8QrPzBCT2jm213fcmn0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Zjg2YTlhM2M0MjljMWJjMjZlYzA2YTNhZTRlNDE3Y2E3
NGRmZGUwHhcNMjYwMzI1MTcwMDQ3WhcNMjYwMzI2MTcwMDQ3WjAzMTEwLwYDVQQD
EygwYjViNzZkM2RkZThjOTVlMWY0YWZjODViOWE5NmI5MjVjYmMyZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof25vRtnh+OBxz2LUhnJQFJD9IMa
rJX7dOV/UcOUCq+clFy9U/VixSMUkEPMy19bw7Qi5w8mxc4XQq8ASeWq/3uJ+bVv
HN3ggr2zYy2Y1LvZySdkIOvLzVSUb+/nyb0I8vtdKnudVHtlPGO9V182MXHN/REC
GCT4/KPW3hMMlKKmQCLUeqNqF97ZflFM2MjOwRt3CHU8NWgQ0Oo2Pc5bWUUQbNQF
BRWefd41hfH/sdMLKVkih9G5vDujPIz47eyttliJpDgiGPfH/3OgSPS8xt8Xg4S0
jKvIP1hvNHuZxLzzr5UNrU7eB4uuu3sFQcQCqxU9zWAb8xKS1DSEHOao3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAtbdtPd6MleH0r8hbmpa5JcvC+3MB8GA1UdIwQY
MBaAFNT4apo8Qpwbwm7Aajrk5BfKdN/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hNWU1MzEtMWEwOC00MzM2LWIwZDgt
NDgzMjY1OTk5NGNiLzEvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hNWU1MzEtMWEwOC00MzM2LWIwZDgtNDgzMjY1OTk5NGNi
LzEvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABhNmgVCd
C9GyQY+jATFEclKepv5+kkdJlsKQH+PBTJFLBPmHMGFcfcH7B4RI+sQs7CMmNVen
XxNZGeE/iIctx3WJHS2187ih+IBqmXasTG9Gvw7PY0GwA7bdz0yv2yAxNFOY9iLM
Fq7z+yyfUE1TQkmmfJL/Dzx5jJqHguxFUE+nwYHaiN9TV73UD06jQCdqeHXG03XW
w1fV2HeAcV4fogwIOQfgKYuqZGNTPbFzjVHZw/jNusvt/cdZXnZr8lllSDpFWYaS
piTZDhv/wfJRqSerCrG5XpKIJJDi+YjDIcb8funTSMjdw8NNCkwV9vwUZQmwkDlK
Qn7uni0dfagmgw==
-----END CERTIFICATE-----