Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
File:                     0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json)
Hash identifier:          eU/GBOS/D2ahd09LtmA0+x8zgf9PPLh5fwn36kU/kOk=
Subject key identifier:   46:AE:55:E3:B3:D0:75:54:8E:34:EA:F1:63:A3:D2:A5:4A:15:8C:8F
Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A
Certificate issuer:       /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
Certificate serial:       019D2AE02619C71162DF00FBCFD31CA25D8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
Manifest number:          0FE8
Signing time:             Thu 26 Mar 2026 16:00:25 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:25 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:25 +0000
Files and hashes:         1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: BUyFpqUdgEmBJ88cUnr+sGAw0TT6XScep9v/9xjCpp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:26:19:c7:11:62:df:00:fb:cf:d3:1c:a2:5d:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
        Validity
            Not Before: Mar 26 16:00:25 2026 GMT
            Not After : Mar 27 16:00:25 2026 GMT
        Subject: CN=46ae55e3b3d075548e34eaf163a3d2a54a158c8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9e:b9:82:b7:37:39:fd:b7:4b:fc:e6:ae:cd:
                    6a:a9:e1:56:61:4e:6e:ad:e2:fb:ca:8d:b3:d7:99:
                    57:08:f6:32:60:89:09:e4:bf:72:b5:c9:10:d7:74:
                    0a:c7:6b:64:ec:5f:d5:f4:55:74:f5:37:d0:69:e3:
                    86:fb:46:3c:90:84:68:fd:87:98:47:63:b0:47:76:
                    55:05:f2:5a:ad:69:25:bc:a4:33:a5:73:22:f8:12:
                    9b:3e:19:d4:26:20:7a:8a:3a:ad:84:54:97:b5:50:
                    ac:2e:17:f3:a3:fe:f7:ad:bf:af:0d:cd:39:d6:dc:
                    35:f3:47:6c:46:f3:7a:a7:72:d1:49:26:77:18:2b:
                    3d:b3:13:5d:8b:13:cc:95:98:27:c7:c9:de:a4:53:
                    db:c2:c3:fe:51:aa:24:24:b3:75:0a:92:81:48:63:
                    61:79:ae:76:be:4c:52:f1:74:8a:5a:71:1d:f4:1f:
                    96:ef:fc:d1:e5:ed:6d:cc:08:64:2b:0c:4e:73:83:
                    b5:ba:25:c0:8a:15:f4:da:c5:65:16:fc:36:46:8e:
                    42:c2:32:07:77:87:86:1f:7b:3a:17:2c:e0:96:61:
                    4c:0b:9d:74:99:db:ac:02:c8:f1:f5:1d:c7:7c:f3:
                    dd:ba:ff:fc:8a:40:32:53:c9:3f:d0:fd:19:b5:a7:
                    b2:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:AE:55:E3:B3:D0:75:54:8E:34:EA:F1:63:A3:D2:A5:4A:15:8C:8F
            X509v3 Authority Key Identifier:
                keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:03:fa:2a:17:af:dc:99:c7:33:63:79:2e:4a:ae:54:57:46:
         0f:02:6c:eb:ac:fc:ee:e2:f2:be:85:39:f0:f5:b4:9e:5c:dc:
         9d:74:63:ec:79:e0:08:62:51:ae:9b:c5:81:4a:d3:80:fa:0c:
         76:3f:b6:95:e5:41:76:09:8e:28:b5:f7:d5:d6:8a:c6:a4:be:
         61:7f:49:6d:5d:78:d2:df:8a:35:e8:7f:c4:16:f2:f6:fe:dc:
         cd:33:08:ac:b3:72:18:b7:f7:08:7f:44:85:77:84:fc:e9:4b:
         fc:b3:f5:7d:05:0c:df:fe:d6:0d:0c:b8:67:7b:cb:96:b3:d2:
         3a:9a:1e:06:21:f5:c9:b7:ed:99:4a:fe:49:2a:da:16:8d:d2:
         c7:22:3e:d8:71:b8:e9:e6:45:86:79:3d:37:0d:e4:2d:b9:b9:
         87:5b:2b:da:a2:a8:ee:b9:7f:02:6e:05:40:2f:88:f7:01:b3:
         e2:74:3e:56:84:57:44:9a:1a:ed:1f:6b:d7:99:35:80:ed:50:
         ce:29:e3:bd:36:0d:7a:5f:4a:5d:2c:22:f8:99:2d:4b:2e:f2:
         c7:13:71:6c:78:d6:1e:df:ed:8c:a3:00:87:09:22:39:53:a1:
         1c:7f:52:d0:b8:23:5d:5e:05:30:ef:fe:e8:13:26:60:a4:ec:
         c2:8d:d4:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4CYZxxFi3wD7z9Mcol2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1
ODdmM2EwHhcNMjYwMzI2MTYwMDI1WhcNMjYwMzI3MTYwMDI1WjAzMTEwLwYDVQQD
Eyg0NmFlNTVlM2IzZDA3NTU0OGUzNGVhZjE2M2EzZDJhNTRhMTU4YzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ65grc3Of23S/zmrs1qqeFWYU5u
reL7yo2z15lXCPYyYIkJ5L9ytckQ13QKx2tk7F/V9FV09TfQaeOG+0Y8kIRo/YeY
R2OwR3ZVBfJarWklvKQzpXMi+BKbPhnUJiB6ijqthFSXtVCsLhfzo/73rb+vDc05
1tw180dsRvN6p3LRSSZ3GCs9sxNdixPMlZgnx8nepFPbwsP+UaokJLN1CpKBSGNh
ea52vkxS8XSKWnEd9B+W7/zR5e1tzAhkKwxOc4O1uiXAihX02sVlFvw2Ro5CwjIH
d4eGH3s6FyzglmFMC510mdusAsjx9R3HfPPduv/8ikAyU8k/0P0ZtaeyZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEauVeOz0HVUjjTq8WOj0qVKFYyPMB8GA1UdIwQY
MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct
YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0
LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAagP6Khev
3JnHM2N5LkquVFdGDwJs66z87uLyvoU58PW0nlzcnXRj7HngCGJRrpvFgUrTgPoM
dj+2leVBdgmOKLX31daKxqS+YX9JbV140t+KNeh/xBby9v7czTMIrLNyGLf3CH9E
hXeE/OlL/LP1fQUM3/7WDQy4Z3vLlrPSOpoeBiH1ybftmUr+SSraFo3SxyI+2HG4
6eZFhnk9Nw3kLbm5h1sr2qKo7rl/Am4FQC+I9wGz4nQ+VoRXRJoa7R9r15k1gO1Q
zinjvTYNel9KXSwi+JktSy7yxxNxbHjWHt/tjKMAhwkiOVOhHH9S0LgjXV4FMO/+
6BMmYKTswo3U8A==
-----END CERTIFICATE-----