Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
File:                     0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft (raw, json)
Hash identifier:          JGUUT4M9JiBIVaBuRD5VCE/eBvw3dZKvJIZvMhE8sdM=
Subject key identifier:   21:93:74:E2:06:A4:83:30:E6:C4:DA:3C:18:13:D8:96:D4:CD:F9:49
Authority key identifier: D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC
Certificate issuer:       /CN=d271e4ed8425383f6c81c21a4894a43763675efc
Certificate serial:       019D265F1930B6EC5110C28BC33F5D86A8BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
Manifest number:          038D
Signing time:             Wed 25 Mar 2026 19:00:59 +0000
Manifest this update:     Wed 25 Mar 2026 19:00:59 +0000
Manifest next update:     Thu 26 Mar 2026 19:00:59 +0000
Files and hashes:         1: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl (hash: PPk0wtkB9EnMCnsAO/82l97BVa2TRwq+vf+cvjqyeEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:19:30:b6:ec:51:10:c2:8b:c3:3f:5d:86:a8:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d271e4ed8425383f6c81c21a4894a43763675efc
        Validity
            Not Before: Mar 25 19:00:59 2026 GMT
            Not After : Mar 26 19:00:59 2026 GMT
        Subject: CN=219374e206a48330e6c4da3c1813d896d4cdf949
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:e5:43:7f:40:a2:9e:1d:87:ca:b8:c3:f8:80:
                    cc:ab:1c:36:6a:53:0d:45:e2:15:84:04:df:dd:92:
                    97:48:3f:d2:4c:49:93:fa:20:fc:24:9e:96:9e:8d:
                    98:f8:79:11:e3:e1:bd:54:a6:d8:47:24:5a:94:70:
                    9f:82:9f:44:fc:3b:40:99:86:4b:b8:f4:d9:85:cf:
                    45:30:18:31:53:9e:38:09:70:66:37:33:bd:30:86:
                    64:00:e2:0b:e1:df:a9:0d:72:45:29:29:7e:a3:ef:
                    7d:66:cf:b1:f8:e2:3c:40:74:07:01:b4:90:c1:15:
                    fb:66:10:73:bd:d2:8f:06:77:0a:8d:00:71:9e:2e:
                    30:89:ae:97:6c:45:fa:d9:22:38:af:22:3b:dc:79:
                    fd:33:e0:ac:0a:b6:d1:b2:ba:5e:e9:5e:42:c0:f1:
                    5d:0e:ba:4e:86:83:79:09:42:27:49:1a:9d:8c:2e:
                    24:bd:b9:ff:81:91:be:67:e2:c1:cb:3e:90:f8:1e:
                    b1:11:bf:7e:3f:50:d9:e2:6c:9b:c6:16:cb:84:91:
                    eb:93:69:1b:f6:4a:54:a1:0a:8a:d3:1a:b2:f0:f0:
                    33:4e:b7:cd:28:57:71:58:2f:34:af:dc:84:81:8c:
                    b4:6c:77:4f:9d:e8:22:26:08:f7:88:5e:80:cd:c4:
                    06:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:93:74:E2:06:A4:83:30:E6:C4:DA:3C:18:13:D8:96:D4:CD:F9:49
            X509v3 Authority Key Identifier:
                keyid:D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:df:51:41:18:1c:1a:c5:b2:0f:d8:7b:51:3b:fa:39:ff:0a:
         4b:0f:b6:32:90:8c:53:86:cf:9f:65:f4:0e:4d:84:d8:95:1d:
         48:3a:4a:21:e3:eb:1c:c9:07:5b:16:86:92:ac:a8:65:5d:3c:
         7c:9b:64:c9:e7:ba:d6:30:e4:38:e2:cd:35:e2:18:87:8f:c5:
         5e:2d:75:79:06:1c:49:8f:b9:19:50:bd:38:97:4d:7d:a8:52:
         b9:af:4b:f6:ff:5a:7e:d5:a7:a1:d9:b2:fd:fe:8e:e4:df:b4:
         07:3c:3b:40:19:3f:57:32:78:1d:46:dc:7a:dc:47:83:db:60:
         d7:c6:6f:49:96:22:84:0e:5b:a6:70:4f:04:33:fa:d7:3b:72:
         34:fe:ab:67:d3:6a:e1:89:f0:25:c8:41:7b:58:7a:d5:58:0a:
         4b:d2:b3:d2:21:1e:a2:a0:fb:a4:5a:b8:91:ad:d2:7a:db:67:
         e6:df:85:57:47:87:c1:a9:fd:61:91:a6:a0:62:58:45:77:3f:
         ea:c6:fb:54:da:6b:cf:a7:c1:c7:1d:10:ba:48:7a:39:21:52:
         95:36:ec:a6:18:cc:28:e3:ff:b8:8d:d2:60:87:ba:21:4d:ad:
         df:8d:04:4f:37:4a:b2:d6:8e:1d:28:ab:af:d1:95:81:d1:89:
         a3:aa:c2:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXxkwtuxREMKLwz9dhqi7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzFlNGVkODQyNTM4M2Y2YzgxYzIxYTQ4OTRhNDM3NjM2
NzVlZmMwHhcNMjYwMzI1MTkwMDU5WhcNMjYwMzI2MTkwMDU5WjAzMTEwLwYDVQQD
EygyMTkzNzRlMjA2YTQ4MzMwZTZjNGRhM2MxODEzZDg5NmQ0Y2RmOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+VDf0Cinh2HyrjD+IDMqxw2alMN
ReIVhATf3ZKXSD/STEmT+iD8JJ6Wno2Y+HkR4+G9VKbYRyRalHCfgp9E/DtAmYZL
uPTZhc9FMBgxU544CXBmNzO9MIZkAOIL4d+pDXJFKSl+o+99Zs+x+OI8QHQHAbSQ
wRX7ZhBzvdKPBncKjQBxni4wia6XbEX62SI4ryI73Hn9M+CsCrbRsrpe6V5CwPFd
DrpOhoN5CUInSRqdjC4kvbn/gZG+Z+LByz6Q+B6xEb9+P1DZ4mybxhbLhJHrk2kb
9kpUoQqK0xqy8PAzTrfNKFdxWC80r9yEgYy0bHdPnegiJgj3iF6AzcQG1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGTdOIGpIMw5sTaPBgT2JbUzflJMB8GA1UdIwQY
MBaAFNJx5O2EJTg/bIHCGkiUpDdjZ178MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQt
YWI4MTBkNTM0YmRkLzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQtYWI4MTBkNTM0YmRk
LzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO99RQRgc
GsWyD9h7UTv6Of8KSw+2MpCMU4bPn2X0Dk2E2JUdSDpKIePrHMkHWxaGkqyoZV08
fJtkyee61jDkOOLNNeIYh4/FXi11eQYcSY+5GVC9OJdNfahSua9L9v9aftWnodmy
/f6O5N+0Bzw7QBk/VzJ4HUbcetxHg9tg18ZvSZYihA5bpnBPBDP61ztyNP6rZ9Nq
4YnwJchBe1h61VgKS9Kz0iEeoqD7pFq4ka3Settn5t+FV0eHwan9YZGmoGJYRXc/
6sb7VNprz6fBxx0Qukh6OSFSlTbsphjMKOP/uI3SYIe6IU2t340ETzdKstaOHSir
r9GVgdGJo6rC0Q==
-----END CERTIFICATE-----