Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
File:                     0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft (raw, json)
Hash identifier:          UHOmN36+U7hiMH7Aqx5lwDcecHBsh0q5knHjUVjc56g=
Subject key identifier:   2E:98:67:C7:BA:B4:AD:5F:E0:F1:D8:1A:40:18:59:1F:D4:9C:F8:36
Authority key identifier: D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC
Certificate issuer:       /CN=d271e4ed8425383f6c81c21a4894a43763675efc
Certificate serial:       019E1D9076DF067CA10D10853DBB80EB4EE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
Manifest number:          040D
Signing time:             Tue 12 May 2026 19:01:07 +0000
Manifest this update:     Tue 12 May 2026 19:01:07 +0000
Manifest next update:     Wed 13 May 2026 19:01:07 +0000
Files and hashes:         1: 0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl (hash: LOSk1h/HJVLZNP8DhmEqA+mjQd1TlDGokW4HOn1zXSI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:90:76:df:06:7c:a1:0d:10:85:3d:bb:80:eb:4e:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d271e4ed8425383f6c81c21a4894a43763675efc
        Validity
            Not Before: May 12 19:01:07 2026 GMT
            Not After : May 13 19:01:07 2026 GMT
        Subject: CN=2e9867c7bab4ad5fe0f1d81a4018591fd49cf836
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d7:da:9c:fd:22:9c:bd:ce:c1:4d:05:c5:ad:
                    cd:ce:c1:26:9a:1b:67:31:13:fc:aa:5f:29:0b:25:
                    85:bc:9f:52:af:f2:6a:77:ac:41:e9:80:79:7a:9a:
                    79:73:5a:ff:67:a2:61:03:c6:95:15:60:b6:46:af:
                    c2:92:99:4a:c2:f8:cb:50:d6:12:c5:7f:b8:8e:ae:
                    6f:ac:42:85:23:1e:d0:fc:ec:82:a8:13:90:a9:15:
                    67:76:6f:51:f3:57:82:fb:48:cc:fe:72:27:97:a5:
                    5b:75:b9:4c:91:f6:59:b6:97:5b:d1:4e:f6:de:b6:
                    61:18:34:eb:bd:d1:da:d5:1d:b5:31:39:21:2e:70:
                    ba:38:be:b5:b9:3f:c9:88:8c:22:cd:86:8a:8a:3b:
                    5a:41:13:40:47:d1:c2:15:06:4e:6e:3e:b9:0a:a9:
                    fb:7c:d8:f4:42:53:b6:91:b4:3c:b2:72:ba:43:03:
                    c1:19:64:59:b9:07:5c:64:55:0f:2d:8a:a4:ab:ba:
                    14:8d:12:13:45:e4:b5:3e:f0:fd:8c:71:49:8d:c2:
                    bd:d4:7d:d7:a6:29:93:bd:aa:6b:81:38:b1:e6:d7:
                    af:ae:7a:20:c3:a1:d9:2e:3b:3c:a2:8f:13:99:e0:
                    f1:2c:6d:47:fe:97:f9:bb:40:41:83:a2:dc:9e:8c:
                    ec:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:98:67:C7:BA:B4:AD:5F:E0:F1:D8:1A:40:18:59:1F:D4:9C:F8:36
            X509v3 Authority Key Identifier:
                keyid:D2:71:E4:ED:84:25:38:3F:6C:81:C2:1A:48:94:A4:37:63:67:5E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nHk7YQlOD9sgcIaSJSkN2NnXvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8e16cc-821f-4bd5-9fed-ab810d534bdd/1/0nHk7YQlOD9sgcIaSJSkN2NnXvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:7f:d2:df:5b:ab:32:c9:ac:3b:ac:9d:32:73:e7:ee:b4:f6:
         ea:8b:a9:5b:b9:22:d6:a8:81:b7:65:61:e8:67:f2:8e:4e:47:
         75:8e:cf:c3:43:36:18:bb:70:ed:a9:07:a9:34:1a:4e:e8:f9:
         e5:63:da:28:e5:67:3b:77:d0:e4:e8:2e:32:84:6f:57:67:fa:
         84:06:1e:be:f0:04:73:10:71:cd:46:23:8d:6a:20:ca:95:74:
         20:95:b0:90:60:4c:29:59:22:57:c9:d3:06:9b:84:92:23:5a:
         e6:37:8c:8c:3b:bb:46:4b:0e:91:fe:7d:87:59:83:ab:be:f2:
         f0:d3:33:16:35:65:1b:f4:8b:d7:b4:c5:8c:c0:74:41:f6:90:
         36:3d:c1:e8:ee:41:cf:c4:3c:53:99:a6:90:6f:e8:73:d7:e5:
         65:86:d5:07:9e:f1:2d:c5:d6:53:32:14:2b:fc:f3:26:f5:fa:
         35:04:ae:3d:7d:67:65:f3:98:52:1e:04:fc:2a:5f:fb:ce:a0:
         c2:d8:61:93:15:0b:72:10:a3:7f:b8:f1:8d:b3:25:51:df:05:
         aa:ca:a9:62:b6:bc:09:bc:61:69:b2:1e:e2:a4:6a:db:e2:fb:
         ca:d8:b5:2d:e7:88:5c:bc:d8:bd:e7:51:60:22:3f:cd:b8:08:
         65:20:92:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dkHbfBnyhDRCFPbuA607nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzFlNGVkODQyNTM4M2Y2YzgxYzIxYTQ4OTRhNDM3NjM2
NzVlZmMwHhcNMjYwNTEyMTkwMTA3WhcNMjYwNTEzMTkwMTA3WjAzMTEwLwYDVQQD
EygyZTk4NjdjN2JhYjRhZDVmZTBmMWQ4MWE0MDE4NTkxZmQ0OWNmODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9fanP0inL3OwU0Fxa3NzsEmmhtn
MRP8ql8pCyWFvJ9Sr/Jqd6xB6YB5epp5c1r/Z6JhA8aVFWC2Rq/CkplKwvjLUNYS
xX+4jq5vrEKFIx7Q/OyCqBOQqRVndm9R81eC+0jM/nInl6VbdblMkfZZtpdb0U72
3rZhGDTrvdHa1R21MTkhLnC6OL61uT/JiIwizYaKijtaQRNAR9HCFQZObj65Cqn7
fNj0QlO2kbQ8snK6QwPBGWRZuQdcZFUPLYqkq7oUjRITReS1PvD9jHFJjcK91H3X
pimTvaprgTix5tevrnogw6HZLjs8oo8TmeDxLG1H/pf5u0BBg6LcnozsvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6YZ8e6tK1f4PHYGkAYWR/UnPg2MB8GA1UdIwQY
MBaAFNJx5O2EJTg/bIHCGkiUpDdjZ178MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQt
YWI4MTBkNTM0YmRkLzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84ZTE2Y2MtODIxZi00YmQ1LTlmZWQtYWI4MTBkNTM0YmRk
LzEvMG5IazdZUWxPRDlzZ2NJYVNKU2tOMk5uWHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIn/S31ur
MsmsO6ydMnPn7rT26oupW7ki1qiBt2Vh6Gfyjk5HdY7Pw0M2GLtw7akHqTQaTuj5
5WPaKOVnO3fQ5OguMoRvV2f6hAYevvAEcxBxzUYjjWogypV0IJWwkGBMKVkiV8nT
BpuEkiNa5jeMjDu7RksOkf59h1mDq77y8NMzFjVlG/SL17TFjMB0QfaQNj3B6O5B
z8Q8U5mmkG/oc9flZYbVB57xLcXWUzIUK/zzJvX6NQSuPX1nZfOYUh4E/Cpf+86g
wthhkxULchCjf7jxjbMlUd8FqsqpYra8CbxhabIe4qRq2+L7yti1LeeIXLzYvedR
YCI/zbgIZSCSPA==
-----END CERTIFICATE-----