Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
File:                     h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json)
Hash identifier:          xkriuxfpbq3H9fLK1MS1HjehfPb6LihEYsTLd6BchNE=
Subject key identifier:   DC:10:B2:DC:AE:49:62:AF:17:A6:9F:CF:3F:BC:7D:2D:F4:DB:DA:80
Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97
Certificate issuer:       /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
Certificate serial:       019D284E43AABB8DCA61F6219CCF606C626C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
Manifest number:          0DCB
Signing time:             Thu 26 Mar 2026 04:01:50 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:50 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:50 +0000
Files and hashes:         1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: QXbHmvC8/hCVnMJTHUu747eWXiGiX7lMxIBLlsOEj/I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:43:aa:bb:8d:ca:61:f6:21:9c:cf:60:6c:62:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
        Validity
            Not Before: Mar 26 04:01:50 2026 GMT
            Not After : Mar 27 04:01:50 2026 GMT
        Subject: CN=dc10b2dcae4962af17a69fcf3fbc7d2df4dbda80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:cb:50:63:10:09:8d:f8:58:e1:48:15:cb:47:
                    78:c5:e6:be:c3:48:e8:7c:6a:1b:7d:03:cb:c4:59:
                    83:8b:ba:8d:b7:f3:de:c7:06:2a:69:c0:05:33:20:
                    f3:d4:08:24:e1:72:30:df:28:b2:2b:bd:cb:4e:9c:
                    8b:2a:61:3e:22:ec:6a:84:53:2b:99:e9:b3:77:9a:
                    82:f2:49:96:e9:52:7a:6e:bc:38:c8:96:4f:da:1c:
                    ef:9c:58:97:99:7f:32:83:73:3c:99:a5:47:f7:37:
                    c7:88:43:e0:a1:ac:46:37:23:4a:a5:37:b8:da:47:
                    62:d4:60:85:a5:2c:de:d1:ef:cb:84:7b:34:21:7e:
                    4d:16:b7:b1:ab:fb:04:e1:d2:f4:85:52:61:46:17:
                    75:e4:15:1d:4a:2c:ed:9e:ff:01:de:8b:2b:35:e9:
                    97:1a:d0:07:61:02:b5:93:a4:66:e1:4d:61:9f:92:
                    74:da:84:95:55:1c:51:dd:d2:3d:d8:fa:e6:3d:bc:
                    37:ab:6d:8c:65:63:0a:09:f4:bc:c6:0b:f7:d2:cb:
                    d9:ec:0c:aa:91:5f:8a:4d:58:7c:92:0d:a2:cd:ce:
                    c1:44:a4:9c:dd:7b:90:7b:db:f6:b2:bb:5d:51:8a:
                    11:77:df:9c:9b:dd:26:73:b5:c3:c6:de:d9:51:3f:
                    bf:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:10:B2:DC:AE:49:62:AF:17:A6:9F:CF:3F:BC:7D:2D:F4:DB:DA:80
            X509v3 Authority Key Identifier:
                keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:f0:9b:58:27:47:46:06:bf:b8:d8:97:ce:dd:fd:c9:29:2f:
         7b:28:a5:11:66:e4:01:ca:d6:d7:8b:24:7a:97:bf:5e:91:eb:
         ef:37:5b:fa:0c:cc:0e:03:84:b2:6b:ab:b7:cf:ea:be:fe:af:
         5b:b2:61:2e:df:8e:fb:ef:a1:4f:d3:70:35:35:44:3b:50:8a:
         6a:fb:a9:42:35:77:f8:ff:8b:02:eb:c5:30:74:f7:b2:2b:ce:
         a7:c3:3d:55:0b:ee:d3:d5:f6:6f:f4:c2:10:74:7d:a9:55:84:
         b8:d4:52:00:ca:9a:19:e4:08:1e:f5:f1:3e:9f:90:c2:db:47:
         b3:a2:f5:cb:a7:80:8d:78:4b:98:91:f4:6d:70:5c:a5:c1:30:
         ae:c5:02:67:d7:a0:6c:a0:a1:80:d9:09:ce:6a:c0:33:57:c6:
         0a:55:5b:af:eb:4e:ac:05:2f:1d:ed:95:79:e0:fd:39:de:5a:
         5a:30:49:08:68:53:df:6c:ef:35:d9:1b:b4:10:2f:ce:41:2f:
         52:a2:dd:8c:2a:e6:22:a7:ac:b9:5b:54:b1:76:99:a4:11:2a:
         2b:a6:46:48:dd:07:41:61:3a:7d:d6:30:99:1d:df:1f:14:51:
         27:d3:ee:50:ea:f2:43:b7:ef:d4:e8:ec:1a:fe:33:30:09:62:
         e6:14:f8:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTkOqu43KYfYhnM9gbGJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5
NTVlOTcwHhcNMjYwMzI2MDQwMTUwWhcNMjYwMzI3MDQwMTUwWjAzMTEwLwYDVQQD
EyhkYzEwYjJkY2FlNDk2MmFmMTdhNjlmY2YzZmJjN2QyZGY0ZGJkYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MtQYxAJjfhY4UgVy0d4xea+w0jo
fGobfQPLxFmDi7qNt/PexwYqacAFMyDz1Agk4XIw3yiyK73LTpyLKmE+IuxqhFMr
memzd5qC8kmW6VJ6brw4yJZP2hzvnFiXmX8yg3M8maVH9zfHiEPgoaxGNyNKpTe4
2kdi1GCFpSze0e/LhHs0IX5NFrexq/sE4dL0hVJhRhd15BUdSiztnv8B3osrNemX
GtAHYQK1k6Rm4U1hn5J02oSVVRxR3dI92PrmPbw3q22MZWMKCfS8xgv30svZ7Ayq
kV+KTVh8kg2izc7BRKSc3XuQe9v2srtdUYoRd9+cm90mc7XDxt7ZUT+/IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNwQstyuSWKvF6afzz+8fS3029qAMB8GA1UdIwQY
MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt
MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl
LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASvCbWCdH
Rga/uNiXzt39ySkveyilEWbkAcrW14skepe/XpHr7zdb+gzMDgOEsmurt8/qvv6v
W7JhLt+O+++hT9NwNTVEO1CKavupQjV3+P+LAuvFMHT3sivOp8M9VQvu09X2b/TC
EHR9qVWEuNRSAMqaGeQIHvXxPp+QwttHs6L1y6eAjXhLmJH0bXBcpcEwrsUCZ9eg
bKChgNkJzmrAM1fGClVbr+tOrAUvHe2VeeD9Od5aWjBJCGhT32zvNdkbtBAvzkEv
UqLdjCrmIqesuVtUsXaZpBEqK6ZGSN0HQWE6fdYwmR3fHxRRJ9PuUOryQ7fv1Ojs
Gv4zMAli5hT4Hw==
-----END CERTIFICATE-----