Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
File:                     D4jGhrHhIvzcFlwCN6D149mQvwE.mft (raw, json)
Hash identifier:          Lxh9vHMbZBLJXUyly5l3H87qSf+Sld4L6N4f5JrM70w=
Subject key identifier:   9C:6C:8C:91:68:30:9F:00:F0:56:EC:D4:0C:E9:1B:D2:70:52:E2:37
Authority key identifier: 0F:88:C6:86:B1:E1:22:FC:DC:16:5C:02:37:A0:F5:E3:D9:90:BF:01
Certificate issuer:       /CN=0f88c686b1e122fcdc165c0237a0f5e3d990bf01
Certificate serial:       019E2023932CFF7AAB4098FBFE2DB88DD7B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
Manifest number:          0EB4
Signing time:             Wed 13 May 2026 07:01:02 +0000
Manifest this update:     Wed 13 May 2026 07:01:02 +0000
Manifest next update:     Thu 14 May 2026 07:01:02 +0000
Files and hashes:         1: D4jGhrHhIvzcFlwCN6D149mQvwE.crl (hash: QtXP14QGZ7s2YLSbVe1FyZc3ENoLi+WacCiSRNk6DH0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 14 May 2026 06:33:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:20:23:93:2c:ff:7a:ab:40:98:fb:fe:2d:b8:8d:d7:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f88c686b1e122fcdc165c0237a0f5e3d990bf01
        Validity
            Not Before: May 13 07:01:02 2026 GMT
            Not After : May 14 07:01:02 2026 GMT
        Subject: CN=9c6c8c9168309f00f056ecd40ce91bd27052e237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:61:10:16:bd:92:f6:b9:20:f6:33:ce:53:aa:
                    f3:c7:e5:2e:fe:a4:c6:c5:a2:ad:d2:02:e4:89:ed:
                    df:90:42:d5:af:5a:b4:c0:22:0e:35:e0:4a:29:88:
                    b9:0d:56:b1:28:07:2e:24:05:c9:06:cb:0b:d8:98:
                    55:e1:af:e0:f7:25:50:10:8a:72:87:53:b7:60:90:
                    ba:a2:33:50:ba:56:76:6f:b9:7c:8e:52:b7:5e:58:
                    4e:4b:02:06:ff:ca:80:0c:c0:39:71:b2:67:85:1e:
                    09:d3:8d:6c:25:61:7e:81:23:b7:02:96:33:fc:83:
                    9b:72:35:22:e8:66:10:28:b8:30:fc:84:2a:26:46:
                    c7:b7:a0:14:6f:e0:b8:3e:3e:4b:0e:92:96:ed:e7:
                    a1:0b:10:de:45:34:12:47:0d:df:7f:01:c0:db:e5:
                    e6:d4:7d:00:03:f2:3d:41:6b:90:45:cf:b3:7f:aa:
                    4a:07:a0:70:b1:f3:05:5a:80:87:ca:96:63:ee:0d:
                    57:e9:0e:2f:c4:0e:44:11:d1:c4:a9:ff:e8:39:e3:
                    86:9b:5a:f5:e9:1b:39:ae:07:04:f5:b3:1a:6c:bd:
                    82:71:55:27:32:26:de:b0:df:ab:7d:54:76:e9:9d:
                    44:8b:b5:88:bc:a3:0b:59:63:55:ec:7e:01:4f:cd:
                    85:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:6C:8C:91:68:30:9F:00:F0:56:EC:D4:0C:E9:1B:D2:70:52:E2:37
            X509v3 Authority Key Identifier:
                keyid:0F:88:C6:86:B1:E1:22:FC:DC:16:5C:02:37:A0:F5:E3:D9:90:BF:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:92:63:0e:0b:e2:10:e6:3e:d8:2b:0a:bb:e0:e3:e1:df:49:
         b3:38:82:34:37:69:a7:02:06:b0:ac:8f:29:b7:7d:44:7d:6d:
         0d:98:28:87:80:47:db:d0:2b:23:e9:a6:29:a4:4d:f1:ff:10:
         32:53:16:5d:8a:51:d2:86:d8:a1:d0:34:6a:5c:79:d5:ab:02:
         a2:23:f6:45:b5:77:92:16:b6:6f:3d:6a:ad:05:97:5d:f4:bc:
         3b:53:42:ba:61:26:f3:80:9d:5f:e2:6d:9a:ef:bc:9c:1d:75:
         bf:17:57:04:a4:4d:22:e3:b1:e5:15:07:15:0c:aa:f6:b0:05:
         9c:25:e3:db:13:06:14:5b:94:80:84:29:4b:43:44:ff:9d:ce:
         50:6e:b6:85:84:22:b9:91:62:66:d9:76:d1:d3:e2:ba:e6:d9:
         25:14:93:4f:37:74:ca:fb:3d:af:bb:a6:59:94:82:84:62:40:
         0f:d1:3f:47:91:ee:b8:8a:79:6f:3f:00:22:be:18:03:34:e8:
         ea:97:5d:e7:8c:71:c7:88:e0:e1:ec:64:82:24:9b:85:1d:52:
         d7:d1:4c:07:5d:58:03:33:9d:36:30:33:27:2e:7e:df:39:7f:
         b4:e1:1d:38:55:97:b6:d4:0f:a1:94:53:e0:95:ee:00:b8:9b:
         10:19:77:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4gI5Ms/3qrQJj7/i24jde0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmODhjNjg2YjFlMTIyZmNkYzE2NWMwMjM3YTBmNWUzZDk5
MGJmMDEwHhcNMjYwNTEzMDcwMTAyWhcNMjYwNTE0MDcwMTAyWjAzMTEwLwYDVQQD
Eyg5YzZjOGM5MTY4MzA5ZjAwZjA1NmVjZDQwY2U5MWJkMjcwNTJlMjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWEQFr2S9rkg9jPOU6rzx+Uu/qTG
xaKt0gLkie3fkELVr1q0wCIONeBKKYi5DVaxKAcuJAXJBssL2JhV4a/g9yVQEIpy
h1O3YJC6ojNQulZ2b7l8jlK3XlhOSwIG/8qADMA5cbJnhR4J041sJWF+gSO3ApYz
/IObcjUi6GYQKLgw/IQqJkbHt6AUb+C4Pj5LDpKW7eehCxDeRTQSRw3ffwHA2+Xm
1H0AA/I9QWuQRc+zf6pKB6BwsfMFWoCHypZj7g1X6Q4vxA5EEdHEqf/oOeOGm1r1
6Rs5rgcE9bMabL2CcVUnMibesN+rfVR26Z1Ei7WIvKMLWWNV7H4BT82FoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJxsjJFoMJ8A8Fbs1AzpG9JwUuI3MB8GA1UdIwQY
MBaAFA+Ixoax4SL83BZcAjeg9ePZkL8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lNmYwYzQtNzk5ZC00NjIwLWFiN2It
YjQyMjVkZTI3MjNhLzEvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lNmYwYzQtNzk5ZC00NjIwLWFiN2ItYjQyMjVkZTI3MjNh
LzEvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJJjDgvi
EOY+2CsKu+Dj4d9JsziCNDdppwIGsKyPKbd9RH1tDZgoh4BH29ArI+mmKaRN8f8Q
MlMWXYpR0obYodA0alx51asCoiP2RbV3kha2bz1qrQWXXfS8O1NCumEm84CdX+Jt
mu+8nB11vxdXBKRNIuOx5RUHFQyq9rAFnCXj2xMGFFuUgIQpS0NE/53OUG62hYQi
uZFiZtl20dPiuubZJRSTTzd0yvs9r7umWZSChGJAD9E/R5HuuIp5bz8AIr4YAzTo
6pdd54xxx4jg4exkgiSbhR1S19FMB11YAzOdNjAzJy5+3zl/tOEdOFWXttQPoZRT
4JXuALibEBl3Jw==
-----END CERTIFICATE-----