Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
File:                     D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft (raw, json)
Hash identifier:          QHVNozKbhpJk3SaGH1cgrQVtogtc8orRcu8znwa6HKY=
Subject key identifier:   E8:52:0E:B9:FA:26:17:4D:49:45:BD:8B:A5:92:AE:34:50:30:68:8B
Authority key identifier: 0F:B7:F1:FD:87:68:E2:11:63:54:2A:FC:F5:5A:83:C6:98:02:15:A3
Certificate issuer:       /CN=0fb7f1fd8768e21163542afcf55a83c6980215a3
Certificate serial:       019E1D2276A27162846D9432EB85AD038050
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
Manifest number:          0A60
Signing time:             Tue 12 May 2026 17:00:58 +0000
Manifest this update:     Tue 12 May 2026 17:00:58 +0000
Manifest next update:     Wed 13 May 2026 17:00:58 +0000
Files and hashes:         1: D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl (hash: FPhQ13wTNFt5MnDkrNFM5hvI2ppC5jVdORxSLA0ru9I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:22:76:a2:71:62:84:6d:94:32:eb:85:ad:03:80:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fb7f1fd8768e21163542afcf55a83c6980215a3
        Validity
            Not Before: May 12 17:00:58 2026 GMT
            Not After : May 13 17:00:58 2026 GMT
        Subject: CN=e8520eb9fa26174d4945bd8ba592ae345030688b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:af:04:85:e3:21:01:27:9b:d5:e3:20:2c:b6:
                    01:fe:db:07:bd:41:8c:d3:da:8f:1d:f2:5b:98:84:
                    84:b4:8a:dd:47:70:70:c8:41:3a:54:21:1d:fc:42:
                    f5:07:56:4f:e2:41:f0:a2:f4:e6:25:6e:92:32:80:
                    f6:69:3f:23:68:b8:b0:d8:e3:4a:fa:d9:f6:41:71:
                    81:c8:c9:b0:62:59:8c:21:04:d3:cb:b7:44:ac:48:
                    a6:b3:44:9d:36:11:1d:98:81:c0:e7:55:a5:02:29:
                    73:f1:47:55:06:f9:9f:41:51:22:12:5f:49:bc:ad:
                    0c:27:e4:6a:f1:00:2d:80:39:e5:65:0b:8c:09:8a:
                    cd:5b:50:89:41:31:a5:86:08:00:b7:ed:16:d4:73:
                    53:a0:d1:3a:07:c5:b5:8e:91:a4:3d:c8:43:f3:b0:
                    e3:7c:9a:30:c8:ba:96:40:60:dc:a9:34:2f:38:61:
                    7b:09:b3:95:9e:eb:6b:2b:ee:31:0c:c4:49:c2:53:
                    31:fd:87:8b:d4:56:a9:91:e2:50:cc:1a:64:ca:29:
                    a2:07:ab:d7:f9:65:45:fe:a4:a5:e9:c4:43:c3:e3:
                    be:8c:a1:d6:fe:f9:7c:eb:35:3e:33:67:df:64:bc:
                    b4:47:7e:d4:78:d9:ee:b7:91:3f:35:35:9f:a3:52:
                    82:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:52:0E:B9:FA:26:17:4D:49:45:BD:8B:A5:92:AE:34:50:30:68:8B
            X509v3 Authority Key Identifier:
                keyid:0F:B7:F1:FD:87:68:E2:11:63:54:2A:FC:F5:5A:83:C6:98:02:15:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D7fx_Ydo4hFjVCr89VqDxpgCFaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/e7c8d0-749b-452d-bff0-a0e28dcfffc7/1/D7fx_Ydo4hFjVCr89VqDxpgCFaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:d4:01:57:83:0e:0c:8b:e9:44:51:99:ba:db:99:00:db:af:
         20:1c:ab:be:f2:fe:34:e2:72:ab:b2:0c:a8:4a:d7:5e:78:54:
         c6:12:c3:68:8d:89:5d:24:6d:ac:19:3d:7c:58:8d:70:f6:4d:
         f9:db:42:7b:f5:2b:ff:bd:38:be:a0:12:3e:5c:5c:14:4c:48:
         c8:9c:96:38:9e:81:f3:97:72:25:c3:39:73:0a:c9:18:74:cb:
         01:79:f7:2a:63:97:33:83:60:ed:87:3c:e8:31:99:6c:f5:ee:
         7c:56:c9:ac:22:d9:ca:dc:c6:5d:a1:16:a4:07:ac:c1:f4:98:
         2c:ef:44:b0:73:ce:cd:cd:bb:01:90:86:84:53:c3:85:70:9b:
         21:dd:85:30:e9:8a:c1:8a:b5:ad:d1:d8:c1:4c:7f:d8:5e:8e:
         63:e0:97:4f:21:1c:c5:04:6e:46:98:24:88:55:99:de:f2:a7:
         d7:2e:5e:5f:b5:35:68:0d:a0:db:a4:83:b9:41:5e:f5:b6:cf:
         1f:b5:ed:b7:0e:f1:34:70:50:5a:86:ae:c8:6b:f8:a1:e7:90:
         39:c2:88:24:f6:7f:31:3a:71:cc:de:9d:fc:a2:c5:58:20:99:
         76:36:45:cd:50:61:b3:55:13:e1:77:d6:fa:25:f8:24:4a:27:
         0a:a0:69:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dInaicWKEbZQy64WtA4BQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYjdmMWZkODc2OGUyMTE2MzU0MmFmY2Y1NWE4M2M2OTgw
MjE1YTMwHhcNMjYwNTEyMTcwMDU4WhcNMjYwNTEzMTcwMDU4WjAzMTEwLwYDVQQD
EyhlODUyMGViOWZhMjYxNzRkNDk0NWJkOGJhNTkyYWUzNDUwMzA2ODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt68EheMhASeb1eMgLLYB/tsHvUGM
09qPHfJbmISEtIrdR3BwyEE6VCEd/EL1B1ZP4kHwovTmJW6SMoD2aT8jaLiw2ONK
+tn2QXGByMmwYlmMIQTTy7dErEims0SdNhEdmIHA51WlAilz8UdVBvmfQVEiEl9J
vK0MJ+Rq8QAtgDnlZQuMCYrNW1CJQTGlhggAt+0W1HNToNE6B8W1jpGkPchD87Dj
fJowyLqWQGDcqTQvOGF7CbOVnutrK+4xDMRJwlMx/YeL1FapkeJQzBpkyimiB6vX
+WVF/qSl6cRDw+O+jKHW/vl86zU+M2ffZLy0R37UeNnut5E/NTWfo1KCtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOhSDrn6JhdNSUW9i6WSrjRQMGiLMB8GA1UdIwQY
MBaAFA+38f2HaOIRY1Qq/PVag8aYAhWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lN2M4ZDAtNzQ5Yi00NTJkLWJmZjAt
YTBlMjhkY2ZmZmM3LzEvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lN2M4ZDAtNzQ5Yi00NTJkLWJmZjAtYTBlMjhkY2ZmZmM3
LzEvRDdmeF9ZZG80aEZqVkNyODlWcUR4cGdDRmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMNQBV4MO
DIvpRFGZutuZANuvIByrvvL+NOJyq7IMqErXXnhUxhLDaI2JXSRtrBk9fFiNcPZN
+dtCe/Ur/704vqASPlxcFExIyJyWOJ6B85dyJcM5cwrJGHTLAXn3KmOXM4Ng7Yc8
6DGZbPXufFbJrCLZytzGXaEWpAeswfSYLO9EsHPOzc27AZCGhFPDhXCbId2FMOmK
wYq1rdHYwUx/2F6OY+CXTyEcxQRuRpgkiFWZ3vKn1y5eX7U1aA2g26SDuUFe9bbP
H7Xttw7xNHBQWoauyGv4oeeQOcKIJPZ/MTpxzN6d/KLFWCCZdjZFzVBhs1UT4XfW
+iX4JEonCqBpSg==
-----END CERTIFICATE-----