Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          IOOl/JTZpoKkzzskg0yRY/s6j1Lj5dCaXwg3+eLlBkk=
Subject key identifier:   C1:C3:EB:86:FA:6D:31:0B:0E:CB:F1:06:6F:17:19:8A:78:93:61:B1
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       019D2B4ECCB8EF1C8C6D8D2F8223A1BB9688
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0F32
Signing time:             Thu 26 Mar 2026 18:01:17 +0000
Manifest this update:     Thu 26 Mar 2026 18:01:17 +0000
Manifest next update:     Fri 27 Mar 2026 18:01:17 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: MipZ90HeqrYXuibEOhOwAZVLmy/pvytUc2m7pscJmRE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2b:4e:cc:b8:ef:1c:8c:6d:8d:2f:82:23:a1:bb:96:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Mar 26 18:01:17 2026 GMT
            Not After : Mar 27 18:01:17 2026 GMT
        Subject: CN=c1c3eb86fa6d310b0ecbf1066f17198a789361b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:2b:87:1c:81:0a:c6:50:69:ce:34:ff:1e:89:
                    17:4f:b9:fb:27:01:cd:42:b9:36:d4:91:47:1f:9b:
                    b9:41:61:d2:7a:8d:6b:72:a8:9a:0c:a1:c9:73:03:
                    31:23:59:b8:a5:6d:21:08:43:62:c1:a0:c3:63:ed:
                    c3:20:f0:15:40:a7:89:a9:bf:45:c5:53:9a:4b:20:
                    5d:d2:68:fd:62:0b:65:d4:94:48:90:55:51:98:e3:
                    b9:a8:21:1d:c6:45:90:42:45:71:3c:1b:a7:88:6f:
                    c0:11:43:01:3e:54:d5:13:12:de:52:8b:42:05:78:
                    13:9f:f9:81:07:0e:c6:2a:0f:3d:bb:a4:ae:d9:eb:
                    9a:d5:cb:e7:38:e3:d5:c7:af:97:c3:f8:fd:51:c6:
                    12:8d:6b:c5:9d:2b:cd:9c:b6:7e:bc:32:f4:87:b0:
                    b7:54:db:c8:60:ea:f5:6e:1e:a4:a1:c3:02:f8:c8:
                    72:45:15:09:96:f9:dc:3d:bb:56:0c:53:40:f8:74:
                    dc:a3:53:38:57:a1:6a:55:84:28:d3:a1:b3:79:8c:
                    51:92:4a:fb:e5:b4:c2:df:07:73:87:a5:b3:79:77:
                    00:37:3b:f6:14:06:e6:73:fe:e2:52:9d:50:2d:89:
                    ad:d7:c4:61:ec:05:00:bc:e4:89:1b:f4:fb:15:06:
                    52:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:C3:EB:86:FA:6D:31:0B:0E:CB:F1:06:6F:17:19:8A:78:93:61:B1
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:40:3d:3c:a5:a4:d3:fb:97:60:d9:c3:6f:45:57:12:08:76:
         13:01:55:44:d6:7d:9c:cb:9d:b0:2d:20:3d:b8:f3:fc:65:4c:
         ca:5e:4b:93:48:05:87:79:12:7f:33:71:ff:b8:df:39:80:d0:
         29:72:8c:5e:25:28:23:e3:03:11:8e:23:40:59:89:91:b8:23:
         bd:91:5a:5b:a3:66:b1:1d:42:37:d7:e6:92:86:71:24:78:60:
         f0:00:7a:16:fb:b4:3d:47:88:e3:ed:b8:ee:74:4e:17:47:23:
         5c:c4:c7:f7:ba:30:d2:83:ce:d9:ee:30:f7:6a:93:53:4d:94:
         d8:c0:46:a2:75:f9:4b:2a:10:04:be:7d:10:31:3c:4d:3a:01:
         1a:df:98:4f:b5:85:95:c0:59:24:90:01:ec:dc:11:77:80:18:
         dc:cc:01:3e:68:11:a6:d2:6a:7c:58:fe:fe:3f:99:9a:71:da:
         dc:6c:f4:74:7b:e2:a7:27:d7:7b:54:40:c0:3f:65:0a:c2:52:
         0b:20:58:42:b3:4a:d3:b6:c4:95:ae:3c:36:d3:98:b1:63:9a:
         ab:f5:ad:e9:0e:4a:08:7d:f7:cd:5e:42:29:15:06:c9:65:cd:
         06:a0:90:79:a4:3a:9f:4a:57:dd:26:52:b2:07:49:73:88:e3:
         fa:12:fc:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTsy47xyMbY0vgiOhu5aIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjYwMzI2MTgwMTE3WhcNMjYwMzI3MTgwMTE3WjAzMTEwLwYDVQQD
EyhjMWMzZWI4NmZhNmQzMTBiMGVjYmYxMDY2ZjE3MTk4YTc4OTM2MWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCuHHIEKxlBpzjT/HokXT7n7JwHN
Qrk21JFHH5u5QWHSeo1rcqiaDKHJcwMxI1m4pW0hCENiwaDDY+3DIPAVQKeJqb9F
xVOaSyBd0mj9Ygtl1JRIkFVRmOO5qCEdxkWQQkVxPBuniG/AEUMBPlTVExLeUotC
BXgTn/mBBw7GKg89u6Su2eua1cvnOOPVx6+Xw/j9UcYSjWvFnSvNnLZ+vDL0h7C3
VNvIYOr1bh6kocMC+MhyRRUJlvncPbtWDFNA+HTco1M4V6FqVYQo06GzeYxRkkr7
5bTC3wdzh6WzeXcANzv2FAbmc/7iUp1QLYmt18Rh7AUAvOSJG/T7FQZSgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHD64b6bTELDsvxBm8XGYp4k2GxMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFkA9PKWk
0/uXYNnDb0VXEgh2EwFVRNZ9nMudsC0gPbjz/GVMyl5Lk0gFh3kSfzNx/7jfOYDQ
KXKMXiUoI+MDEY4jQFmJkbgjvZFaW6NmsR1CN9fmkoZxJHhg8AB6Fvu0PUeI4+24
7nROF0cjXMTH97ow0oPO2e4w92qTU02U2MBGonX5SyoQBL59EDE8TToBGt+YT7WF
lcBZJJAB7NwRd4AY3MwBPmgRptJqfFj+/j+ZmnHa3Gz0dHvipyfXe1RAwD9lCsJS
CyBYQrNK07bEla48NtOYsWOaq/Wt6Q5KCH33zV5CKRUGyWXNBqCQeaQ6n0pX3SZS
sgdJc4jj+hL8rQ==
-----END CERTIFICATE-----