Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          XTy9Y7yTdg4y4SZfhgLexma60oCMtA9noqbBtUxDeFc=
Subject key identifier:   97:2C:B1:F9:FF:5B:D5:2C:86:18:FD:6D:37:C8:71:72:56:7A:B3:81
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019D2703E0CC58BDDB133FE561ADFAC95C73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0870
Signing time:             Wed 25 Mar 2026 22:00:58 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:58 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:58 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: OsdavpYH2U8jxuKeMFjUiwY+m5TBhr+qHM6TFDiJHt0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:e0:cc:58:bd:db:13:3f:e5:61:ad:fa:c9:5c:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Mar 25 22:00:58 2026 GMT
            Not After : Mar 26 22:00:58 2026 GMT
        Subject: CN=972cb1f9ff5bd52c8618fd6d37c87172567ab381
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:dd:97:65:a1:9a:3d:2c:64:8a:04:e7:ba:9f:
                    4d:93:06:e2:88:9c:63:93:d8:51:ca:00:d3:b8:a2:
                    ec:b5:19:54:99:02:0e:7d:2e:58:1d:dd:30:aa:77:
                    10:7f:81:f3:3e:34:68:3b:79:66:6e:b1:f4:64:0d:
                    40:d3:38:41:5e:85:81:9f:e3:a7:1e:6a:b9:72:9b:
                    db:ea:9e:e7:02:c4:48:4a:ee:f2:cf:4f:0a:74:5a:
                    3c:8c:96:90:00:e3:6b:04:71:06:d2:4d:4d:20:65:
                    be:f4:42:0c:8e:1b:35:0c:2e:48:63:81:9f:0c:94:
                    8b:b1:05:3c:38:9f:50:62:00:ed:81:e3:9a:a6:ec:
                    6e:d7:0d:e3:4e:cf:ad:c9:82:f2:63:8d:fc:62:c9:
                    63:a1:f4:11:64:60:1c:b8:68:24:b2:ec:34:19:7a:
                    b4:a4:b9:97:7b:7a:82:1e:03:a6:e8:a7:c2:06:7b:
                    9a:00:99:ee:7a:6b:a5:ce:bf:22:d5:09:ee:a5:e8:
                    fc:87:d6:5e:13:64:26:df:58:c0:de:fa:33:ea:22:
                    09:14:c1:eb:a2:2e:a0:b5:69:c7:c1:cb:e1:64:ac:
                    ce:cc:cf:8f:fe:f0:f5:00:9c:f4:9d:1a:0d:97:9a:
                    df:da:15:4d:4a:10:2e:35:44:9e:8a:65:4d:7e:85:
                    5f:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:2C:B1:F9:FF:5B:D5:2C:86:18:FD:6D:37:C8:71:72:56:7A:B3:81
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:f5:5c:85:0e:91:c8:fa:1d:72:72:65:61:98:9d:90:13:93:
         d9:5e:39:fe:b8:f6:5f:4d:00:ce:24:6c:b6:5b:3b:a4:e7:ff:
         f2:4a:80:bd:42:e6:a7:bb:e7:77:ac:a4:4e:a7:49:33:cf:b5:
         1a:ec:61:af:bb:32:e3:b7:ce:aa:77:ba:e2:bd:9c:25:cc:45:
         5a:98:e1:e9:ff:2d:81:22:f7:83:9b:b8:33:6d:a7:3d:3a:07:
         29:1b:a2:38:f4:eb:87:6c:26:c6:e5:52:a7:7a:b6:57:06:51:
         9c:61:4d:1c:5b:41:e8:2f:d9:82:71:d8:9e:62:81:2b:e7:d7:
         2e:57:eb:c6:56:a3:ac:97:52:1a:27:cd:1d:ac:48:6e:75:09:
         5e:ac:71:66:cc:75:12:48:70:91:4a:b6:ab:e4:44:3d:f6:50:
         80:16:5b:10:ad:15:9a:4f:7d:25:08:f8:91:72:2c:b9:3a:82:
         09:f1:85:40:cf:db:92:09:0d:79:94:ab:46:f6:6b:f8:43:af:
         24:5c:44:cc:8d:72:99:aa:f8:7c:a4:aa:43:b8:50:f2:ef:7a:
         d8:00:13:96:d1:93:8d:b9:23:f2:4c:97:f5:00:fe:fd:1f:57:
         93:47:4d:3b:64:c2:12:e6:54:1b:41:3b:2c:9c:78:67:85:d2:
         b6:10:f6:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA+DMWL3bEz/lYa36yVxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjYwMzI1MjIwMDU4WhcNMjYwMzI2MjIwMDU4WjAzMTEwLwYDVQQD
Eyg5NzJjYjFmOWZmNWJkNTJjODYxOGZkNmQzN2M4NzE3MjU2N2FiMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA392XZaGaPSxkigTnup9NkwbiiJxj
k9hRygDTuKLstRlUmQIOfS5YHd0wqncQf4HzPjRoO3lmbrH0ZA1A0zhBXoWBn+On
Hmq5cpvb6p7nAsRISu7yz08KdFo8jJaQAONrBHEG0k1NIGW+9EIMjhs1DC5IY4Gf
DJSLsQU8OJ9QYgDtgeOapuxu1w3jTs+tyYLyY438YsljofQRZGAcuGgksuw0GXq0
pLmXe3qCHgOm6KfCBnuaAJnuemulzr8i1Qnupej8h9ZeE2Qm31jA3voz6iIJFMHr
oi6gtWnHwcvhZKzOzM+P/vD1AJz0nRoNl5rf2hVNShAuNUSeimVNfoVfxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcssfn/W9Ushhj9bTfIcXJWerOBMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC/VchQ6R
yPodcnJlYZidkBOT2V45/rj2X00AziRstls7pOf/8kqAvULmp7vnd6ykTqdJM8+1
Guxhr7sy47fOqne64r2cJcxFWpjh6f8tgSL3g5u4M22nPToHKRuiOPTrh2wmxuVS
p3q2VwZRnGFNHFtB6C/ZgnHYnmKBK+fXLlfrxlajrJdSGifNHaxIbnUJXqxxZsx1
EkhwkUq2q+REPfZQgBZbEK0Vmk99JQj4kXIsuTqCCfGFQM/bkgkNeZSrRvZr+EOv
JFxEzI1ymar4fKSqQ7hQ8u962AATltGTjbkj8kyX9QD+/R9Xk0dNO2TCEuZUG0E7
LJx4Z4XSthD2Hg==
-----END CERTIFICATE-----