Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
File:                     D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json)
Hash identifier:          6BPSUYo2eOFhIB8cgQ8WqkjrYcBhxZOo7M2qBuwkyDU=
Subject key identifier:   E0:BE:11:70:59:5F:6B:AE:33:BD:03:90:3D:2E:3D:4B:8F:4A:1A:C8
Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37
Certificate issuer:       /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
Certificate serial:       019D2961AF8778E67B3FC596768B5AE7DAEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
Manifest number:          03F6
Signing time:             Thu 26 Mar 2026 09:02:40 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:40 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:40 +0000
Files and hashes:         1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: anXLWJ/TCUzjf2Fj9sEvcIi/4jgsUqRvwsua5o1KW6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:af:87:78:e6:7b:3f:c5:96:76:8b:5a:e7:da:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
        Validity
            Not Before: Mar 26 09:02:40 2026 GMT
            Not After : Mar 27 09:02:40 2026 GMT
        Subject: CN=e0be1170595f6bae33bd03903d2e3d4b8f4a1ac8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:11:d5:28:cd:98:9f:94:a7:ba:6f:4f:a2:6a:
                    bb:f7:e8:3a:29:fc:01:08:46:4b:53:15:fa:2d:d8:
                    ab:c9:0d:66:92:53:b6:db:95:aa:6c:61:55:2a:b8:
                    c1:f1:a9:37:94:ef:1d:0c:bc:91:60:b8:08:a8:12:
                    f6:79:06:09:fc:33:db:c2:75:aa:09:ab:24:0c:61:
                    07:c7:cd:d1:4f:d0:3c:57:6a:5c:f4:92:bf:f2:99:
                    36:1d:8a:55:ba:e3:8a:71:29:07:80:c4:a5:36:4f:
                    82:d8:9c:e3:81:dc:33:7c:27:4c:30:05:66:46:a1:
                    64:09:ec:be:5b:8e:57:7b:ec:fc:f4:66:e2:70:6b:
                    4f:cd:bb:39:41:ca:85:57:89:c8:00:95:42:83:07:
                    9c:00:17:c3:f1:30:a8:cc:7a:c8:89:85:2a:c2:54:
                    4f:91:3d:10:e4:ed:2c:f4:99:7f:a1:8f:7b:87:b7:
                    0f:fd:9a:c3:5d:f0:06:9b:8d:d9:4b:16:94:5e:9b:
                    da:57:86:39:3c:0f:39:d6:35:6d:c7:fb:01:4d:01:
                    aa:9e:9d:b6:77:6c:bc:dc:7b:8b:a3:cf:dd:e7:ba:
                    48:93:98:cf:c5:7d:7b:5a:49:2f:47:05:52:1e:bc:
                    c2:5d:5a:59:ce:5a:60:32:a4:2e:97:3d:18:a1:2b:
                    ef:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:BE:11:70:59:5F:6B:AE:33:BD:03:90:3D:2E:3D:4B:8F:4A:1A:C8
            X509v3 Authority Key Identifier:
                keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:40:43:1a:a1:6d:63:0d:62:0e:e7:54:6b:4f:f3:68:27:aa:
         8b:8b:68:01:3a:70:e3:1a:e7:ac:eb:4e:ef:76:94:05:23:9f:
         26:b4:6f:09:d5:f1:b2:89:e0:3a:ea:fc:04:ee:4d:62:45:20:
         f8:de:7d:17:56:2a:a7:dc:f6:c6:f6:ce:ad:2d:34:fe:2b:5c:
         5a:53:15:5f:d3:15:5c:d7:5c:43:29:88:b9:1c:ff:f0:ef:6a:
         98:bb:9b:14:6e:83:82:b6:e9:58:1f:78:44:39:c6:df:a7:31:
         27:1d:27:8a:fe:e3:9d:26:1a:32:ae:da:64:54:e2:14:57:7e:
         e8:74:89:a9:ec:a5:91:6a:09:3a:4f:72:dc:83:71:f2:f1:11:
         59:3f:c7:3a:3c:62:de:b0:a0:da:d9:7d:b4:86:48:c7:2f:34:
         32:f2:18:63:b2:50:da:3e:9f:63:91:3c:7a:0f:90:f9:31:bb:
         57:65:4d:07:12:f5:73:f8:dc:fc:5a:8f:52:09:99:de:85:f3:
         d6:75:1e:23:32:97:85:97:9b:72:97:91:30:de:65:b8:5a:f6:
         ce:e1:9f:78:14:ae:69:66:cb:67:f4:a9:39:e1:76:b3:96:6f:
         8a:54:d0:15:cd:74:18:cd:ed:ec:b7:4e:a7:5d:1e:a2:11:7d:
         72:d2:c0:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYa+HeOZ7P8WWdota59rrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy
YjM2MzcwHhcNMjYwMzI2MDkwMjQwWhcNMjYwMzI3MDkwMjQwWjAzMTEwLwYDVQQD
EyhlMGJlMTE3MDU5NWY2YmFlMzNiZDAzOTAzZDJlM2Q0YjhmNGExYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RHVKM2Yn5Snum9Pomq79+g6KfwB
CEZLUxX6LdiryQ1mklO225WqbGFVKrjB8ak3lO8dDLyRYLgIqBL2eQYJ/DPbwnWq
CaskDGEHx83RT9A8V2pc9JK/8pk2HYpVuuOKcSkHgMSlNk+C2JzjgdwzfCdMMAVm
RqFkCey+W45Xe+z89GbicGtPzbs5QcqFV4nIAJVCgwecABfD8TCozHrIiYUqwlRP
kT0Q5O0s9Jl/oY97h7cP/ZrDXfAGm43ZSxaUXpvaV4Y5PA851jVtx/sBTQGqnp22
d2y83HuLo8/d57pIk5jPxX17WkkvRwVSHrzCXVpZzlpgMqQulz0YoSvv7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOC+EXBZX2uuM70DkD0uPUuPShrIMB8GA1UdIwQY
MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct
ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz
LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEUBDGqFt
Yw1iDudUa0/zaCeqi4toATpw4xrnrOtO73aUBSOfJrRvCdXxsongOur8BO5NYkUg
+N59F1Yqp9z2xvbOrS00/itcWlMVX9MVXNdcQymIuRz/8O9qmLubFG6DgrbpWB94
RDnG36cxJx0niv7jnSYaMq7aZFTiFFd+6HSJqeylkWoJOk9y3INx8vERWT/HOjxi
3rCg2tl9tIZIxy80MvIYY7JQ2j6fY5E8eg+Q+TG7V2VNBxL1c/jc/FqPUgmZ3oXz
1nUeIzKXhZebcpeRMN5luFr2zuGfeBSuaWbLZ/SpOeF2s5ZvilTQFc10GM3t7LdO
p10eohF9ctLAaA==
-----END CERTIFICATE-----