Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
File:                     0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json)
Hash identifier:          532sT4Cm6Kwt7q8hsA1L8SbtGYpgvOOM+iJuHK/M8ZI=
Subject key identifier:   62:BB:D5:86:06:BB:93:A4:50:8E:35:10:09:0F:9F:5C:84:99:11:A9
Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A
Certificate issuer:       /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
Certificate serial:       019DA48AB0D56A8C261749CDF8F0B1C03890
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
Manifest number:          1027
Signing time:             Sun 19 Apr 2026 07:00:45 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:45 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:45 +0000
Files and hashes:         1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: BPgB44XBF55LQu2PCFDW6KWEUOXEx6PbTnDf6YEY3DI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:b0:d5:6a:8c:26:17:49:cd:f8:f0:b1:c0:38:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
        Validity
            Not Before: Apr 19 07:00:45 2026 GMT
            Not After : Apr 20 07:00:45 2026 GMT
        Subject: CN=62bbd58606bb93a4508e3510090f9f5c849911a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ca:a5:f3:49:a9:3d:ba:c0:4f:f9:4c:ce:e7:
                    1c:cd:d4:7a:1a:5c:cc:44:cb:3d:32:d4:56:82:da:
                    59:af:64:e4:64:43:5f:11:cd:6d:5d:f8:e4:4e:77:
                    f8:f8:95:57:f2:4d:7c:7b:a9:35:8d:4c:82:72:9f:
                    96:fd:f7:2f:c0:4c:b9:6c:3e:4e:72:56:14:5a:6e:
                    54:e9:f1:cb:0c:63:7e:bb:8e:65:0e:97:48:7a:db:
                    eb:52:82:3c:96:93:08:ae:cc:af:ab:c9:5c:17:c8:
                    33:77:de:24:cd:88:74:4a:9b:ba:46:38:a2:7b:c9:
                    ea:23:76:f9:19:9f:f4:d8:62:80:d5:04:15:98:b5:
                    6a:a2:01:08:c3:0b:af:b9:83:bd:48:0a:1d:af:54:
                    47:bd:6f:bd:b4:3f:e3:86:12:8b:82:93:34:51:37:
                    1d:45:82:2f:cd:fc:63:31:1f:c6:af:30:57:ff:40:
                    df:1b:eb:b3:1d:38:fe:64:67:ab:fb:a4:28:2a:f3:
                    ab:f9:f8:01:fd:82:c6:dd:8a:8b:f0:7a:19:57:c2:
                    30:1e:5e:71:3b:9d:b0:9d:60:fa:89:b8:82:6e:b1:
                    50:b3:6e:57:ef:ed:fa:04:e5:84:9f:ac:f5:32:05:
                    a5:c1:75:a2:8f:fa:eb:c5:7c:f5:8c:d4:2c:ee:35:
                    f8:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:BB:D5:86:06:BB:93:A4:50:8E:35:10:09:0F:9F:5C:84:99:11:A9
            X509v3 Authority Key Identifier:
                keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:95:5b:92:2f:e8:67:b3:e5:c4:06:6c:a5:66:d1:77:16:c2:
         9b:e3:1b:ce:09:b5:ab:5c:dd:99:cf:3b:fb:69:7a:4d:57:40:
         64:cc:d9:b4:ee:3b:a8:ea:52:dc:1b:15:a4:e4:1c:cb:c5:0c:
         b5:30:1f:30:ae:26:5c:13:7b:86:6f:e2:5a:0d:83:08:cf:db:
         23:b2:b9:31:5c:dd:51:da:73:47:48:ce:69:9d:e7:e0:86:91:
         e3:31:a8:22:82:e9:96:ad:2c:4b:0c:1b:8b:c5:6a:6f:6e:14:
         fd:6b:3f:ab:fa:0b:aa:1d:98:d9:c0:6d:1b:f4:35:a3:91:14:
         e1:bf:1b:28:3b:92:a6:08:ee:a1:36:d3:b3:d5:6a:cd:f3:45:
         40:a0:9e:b8:c1:26:5c:46:01:d4:6d:78:2d:1b:8e:0d:29:78:
         4c:28:64:d1:93:3b:38:1c:1c:27:8f:54:5a:b2:64:4c:e8:57:
         bc:ad:29:34:25:fe:3c:4f:be:36:33:aa:dd:4a:52:f2:1a:56:
         a5:01:3b:1e:d3:4a:48:41:b4:da:02:bb:bd:ec:11:1c:9f:ac:
         b5:1c:db:3f:0c:51:69:09:fd:65:f3:84:dd:42:aa:9f:86:83:
         3a:55:c4:84:a7:49:18:f6:2c:24:22:2d:6a:fc:56:51:7c:4d:
         37:05:77:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kirDVaowmF0nN+PCxwDiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1
ODdmM2EwHhcNMjYwNDE5MDcwMDQ1WhcNMjYwNDIwMDcwMDQ1WjAzMTEwLwYDVQQD
Eyg2MmJiZDU4NjA2YmI5M2E0NTA4ZTM1MTAwOTBmOWY1Yzg0OTkxMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsql80mpPbrAT/lMzucczdR6GlzM
RMs9MtRWgtpZr2TkZENfEc1tXfjkTnf4+JVX8k18e6k1jUyCcp+W/fcvwEy5bD5O
clYUWm5U6fHLDGN+u45lDpdIetvrUoI8lpMIrsyvq8lcF8gzd94kzYh0Spu6Rjii
e8nqI3b5GZ/02GKA1QQVmLVqogEIwwuvuYO9SAodr1RHvW+9tD/jhhKLgpM0UTcd
RYIvzfxjMR/GrzBX/0DfG+uzHTj+ZGer+6QoKvOr+fgB/YLG3YqL8HoZV8IwHl5x
O52wnWD6ibiCbrFQs25X7+36BOWEn6z1MgWlwXWij/rrxXz1jNQs7jX4fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGK71YYGu5OkUI41EAkPn1yEmRGpMB8GA1UdIwQY
MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct
YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0
LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASpVbki/o
Z7PlxAZspWbRdxbCm+Mbzgm1q1zdmc87+2l6TVdAZMzZtO47qOpS3BsVpOQcy8UM
tTAfMK4mXBN7hm/iWg2DCM/bI7K5MVzdUdpzR0jOaZ3n4IaR4zGoIoLplq0sSwwb
i8Vqb24U/Ws/q/oLqh2Y2cBtG/Q1o5EU4b8bKDuSpgjuoTbTs9VqzfNFQKCeuMEm
XEYB1G14LRuODSl4TChk0ZM7OBwcJ49UWrJkTOhXvK0pNCX+PE++NjOq3UpS8hpW
pQE7HtNKSEG02gK7vewRHJ+stRzbPwxRaQn9ZfOE3UKqn4aDOlXEhKdJGPYsJCIt
avxWUXxNNwV3lQ==
-----END CERTIFICATE-----