Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
File:                     0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json)
Hash identifier:          hIX5cZFVhDZ9QIXYNQkyujjAWWnWbKSciEtOTetMM0A=
Subject key identifier:   8C:12:D3:29:0F:01:91:7C:A4:4D:16:7B:B4:F7:2F:84:22:BC:01:24
Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A
Certificate issuer:       /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
Certificate serial:       019CAB6AF023CD3C8B07A66CBF1658642AAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
Manifest number:          0FA6
Signing time:             Sun 01 Mar 2026 22:00:38 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:38 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:38 +0000
Files and hashes:         1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: K8DQkebDRBKrEdZQUiujkxdpiOhTveD4E1yIHWZ1Y0M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:f0:23:cd:3c:8b:07:a6:6c:bf:16:58:64:2a:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
        Validity
            Not Before: Mar  1 22:00:38 2026 GMT
            Not After : Mar  2 22:00:38 2026 GMT
        Subject: CN=8c12d3290f01917ca44d167bb4f72f8422bc0124
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:4f:8d:aa:6f:d4:ab:03:5e:8a:3f:8f:6d:76:
                    43:ad:73:6a:0a:11:a3:0b:08:7b:57:6d:2f:1e:89:
                    b1:79:da:bc:08:97:e2:37:08:91:e4:cb:46:b0:06:
                    fe:d1:d3:2b:e4:56:57:1a:6c:c9:ac:eb:75:51:3c:
                    d4:4b:56:22:5a:d3:16:a6:25:e4:1b:a0:85:b4:f2:
                    22:f0:5e:db:60:1f:41:4f:35:a4:c4:c0:b3:d1:b9:
                    7d:fd:ac:be:80:e4:60:d3:e6:56:dd:94:d2:24:b8:
                    d0:92:1a:b8:4d:b9:90:c3:11:c6:71:8e:39:d0:6f:
                    ea:14:ec:69:b1:69:a2:2a:cc:df:60:de:ba:be:a2:
                    64:4d:d4:01:91:1c:58:bf:31:63:82:54:41:91:a5:
                    92:e8:59:1d:08:41:78:4c:85:27:70:fc:6b:b8:da:
                    b7:6d:96:3e:2d:b8:ee:05:dc:e4:d1:d5:ad:92:43:
                    28:c4:23:82:d3:44:cf:15:31:0e:55:4b:98:cb:5c:
                    c4:77:81:f7:1f:95:28:e1:06:8e:af:58:cd:6c:80:
                    93:ae:99:c1:ff:ef:5c:6b:7e:5a:ee:2a:33:b6:3d:
                    75:0e:9a:b8:93:8a:bc:4a:be:24:79:71:b8:12:00:
                    b6:68:08:93:3e:55:e6:0f:d9:e9:2e:52:89:98:2a:
                    80:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:12:D3:29:0F:01:91:7C:A4:4D:16:7B:B4:F7:2F:84:22:BC:01:24
            X509v3 Authority Key Identifier:
                keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:62:ac:31:a6:e5:3b:9e:31:6e:5f:91:09:bd:29:db:27:f5:
         bf:b3:de:83:0a:8b:47:c7:3f:16:1f:0b:4d:c8:ef:9f:7e:87:
         ee:3d:25:94:5c:89:d5:61:db:40:53:3b:3a:be:5c:4f:46:70:
         08:a9:50:78:54:01:bb:50:18:f4:ea:1c:38:81:b1:72:dc:5d:
         99:bd:27:4f:dd:9c:ba:d2:ee:93:8a:27:c1:d4:de:6d:72:dd:
         d4:2b:64:c0:90:7b:80:56:9b:c3:54:92:0b:95:7e:27:9a:0a:
         25:05:2b:4f:f8:d2:99:cd:3f:53:8b:55:79:a4:2d:bb:08:45:
         68:a7:a5:da:52:17:59:20:a9:a1:4d:a1:c6:13:d6:e0:cb:54:
         4e:ac:ec:ab:b0:e8:4b:dc:e8:0a:59:8b:af:5d:2c:79:f8:18:
         c1:89:77:0d:61:75:ea:f1:19:7e:b2:0a:84:aa:c4:28:ca:f7:
         69:10:32:60:28:1a:5a:5a:10:33:ec:45:3d:a0:fb:a8:cf:75:
         74:8d:aa:a1:0f:d6:63:15:a4:6d:d8:ab:a1:bc:e0:2c:02:51:
         82:6a:09:c7:23:bb:e1:a6:f8:e9:d7:59:33:71:66:56:e3:43:
         47:f7:2c:81:5b:65:82:5e:3f:d2:f6:c2:8a:ad:2f:1f:a6:c6:
         b9:e5:97:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyravAjzTyLB6ZsvxZYZCqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1
ODdmM2EwHhcNMjYwMzAxMjIwMDM4WhcNMjYwMzAyMjIwMDM4WjAzMTEwLwYDVQQD
Eyg4YzEyZDMyOTBmMDE5MTdjYTQ0ZDE2N2JiNGY3MmY4NDIyYmMwMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7k+Nqm/UqwNeij+PbXZDrXNqChGj
Cwh7V20vHomxedq8CJfiNwiR5MtGsAb+0dMr5FZXGmzJrOt1UTzUS1YiWtMWpiXk
G6CFtPIi8F7bYB9BTzWkxMCz0bl9/ay+gORg0+ZW3ZTSJLjQkhq4TbmQwxHGcY45
0G/qFOxpsWmiKszfYN66vqJkTdQBkRxYvzFjglRBkaWS6FkdCEF4TIUncPxruNq3
bZY+LbjuBdzk0dWtkkMoxCOC00TPFTEOVUuYy1zEd4H3H5Uo4QaOr1jNbICTrpnB
/+9ca35a7ioztj11Dpq4k4q8Sr4keXG4EgC2aAiTPlXmD9npLlKJmCqAAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwS0ykPAZF8pE0We7T3L4QivAEkMB8GA1UdIwQY
MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct
YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0
LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ2KsMabl
O54xbl+RCb0p2yf1v7PegwqLR8c/Fh8LTcjvn36H7j0llFyJ1WHbQFM7Or5cT0Zw
CKlQeFQBu1AY9OocOIGxctxdmb0nT92cutLuk4onwdTebXLd1CtkwJB7gFabw1SS
C5V+J5oKJQUrT/jSmc0/U4tVeaQtuwhFaKel2lIXWSCpoU2hxhPW4MtUTqzsq7Do
S9zoClmLr10sefgYwYl3DWF16vEZfrIKhKrEKMr3aRAyYCgaWloQM+xFPaD7qM91
dI2qoQ/WYxWkbdirobzgLAJRgmoJxyO74ab46ddZM3FmVuNDR/csgVtlgl4/0vbC
iq0vH6bGueWXZQ==
-----END CERTIFICATE-----