Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          3VuCJfBSmBTVpE9RBi19Bm6VBymwIIbyvxDe/w/zZHw=
Subject key identifier:   61:1C:1A:3B:2B:02:CE:A4:94:33:4F:DA:7B:E8:C9:C8:C1:0B:F7:9D
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       019CADC78BCA3809C5CE5C730FF39E0CDE2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          157E
Signing time:             Mon 02 Mar 2026 09:01:01 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:01 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:01 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: UgxyOm5fSpb0psx2fMIvTaUjXRY8Rv34CHqbRrG4EXk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:8b:ca:38:09:c5:ce:5c:73:0f:f3:9e:0c:de:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: Mar  2 09:01:01 2026 GMT
            Not After : Mar  3 09:01:01 2026 GMT
        Subject: CN=611c1a3b2b02cea494334fda7be8c9c8c10bf79d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:8c:aa:95:e0:7d:2d:d8:1d:e9:ba:a5:bf:be:
                    ac:ba:21:fc:6e:9e:7a:d0:b0:ab:4c:03:e1:f9:36:
                    92:be:1a:40:d4:24:47:f3:34:da:8d:b3:26:af:97:
                    6e:6b:0c:2f:9f:67:66:6b:97:ed:3d:57:54:7c:ff:
                    a7:ca:c0:c9:53:a7:c5:d1:f9:eb:08:de:12:d1:d9:
                    cc:ac:d2:d7:6a:8e:3f:16:d0:15:59:74:cc:73:cb:
                    cb:eb:66:4d:61:18:e3:a0:0c:a9:0b:33:23:c6:28:
                    86:80:b5:f3:61:45:eb:09:da:3f:ff:e3:82:c7:16:
                    5e:de:f1:f7:3a:02:ae:1d:83:f1:5f:93:df:73:fd:
                    c4:01:45:de:e7:72:aa:33:34:e5:24:aa:d9:ff:fc:
                    f8:ff:d2:7a:f2:9b:b9:83:e1:6d:60:4b:da:21:57:
                    ae:42:00:20:48:2a:af:5d:da:0c:a2:3b:35:96:67:
                    1b:57:1d:52:e8:7b:3d:6a:db:f5:2e:70:4e:e8:bf:
                    4d:64:1d:43:3a:12:1d:ed:80:bd:28:31:1c:5b:cb:
                    19:e9:a4:e9:71:e1:8b:8b:91:5c:46:1f:58:f4:92:
                    a3:4e:69:e8:da:b4:0a:1c:56:86:87:e0:85:b4:3f:
                    fa:6f:2e:98:45:43:7d:01:4f:2d:f4:e8:bc:fd:58:
                    41:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:1C:1A:3B:2B:02:CE:A4:94:33:4F:DA:7B:E8:C9:C8:C1:0B:F7:9D
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:6a:51:f7:a1:9b:08:eb:d1:ef:c1:a5:aa:1c:61:bf:f8:ea:
         c8:c3:f3:c2:28:5b:02:43:88:c4:c9:aa:ce:ed:e3:fb:11:4b:
         99:52:c9:83:03:87:a8:6f:a8:d6:ad:c3:6a:ea:56:20:07:cf:
         09:8d:8c:77:34:03:44:ea:c0:40:02:83:8d:38:a4:28:91:ae:
         10:fc:34:4e:18:cd:08:cc:87:c7:ff:c3:c8:8f:d4:49:31:43:
         6c:3c:2e:b8:7e:a0:9b:30:99:de:49:6d:3c:02:e3:c9:2e:ba:
         d1:46:46:70:1f:f2:32:73:8a:87:a9:ca:7d:64:58:72:55:8f:
         ba:bb:62:67:57:71:97:56:ae:72:19:0e:bf:2d:60:bf:61:fb:
         93:3e:e7:82:e0:c7:f4:11:84:91:3c:19:dc:69:d4:4c:80:19:
         44:09:65:cb:cd:09:de:86:3f:04:b6:d9:5e:01:44:5e:b8:0f:
         1f:71:cc:e7:d3:88:02:1e:0f:11:11:1c:4e:79:58:8f:81:87:
         50:db:e4:0d:f7:31:13:2a:23:be:00:66:c8:71:de:70:17:4c:
         31:46:ee:a3:94:d4:9d:0a:65:69:46:44:90:c8:70:4c:22:15:
         01:ee:99:4e:76:89:48:4f:a4:d8:a7:54:05:e9:0b:da:6e:eb:
         56:8d:f0:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx4vKOAnFzlxzD/OeDN4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjYwMzAyMDkwMTAxWhcNMjYwMzAzMDkwMTAxWjAzMTEwLwYDVQQD
Eyg2MTFjMWEzYjJiMDJjZWE0OTQzMzRmZGE3YmU4YzljOGMxMGJmNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oyqleB9Ldgd6bqlv76suiH8bp56
0LCrTAPh+TaSvhpA1CRH8zTajbMmr5duawwvn2dma5ftPVdUfP+nysDJU6fF0fnr
CN4S0dnMrNLXao4/FtAVWXTMc8vL62ZNYRjjoAypCzMjxiiGgLXzYUXrCdo//+OC
xxZe3vH3OgKuHYPxX5Pfc/3EAUXe53KqMzTlJKrZ//z4/9J68pu5g+FtYEvaIVeu
QgAgSCqvXdoMojs1lmcbVx1S6Hs9atv1LnBO6L9NZB1DOhId7YC9KDEcW8sZ6aTp
ceGLi5FcRh9Y9JKjTmno2rQKHFaGh+CFtD/6by6YRUN9AU8t9Oi8/VhBZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGEcGjsrAs6klDNP2nvoycjBC/edMB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2pR96Gb
COvR78Glqhxhv/jqyMPzwihbAkOIxMmqzu3j+xFLmVLJgwOHqG+o1q3DaupWIAfP
CY2MdzQDROrAQAKDjTikKJGuEPw0ThjNCMyHx//DyI/USTFDbDwuuH6gmzCZ3klt
PALjyS660UZGcB/yMnOKh6nKfWRYclWPurtiZ1dxl1auchkOvy1gv2H7kz7nguDH
9BGEkTwZ3GnUTIAZRAlly80J3oY/BLbZXgFEXrgPH3HM59OIAh4PEREcTnlYj4GH
UNvkDfcxEyojvgBmyHHecBdMMUbuo5TUnQplaUZEkMhwTCIVAe6ZTnaJSE+k2KdU
BekL2m7rVo3wyA==
-----END CERTIFICATE-----