Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          kQxIjjxguOq4KkmjT1PNeYXm20tYYiYezk325J/KLKk=
Subject key identifier:   3F:E1:B4:49:70:A4:4D:2B:AE:9F:B1:F8:F2:A2:B1:FB:D7:F4:FF:0A
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       019DA29C6064A47BA292688CF1011E544540
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0C8B
Signing time:             Sat 18 Apr 2026 22:00:50 +0000
Manifest this update:     Sat 18 Apr 2026 22:00:50 +0000
Manifest next update:     Sun 19 Apr 2026 22:00:50 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: JANfG1NSs5Dq17LM90XnINY6ePuE1NvDNd/J3KWf7lo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9c:60:64:a4:7b:a2:92:68:8c:f1:01:1e:54:45:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Apr 18 22:00:50 2026 GMT
            Not After : Apr 19 22:00:50 2026 GMT
        Subject: CN=3fe1b44970a44d2bae9fb1f8f2a2b1fbd7f4ff0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:15:bf:85:f5:41:30:e7:4d:ea:ef:44:3f:1d:
                    5c:b2:e9:3d:18:a0:d1:34:d9:fa:89:ae:c4:ab:56:
                    2f:6a:a2:ea:2e:41:12:87:a6:99:fd:6f:93:8c:0c:
                    c2:5e:ab:b3:8a:94:89:10:13:93:0d:43:6e:86:0c:
                    ca:cc:13:49:2e:21:61:73:56:bd:87:e2:85:30:d5:
                    32:e8:0d:8c:04:95:22:7b:ca:12:73:6a:a2:47:5e:
                    9c:c8:90:5a:fe:a9:44:40:3e:50:5e:c7:5e:e6:0c:
                    01:09:03:79:65:62:5c:57:3a:75:c2:03:af:59:a8:
                    71:65:f6:eb:3f:7a:2f:90:f8:a7:f0:ca:9d:57:4b:
                    1e:4a:c0:38:d0:22:d6:f8:ca:78:99:2b:91:44:5f:
                    98:8f:29:04:88:b3:bc:6a:ec:db:81:c8:f8:d8:02:
                    04:65:72:75:53:fa:9f:e0:5a:8f:92:6f:3a:d7:03:
                    12:b4:5e:1e:12:ff:31:e0:3f:46:b1:bd:b9:d1:0c:
                    5f:f7:ab:6e:49:78:ac:c4:89:3b:33:2e:a5:00:c1:
                    fe:cf:14:01:c4:45:ab:94:3a:a7:04:16:7d:b3:f4:
                    58:07:36:4d:93:f1:f1:7b:3e:19:35:da:d3:7a:b8:
                    91:03:6d:a5:ca:d4:64:77:ff:8e:bf:9f:cf:34:3e:
                    aa:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:E1:B4:49:70:A4:4D:2B:AE:9F:B1:F8:F2:A2:B1:FB:D7:F4:FF:0A
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:8f:ad:48:8c:1e:b0:3a:95:38:51:fb:ae:f5:44:19:b9:4b:
         d7:f7:83:57:ac:b8:a0:cc:60:20:49:f0:4b:0a:ba:2b:32:93:
         a7:d1:e7:eb:14:0e:ae:2a:10:87:58:0c:e4:99:ee:4e:fb:0a:
         f2:b4:97:69:df:5c:6e:a6:35:d8:b3:9d:b1:12:9b:7a:95:de:
         dd:29:20:08:06:28:5a:1a:f7:6e:9b:0f:48:04:8e:04:07:07:
         43:3f:9b:5f:0d:12:ce:12:5f:21:86:0c:68:2f:91:d3:b6:2b:
         54:0a:aa:3d:b0:1e:46:86:54:ba:b2:d2:f2:b2:a4:6a:f0:28:
         1f:a1:8d:d8:a7:24:84:a1:4f:61:d9:aa:e7:40:66:23:bf:16:
         06:bf:ae:ed:17:6c:e7:55:36:07:0a:bc:67:d8:0d:4c:90:2a:
         25:01:d0:20:a7:90:42:8c:ab:98:89:c3:98:10:d7:3b:9e:b3:
         94:f6:87:c5:85:83:38:ed:56:03:da:4b:fc:cf:8f:de:a3:9d:
         31:05:b3:aa:a6:e2:bd:6b:b2:46:82:c0:b1:7c:01:96:6e:26:
         1c:a5:c1:60:50:85:6e:70:7b:82:e5:f3:eb:c7:b3:db:69:61:
         c8:55:0b:f8:dc:c5:3c:1e:e4:e1:74:b1:7c:b8:0c:87:42:d7:
         0f:39:9a:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inGBkpHuikmiM8QEeVEVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjYwNDE4MjIwMDUwWhcNMjYwNDE5MjIwMDUwWjAzMTEwLwYDVQQD
EygzZmUxYjQ0OTcwYTQ0ZDJiYWU5ZmIxZjhmMmEyYjFmYmQ3ZjRmZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xW/hfVBMOdN6u9EPx1csuk9GKDR
NNn6ia7Eq1YvaqLqLkESh6aZ/W+TjAzCXquzipSJEBOTDUNuhgzKzBNJLiFhc1a9
h+KFMNUy6A2MBJUie8oSc2qiR16cyJBa/qlEQD5QXsde5gwBCQN5ZWJcVzp1wgOv
WahxZfbrP3ovkPin8MqdV0seSsA40CLW+Mp4mSuRRF+YjykEiLO8auzbgcj42AIE
ZXJ1U/qf4FqPkm861wMStF4eEv8x4D9Gsb250Qxf96tuSXisxIk7My6lAMH+zxQB
xEWrlDqnBBZ9s/RYBzZNk/Hxez4ZNdrTeriRA22lytRkd/+Ov5/PND6qxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/htElwpE0rrp+x+PKisfvX9P8KMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaI+tSIwe
sDqVOFH7rvVEGblL1/eDV6y4oMxgIEnwSwq6KzKTp9Hn6xQOrioQh1gM5JnuTvsK
8rSXad9cbqY12LOdsRKbepXe3SkgCAYoWhr3bpsPSASOBAcHQz+bXw0SzhJfIYYM
aC+R07YrVAqqPbAeRoZUurLS8rKkavAoH6GN2KckhKFPYdmq50BmI78WBr+u7Rds
51U2Bwq8Z9gNTJAqJQHQIKeQQoyrmInDmBDXO56zlPaHxYWDOO1WA9pL/M+P3qOd
MQWzqqbivWuyRoLAsXwBlm4mHKXBYFCFbnB7guXz68ez22lhyFUL+NzFPB7k4XSx
fLgMh0LXDzmaWA==
-----END CERTIFICATE-----