Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          Y7pM0VGe/EHAYSczTbmAYqNkIfymBkOkPPTOym+aTZg=
Subject key identifier:   E0:E0:8D:A9:C0:4F:AB:F3:F6:47:A6:5B:88:82:4B:5A:E6:E8:C6:B6
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       019CAF48183C0507102E950C33B8CFCBC9E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0C0D
Signing time:             Mon 02 Mar 2026 16:01:03 +0000
Manifest this update:     Mon 02 Mar 2026 16:01:03 +0000
Manifest next update:     Tue 03 Mar 2026 16:01:03 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: I63JMfZG2fVjCG0TDacSFcvxAE41R6yf/LKniQdWvp4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:48:18:3c:05:07:10:2e:95:0c:33:b8:cf:cb:c9:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Mar  2 16:01:03 2026 GMT
            Not After : Mar  3 16:01:03 2026 GMT
        Subject: CN=e0e08da9c04fabf3f647a65b88824b5ae6e8c6b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:05:5e:5b:db:70:03:34:4e:b7:30:b0:ea:c4:
                    b1:5a:7f:60:6d:5a:00:6b:2d:95:61:71:f3:1f:7d:
                    9f:4a:e4:bd:0f:6b:00:e4:cb:bd:5d:14:cd:ee:87:
                    4b:6c:90:cd:60:5a:ac:d2:66:35:99:83:e1:ba:14:
                    35:f9:84:0c:3f:ae:c1:0a:8a:bb:19:3d:f2:22:00:
                    8b:7f:c0:ae:48:67:b8:97:8d:bb:9a:2f:7f:f0:38:
                    dc:cc:01:cf:f6:fe:7e:be:61:a1:4e:a3:de:e8:43:
                    d1:34:e0:a1:62:79:88:54:c5:d7:0f:49:27:ef:11:
                    ed:ce:a6:0a:95:1a:f9:09:d9:e4:5b:d9:e5:e8:b2:
                    06:8e:da:5d:4d:a7:93:e8:26:c4:c9:1d:a3:25:84:
                    61:75:cf:b6:a5:94:b9:28:07:c4:0d:1a:b0:99:18:
                    38:0e:7d:55:de:c4:06:7f:90:66:4c:5a:f3:70:fb:
                    b0:57:5c:11:20:9c:48:a5:8b:30:c9:89:12:99:dd:
                    7f:f1:cd:d7:69:ad:d7:46:db:28:b5:df:ce:4d:74:
                    03:4c:98:c4:90:93:1d:96:2a:df:85:3f:0e:cf:d7:
                    8c:46:cc:18:09:5a:b3:66:10:4c:6c:7e:d8:fb:f8:
                    b6:cf:c2:ee:06:23:97:aa:12:50:ed:04:21:18:21:
                    b9:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:E0:8D:A9:C0:4F:AB:F3:F6:47:A6:5B:88:82:4B:5A:E6:E8:C6:B6
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:6f:60:32:3e:ed:49:c5:bc:c5:b0:2f:12:42:48:7e:c6:0c:
         5c:e2:3e:cd:53:8f:26:2a:f1:33:5f:b4:c7:29:9a:f2:40:91:
         04:e8:09:39:5b:6b:31:1b:39:a6:6e:6f:66:e6:ef:a3:76:32:
         b9:32:23:51:b6:fd:70:8d:e4:9b:03:7b:d5:b3:9e:9a:f8:2c:
         6c:54:ce:3b:70:a6:c6:bb:cf:a7:63:fd:c6:b5:b9:11:b9:72:
         46:b0:d7:52:6e:80:ac:63:b8:fe:48:5b:dc:80:0f:9a:d8:2c:
         38:72:74:32:68:81:c5:b1:11:cb:37:cd:5a:4b:96:5d:14:6a:
         31:00:11:b5:fe:f4:53:1f:5e:30:92:0e:34:82:8c:b3:1b:37:
         1f:59:7b:2b:6b:43:9e:af:1c:ba:4c:80:6c:70:fb:cc:bb:f4:
         da:88:b0:bd:c6:c9:2f:17:f2:66:82:d1:af:de:3e:42:0c:68:
         4e:ca:37:6d:b0:e1:cc:95:c1:f4:8d:f7:71:52:0d:13:8a:87:
         f9:1c:58:d2:c3:bb:c4:dc:00:b9:7d:e7:7d:06:95:81:a6:25:
         4a:8a:f3:43:ae:c7:4f:07:77:bb:4c:96:1c:b1:3d:22:9d:c4:
         31:ff:e5:43:a2:b5:62:1c:c1:56:49:e4:b3:3c:e6:64:37:54:
         3f:dc:37:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvSBg8BQcQLpUMM7jPy8nkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjYwMzAyMTYwMTAzWhcNMjYwMzAzMTYwMTAzWjAzMTEwLwYDVQQD
EyhlMGUwOGRhOWMwNGZhYmYzZjY0N2E2NWI4ODgyNGI1YWU2ZThjNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wVeW9twAzROtzCw6sSxWn9gbVoA
ay2VYXHzH32fSuS9D2sA5Mu9XRTN7odLbJDNYFqs0mY1mYPhuhQ1+YQMP67BCoq7
GT3yIgCLf8CuSGe4l427mi9/8DjczAHP9v5+vmGhTqPe6EPRNOChYnmIVMXXD0kn
7xHtzqYKlRr5CdnkW9nl6LIGjtpdTaeT6CbEyR2jJYRhdc+2pZS5KAfEDRqwmRg4
Dn1V3sQGf5BmTFrzcPuwV1wRIJxIpYswyYkSmd1/8c3Xaa3XRtsotd/OTXQDTJjE
kJMdlirfhT8Oz9eMRswYCVqzZhBMbH7Y+/i2z8LuBiOXqhJQ7QQhGCG5AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFODgjanAT6vz9kemW4iCS1rm6Ma2MB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbW9gMj7t
ScW8xbAvEkJIfsYMXOI+zVOPJirxM1+0xyma8kCRBOgJOVtrMRs5pm5vZubvo3Yy
uTIjUbb9cI3kmwN71bOemvgsbFTOO3CmxrvPp2P9xrW5EblyRrDXUm6ArGO4/khb
3IAPmtgsOHJ0MmiBxbERyzfNWkuWXRRqMQARtf70Ux9eMJIONIKMsxs3H1l7K2tD
nq8cukyAbHD7zLv02oiwvcbJLxfyZoLRr94+QgxoTso3bbDhzJXB9I33cVINE4qH
+RxY0sO7xNwAuX3nfQaVgaYlSorzQ67HTwd3u0yWHLE9Ip3EMf/lQ6K1YhzBVknk
szzmZDdUP9w3fQ==
-----END CERTIFICATE-----