Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          +gk6Mb+8Y7L0HlYVaI/tCW63EeDkGuCFrWh4KgQX8Bg=
Subject key identifier:   E0:29:D5:46:9A:FB:9F:92:F0:4B:9B:7E:8D:7A:8C:C4:73:D8:49:95
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       019EBE7F6945E00AC56932B9D6D5E16B3134
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0D1E
Signing time:             Sat 13 Jun 2026 01:01:21 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:21 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:21 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: qGvr7VKHJwa33T9vsnU6luznPdF5mH9dKlgJ7CEJy9g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:69:45:e0:0a:c5:69:32:b9:d6:d5:e1:6b:31:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Jun 13 01:01:21 2026 GMT
            Not After : Jun 14 01:01:21 2026 GMT
        Subject: CN=e029d5469afb9f92f04b9b7e8d7a8cc473d84995
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:33:09:0f:d7:08:a2:9a:42:39:3a:3f:38:30:
                    10:39:b7:8d:af:d4:ea:60:3f:01:cb:26:8a:44:e4:
                    b2:8d:d7:56:aa:bc:cb:81:74:2f:53:3b:ce:79:c5:
                    e3:e5:3d:03:5d:5d:39:95:74:3a:b6:e3:97:af:66:
                    7b:fd:27:3e:ac:ed:e4:da:5f:23:e7:f8:77:90:b0:
                    3b:53:ca:ed:8d:56:83:ab:7c:28:5b:f3:de:0d:a6:
                    58:ad:47:08:c7:32:8d:d5:89:2e:1c:64:da:71:c0:
                    ef:b5:63:9f:b0:ff:5a:46:8a:df:07:35:ef:e3:a9:
                    d1:d6:f7:e9:f3:ef:8b:06:b8:57:63:4e:d2:41:af:
                    69:66:c9:94:4c:1c:22:ab:b7:31:f6:8f:e7:13:5b:
                    5c:00:98:1a:f6:11:bd:cb:d8:87:a0:92:bd:75:fd:
                    c7:ee:8c:55:4a:ef:8e:8f:b1:3c:ab:66:a0:f1:c4:
                    00:ad:fb:00:9f:b7:49:eb:73:90:76:e9:6b:d0:58:
                    4a:01:e8:50:ea:dd:a8:2a:39:6d:14:3b:c2:81:9e:
                    6e:bb:fd:2e:bc:57:7b:76:76:16:f5:9e:0d:b0:f6:
                    65:27:05:7e:b3:38:c0:6e:68:c0:29:76:62:23:a1:
                    6b:e0:06:08:91:87:79:74:88:8d:a8:03:96:b8:99:
                    6c:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:29:D5:46:9A:FB:9F:92:F0:4B:9B:7E:8D:7A:8C:C4:73:D8:49:95
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:25:2e:a8:2d:94:0f:b9:11:dd:0d:fe:94:8d:9d:f7:d9:18:
         0d:ab:f6:d1:88:f6:f9:19:31:57:01:12:58:f3:28:e1:1a:40:
         95:9c:b6:ed:a3:f9:1a:ef:64:bb:fb:55:eb:b0:df:17:17:77:
         fc:0d:fb:6e:9d:72:f1:e8:d8:90:3e:c0:bf:19:76:a7:e5:7e:
         c0:e2:87:10:2c:ad:4b:74:39:bb:cb:66:47:a1:b7:62:9e:08:
         ca:81:0e:39:18:58:67:40:d5:47:75:af:b4:52:f7:f8:8c:6e:
         76:8e:57:78:18:c8:ef:5f:7c:19:6f:ff:9c:fd:69:30:ee:7b:
         02:ef:d5:b4:6c:65:e9:c6:19:4f:b1:78:d0:06:ab:05:c0:c8:
         d5:20:eb:c0:5d:9c:20:f5:1b:6c:6d:b8:5e:5e:f8:28:48:83:
         b3:ff:11:45:93:0f:02:e2:fd:ad:34:71:80:68:a7:4a:ea:db:
         ea:c5:4a:a6:d5:f0:89:3c:a5:c5:d1:6f:b8:26:36:e3:bd:d0:
         23:35:2d:6a:bd:92:f6:e7:62:c7:54:7b:87:28:8a:b7:24:1f:
         04:d9:1f:e7:26:94:7e:a2:6d:84:8e:3f:a9:24:12:1e:17:a7:
         e9:4e:86:f0:05:fc:d0:2d:06:ab:6f:34:07:80:60:e7:20:78:
         1d:2f:57:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+f2lF4ArFaTK51tXhazE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjYwNjEzMDEwMTIxWhcNMjYwNjE0MDEwMTIxWjAzMTEwLwYDVQQD
EyhlMDI5ZDU0NjlhZmI5ZjkyZjA0YjliN2U4ZDdhOGNjNDczZDg0OTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDMJD9cIoppCOTo/ODAQObeNr9Tq
YD8ByyaKROSyjddWqrzLgXQvUzvOecXj5T0DXV05lXQ6tuOXr2Z7/Sc+rO3k2l8j
5/h3kLA7U8rtjVaDq3woW/PeDaZYrUcIxzKN1YkuHGTaccDvtWOfsP9aRorfBzXv
46nR1vfp8++LBrhXY07SQa9pZsmUTBwiq7cx9o/nE1tcAJga9hG9y9iHoJK9df3H
7oxVSu+Oj7E8q2ag8cQArfsAn7dJ63OQdulr0FhKAehQ6t2oKjltFDvCgZ5uu/0u
vFd7dnYW9Z4NsPZlJwV+szjAbmjAKXZiI6Fr4AYIkYd5dIiNqAOWuJlsgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOAp1Uaa+5+S8Eubfo16jMRz2EmVMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyyUuqC2U
D7kR3Q3+lI2d99kYDav20Yj2+RkxVwESWPMo4RpAlZy27aP5Gu9ku/tV67DfFxd3
/A37bp1y8ejYkD7Avxl2p+V+wOKHECytS3Q5u8tmR6G3Yp4IyoEOORhYZ0DVR3Wv
tFL3+Ixudo5XeBjI7198GW//nP1pMO57Au/VtGxl6cYZT7F40AarBcDI1SDrwF2c
IPUbbG24Xl74KEiDs/8RRZMPAuL9rTRxgGinSurb6sVKptXwiTylxdFvuCY2473Q
IzUtar2S9udix1R7hyiKtyQfBNkf5yaUfqJthI4/qSQSHhen6U6G8AX80C0Gq280
B4Bg5yB4HS9XLg==
-----END CERTIFICATE-----