Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          TVonVVyT772drMf5o/onptIahHeY0BenDxLuVgw3fj4=
Subject key identifier:   C3:3A:1E:D4:FA:17:27:86:86:3C:83:4E:19:51:9D:67:A5:19:B2:2A
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019D9AE35F1BB4C9347095CA675836878618
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          08AC
Signing time:             Fri 17 Apr 2026 10:01:25 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:25 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:25 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: eZWOMS62yutOV/n8OYpMapObDOwQJbFO7lhWG4BTBKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:5f:1b:b4:c9:34:70:95:ca:67:58:36:87:86:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Apr 17 10:01:25 2026 GMT
            Not After : Apr 18 10:01:25 2026 GMT
        Subject: CN=c33a1ed4fa172786863c834e19519d67a519b22a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:65:d0:17:c2:90:be:d0:5f:1a:fd:b7:b4:7b:
                    86:59:c0:bc:f9:60:a3:2d:8a:5b:11:5c:a0:f2:eb:
                    ad:26:cd:f4:c0:28:54:57:64:99:b1:40:70:35:6e:
                    3b:5c:d9:b0:82:38:5e:d3:20:12:68:75:e4:6b:4b:
                    a8:41:05:cc:ab:b0:98:00:24:75:d5:45:a1:4e:7f:
                    6a:5d:dd:02:9d:80:7f:39:7f:e1:76:11:84:b0:85:
                    bb:9b:e4:0d:50:6c:8b:14:88:89:8b:3a:72:4a:1f:
                    a4:08:3f:98:a6:b9:0b:59:57:2e:ac:ec:cb:84:fc:
                    73:6a:8a:8d:ab:c0:fc:25:0d:e9:d4:96:42:c6:35:
                    ac:d5:83:6f:58:67:95:5c:14:d0:49:9d:56:7c:15:
                    4c:bb:93:45:5c:50:15:16:21:a1:1e:9f:7a:c1:af:
                    09:15:88:2b:0b:13:d7:6e:05:e3:c1:25:45:32:74:
                    6a:3d:07:ac:cf:59:07:bf:41:d4:55:00:bc:a0:3e:
                    38:da:c4:0d:dc:25:1e:b3:00:29:61:a7:b8:2c:a8:
                    b7:36:36:56:a0:50:f1:53:c0:a5:97:1d:0b:99:58:
                    2e:14:7b:2f:47:92:b1:c5:67:a9:c4:b2:2d:94:a5:
                    af:7b:3e:f8:23:e8:2d:8d:45:f8:3e:60:0f:63:c8:
                    91:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:3A:1E:D4:FA:17:27:86:86:3C:83:4E:19:51:9D:67:A5:19:B2:2A
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:88:be:c6:52:a2:0c:f5:0d:b1:cf:4e:bb:b1:1a:cc:f3:e7:
         53:38:57:85:eb:9c:df:d0:b3:04:0b:f1:25:21:01:98:0e:36:
         5f:73:88:36:86:f6:b6:e4:73:fe:c6:4f:aa:7d:e4:42:a3:6f:
         b9:95:e6:da:4c:a0:79:1e:ff:26:75:f2:6c:db:ea:71:f2:e0:
         89:a8:34:cd:ca:65:49:41:82:58:64:62:fd:ae:11:13:d8:65:
         0f:04:77:e9:38:f4:2f:a2:bd:32:ac:5d:70:c9:63:1c:51:16:
         28:5a:5a:76:4b:bf:a7:bf:85:87:e7:39:57:b4:42:86:9f:9a:
         82:44:6e:7c:aa:a1:10:ba:f9:a0:00:23:81:48:82:f9:45:07:
         a9:a0:ab:f9:26:6a:f3:34:a1:87:37:45:1f:fd:89:87:86:b6:
         0c:5a:19:27:e9:9d:eb:73:4f:9e:f0:6e:f9:e2:20:d2:89:c3:
         59:32:e2:6c:62:55:5c:a4:8c:fe:5c:08:22:70:5e:fd:f7:89:
         4c:e8:74:28:7c:60:3a:70:94:33:3d:c6:39:86:93:69:87:4b:
         bc:76:c0:c3:75:5e:c2:ad:4b:06:68:29:f1:e5:99:e2:e0:3a:
         53:9e:a4:d9:de:3e:e0:04:00:65:89:b0:eb:38:7c:9c:d3:a9:
         5c:11:f6:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a418btMk0cJXKZ1g2h4YYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjYwNDE3MTAwMTI1WhcNMjYwNDE4MTAwMTI1WjAzMTEwLwYDVQQD
EyhjMzNhMWVkNGZhMTcyNzg2ODYzYzgzNGUxOTUxOWQ2N2E1MTliMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGXQF8KQvtBfGv23tHuGWcC8+WCj
LYpbEVyg8uutJs30wChUV2SZsUBwNW47XNmwgjhe0yASaHXka0uoQQXMq7CYACR1
1UWhTn9qXd0CnYB/OX/hdhGEsIW7m+QNUGyLFIiJizpySh+kCD+YprkLWVcurOzL
hPxzaoqNq8D8JQ3p1JZCxjWs1YNvWGeVXBTQSZ1WfBVMu5NFXFAVFiGhHp96wa8J
FYgrCxPXbgXjwSVFMnRqPQesz1kHv0HUVQC8oD442sQN3CUeswApYae4LKi3NjZW
oFDxU8Cllx0LmVguFHsvR5KxxWepxLItlKWvez74I+gtjUX4PmAPY8iR4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMM6HtT6FyeGhjyDThlRnWelGbIqMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAoi+xlKi
DPUNsc9Ou7EazPPnUzhXheuc39CzBAvxJSEBmA42X3OINob2tuRz/sZPqn3kQqNv
uZXm2kygeR7/JnXybNvqcfLgiag0zcplSUGCWGRi/a4RE9hlDwR36Tj0L6K9Mqxd
cMljHFEWKFpadku/p7+Fh+c5V7RChp+agkRufKqhELr5oAAjgUiC+UUHqaCr+SZq
8zShhzdFH/2Jh4a2DFoZJ+md63NPnvBu+eIg0onDWTLibGJVXKSM/lwIInBe/feJ
TOh0KHxgOnCUMz3GOYaTaYdLvHbAw3Vewq1LBmgp8eWZ4uA6U56k2d4+4AQAZYmw
6zh8nNOpXBH2Qw==
-----END CERTIFICATE-----