Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          aQjXgioJDgF4X6YDtXSYM2mKwV4OSbEMNGtMFgeJpXw=
Subject key identifier:   BC:5A:3C:CB:D2:28:10:C9:61:83:D3:E0:8D:03:55:33:71:69:29:9B
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019EBE7EBEEE820C8E287810B11845EBFD68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0943
Signing time:             Sat 13 Jun 2026 01:00:37 +0000
Manifest this update:     Sat 13 Jun 2026 01:00:37 +0000
Manifest next update:     Sun 14 Jun 2026 01:00:37 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: BF/3XuT7MenKBx6AM+NzVRRK67Sq1gYA+Qyk97XXrI0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7e:be:ee:82:0c:8e:28:78:10:b1:18:45:eb:fd:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Jun 13 01:00:37 2026 GMT
            Not After : Jun 14 01:00:37 2026 GMT
        Subject: CN=bc5a3ccbd22810c96183d3e08d0355337169299b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:74:50:1b:80:42:50:f3:ae:12:22:a2:1d:2e:
                    e0:13:1f:19:d5:75:10:c6:a8:17:3f:12:cd:5b:91:
                    fb:22:46:a6:d4:a9:e0:01:af:f0:3a:ee:73:29:d8:
                    7a:d9:16:47:df:c0:bf:d4:b5:d0:78:1f:f2:13:0e:
                    de:34:83:51:cd:ab:e5:6f:2b:4d:f9:82:9b:2a:5b:
                    95:61:5d:65:7e:c3:bc:27:7d:b6:10:b9:ea:a0:f2:
                    b3:28:50:82:5a:76:2d:93:ad:6d:71:7c:d9:89:d8:
                    b7:b9:82:41:2e:ad:02:ff:90:29:55:ba:95:27:cc:
                    a7:ea:df:32:e4:8c:0e:6e:8b:6a:b7:20:8f:c4:69:
                    7d:a5:cd:57:f6:4b:2a:44:b6:89:88:2f:92:4f:99:
                    29:40:61:3c:5b:d6:73:fc:20:19:fd:05:89:dc:6a:
                    8b:b0:0c:59:ec:ed:ec:5a:cc:8d:9e:61:b8:31:73:
                    87:7e:24:58:4a:ce:88:f2:20:73:d9:96:ce:f0:e4:
                    3f:26:5c:97:3c:6f:38:d5:b5:2c:d8:aa:f2:b8:c8:
                    10:8f:46:c9:ac:2f:5e:e0:b1:f6:3a:80:2e:77:bf:
                    66:96:08:1f:17:8f:0b:43:5c:2f:8d:ec:2d:aa:4d:
                    56:e9:99:45:74:3d:28:fc:0d:f1:61:30:87:bb:c6:
                    36:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:5A:3C:CB:D2:28:10:C9:61:83:D3:E0:8D:03:55:33:71:69:29:9B
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:c0:2d:da:13:6e:59:b3:53:95:ce:5f:7d:98:98:9b:4b:a9:
         f3:c4:f5:01:5c:8d:82:e7:1a:91:53:9e:a7:7e:eb:f1:31:60:
         9b:26:d4:17:ed:09:a8:69:d7:41:cc:b9:d4:f0:7e:4d:e0:94:
         8a:3d:cf:25:37:72:03:6c:cb:96:7b:ba:f4:37:4e:f0:f6:66:
         5a:f9:e7:dd:55:76:03:06:a3:ae:70:c4:30:4c:29:f4:f0:30:
         e2:5c:02:83:da:7a:c5:ca:ef:d2:5f:e8:e1:59:df:d2:68:bb:
         60:7c:b3:1d:c2:d3:b4:ce:ee:7b:47:e7:39:60:1a:75:38:0e:
         81:88:67:00:a2:9c:35:99:02:06:3f:ad:29:c7:78:6a:e3:6c:
         6f:2c:f9:d2:01:cd:22:e0:13:7a:95:b6:fb:1a:0a:11:71:68:
         d5:98:74:4c:f6:ef:78:56:99:bc:f4:80:c5:0d:eb:54:ea:3b:
         f5:7a:fa:c3:50:71:a5:68:7e:bc:e4:b1:5b:11:57:08:79:e6:
         5c:a8:7e:f7:78:38:5b:bf:02:a4:31:17:73:e6:80:97:3d:20:
         bc:13:56:ce:c1:25:0d:58:94:2f:b7:6f:32:0d:10:8c:a8:0c:
         5d:b4:59:47:f4:0a:71:67:3b:5d:c2:42:5f:2e:8f:65:ca:8f:
         80:e3:06:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+fr7uggyOKHgQsRhF6/1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjYwNjEzMDEwMDM3WhcNMjYwNjE0MDEwMDM3WjAzMTEwLwYDVQQD
EyhiYzVhM2NjYmQyMjgxMGM5NjE4M2QzZTA4ZDAzNTUzMzcxNjkyOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHRQG4BCUPOuEiKiHS7gEx8Z1XUQ
xqgXPxLNW5H7Ikam1KngAa/wOu5zKdh62RZH38C/1LXQeB/yEw7eNINRzavlbytN
+YKbKluVYV1lfsO8J322ELnqoPKzKFCCWnYtk61tcXzZidi3uYJBLq0C/5ApVbqV
J8yn6t8y5IwObotqtyCPxGl9pc1X9ksqRLaJiC+ST5kpQGE8W9Zz/CAZ/QWJ3GqL
sAxZ7O3sWsyNnmG4MXOHfiRYSs6I8iBz2ZbO8OQ/JlyXPG841bUs2KryuMgQj0bJ
rC9e4LH2OoAud79mlggfF48LQ1wvjewtqk1W6ZlFdD0o/A3xYTCHu8Y2hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLxaPMvSKBDJYYPT4I0DVTNxaSmbMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAncAt2hNu
WbNTlc5ffZiYm0up88T1AVyNgucakVOep37r8TFgmybUF+0JqGnXQcy51PB+TeCU
ij3PJTdyA2zLlnu69DdO8PZmWvnn3VV2AwajrnDEMEwp9PAw4lwCg9p6xcrv0l/o
4Vnf0mi7YHyzHcLTtM7ue0fnOWAadTgOgYhnAKKcNZkCBj+tKcd4auNsbyz50gHN
IuATepW2+xoKEXFo1Zh0TPbveFaZvPSAxQ3rVOo79Xr6w1BxpWh+vOSxWxFXCHnm
XKh+93g4W78CpDEXc+aAlz0gvBNWzsElDViUL7dvMg0QjKgMXbRZR/QKcWc7XcJC
Xy6PZcqPgOMGsw==
-----END CERTIFICATE-----