Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          cRoJLaA9xvQ3dsvQ4kRsq3aGqC6kA+fELIsYbcbRAvE=
Subject key identifier:   29:B6:3A:DB:33:98:7F:D6:FE:82:61:BD:D4:CB:87:C0:6C:BC:C0:70
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019CAF4848555D8FDFFF9E9D1D1377B0F0E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0832
Signing time:             Mon 02 Mar 2026 16:01:15 +0000
Manifest this update:     Mon 02 Mar 2026 16:01:15 +0000
Manifest next update:     Tue 03 Mar 2026 16:01:15 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: J6gBOzthmV2DhEib9YnwPxM3uCcF2V7NYv1zWrlh9gU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:48:48:55:5d:8f:df:ff:9e:9d:1d:13:77:b0:f0:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Mar  2 16:01:15 2026 GMT
            Not After : Mar  3 16:01:15 2026 GMT
        Subject: CN=29b63adb33987fd6fe8261bdd4cb87c06cbcc070
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:03:7d:94:3b:81:44:1d:b8:03:78:ac:ca:39:
                    31:3e:b0:13:88:d5:c5:11:04:e6:30:c0:93:68:ef:
                    e5:72:ea:0c:70:4e:8e:96:b1:58:20:8c:c5:a9:7e:
                    7f:42:08:c0:b3:b8:13:5d:e3:dd:c9:ca:e7:2b:12:
                    7b:26:66:3c:8c:39:dd:84:01:b3:73:10:c5:8e:02:
                    ab:b0:94:22:c0:cc:c4:5a:94:59:66:5f:52:1a:3c:
                    d7:d1:fa:11:5b:a8:a7:ac:d8:ba:41:6c:f6:51:92:
                    40:a5:cd:44:97:88:2a:e7:8b:f1:8a:48:02:9c:69:
                    3b:22:b1:da:c2:1c:8b:4f:01:dc:93:de:d3:f2:36:
                    94:96:3e:02:a1:9a:16:57:e3:db:90:c4:00:30:49:
                    b7:00:9c:b4:88:3a:9e:8e:00:0c:34:1c:ff:ce:d9:
                    a1:3a:b6:13:f2:6a:b3:0e:cd:fa:d9:fc:5f:8e:cf:
                    f7:fe:6e:af:74:36:f5:69:ff:20:32:f5:c6:5e:b6:
                    58:30:c7:2a:82:5d:8a:59:f8:ac:46:0a:22:97:d0:
                    db:d2:44:d7:1d:4e:6c:0d:00:75:61:a9:99:41:4b:
                    c1:c1:d6:02:bb:51:8e:10:e7:d5:a4:1e:32:ea:eb:
                    cb:f9:bd:aa:af:2a:2d:37:e7:67:11:d5:8f:52:6d:
                    c7:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:B6:3A:DB:33:98:7F:D6:FE:82:61:BD:D4:CB:87:C0:6C:BC:C0:70
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:94:ba:b2:40:ab:20:ed:f0:cf:8b:0b:e3:ac:e0:22:3c:8e:
         9d:f8:17:cc:ef:dd:08:b1:80:73:d4:3b:3f:2e:11:dd:28:fd:
         1b:03:1f:8b:10:15:a0:a5:3a:8d:dc:e8:87:68:51:15:01:54:
         66:0c:8a:65:5d:f8:9a:d0:c9:74:76:4d:57:c4:79:67:5d:b3:
         05:2d:7e:70:2c:25:82:fc:ba:a1:96:83:04:04:87:0f:eb:9f:
         0a:2a:35:b9:34:d7:ef:c9:03:ec:34:95:b5:75:9c:b9:b5:76:
         48:8c:51:a7:d7:11:69:44:91:d1:70:ef:3d:b8:68:56:76:b4:
         f0:9a:2b:dc:ed:ed:b9:4f:1a:64:87:e5:36:4b:1d:03:6a:83:
         d5:fa:37:75:63:d5:16:20:8d:2a:d7:12:ca:c0:f4:b2:c8:82:
         71:44:cb:fb:51:21:07:fc:f9:53:93:e3:ed:fd:09:ff:e0:7c:
         32:f8:d7:b9:dc:a3:87:5e:91:de:7d:a0:21:89:cb:2a:1e:a7:
         21:ed:14:1f:b5:4d:80:be:53:35:0a:b0:95:7f:21:12:39:5b:
         5a:47:ac:ae:f7:97:3b:20:5d:22:d0:40:64:27:32:95:67:78:
         58:9e:bd:71:d0:ab:06:6c:bb:05:ac:ee:8b:43:71:6d:8c:4a:
         f3:e2:e5:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvSEhVXY/f/56dHRN3sPDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjYwMzAyMTYwMTE1WhcNMjYwMzAzMTYwMTE1WjAzMTEwLwYDVQQD
EygyOWI2M2FkYjMzOTg3ZmQ2ZmU4MjYxYmRkNGNiODdjMDZjYmNjMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wN9lDuBRB24A3isyjkxPrATiNXF
EQTmMMCTaO/lcuoMcE6OlrFYIIzFqX5/QgjAs7gTXePdycrnKxJ7JmY8jDndhAGz
cxDFjgKrsJQiwMzEWpRZZl9SGjzX0foRW6inrNi6QWz2UZJApc1El4gq54vxikgC
nGk7IrHawhyLTwHck97T8jaUlj4CoZoWV+PbkMQAMEm3AJy0iDqejgAMNBz/ztmh
OrYT8mqzDs362fxfjs/3/m6vdDb1af8gMvXGXrZYMMcqgl2KWfisRgoil9Db0kTX
HU5sDQB1YamZQUvBwdYCu1GOEOfVpB4y6uvL+b2qryotN+dnEdWPUm3HMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCm2OtszmH/W/oJhvdTLh8BsvMBwMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAppS6skCr
IO3wz4sL46zgIjyOnfgXzO/dCLGAc9Q7Py4R3Sj9GwMfixAVoKU6jdzoh2hRFQFU
ZgyKZV34mtDJdHZNV8R5Z12zBS1+cCwlgvy6oZaDBASHD+ufCio1uTTX78kD7DSV
tXWcubV2SIxRp9cRaUSR0XDvPbhoVna08Jor3O3tuU8aZIflNksdA2qD1fo3dWPV
FiCNKtcSysD0ssiCcUTL+1EhB/z5U5Pj7f0J/+B8MvjXudyjh16R3n2gIYnLKh6n
Ie0UH7VNgL5TNQqwlX8hEjlbWkesrveXOyBdItBAZCcylWd4WJ69cdCrBmy7Bazu
i0NxbYxK8+Llng==
-----END CERTIFICATE-----