Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
File:                     0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft (raw, json)
Hash identifier:          FYpxSgYXueUvNPjUzroSsqMWIf1DLQEhE9yVaEEDkkA=
Subject key identifier:   00:84:57:A7:5E:67:E5:4B:89:74:81:1C:35:28:53:88:3A:9A:D2:01
Authority key identifier: D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF
Certificate issuer:       /CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
Certificate serial:       019F17C3023E0226E4BEBA4F27E0AD17188A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
Manifest number:          07DD
Signing time:             Tue 30 Jun 2026 09:01:23 +0000
Manifest this update:     Tue 30 Jun 2026 09:01:23 +0000
Manifest next update:     Wed 01 Jul 2026 09:01:23 +0000
Files and hashes:         1: 0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl (hash: yEDEwgc/jlaQjm5ZJ80jj1ywA5XHFYqLCFFwPDdUhMU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 09:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:c3:02:3e:02:26:e4:be:ba:4f:27:e0:ad:17:18:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
        Validity
            Not Before: Jun 30 09:01:23 2026 GMT
            Not After : Jul  1 09:01:23 2026 GMT
        Subject: CN=008457a75e67e54b8974811c352853883a9ad201
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c2:d9:6c:37:0d:31:b3:9e:3e:33:7a:fa:1b:
                    d5:7a:c4:59:6c:f9:54:ca:2d:f0:5a:da:3f:ad:cb:
                    0f:52:60:84:f2:58:69:a2:11:75:65:9c:32:06:4f:
                    a4:df:77:cb:a5:4d:00:dc:62:f5:5f:9a:38:b1:47:
                    01:98:fc:c9:ad:c3:7a:84:02:5b:b5:e8:2f:b6:45:
                    d8:27:0d:a1:49:5b:3d:fb:f0:55:f0:07:12:48:a9:
                    66:a6:90:a1:d3:9f:e1:7c:22:b5:08:8e:51:95:97:
                    bb:7b:ab:9d:bb:18:c5:8a:5e:d9:84:5e:8c:0b:e3:
                    d1:ac:ae:cd:ab:4d:91:12:3d:fa:0f:94:13:8d:39:
                    ef:d4:b9:6d:2d:4f:64:9f:82:91:1f:e4:5c:39:15:
                    ab:d4:54:37:a5:21:a0:2c:c4:c2:cb:1f:34:da:4d:
                    60:fc:69:c5:90:b1:78:f6:a4:90:ec:16:2b:23:c6:
                    91:e7:82:ce:87:61:1f:a7:09:bf:8d:54:ac:05:5b:
                    8c:92:d0:b9:2b:e7:26:e8:d9:52:cf:47:be:a3:fc:
                    4a:7c:d0:28:b6:10:c9:b8:ef:21:ea:48:12:4a:83:
                    74:b1:49:0f:76:dc:3c:06:12:67:03:27:f7:9b:80:
                    99:a9:19:dc:a0:2f:c0:03:58:f4:b8:49:00:3a:29:
                    1f:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:84:57:A7:5E:67:E5:4B:89:74:81:1C:35:28:53:88:3A:9A:D2:01
            X509v3 Authority Key Identifier:
                keyid:D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:b3:d8:59:fa:a9:91:b4:bc:c6:12:df:5d:0a:c1:47:11:93:
         15:59:a8:fa:2a:19:6a:9a:b8:21:6c:d7:73:b2:26:be:23:c6:
         9d:2e:68:35:be:18:32:3b:25:e9:00:49:22:13:b5:82:a3:ca:
         1e:8d:1d:8d:76:08:f5:58:56:3c:d8:ff:b4:8a:1b:cc:9e:31:
         41:04:33:4a:e6:bc:44:9b:c3:24:00:e1:99:eb:7d:d0:cb:41:
         46:c0:1b:f5:a0:f3:22:87:48:ac:de:0e:b1:09:af:f7:41:14:
         f7:35:7a:f7:56:b0:ae:46:8b:5b:85:b5:ac:30:04:47:57:55:
         d2:ce:cd:a9:e8:7a:8c:48:61:5d:b0:8a:e4:95:93:c1:28:9c:
         42:e9:c5:cf:36:1d:cf:5e:80:16:52:b6:63:c0:7f:c5:d3:4f:
         af:a2:9c:d7:b4:e8:52:ac:a0:f1:bd:3f:f5:78:b9:3c:d2:2c:
         b3:ac:9d:94:81:92:67:55:17:b4:b0:30:f1:5a:91:7b:c1:e2:
         6b:73:87:b6:18:26:40:56:b4:e4:64:74:cd:c8:92:14:04:6c:
         57:6e:f7:3c:c0:06:3e:2f:8e:72:ae:82:bf:b2:da:5d:3a:cb:
         75:d5:81:b8:8f:e2:00:6b:4e:d2:f7:28:21:c5:4d:cf:f4:60:
         15:6a:13:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XwwI+AibkvrpPJ+CtFxiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYjBlODY4NmY3ZGFiMWY2NGM4MGQ0MzgyYzNjNTk0OWZm
MTFkYmYwHhcNMjYwNjMwMDkwMTIzWhcNMjYwNzAxMDkwMTIzWjAzMTEwLwYDVQQD
EygwMDg0NTdhNzVlNjdlNTRiODk3NDgxMWMzNTI4NTM4ODNhOWFkMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cLZbDcNMbOePjN6+hvVesRZbPlU
yi3wWto/rcsPUmCE8lhpohF1ZZwyBk+k33fLpU0A3GL1X5o4sUcBmPzJrcN6hAJb
tegvtkXYJw2hSVs9+/BV8AcSSKlmppCh05/hfCK1CI5RlZe7e6uduxjFil7ZhF6M
C+PRrK7Nq02REj36D5QTjTnv1LltLU9kn4KRH+RcORWr1FQ3pSGgLMTCyx802k1g
/GnFkLF49qSQ7BYrI8aR54LOh2Efpwm/jVSsBVuMktC5K+cm6NlSz0e+o/xKfNAo
thDJuO8h6kgSSoN0sUkPdtw8BhJnAyf3m4CZqRncoC/AA1j0uEkAOikf0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFACEV6deZ+VLiXSBHDUoU4g6mtIBMB8GA1UdIwQY
MBaAFNGw6GhvfasfZMgNQ4LDxZSf8R2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMt
ZGJiYzI1NGQxYzZjLzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMtZGJiYzI1NGQxYzZj
LzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfbPYWfqp
kbS8xhLfXQrBRxGTFVmo+ioZapq4IWzXc7ImviPGnS5oNb4YMjsl6QBJIhO1gqPK
Ho0djXYI9VhWPNj/tIobzJ4xQQQzSua8RJvDJADhmet90MtBRsAb9aDzIodIrN4O
sQmv90EU9zV691awrkaLW4W1rDAER1dV0s7Nqeh6jEhhXbCK5JWTwSicQunFzzYd
z16AFlK2Y8B/xdNPr6Kc17ToUqyg8b0/9Xi5PNIss6ydlIGSZ1UXtLAw8VqRe8Hi
a3OHthgmQFa05GR0zciSFARsV273PMAGPi+Ocq6Cv7LaXTrLddWBuI/iAGtO0vco
IcVNz/RgFWoT2w==
-----END CERTIFICATE-----