Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
File:                     0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft (raw, json)
Hash identifier:          Flrivnvv6ckvBlxPNuhAiLCZvEcukraMMKeUyiBduxA=
Subject key identifier:   83:6D:BB:42:A4:E2:31:BF:CE:E3:A4:68:3D:0F:3A:EC:56:F0:4B:CF
Authority key identifier: D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF
Certificate issuer:       /CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
Certificate serial:       019D38D388F16C838F1982F58C570B05AFBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
Manifest number:          06E5
Signing time:             Sun 29 Mar 2026 09:01:20 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:20 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:20 +0000
Files and hashes:         1: 0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl (hash: LM3ALzswiOvrBfw8OPV9E0LWfEy7y7G9sUmxgh9KyGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:88:f1:6c:83:8f:19:82:f5:8c:57:0b:05:af:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
        Validity
            Not Before: Mar 29 09:01:20 2026 GMT
            Not After : Mar 30 09:01:20 2026 GMT
        Subject: CN=836dbb42a4e231bfcee3a4683d0f3aec56f04bcf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:cd:a8:e6:9d:dc:a4:80:d2:ba:0f:d1:91:59:
                    3a:f0:91:fe:5f:42:47:9d:80:7e:41:b6:41:1c:56:
                    f0:90:3b:52:6d:b8:1e:b5:d7:3b:5d:38:67:67:3b:
                    01:ea:85:c1:6b:5a:f0:9a:82:7c:5a:79:9f:0e:db:
                    16:dc:4b:79:02:66:c3:42:46:b0:26:db:0b:22:0e:
                    4d:c8:46:65:f4:18:11:2b:5b:1a:0c:c6:51:94:7c:
                    0f:54:e6:ab:55:bc:2b:54:86:1c:7c:b1:3a:eb:50:
                    5d:dc:b5:b3:ce:4e:09:01:4b:4b:fb:8d:f1:7c:57:
                    3f:48:30:2a:79:12:14:f3:eb:cf:86:ea:17:1d:b6:
                    fa:e5:74:8c:da:53:f2:66:a6:a5:03:0c:4a:02:2b:
                    5c:c9:9f:0b:a7:d3:a3:59:7a:20:8a:c7:21:ea:ac:
                    9e:ca:52:24:91:8c:68:7f:8b:d9:1b:a3:43:54:5c:
                    4e:11:43:99:8f:50:6c:02:ad:c3:48:23:9f:0f:87:
                    86:bd:e0:ea:08:da:e3:4a:bf:72:ef:dc:58:da:74:
                    f3:29:e8:e0:80:50:a5:fb:e4:34:06:42:17:a3:43:
                    ab:ba:c7:ac:2e:b9:27:1c:05:6e:3f:1b:15:31:c5:
                    f9:32:ed:bb:ad:24:e9:ef:5e:44:3e:37:c6:60:bb:
                    23:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:6D:BB:42:A4:E2:31:BF:CE:E3:A4:68:3D:0F:3A:EC:56:F0:4B:CF
            X509v3 Authority Key Identifier:
                keyid:D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:42:56:60:b7:7b:fc:54:7e:01:0f:c0:c6:6f:cc:eb:6e:20:
         74:61:8c:d0:7b:cb:76:0c:b4:77:15:6c:2b:c1:41:6c:77:31:
         f4:e5:04:69:c9:39:60:3f:64:f1:63:8d:a3:b7:ec:bf:34:70:
         ab:bc:6c:00:95:ac:65:07:23:16:30:c1:51:e6:27:49:69:66:
         1e:7c:01:e6:4d:f2:a7:98:95:51:2f:24:08:91:11:62:57:1c:
         c3:90:b0:65:81:75:bb:17:10:87:aa:de:01:16:89:c4:d6:4b:
         52:55:6a:03:3d:57:0b:cc:3a:5f:06:23:da:aa:d0:08:0e:14:
         ca:fe:fc:80:49:80:96:b9:45:0a:88:10:e6:dd:47:c1:87:a0:
         1a:9b:df:77:ba:93:d7:8b:da:e0:b5:79:40:7b:cb:f5:ad:4e:
         31:f6:3c:ba:d7:8a:1e:7d:92:0a:df:b9:81:35:b9:50:f3:97:
         9d:17:24:4e:c4:41:44:67:6e:4b:20:af:91:ef:5b:70:92:12:
         b7:41:99:73:54:50:ab:9c:55:10:f9:a3:cb:33:b0:0a:3f:ec:
         3f:38:d3:71:f3:0f:97:80:98:32:ee:01:92:ce:df:97:59:51:
         31:7b:6e:df:e0:90:2f:2f:76:0c:a8:82:fd:f7:89:ef:1b:69:
         d5:32:6d:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0404jxbIOPGYL1jFcLBa+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYjBlODY4NmY3ZGFiMWY2NGM4MGQ0MzgyYzNjNTk0OWZm
MTFkYmYwHhcNMjYwMzI5MDkwMTIwWhcNMjYwMzMwMDkwMTIwWjAzMTEwLwYDVQQD
Eyg4MzZkYmI0MmE0ZTIzMWJmY2VlM2E0NjgzZDBmM2FlYzU2ZjA0YmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAls2o5p3cpIDSug/RkVk68JH+X0JH
nYB+QbZBHFbwkDtSbbgetdc7XThnZzsB6oXBa1rwmoJ8WnmfDtsW3Et5AmbDQkaw
JtsLIg5NyEZl9BgRK1saDMZRlHwPVOarVbwrVIYcfLE661Bd3LWzzk4JAUtL+43x
fFc/SDAqeRIU8+vPhuoXHbb65XSM2lPyZqalAwxKAitcyZ8Lp9OjWXogisch6qye
ylIkkYxof4vZG6NDVFxOEUOZj1BsAq3DSCOfD4eGveDqCNrjSr9y79xY2nTzKejg
gFCl++Q0BkIXo0OrusesLrknHAVuPxsVMcX5Mu27rSTp715EPjfGYLsjKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINtu0Kk4jG/zuOkaD0POuxW8EvPMB8GA1UdIwQY
MBaAFNGw6GhvfasfZMgNQ4LDxZSf8R2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMt
ZGJiYzI1NGQxYzZjLzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMtZGJiYzI1NGQxYzZj
LzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM0JWYLd7
/FR+AQ/Axm/M624gdGGM0HvLdgy0dxVsK8FBbHcx9OUEack5YD9k8WONo7fsvzRw
q7xsAJWsZQcjFjDBUeYnSWlmHnwB5k3yp5iVUS8kCJERYlccw5CwZYF1uxcQh6re
ARaJxNZLUlVqAz1XC8w6XwYj2qrQCA4Uyv78gEmAlrlFCogQ5t1HwYegGpvfd7qT
14va4LV5QHvL9a1OMfY8uteKHn2SCt+5gTW5UPOXnRckTsRBRGduSyCvke9bcJIS
t0GZc1RQq5xVEPmjyzOwCj/sPzjTcfMPl4CYMu4Bks7fl1lRMXtu3+CQLy92DKiC
/feJ7xtp1TJtbQ==
-----END CERTIFICATE-----