Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
File:                     0c0c1HQkGQk2se35qYScPjBYfzo.mft (raw, json)
Hash identifier:          5NMYLJr1e0szTvfZ/zwHHUI9aalAE8QnSyJ5N7CMVpk=
Subject key identifier:   6E:AB:81:2A:44:D9:C0:35:08:7A:41:0D:E9:1B:FA:63:66:E3:41:27
Authority key identifier: D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A
Certificate issuer:       /CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
Certificate serial:       019D3865E626EEC330A374AE1C9CB3F81D22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
Manifest number:          0FEF
Signing time:             Sun 29 Mar 2026 07:01:35 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:35 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:35 +0000
Files and hashes:         1: 0c0c1HQkGQk2se35qYScPjBYfzo.crl (hash: teVcZQC0BtpfQn4+oZda1sjBO3ln/X1fYc81UBwatiQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:e6:26:ee:c3:30:a3:74:ae:1c:9c:b3:f8:1d:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1cd1cd47424190936b1edf9a9849c3e30587f3a
        Validity
            Not Before: Mar 29 07:01:35 2026 GMT
            Not After : Mar 30 07:01:35 2026 GMT
        Subject: CN=6eab812a44d9c035087a410de91bfa6366e34127
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:de:9f:d7:1d:f2:3c:0c:b3:bb:9d:0e:80:8a:
                    f3:a4:d6:be:37:78:e0:4c:44:f2:84:bd:80:75:b2:
                    f6:4e:63:a0:38:b5:85:ce:28:ba:16:19:8b:ff:ac:
                    b0:a0:ee:aa:23:98:9f:7b:46:69:02:c0:f4:fd:bc:
                    d8:5d:f0:68:7a:fd:27:ec:7a:65:c6:b2:37:03:8a:
                    10:f4:0c:89:a7:96:f9:41:9c:dd:c1:59:e1:6e:d8:
                    30:d8:3c:7e:1c:28:e4:4c:5c:ec:57:2a:c7:e1:39:
                    98:6d:d5:e6:1e:87:dc:e4:43:d6:41:44:b7:46:6f:
                    e1:33:d0:0a:b6:0a:41:60:23:81:83:6a:67:68:e6:
                    f8:b2:a5:6e:a9:47:43:2d:15:a5:9f:28:41:46:53:
                    ff:e7:8d:77:ad:be:23:2d:0f:24:cf:8d:09:db:ec:
                    23:62:46:18:50:ba:d5:41:2c:2a:07:65:5d:27:2f:
                    35:d5:5a:ea:71:ce:d0:83:3a:91:6b:1a:9b:c2:3e:
                    4c:2d:72:d4:f8:1a:4a:4b:46:9d:6e:d8:bd:5d:34:
                    7d:c1:94:cd:f0:70:15:fa:02:c7:65:d4:57:14:75:
                    bf:a4:ff:e7:71:c1:22:83:9e:0a:a0:f9:ba:63:df:
                    2a:6b:04:0b:55:79:5b:89:72:39:e1:64:58:6f:7c:
                    b8:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:AB:81:2A:44:D9:C0:35:08:7A:41:0D:E9:1B:FA:63:66:E3:41:27
            X509v3 Authority Key Identifier:
                keyid:D1:CD:1C:D4:74:24:19:09:36:B1:ED:F9:A9:84:9C:3E:30:58:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c0c1HQkGQk2se35qYScPjBYfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/14aafd-d5bb-4644-bed7-b4533a088dc4/1/0c0c1HQkGQk2se35qYScPjBYfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:ff:5e:70:50:0a:f1:28:32:5f:21:f4:0c:8d:f5:f9:0d:af:
         f6:f5:fa:c0:02:8b:5f:79:0e:b9:6b:2e:db:21:8e:b0:3b:c9:
         f7:58:32:43:4c:04:a4:3e:7c:c8:e7:22:42:e4:b8:46:43:3a:
         c2:89:b2:ef:63:76:f3:6e:d1:d1:18:60:c7:77:14:8e:44:18:
         d0:3d:d9:8d:12:50:8a:d6:20:bb:b2:5c:71:24:91:e7:33:51:
         77:f2:eb:10:26:ad:42:a8:cb:6c:82:1b:ca:1b:a8:2b:4e:e2:
         29:b3:3c:53:41:f1:4b:4a:50:70:8c:ff:a7:da:09:f9:bd:65:
         44:e7:4b:fd:a2:40:5c:48:c7:99:9e:f9:32:29:0a:41:5e:01:
         ad:eb:71:de:cf:8d:98:bf:3e:6c:cb:4b:0c:47:d4:3a:fd:88:
         a8:91:0c:f2:9f:6f:07:5e:7d:d0:e1:fc:b3:fb:d9:b0:a3:cb:
         dd:99:aa:a3:8d:3b:70:65:02:7f:c2:c5:77:6b:32:89:a8:03:
         58:f6:db:e1:5e:b0:ec:39:7b:c6:58:65:97:88:e0:d3:ce:79:
         66:10:3c:25:01:f0:82:16:e9:d7:3d:ac:c5:ce:35:87:18:ab:
         42:e0:af:7f:c4:a4:a0:66:f6:2c:18:48:3b:b8:a1:a8:cc:48:
         2b:6d:fe:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZeYm7sMwo3SuHJyz+B0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2QxY2Q0NzQyNDE5MDkzNmIxZWRmOWE5ODQ5YzNlMzA1
ODdmM2EwHhcNMjYwMzI5MDcwMTM1WhcNMjYwMzMwMDcwMTM1WjAzMTEwLwYDVQQD
Eyg2ZWFiODEyYTQ0ZDljMDM1MDg3YTQxMGRlOTFiZmE2MzY2ZTM0MTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyN6f1x3yPAyzu50OgIrzpNa+N3jg
TETyhL2AdbL2TmOgOLWFzii6FhmL/6ywoO6qI5ife0ZpAsD0/bzYXfBoev0n7Hpl
xrI3A4oQ9AyJp5b5QZzdwVnhbtgw2Dx+HCjkTFzsVyrH4TmYbdXmHofc5EPWQUS3
Rm/hM9AKtgpBYCOBg2pnaOb4sqVuqUdDLRWlnyhBRlP/5413rb4jLQ8kz40J2+wj
YkYYULrVQSwqB2VdJy811Vrqcc7QgzqRaxqbwj5MLXLU+BpKS0adbti9XTR9wZTN
8HAV+gLHZdRXFHW/pP/nccEig54KoPm6Y98qawQLVXlbiXI54WRYb3y43wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6rgSpE2cA1CHpBDekb+mNm40EnMB8GA1UdIwQY
MBaAFNHNHNR0JBkJNrHt+amEnD4wWH86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDct
YjQ1MzNhMDg4ZGM0LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8xNGFhZmQtZDViYi00NjQ0LWJlZDctYjQ1MzNhMDg4ZGM0
LzEvMGMwYzFIUWtHUWsyc2UzNXFZU2NQakJZZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg/9ecFAK
8SgyXyH0DI31+Q2v9vX6wAKLX3kOuWsu2yGOsDvJ91gyQ0wEpD58yOciQuS4RkM6
womy72N2827R0Rhgx3cUjkQY0D3ZjRJQitYgu7JccSSR5zNRd/LrECatQqjLbIIb
yhuoK07iKbM8U0HxS0pQcIz/p9oJ+b1lROdL/aJAXEjHmZ75MikKQV4Bretx3s+N
mL8+bMtLDEfUOv2IqJEM8p9vB1590OH8s/vZsKPL3Zmqo407cGUCf8LFd2syiagD
WPbb4V6w7Dl7xlhll4jg0855ZhA8JQHwghbp1z2sxc41hxirQuCvf8SkoGb2LBhI
O7ihqMxIK23+lQ==
-----END CERTIFICATE-----