Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
File:                     h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json)
Hash identifier:          UM8TmTX4rG+xjP9BJNJS1vYd5EVbQ25d1UDKCuPv7r4=
Subject key identifier:   4E:96:49:80:80:D3:88:0C:9E:34:97:BF:05:F1:2D:83:84:A6:1A:7F
Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97
Certificate issuer:       /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
Certificate serial:       019D39AEC0BB8EF5D831F5D34AE9F8231E07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
Manifest number:          0DD4
Signing time:             Sun 29 Mar 2026 13:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:47 +0000
Files and hashes:         1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: xrUgI9uv7kR4Rv/nF1qo4zI7os/T8m1NSCT/j4bWNjU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:c0:bb:8e:f5:d8:31:f5:d3:4a:e9:f8:23:1e:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
        Validity
            Not Before: Mar 29 13:00:47 2026 GMT
            Not After : Mar 30 13:00:47 2026 GMT
        Subject: CN=4e96498080d3880c9e3497bf05f12d8384a61a7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:73:6d:51:8b:22:e9:23:8f:f6:a3:03:9c:c7:
                    ce:f6:2c:73:d5:ad:15:d1:0b:77:6a:46:a2:23:69:
                    95:57:ce:49:1e:35:80:38:41:c6:e1:18:fe:02:2a:
                    fd:ff:54:01:29:56:41:9f:ce:3e:a0:6b:a2:7c:ee:
                    73:e2:99:21:9a:ac:be:04:86:91:98:97:3f:96:e2:
                    3c:24:54:7c:10:3e:c0:6b:01:94:c3:30:5a:6b:34:
                    92:78:26:6c:5c:7f:57:8d:57:d2:ce:8c:70:50:5d:
                    d7:55:2a:b6:79:f4:15:fd:e0:3a:99:f5:c0:d8:8a:
                    8b:1e:84:79:47:1c:0d:4d:cd:eb:8c:fd:49:59:82:
                    59:e8:80:cf:71:bb:83:b2:d5:5d:c1:8b:16:63:7d:
                    8a:c3:c2:70:1c:55:aa:5d:26:06:80:40:1a:0d:5e:
                    8c:a9:d2:b3:8a:ad:dc:f4:8e:83:5a:70:9c:6c:fe:
                    e0:a2:f5:f4:01:ee:d6:b1:f5:03:25:4f:bc:6e:ee:
                    13:b0:ad:9e:e6:bb:6f:0f:0e:16:6d:de:55:48:62:
                    ab:84:05:8d:d6:d9:d0:26:d5:f4:4f:07:37:01:a4:
                    25:22:a9:f7:6e:73:e4:9c:4f:b8:54:02:df:f0:00:
                    30:5a:2e:c8:67:04:78:9a:b1:9a:ab:6f:64:02:a1:
                    9d:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:96:49:80:80:D3:88:0C:9E:34:97:BF:05:F1:2D:83:84:A6:1A:7F
            X509v3 Authority Key Identifier:
                keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d6:ba:93:42:e7:33:a5:7c:7a:04:81:ee:7c:fc:53:d0:85:6f:
         28:11:04:14:5a:45:e4:35:82:ad:2e:2e:55:d4:70:4f:eb:b2:
         63:32:76:44:ab:b7:13:48:a3:00:cc:71:3e:86:d0:0b:d1:b0:
         dd:cd:36:f7:d6:43:2b:5b:86:a2:fa:c9:44:96:c3:9c:a3:8e:
         ee:c7:6a:a7:67:dd:62:43:d4:b0:7b:e1:8d:a3:88:5a:c9:4a:
         9b:05:bb:a7:a0:37:ca:d2:24:b6:70:1c:a9:27:b4:48:c5:16:
         31:0e:b7:c5:6a:94:f8:ff:55:9c:df:4f:50:41:85:29:9f:e1:
         56:f6:89:77:bc:ff:31:e2:f9:fe:5d:0c:cc:61:5b:4a:b7:bf:
         ee:71:05:5c:94:59:9b:df:48:6c:fd:b7:a1:d4:ac:a4:77:d4:
         4b:d7:ef:11:d4:d3:81:6b:7a:2c:40:98:7f:8e:0f:2c:bb:12:
         26:85:ac:e9:54:db:c7:f1:58:97:d6:3c:c3:c9:08:16:a6:1c:
         23:c9:f0:63:ab:95:21:ab:c2:04:2a:e9:5b:18:92:8a:30:da:
         34:7b:ea:5c:fb:df:25:41:32:8a:a5:1f:85:51:cb:d1:cd:5e:
         b9:98:38:1c:32:5b:61:81:2a:6c:3d:e0:8d:64:9f:cc:52:76:
         ff:21:39:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rsC7jvXYMfXTSun4Ix4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5
NTVlOTcwHhcNMjYwMzI5MTMwMDQ3WhcNMjYwMzMwMTMwMDQ3WjAzMTEwLwYDVQQD
Eyg0ZTk2NDk4MDgwZDM4ODBjOWUzNDk3YmYwNWYxMmQ4Mzg0YTYxYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHNtUYsi6SOP9qMDnMfO9ixz1a0V
0Qt3akaiI2mVV85JHjWAOEHG4Rj+Air9/1QBKVZBn84+oGuifO5z4pkhmqy+BIaR
mJc/luI8JFR8ED7AawGUwzBaazSSeCZsXH9XjVfSzoxwUF3XVSq2efQV/eA6mfXA
2IqLHoR5RxwNTc3rjP1JWYJZ6IDPcbuDstVdwYsWY32Kw8JwHFWqXSYGgEAaDV6M
qdKziq3c9I6DWnCcbP7govX0Ae7WsfUDJU+8bu4TsK2e5rtvDw4Wbd5VSGKrhAWN
1tnQJtX0Twc3AaQlIqn3bnPknE+4VALf8AAwWi7IZwR4mrGaq29kAqGdgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6WSYCA04gMnjSXvwXxLYOEphp/MB8GA1UdIwQY
MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt
MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl
LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1rqTQucz
pXx6BIHufPxT0IVvKBEEFFpF5DWCrS4uVdRwT+uyYzJ2RKu3E0ijAMxxPobQC9Gw
3c0299ZDK1uGovrJRJbDnKOO7sdqp2fdYkPUsHvhjaOIWslKmwW7p6A3ytIktnAc
qSe0SMUWMQ63xWqU+P9VnN9PUEGFKZ/hVvaJd7z/MeL5/l0MzGFbSre/7nEFXJRZ
m99IbP23odSspHfUS9fvEdTTgWt6LECYf44PLLsSJoWs6VTbx/FYl9Y8w8kIFqYc
I8nwY6uVIavCBCrpWxiSijDaNHvqXPvfJUEyiqUfhVHL0c1euZg4HDJbYYEqbD3g
jWSfzFJ2/yE5qg==
-----END CERTIFICATE-----