Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          ffmpBDZBTHrBNy3CuMKf5G2sRxFDJhV1uZx2JvWEaeE=
Subject key identifier:   D7:B7:68:27:A7:79:90:9F:89:A9:D5:A2:6C:88:E2:A2:EE:00:D8:FF
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       019F17C2EB8306B75D6E972E77CECB9259FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          16BE
Signing time:             Tue 30 Jun 2026 09:01:17 +0000
Manifest this update:     Tue 30 Jun 2026 09:01:17 +0000
Manifest next update:     Wed 01 Jul 2026 09:01:17 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: 5uulaY8KrIHaHpHPIIXbN285c0EOeGJiJQRUnliIIhw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 09:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:c2:eb:83:06:b7:5d:6e:97:2e:77:ce:cb:92:59:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: Jun 30 09:01:17 2026 GMT
            Not After : Jul  1 09:01:17 2026 GMT
        Subject: CN=d7b76827a779909f89a9d5a26c88e2a2ee00d8ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:78:f9:ee:e9:5b:f6:16:6d:38:e1:a3:d1:5c:
                    b9:4d:55:28:e2:3e:17:6d:fe:92:9a:5d:3f:7e:51:
                    0c:25:d3:58:95:2d:7a:5c:d9:f1:0a:cf:30:38:6a:
                    fd:c8:10:4b:e8:a9:af:f4:5a:e2:bb:29:9e:57:f0:
                    fe:f5:85:b3:36:9d:5a:d8:90:5f:d6:b3:9b:29:0c:
                    cd:c8:23:b8:ef:d8:4f:e4:24:e7:42:18:7c:f0:93:
                    1c:9d:89:bb:81:fa:c3:77:2c:8d:3d:35:1c:6e:9d:
                    c4:44:88:97:c3:e8:c7:24:5a:5e:cf:34:ac:aa:c8:
                    1e:8a:68:24:68:b9:ec:64:85:44:fc:34:c4:9d:e2:
                    ff:68:50:35:95:6a:a1:7d:71:05:31:4f:af:30:7c:
                    2d:22:4c:79:c0:cb:bf:be:7b:ff:1f:2f:d6:53:ef:
                    ac:6d:d3:04:9b:34:8c:c1:e5:7a:e3:ec:3c:fc:60:
                    58:04:e8:db:0a:88:24:be:af:95:06:ab:28:56:46:
                    89:6d:5b:e1:40:dc:1e:e9:39:85:9f:52:f8:4e:0a:
                    e6:ef:af:bf:0d:f0:34:61:04:b5:7f:24:bb:d0:8c:
                    c2:3f:99:d9:31:97:1f:1f:27:78:70:16:af:16:fd:
                    7f:c8:64:c7:a2:11:99:91:6d:3a:b1:70:b2:bc:b7:
                    b0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:B7:68:27:A7:79:90:9F:89:A9:D5:A2:6C:88:E2:A2:EE:00:D8:FF
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:3f:ff:46:f4:88:cd:f0:fb:91:3d:37:90:a0:6f:87:26:59:
         76:ee:b6:7f:6e:3c:d1:ff:5d:dd:11:0c:91:e5:31:6a:c7:9c:
         d3:63:e3:f7:85:09:82:c2:ea:bc:c6:6d:46:69:b0:cc:56:16:
         ab:c1:5e:08:05:25:dc:fe:0b:6d:9e:bf:04:79:19:a5:74:44:
         f8:b8:ce:db:37:67:51:15:61:bd:9e:67:3d:60:b2:8e:e9:86:
         39:50:fa:9c:da:cc:8e:bc:37:3d:dd:95:7a:b4:42:05:9d:9b:
         71:a2:4c:d0:0b:86:98:79:6e:1e:4d:3c:a4:61:fe:ed:fe:be:
         b9:4b:00:22:a1:76:46:b5:3a:6e:86:43:a3:d6:89:7d:4d:03:
         7a:df:7e:05:7d:f0:85:41:af:c2:db:dd:6a:99:67:d1:21:40:
         c0:c7:00:95:60:6e:12:54:52:42:35:ae:bc:1a:fc:6c:4c:cc:
         44:00:89:dd:fa:c3:f3:48:a0:65:c2:ec:bb:25:0b:f5:b6:41:
         80:0d:7b:e6:15:04:bf:30:a5:39:d5:f7:4c:28:a3:6e:25:0d:
         5c:f5:21:d4:f1:3a:e0:b4:9e:0d:ae:0a:a0:ea:53:42:02:42:
         84:17:ac:05:bb:25:e0:96:95:93:b2:f0:ab:0a:e0:6f:9c:bd:
         10:50:ee:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XwuuDBrddbpcud87Lkln9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjYwNjMwMDkwMTE3WhcNMjYwNzAxMDkwMTE3WjAzMTEwLwYDVQQD
EyhkN2I3NjgyN2E3Nzk5MDlmODlhOWQ1YTI2Yzg4ZTJhMmVlMDBkOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnj57ulb9hZtOOGj0Vy5TVUo4j4X
bf6Sml0/flEMJdNYlS16XNnxCs8wOGr9yBBL6Kmv9FriuymeV/D+9YWzNp1a2JBf
1rObKQzNyCO479hP5CTnQhh88JMcnYm7gfrDdyyNPTUcbp3ERIiXw+jHJFpezzSs
qsgeimgkaLnsZIVE/DTEneL/aFA1lWqhfXEFMU+vMHwtIkx5wMu/vnv/Hy/WU++s
bdMEmzSMweV64+w8/GBYBOjbCogkvq+VBqsoVkaJbVvhQNwe6TmFn1L4Tgrm76+/
DfA0YQS1fyS70IzCP5nZMZcfHyd4cBavFv1/yGTHohGZkW06sXCyvLewXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNe3aCeneZCfianVomyI4qLuANj/MB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoj//RvSI
zfD7kT03kKBvhyZZdu62f2480f9d3REMkeUxasec02Pj94UJgsLqvMZtRmmwzFYW
q8FeCAUl3P4LbZ6/BHkZpXRE+LjO2zdnURVhvZ5nPWCyjumGOVD6nNrMjrw3Pd2V
erRCBZ2bcaJM0AuGmHluHk08pGH+7f6+uUsAIqF2RrU6boZDo9aJfU0Det9+BX3w
hUGvwtvdapln0SFAwMcAlWBuElRSQjWuvBr8bEzMRACJ3frD80igZcLsuyUL9bZB
gA175hUEvzClOdX3TCijbiUNXPUh1PE64LSeDa4KoOpTQgJChBesBbsl4JaVk7Lw
qwrgb5y9EFDubQ==
-----END CERTIFICATE-----