Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          1o2jmtzVIrgqnVDeYFV5dsCWFQLenkLGP3smj62catg=
Subject key identifier:   D4:21:09:B5:97:D3:24:2F:2D:E6:ED:59:ED:38:02:12:A8:D2:59:34
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       019D38D3AFB879FD6268F39755F0FD1CBE3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          15C6
Signing time:             Sun 29 Mar 2026 09:01:30 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:30 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:30 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: HcK9mYFwtZJ9XBB/8k50pOBIVC2Eo6DyIZy0GKSCZLo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:af:b8:79:fd:62:68:f3:97:55:f0:fd:1c:be:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: Mar 29 09:01:30 2026 GMT
            Not After : Mar 30 09:01:30 2026 GMT
        Subject: CN=d42109b597d3242f2de6ed59ed380212a8d25934
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:9e:63:85:5e:44:83:02:9a:85:6f:d3:59:80:
                    3d:7c:5f:94:8a:3c:bb:a7:ef:85:05:41:a1:ca:5a:
                    e3:15:a2:9f:17:e6:5a:37:7d:b6:2a:32:5f:c4:d1:
                    47:3e:6b:b8:4e:cc:5c:3d:ba:d7:d3:90:f9:ef:a1:
                    0c:68:ff:fd:bc:38:93:df:8b:21:4d:1b:90:55:3b:
                    7c:03:1e:76:d0:a7:08:79:cc:a0:78:98:f5:fd:87:
                    1a:28:06:89:f0:ce:90:24:a7:a4:37:f2:b6:8e:2a:
                    29:43:3f:83:cd:12:12:f2:33:7e:bb:e2:78:32:53:
                    7d:5b:4c:d0:2b:39:df:e7:96:d0:6d:a0:92:78:c7:
                    01:21:e0:56:94:02:43:fd:15:60:17:84:a0:a7:38:
                    2d:d7:e3:33:b8:28:2b:65:96:ff:82:86:32:90:72:
                    cc:38:67:d0:b1:18:dc:5f:f6:96:d9:e9:77:b0:28:
                    2d:dc:2d:10:fa:b6:3e:9e:42:ac:f6:87:49:3d:d3:
                    62:47:8b:58:1b:ac:8c:ee:fd:38:5d:19:32:51:b0:
                    38:7a:a5:89:5d:ad:73:dc:bb:c5:58:f7:33:3d:a8:
                    8d:6b:14:4e:e6:67:68:07:81:ff:52:60:44:0f:e6:
                    87:bc:25:d0:41:a6:65:06:7a:78:29:5c:5e:37:cb:
                    10:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:21:09:B5:97:D3:24:2F:2D:E6:ED:59:ED:38:02:12:A8:D2:59:34
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:d6:1c:6f:7f:a4:72:0a:d7:a0:2b:e3:e2:d3:ec:6c:ed:58:
         0d:4e:7f:0b:9d:e8:46:f7:cf:51:bb:17:d6:75:84:4f:7f:fe:
         cb:e6:95:21:a2:6f:7c:4f:f8:6b:5b:1a:57:f1:1c:09:36:e4:
         88:3b:03:e1:8a:c9:61:ec:76:d7:35:69:dc:12:b9:b9:1c:a8:
         b4:15:4f:fe:47:ac:c0:c6:d7:1a:96:6b:96:50:a5:8c:e5:f7:
         f5:77:5d:82:32:6c:f8:20:20:d7:c5:b5:01:80:07:5f:97:1d:
         86:61:da:1c:81:eb:d9:2e:6c:62:6b:f2:a1:9c:a0:47:76:52:
         69:80:4e:01:f9:75:b0:2a:cc:19:55:b2:09:38:15:b6:1d:20:
         f6:d5:80:4d:94:a0:93:da:9c:54:34:84:30:78:2d:c5:a4:ae:
         e5:0a:8f:cd:60:8c:ad:13:47:c7:69:a2:dd:ae:f7:fb:a1:4f:
         75:14:56:13:55:a3:84:a0:b8:5a:34:15:ef:e3:92:f1:4d:09:
         5a:38:7b:e2:7e:f4:3b:4f:e9:d9:a0:bc:72:a7:8c:c9:23:61:
         ed:1a:87:ba:70:fb:b4:23:d8:fb:1e:eb:aa:75:cf:87:27:90:
         69:31:60:d6:04:22:f8:7b:01:ad:9a:67:5f:67:ca:9b:8a:e5:
         5c:14:5b:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406+4ef1iaPOXVfD9HL48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjYwMzI5MDkwMTMwWhcNMjYwMzMwMDkwMTMwWjAzMTEwLwYDVQQD
EyhkNDIxMDliNTk3ZDMyNDJmMmRlNmVkNTllZDM4MDIxMmE4ZDI1OTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs55jhV5EgwKahW/TWYA9fF+Uijy7
p++FBUGhylrjFaKfF+ZaN322KjJfxNFHPmu4TsxcPbrX05D576EMaP/9vDiT34sh
TRuQVTt8Ax520KcIecygeJj1/YcaKAaJ8M6QJKekN/K2jiopQz+DzRIS8jN+u+J4
MlN9W0zQKznf55bQbaCSeMcBIeBWlAJD/RVgF4Sgpzgt1+MzuCgrZZb/goYykHLM
OGfQsRjcX/aW2el3sCgt3C0Q+rY+nkKs9odJPdNiR4tYG6yM7v04XRkyUbA4eqWJ
Xa1z3LvFWPczPaiNaxRO5mdoB4H/UmBED+aHvCXQQaZlBnp4KVxeN8sQ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQhCbWX0yQvLebtWe04AhKo0lk0MB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ9Ycb3+k
cgrXoCvj4tPsbO1YDU5/C53oRvfPUbsX1nWET3/+y+aVIaJvfE/4a1saV/EcCTbk
iDsD4YrJYex21zVp3BK5uRyotBVP/keswMbXGpZrllCljOX39XddgjJs+CAg18W1
AYAHX5cdhmHaHIHr2S5sYmvyoZygR3ZSaYBOAfl1sCrMGVWyCTgVth0g9tWATZSg
k9qcVDSEMHgtxaSu5QqPzWCMrRNHx2mi3a73+6FPdRRWE1WjhKC4WjQV7+OS8U0J
Wjh74n70O0/p2aC8cqeMySNh7RqHunD7tCPY+x7rqnXPhyeQaTFg1gQi+HsBrZpn
X2fKm4rlXBRb6Q==
-----END CERTIFICATE-----