Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          3LXzZPBtUcrxZOSfawGLRW/Vh4bQuBw88S2zC224fqA=
Subject key identifier:   DB:50:27:1B:29:F0:23:9C:7A:F0:AA:11:A1:93:DB:F8:B6:4C:C2:7C
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       019E2F9647A1D6F86B1CE8DF1B408C6637E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0CD4
Signing time:             Sat 16 May 2026 07:00:38 +0000
Manifest this update:     Sat 16 May 2026 07:00:38 +0000
Manifest next update:     Sun 17 May 2026 07:00:38 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: DM2p5StOxXTe9WAMrqQ+rCsRJ2L1GbXWOYwMEN8U0Ew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 05:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:47:a1:d6:f8:6b:1c:e8:df:1b:40:8c:66:37:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: May 16 07:00:38 2026 GMT
            Not After : May 17 07:00:38 2026 GMT
        Subject: CN=db50271b29f0239c7af0aa11a193dbf8b64cc27c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:e6:c0:2b:d2:6e:8f:5c:7c:db:3a:c9:19:29:
                    31:26:fd:a2:b7:f7:9d:33:e8:a2:69:b4:11:68:d9:
                    61:2a:97:82:c2:12:9d:88:75:c6:e4:84:5e:fe:24:
                    41:9a:0b:f5:ad:c1:5a:91:24:8f:00:61:15:57:40:
                    67:ba:45:74:2c:80:fd:a8:7c:18:c7:80:4b:d4:18:
                    71:41:76:d1:c0:2f:b7:57:54:db:8a:e1:ba:d0:25:
                    a5:88:68:67:4d:22:be:4b:04:31:e4:43:fd:1a:ac:
                    a0:13:4f:a5:ae:e8:5c:75:47:fb:c3:99:c4:4a:2f:
                    2c:40:ca:26:82:c5:fc:74:c2:c6:de:4c:bd:47:46:
                    82:7b:0e:eb:dc:df:a9:ee:bd:87:51:c9:81:57:39:
                    48:5c:59:85:09:5a:b4:45:ce:79:70:0a:7a:2e:2a:
                    ee:94:79:b4:86:79:dc:29:ad:83:9c:36:b4:04:3c:
                    ce:84:46:86:22:33:ff:9e:cc:e4:bc:2c:ce:07:3d:
                    52:58:a8:86:6a:fd:cd:e9:96:f2:03:12:9d:0b:c9:
                    63:86:c3:59:2d:53:06:6f:ec:dd:fd:00:be:9f:eb:
                    8b:4f:cc:a7:a5:e8:be:ad:4e:da:f3:2c:b2:ee:d7:
                    a8:b2:df:24:6b:b2:29:59:ff:7d:df:b2:a0:01:b5:
                    a2:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:50:27:1B:29:F0:23:9C:7A:F0:AA:11:A1:93:DB:F8:B6:4C:C2:7C
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:95:10:ea:39:a1:4b:3a:9a:bd:3c:c0:24:ae:b3:72:0e:28:
         c4:e6:71:9f:4b:07:36:67:41:da:09:5e:72:01:0e:cf:95:7e:
         d1:6b:fd:35:d8:f7:27:00:1e:64:92:73:0e:6c:a5:65:83:7d:
         c5:64:84:0c:b2:32:30:43:e6:cc:7f:1f:89:bf:ca:de:00:71:
         87:9c:ca:54:2a:64:89:e1:38:09:3e:ff:d1:30:8a:70:83:6e:
         67:a1:23:f1:9c:30:11:3d:93:c7:6c:f4:09:e5:99:fe:d9:87:
         d8:c1:2e:d3:54:bd:97:1b:83:25:62:0f:a1:40:39:6f:3b:20:
         0d:aa:f5:cd:96:f6:b1:80:3c:62:3d:ee:d0:64:21:8c:09:0d:
         67:c7:16:fa:85:cd:1e:a6:b1:9a:2a:2f:ea:ce:db:6f:89:5d:
         b0:26:06:b3:61:0a:c8:38:5f:22:83:fd:73:c0:17:b0:34:5a:
         89:7b:65:2f:84:44:8e:4e:35:1b:4a:87:79:c3:28:50:87:71:
         33:35:a4:fa:46:62:3b:00:36:fe:59:43:03:e2:6f:9a:c6:a0:
         c6:32:f9:70:49:ea:5b:a7:2b:1d:fb:bd:8b:5d:4f:74:9d:21:
         8f:f9:fd:da:6e:a9:02:bc:de:be:43:d6:2d:f7:af:a4:57:4b:
         ff:f6:ee:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlkeh1vhrHOjfG0CMZjfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjYwNTE2MDcwMDM4WhcNMjYwNTE3MDcwMDM4WjAzMTEwLwYDVQQD
EyhkYjUwMjcxYjI5ZjAyMzljN2FmMGFhMTFhMTkzZGJmOGI2NGNjMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+bAK9Juj1x82zrJGSkxJv2it/ed
M+iiabQRaNlhKpeCwhKdiHXG5IRe/iRBmgv1rcFakSSPAGEVV0BnukV0LID9qHwY
x4BL1BhxQXbRwC+3V1TbiuG60CWliGhnTSK+SwQx5EP9GqygE0+lruhcdUf7w5nE
Si8sQMomgsX8dMLG3ky9R0aCew7r3N+p7r2HUcmBVzlIXFmFCVq0Rc55cAp6Liru
lHm0hnncKa2DnDa0BDzOhEaGIjP/nszkvCzOBz1SWKiGav3N6ZbyAxKdC8ljhsNZ
LVMGb+zd/QC+n+uLT8ynpei+rU7a8yyy7teost8ka7IpWf9937KgAbWitQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtQJxsp8COcevCqEaGT2/i2TMJ8MB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx5UQ6jmh
SzqavTzAJK6zcg4oxOZxn0sHNmdB2glecgEOz5V+0Wv9Ndj3JwAeZJJzDmylZYN9
xWSEDLIyMEPmzH8fib/K3gBxh5zKVCpkieE4CT7/0TCKcINuZ6Ej8ZwwET2Tx2z0
CeWZ/tmH2MEu01S9lxuDJWIPoUA5bzsgDar1zZb2sYA8Yj3u0GQhjAkNZ8cW+oXN
Hqaxmiov6s7bb4ldsCYGs2EKyDhfIoP9c8AXsDRaiXtlL4REjk41G0qHecMoUIdx
MzWk+kZiOwA2/llDA+JvmsagxjL5cEnqW6crHfu9i11PdJ0hj/n92m6pArzevkPW
LfevpFdL//buow==
-----END CERTIFICATE-----