Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          yWdMGEhRBaardqtn8ru30DnirqU1fLxonD8Kzjs55VU=
Subject key identifier:   67:43:86:E4:3D:8B:F7:9C:C7:33:87:67:7B:64:54:42:B3:A7:E0:CA
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       019D3865E574030DD81F54EB2127AE2C0D57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          0C54
Signing time:             Sun 29 Mar 2026 07:01:34 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:34 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:34 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: 2eqkimYnAIF/YbLtklA3EeDEOocgBcmXA0Gm5OTBDj8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:e5:74:03:0d:d8:1f:54:eb:21:27:ae:2c:0d:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Mar 29 07:01:34 2026 GMT
            Not After : Mar 30 07:01:34 2026 GMT
        Subject: CN=674386e43d8bf79cc73387677b645442b3a7e0ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:33:28:90:82:5b:27:11:8f:ac:a2:ec:c1:ae:
                    8e:29:4f:11:96:ff:0d:a7:42:85:57:04:ca:cf:46:
                    a2:10:14:f7:11:ca:9d:64:86:ce:1c:61:cf:ae:9c:
                    82:5b:0a:1b:61:49:51:00:1d:bd:68:54:db:14:54:
                    49:c1:5a:d5:03:74:72:98:a5:ee:61:98:c1:ca:ab:
                    ef:f9:78:7c:62:5d:0e:86:7b:bc:f4:44:df:63:50:
                    ea:90:ea:3c:15:2a:61:39:e6:ce:11:f5:cb:0d:3e:
                    da:db:c0:1e:cd:e6:b0:e0:bb:14:b9:b1:eb:c8:9f:
                    63:32:5a:9b:30:41:ce:f8:a9:9d:b2:d4:e7:58:51:
                    73:7f:09:f0:bc:79:fd:45:a3:e5:a5:41:2e:78:c7:
                    27:a5:7c:90:a7:b4:22:61:87:88:0e:e7:71:e5:15:
                    e4:b8:2b:ac:d2:5f:29:6a:db:1a:d4:70:e6:ee:6b:
                    ed:df:64:c5:38:dd:00:8a:04:a1:d0:1a:80:f3:d2:
                    3d:6a:c2:1b:c3:bd:d1:c8:9f:ae:4c:69:c5:46:27:
                    bd:ed:ff:e1:15:17:f9:e6:1a:32:68:eb:00:ae:72:
                    5f:70:8c:f3:85:3a:f5:12:6d:0d:f4:87:b3:cf:f0:
                    a6:29:d3:21:4c:9e:cf:fb:1f:61:db:b3:ed:97:e7:
                    bc:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:43:86:E4:3D:8B:F7:9C:C7:33:87:67:7B:64:54:42:B3:A7:E0:CA
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:45:2d:d4:45:a8:c3:af:8c:d4:36:9f:70:2c:5c:60:5f:f0:
         81:2b:05:5b:18:8b:b2:c7:83:5c:c1:e5:94:8f:9e:a2:be:46:
         3e:36:65:07:b8:c2:ff:e8:00:51:1d:a2:ae:5b:8a:46:8d:b6:
         99:b6:03:d2:88:b4:bf:fc:fc:f9:4d:d3:fd:77:1b:86:b9:53:
         ad:48:99:db:05:93:6c:7d:91:3c:e5:1f:5d:89:66:3f:fc:2a:
         93:6e:26:49:7f:02:be:93:bb:5c:17:ef:49:3b:7c:64:d7:e6:
         b9:1e:67:75:9b:93:70:5b:05:4b:42:d4:72:07:ae:1f:2d:c8:
         f7:33:9b:4e:07:86:2f:4c:2c:ab:cc:c8:dd:a6:50:7b:5f:4f:
         8a:91:68:58:4e:d1:1f:0e:4d:9b:3e:cd:e3:07:32:30:bf:8f:
         15:13:05:77:4f:4d:d1:2f:b6:d0:38:ee:9e:1d:f3:ab:82:df:
         1c:04:ae:4b:c9:8f:21:7e:ce:c9:7d:1d:e4:b5:2b:71:9f:d8:
         73:78:5f:55:0c:c3:e5:79:a3:d1:10:30:e1:34:cd:3b:56:65:
         96:2d:ed:7d:10:7a:bd:6f:d6:d2:c4:5a:e4:3e:75:a2:43:73:
         c9:b5:4b:0d:ca:05:e0:a4:1c:1d:b4:73:af:24:6a:49:17:a1:
         3d:e8:da:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZeV0Aw3YH1TrISeuLA1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjYwMzI5MDcwMTM0WhcNMjYwMzMwMDcwMTM0WjAzMTEwLwYDVQQD
Eyg2NzQzODZlNDNkOGJmNzljYzczMzg3Njc3YjY0NTQ0MmIzYTdlMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzMokIJbJxGPrKLswa6OKU8Rlv8N
p0KFVwTKz0aiEBT3EcqdZIbOHGHPrpyCWwobYUlRAB29aFTbFFRJwVrVA3RymKXu
YZjByqvv+Xh8Yl0Ohnu89ETfY1DqkOo8FSphOebOEfXLDT7a28Aezeaw4LsUubHr
yJ9jMlqbMEHO+KmdstTnWFFzfwnwvHn9RaPlpUEueMcnpXyQp7QiYYeIDudx5RXk
uCus0l8patsa1HDm7mvt32TFON0AigSh0BqA89I9asIbw73RyJ+uTGnFRie97f/h
FRf55hoyaOsArnJfcIzzhTr1Em0N9Iezz/CmKdMhTJ7P+x9h27Ptl+e8iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdDhuQ9i/ecxzOHZ3tkVEKzp+DKMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi0Ut1EWo
w6+M1DafcCxcYF/wgSsFWxiLsseDXMHllI+eor5GPjZlB7jC/+gAUR2irluKRo22
mbYD0oi0v/z8+U3T/XcbhrlTrUiZ2wWTbH2RPOUfXYlmP/wqk24mSX8CvpO7XBfv
STt8ZNfmuR5ndZuTcFsFS0LUcgeuHy3I9zObTgeGL0wsq8zI3aZQe19PipFoWE7R
Hw5Nmz7N4wcyML+PFRMFd09N0S+20Djunh3zq4LfHASuS8mPIX7OyX0d5LUrcZ/Y
c3hfVQzD5Xmj0RAw4TTNO1Zlli3tfRB6vW/W0sRa5D51okNzybVLDcoF4KQcHbRz
ryRqSRehPejauw==
-----END CERTIFICATE-----