Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          o9+D5NRDDuOcqGLJBrSxNVi2NH0yBfaCqYIsZ19Cnxk=
Subject key identifier:   1C:B6:34:E3:66:8A:71:0E:0F:28:D1:DC:E2:73:2F:4D:E0:A0:31:FF
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       019E3005711D124A17E1C0D4036FD5540B36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0FB9
Signing time:             Sat 16 May 2026 09:02:03 +0000
Manifest this update:     Sat 16 May 2026 09:02:03 +0000
Manifest next update:     Sun 17 May 2026 09:02:03 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: AyA4jdONcoroVZlAmz4DuMMJi6npWTokfI3mz2QVbjQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 09:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:05:71:1d:12:4a:17:e1:c0:d4:03:6f:d5:54:0b:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: May 16 09:02:03 2026 GMT
            Not After : May 17 09:02:03 2026 GMT
        Subject: CN=1cb634e3668a710e0f28d1dce2732f4de0a031ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:40:86:c6:9d:d0:d4:64:6d:65:fe:2a:94:b0:
                    00:13:5a:bc:5e:d7:4c:90:3e:dd:fe:1b:b3:ab:9d:
                    cc:f1:39:4d:57:91:80:16:bc:66:d6:bf:13:b1:be:
                    70:e3:58:70:a6:b0:df:4f:6d:d1:77:e1:2a:d4:e7:
                    33:ca:49:95:f5:0e:9a:02:3a:e6:55:26:c3:d8:c0:
                    39:a4:47:e0:89:a6:0a:55:e5:ba:de:03:ce:38:3b:
                    85:d7:67:6e:dc:cb:78:7a:78:34:33:ac:4f:44:3c:
                    77:fd:01:31:60:23:9b:06:d6:35:0b:14:35:4c:a5:
                    b2:4a:7e:01:41:df:01:dc:37:9e:43:5b:37:3a:5e:
                    33:eb:19:57:78:ad:9f:89:07:f8:17:2c:9e:7f:22:
                    14:d5:f4:76:e2:e9:5e:9b:0d:c0:77:82:31:dc:e1:
                    94:a6:6b:ec:6d:34:05:83:2b:35:1a:2e:5b:b8:0f:
                    b5:42:3e:67:c8:56:33:ca:aa:bb:20:74:f5:77:7c:
                    0c:2d:40:05:fc:6e:5b:48:23:eb:40:b8:b7:b9:b1:
                    0e:17:af:06:5c:b7:e0:27:a3:03:6f:04:ab:3a:a9:
                    07:0f:37:92:a3:81:a2:2f:5f:4f:39:ff:8b:ab:6a:
                    bc:87:1c:05:91:cc:6e:3b:8b:e2:08:3c:f8:7e:9e:
                    c0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:B6:34:E3:66:8A:71:0E:0F:28:D1:DC:E2:73:2F:4D:E0:A0:31:FF
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:4b:4b:c5:53:48:41:75:c0:b0:60:9b:04:da:8a:05:34:fc:
         c8:d8:4d:84:15:2f:41:4e:78:6b:f1:6e:c3:88:12:52:4b:00:
         76:82:f1:0f:71:5e:0d:97:39:95:a4:f9:cd:ec:c8:3a:d0:07:
         b4:0b:61:91:e1:fa:a1:b6:f2:0b:73:08:3a:09:02:f1:3f:aa:
         89:53:90:bd:fb:64:18:d4:b4:a7:16:1f:f5:7d:29:27:f7:43:
         38:9c:24:ed:5f:fc:b6:a1:82:15:e6:7d:a8:e8:0b:af:e5:7d:
         8b:2c:cb:1e:5c:da:06:47:05:c3:e7:dd:9e:06:53:3e:63:02:
         82:23:3e:72:b5:21:83:24:4e:c2:a5:0e:ba:3d:8f:22:39:97:
         de:d9:df:a6:f4:02:0b:bf:5d:22:17:d4:e4:36:74:bd:dc:7e:
         a1:ff:7c:70:85:7d:26:a4:76:2c:d2:69:53:49:9f:da:36:d6:
         b2:78:7a:58:46:d2:f7:ab:3a:6a:b8:e8:7a:5d:c9:31:c8:d7:
         93:f7:46:41:0c:bd:c8:60:77:8e:96:49:cb:4c:9b:21:77:32:
         e0:69:4a:db:99:4c:74:1d:38:46:4b:b1:13:4d:b1:fc:59:72:
         e7:4a:aa:43:4e:c2:1f:8a:2b:bb:f7:fa:2d:ce:e6:9a:67:11:
         9f:6c:58:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBXEdEkoX4cDUA2/VVAs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjYwNTE2MDkwMjAzWhcNMjYwNTE3MDkwMjAzWjAzMTEwLwYDVQQD
EygxY2I2MzRlMzY2OGE3MTBlMGYyOGQxZGNlMjczMmY0ZGUwYTAzMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECGxp3Q1GRtZf4qlLAAE1q8XtdM
kD7d/huzq53M8TlNV5GAFrxm1r8Tsb5w41hwprDfT23Rd+Eq1OczykmV9Q6aAjrm
VSbD2MA5pEfgiaYKVeW63gPOODuF12du3Mt4eng0M6xPRDx3/QExYCObBtY1CxQ1
TKWySn4BQd8B3DeeQ1s3Ol4z6xlXeK2fiQf4FyyefyIU1fR24ulemw3Ad4Ix3OGU
pmvsbTQFgys1Gi5buA+1Qj5nyFYzyqq7IHT1d3wMLUAF/G5bSCPrQLi3ubEOF68G
XLfgJ6MDbwSrOqkHDzeSo4GiL19POf+Lq2q8hxwFkcxuO4viCDz4fp7AHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBy2NONminEODyjR3OJzL03goDH/MB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW0tLxVNI
QXXAsGCbBNqKBTT8yNhNhBUvQU54a/Fuw4gSUksAdoLxD3FeDZc5laT5zezIOtAH
tAthkeH6obbyC3MIOgkC8T+qiVOQvftkGNS0pxYf9X0pJ/dDOJwk7V/8tqGCFeZ9
qOgLr+V9iyzLHlzaBkcFw+fdngZTPmMCgiM+crUhgyROwqUOuj2PIjmX3tnfpvQC
C79dIhfU5DZ0vdx+of98cIV9JqR2LNJpU0mf2jbWsnh6WEbS96s6arjoel3JMcjX
k/dGQQy9yGB3jpZJy0ybIXcy4GlK25lMdB04RkuxE02x/Fly50qqQ07CH4oru/f6
Lc7mmmcRn2xYeA==
-----END CERTIFICATE-----