Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          KeKYzOpHP7xR2PX/3FJknQoaUfeNGnCoKDs2lzNUfUg=
Subject key identifier:   F8:08:FC:0F:03:89:1A:06:E7:B7:77:28:7F:DC:69:FF:C0:6F:BD:CE
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019E31858C0434C3E5E460A4A45FCB8526EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          08FA
Signing time:             Sat 16 May 2026 16:01:36 +0000
Manifest this update:     Sat 16 May 2026 16:01:36 +0000
Manifest next update:     Sun 17 May 2026 16:01:36 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: SO74SvQcTVvvEdsqeuRHg+0+rq7gjd0mzvNbqrdPAxU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:85:8c:04:34:c3:e5:e4:60:a4:a4:5f:cb:85:26:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: May 16 16:01:36 2026 GMT
            Not After : May 17 16:01:36 2026 GMT
        Subject: CN=f808fc0f03891a06e7b777287fdc69ffc06fbdce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:41:4d:99:3b:84:cf:62:ab:5c:7c:1a:3c:aa:
                    5d:46:b6:d4:5e:2b:b0:86:b0:76:0c:fe:62:c0:7e:
                    53:b1:c6:a0:7b:f8:9a:21:5c:ea:22:37:72:bd:43:
                    a4:01:e4:88:42:f7:7b:e5:bf:32:7a:69:49:c1:ff:
                    b4:f1:ad:35:11:9e:27:fe:bf:9f:e6:80:33:05:05:
                    04:ce:2b:9d:ed:92:ad:93:1c:c3:5b:3b:c5:db:6c:
                    f6:ed:6d:b6:1f:c6:49:c6:ba:e0:a0:91:6d:98:39:
                    ac:73:71:46:c1:fc:4b:aa:17:36:1d:35:db:f9:70:
                    43:70:5e:f8:02:8c:1b:b4:4d:d5:c7:12:c4:58:19:
                    16:73:61:3b:12:fb:85:65:01:04:8b:20:60:23:79:
                    bd:4b:92:ba:7c:8a:3d:12:cf:39:12:fa:44:a9:92:
                    ea:4d:81:15:1f:01:86:8b:49:c3:ae:fe:97:32:b8:
                    7d:8b:83:b6:23:8c:8a:01:40:b7:83:e6:f4:7d:22:
                    8f:fb:6f:a5:80:ad:d9:87:67:fa:08:65:97:2e:e4:
                    d3:e3:cb:4b:ed:d2:e0:f4:39:21:4d:ac:2d:fc:03:
                    55:4f:6b:9b:04:8e:59:d1:c2:a1:15:4e:06:2f:23:
                    cd:3c:a4:0f:f7:f1:68:ad:7e:31:ce:4c:31:b2:91:
                    a0:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:08:FC:0F:03:89:1A:06:E7:B7:77:28:7F:DC:69:FF:C0:6F:BD:CE
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:e3:5e:92:49:ae:5c:24:62:f4:52:f3:29:c8:c9:88:97:49:
         57:6b:42:c0:ac:51:7f:42:36:7f:1a:f9:d8:4e:f6:a4:d0:22:
         42:27:8c:76:71:67:6d:9d:fd:b8:8f:c0:e6:49:7f:5e:b4:1b:
         62:b9:7d:1b:d9:00:79:73:00:b4:61:41:50:c7:8f:3b:08:aa:
         64:b0:e1:80:88:76:22:0e:0c:11:e1:3f:5d:2c:41:60:a0:fd:
         ed:6a:61:92:43:e1:c7:ab:e8:6f:42:80:1b:dc:b8:0b:01:8c:
         05:18:7b:73:2e:be:92:0f:22:a0:cf:d7:66:89:6c:bc:76:f1:
         b4:c6:63:3a:3e:ac:ef:96:27:12:31:21:c7:55:97:1a:12:b1:
         6b:cd:1c:5a:3e:53:b4:1e:f6:54:44:3f:08:91:e4:27:ab:26:
         4c:03:8f:33:0b:90:cd:0e:e7:08:ce:c1:ce:8c:e9:45:6b:39:
         4d:c9:bc:4e:27:c9:24:bc:f8:d4:c8:b0:b0:7e:26:a4:d2:8b:
         f4:74:59:79:00:ec:fb:11:1a:8d:2c:92:96:fe:ee:d4:c1:ab:
         e9:cb:bc:a8:d2:a8:e8:11:3b:80:e0:70:0f:2a:58:61:d8:b4:
         c8:09:46:7c:bd:6b:49:2c:75:1c:f3:86:16:f7:30:62:19:ed:
         31:75:dc:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xhYwENMPl5GCkpF/LhSbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjYwNTE2MTYwMTM2WhcNMjYwNTE3MTYwMTM2WjAzMTEwLwYDVQQD
EyhmODA4ZmMwZjAzODkxYTA2ZTdiNzc3Mjg3ZmRjNjlmZmMwNmZiZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0FNmTuEz2KrXHwaPKpdRrbUXiuw
hrB2DP5iwH5Tscage/iaIVzqIjdyvUOkAeSIQvd75b8yemlJwf+08a01EZ4n/r+f
5oAzBQUEziud7ZKtkxzDWzvF22z27W22H8ZJxrrgoJFtmDmsc3FGwfxLqhc2HTXb
+XBDcF74AowbtE3VxxLEWBkWc2E7EvuFZQEEiyBgI3m9S5K6fIo9Es85EvpEqZLq
TYEVHwGGi0nDrv6XMrh9i4O2I4yKAUC3g+b0fSKP+2+lgK3Zh2f6CGWXLuTT48tL
7dLg9DkhTawt/ANVT2ubBI5Z0cKhFU4GLyPNPKQP9/ForX4xzkwxspGgywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPgI/A8DiRoG57d3KH/caf/Ab73OMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASuNekkmu
XCRi9FLzKcjJiJdJV2tCwKxRf0I2fxr52E72pNAiQieMdnFnbZ39uI/A5kl/XrQb
Yrl9G9kAeXMAtGFBUMePOwiqZLDhgIh2Ig4MEeE/XSxBYKD97WphkkPhx6vob0KA
G9y4CwGMBRh7cy6+kg8ioM/XZolsvHbxtMZjOj6s75YnEjEhx1WXGhKxa80cWj5T
tB72VEQ/CJHkJ6smTAOPMwuQzQ7nCM7BzozpRWs5Tcm8TifJJLz41MiwsH4mpNKL
9HRZeQDs+xEajSySlv7u1MGr6cu8qNKo6BE7gOBwDypYYdi0yAlGfL1rSSx1HPOG
FvcwYhntMXXcHw==
-----END CERTIFICATE-----