Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          IKfvI44BT6g7/NvKAlQps6JYynLo57offR3yOQ7ntSY=
Subject key identifier:   26:92:14:DA:A4:C4:C7:6D:C4:62:18:03:BD:59:A3:23:74:32:7B:C0
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       019D39778FB7FC076AE828CACFE8B769B469
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          08BC
Signing time:             Sun 29 Mar 2026 12:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 12:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 12:00:29 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: oxFyvyAJL5BSk8VHUtAdhFDDo2vew/HyDgDrSFH6xD8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:77:8f:b7:fc:07:6a:e8:28:ca:cf:e8:b7:69:b4:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Mar 29 12:00:29 2026 GMT
            Not After : Mar 30 12:00:29 2026 GMT
        Subject: CN=269214daa4c4c76dc4621803bd59a32374327bc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e2:29:7c:f6:82:7d:8d:c9:90:5e:4c:82:c9:
                    ce:fc:22:29:98:85:7e:00:82:a8:3f:db:e8:3b:6d:
                    7d:5d:56:12:b4:31:56:c8:0d:fa:6a:d9:8a:de:bf:
                    a1:dc:39:78:75:3e:dd:82:2d:9d:45:ce:af:e4:e3:
                    c3:10:61:e4:d0:0f:06:13:a9:00:68:c2:f6:f8:e1:
                    9c:45:b8:f4:85:4b:da:f1:44:2d:9f:93:6c:b1:d7:
                    81:20:7f:31:9c:94:c3:52:26:13:ad:e6:3a:d5:1d:
                    d2:a5:cd:6a:58:3d:15:3b:d1:3c:46:cb:82:ca:67:
                    38:5d:b2:5c:49:09:ac:59:58:17:ea:47:d3:69:5b:
                    66:b8:7a:c0:6a:e9:c4:7a:b3:1b:79:28:3c:d1:84:
                    6a:1e:71:0e:4b:d0:72:66:88:94:a7:70:a0:7b:4f:
                    88:c5:5a:6e:05:c9:0d:91:a7:03:9a:d0:ab:44:00:
                    28:8e:63:3c:82:87:ac:f7:92:43:62:c0:bb:ed:f3:
                    b5:7a:1c:d3:5c:37:e2:b1:ce:d6:f2:0d:8a:99:36:
                    18:05:96:0f:6f:8d:61:9e:11:ab:46:af:e7:16:59:
                    4a:b0:aa:91:4e:fd:aa:ab:0a:be:e8:52:e0:9d:8e:
                    e6:2a:57:38:b3:c5:02:11:9d:4c:48:d4:5a:d8:54:
                    b7:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:92:14:DA:A4:C4:C7:6D:C4:62:18:03:BD:59:A3:23:74:32:7B:C0
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:08:c5:93:b1:57:36:18:dd:ee:fd:a5:49:6f:80:58:58:69:
         4b:e6:8c:8d:4c:3d:18:b5:3b:43:47:4f:0f:5d:9c:e0:b7:be:
         25:d0:94:d7:f5:6c:4a:e7:1a:3e:0a:fb:19:5f:8d:a8:29:18:
         ce:0b:41:1f:db:ed:e8:dd:5b:9f:3b:5c:f1:82:21:e6:10:d1:
         bd:f9:ab:e1:ad:cd:70:04:78:00:6f:e9:df:8d:91:10:fc:f6:
         e6:81:b6:42:a5:6d:12:dc:2f:3d:99:5d:07:2c:87:69:98:51:
         b1:2a:15:e5:0f:3f:20:0f:e8:35:7f:95:22:48:39:1c:1c:10:
         2f:67:7a:25:97:f8:af:94:2e:68:04:e5:30:30:3f:25:f1:53:
         b5:1d:6b:d7:38:15:f9:9d:44:f0:c8:c5:db:94:57:a8:27:07:
         e5:12:dd:42:80:2e:b4:38:7c:54:02:5c:fe:13:77:9c:d4:b1:
         92:2d:2d:be:25:e4:fd:12:72:4e:8f:97:7c:91:15:a8:28:27:
         44:f9:f0:7a:a2:86:27:68:b3:fd:52:64:57:43:34:a0:46:65:
         d4:8a:66:61:9f:59:f5:c5:b5:7b:77:1d:89:89:04:8a:d5:c4:
         70:66:b3:32:b6:63:f1:48:f7:99:41:16:c9:9e:c0:9b:f9:e1:
         9f:c7:44:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d4+3/Adq6CjKz+i3abRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjYwMzI5MTIwMDI5WhcNMjYwMzMwMTIwMDI5WjAzMTEwLwYDVQQD
EygyNjkyMTRkYWE0YzRjNzZkYzQ2MjE4MDNiZDU5YTMyMzc0MzI3YmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOIpfPaCfY3JkF5MgsnO/CIpmIV+
AIKoP9voO219XVYStDFWyA36atmK3r+h3Dl4dT7dgi2dRc6v5OPDEGHk0A8GE6kA
aML2+OGcRbj0hUva8UQtn5NssdeBIH8xnJTDUiYTreY61R3Spc1qWD0VO9E8RsuC
ymc4XbJcSQmsWVgX6kfTaVtmuHrAaunEerMbeSg80YRqHnEOS9ByZoiUp3Cge0+I
xVpuBckNkacDmtCrRAAojmM8goes95JDYsC77fO1ehzTXDfisc7W8g2KmTYYBZYP
b41hnhGrRq/nFllKsKqRTv2qqwq+6FLgnY7mKlc4s8UCEZ1MSNRa2FS3GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCaSFNqkxMdtxGIYA71ZoyN0MnvAMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADgjFk7FX
Nhjd7v2lSW+AWFhpS+aMjUw9GLU7Q0dPD12c4Le+JdCU1/VsSucaPgr7GV+NqCkY
zgtBH9vt6N1bnztc8YIh5hDRvfmr4a3NcAR4AG/p342REPz25oG2QqVtEtwvPZld
ByyHaZhRsSoV5Q8/IA/oNX+VIkg5HBwQL2d6JZf4r5QuaATlMDA/JfFTtR1r1zgV
+Z1E8MjF25RXqCcH5RLdQoAutDh8VAJc/hN3nNSxki0tviXk/RJyTo+XfJEVqCgn
RPnweqKGJ2iz/VJkV0M0oEZl1IpmYZ9Z9cW1e3cdiYkEitXEcGazMrZj8Uj3mUEW
yZ7Am/nhn8dEbA==
-----END CERTIFICATE-----