Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
File:                     iqR9CPyFIT30_aLPlWG45ovCc9w.mft (raw, json)
Hash identifier:          RuUjbmVntXDMxF1CvRIQxusvWQ6JxMSMsQ5r5BYQBhM=
Subject key identifier:   FE:CC:C7:75:DC:6E:3C:16:57:25:26:67:9F:94:73:D9:D0:19:42:8F
Authority key identifier: 8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC
Certificate issuer:       /CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
Certificate serial:       019D389C5456DD8A648DD9CF366872B97CD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
Manifest number:          0D1F
Signing time:             Sun 29 Mar 2026 08:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 08:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 08:01:02 +0000
Files and hashes:         1: iqR9CPyFIT30_aLPlWG45ovCc9w.crl (hash: ZaiLVJi43qWo1KifJAheByyi2hwf8WMW6ZQZRwsYq08=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9c:54:56:dd:8a:64:8d:d9:cf:36:68:72:b9:7c:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
        Validity
            Not Before: Mar 29 08:01:02 2026 GMT
            Not After : Mar 30 08:01:02 2026 GMT
        Subject: CN=feccc775dc6e3c16572526679f9473d9d019428f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:15:ae:8a:c5:52:a7:08:82:9a:69:85:17:1e:
                    c8:d5:0c:9e:c7:4d:84:b0:37:a3:33:17:6e:27:4b:
                    05:35:d6:54:4d:9b:28:e6:0c:ef:22:be:ed:43:d8:
                    86:62:9c:4f:2e:64:4d:9a:fa:92:c6:aa:e8:18:79:
                    bf:6e:b6:f0:88:30:8a:19:28:e1:db:76:92:da:ac:
                    e6:70:79:2d:22:9f:54:6f:9a:1a:00:21:c1:ee:1e:
                    0f:6e:37:32:80:df:68:6c:c7:67:68:e1:b2:6c:0b:
                    f8:d6:58:a2:ed:04:c7:0a:e4:9a:fc:d1:29:66:fe:
                    70:08:b9:df:df:f5:31:ac:0a:0f:66:08:d2:8d:cb:
                    6e:3e:f8:13:ca:22:8f:a9:f3:e1:28:62:3c:55:9d:
                    06:34:ea:b1:71:6f:f8:fe:27:a4:87:81:6f:ce:29:
                    d8:8a:d2:7b:5e:e6:76:67:d2:2d:c4:ed:ab:9e:73:
                    d8:82:8e:0f:af:11:ec:28:04:fc:39:53:f8:b1:19:
                    64:f4:8b:02:ce:19:15:29:36:f2:39:4a:cd:7a:77:
                    4e:4f:ab:ed:2b:c5:21:7c:b8:da:6b:be:c5:e0:f0:
                    c0:7f:5e:dd:d3:63:09:ef:6d:eb:fe:34:7e:fe:3d:
                    da:53:d0:ea:af:d3:0a:03:a9:5d:de:b3:31:0b:67:
                    98:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:CC:C7:75:DC:6E:3C:16:57:25:26:67:9F:94:73:D9:D0:19:42:8F
            X509v3 Authority Key Identifier:
                keyid:8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:3d:61:87:84:f6:d8:7d:74:48:dd:40:9f:7d:6c:e0:9c:09:
         e2:f9:1d:de:7a:ec:ee:35:82:1c:0e:38:06:2d:50:96:88:4e:
         4c:8b:8a:22:fb:b7:87:92:03:e8:8f:8a:89:84:93:82:4a:f7:
         53:60:59:3f:d5:1b:9c:72:33:1f:68:1a:1f:8b:d1:df:05:9e:
         3a:35:64:d6:9b:d0:ce:26:56:1f:f7:af:c8:d6:c7:43:67:12:
         70:ae:f2:d2:97:71:60:a7:f5:73:42:a2:38:bb:0d:5e:cc:c1:
         77:00:7b:31:d1:cc:6e:55:8e:f2:86:40:30:d8:e5:14:e1:5a:
         1d:0c:80:50:89:0f:b8:74:da:bb:6b:41:1d:a6:da:c1:06:2c:
         17:93:d1:d9:84:d2:3c:52:6a:51:07:26:9b:c2:2c:cb:96:24:
         8f:99:fe:e1:98:8d:af:61:31:e9:3c:c0:a4:ba:bb:27:39:18:
         2d:c2:20:24:d7:43:d6:65:bb:e0:33:52:c1:d5:95:52:02:37:
         3b:81:10:b8:b5:f9:4e:77:df:52:c6:ab:d9:ba:3b:58:eb:6b:
         68:00:15:1d:9f:7d:bf:58:21:5c:b6:2f:98:23:f0:bc:02:06:
         08:5b:2a:f7:cb:64:16:fa:2c:92:f0:c2:05:0d:d0:0d:0c:23:
         34:b5:ec:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nFRW3YpkjdnPNmhyuXzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTQ3ZDA4ZmM4NTIxM2RmNGZkYTJjZjk1NjFiOGU2OGJj
MjczZGMwHhcNMjYwMzI5MDgwMTAyWhcNMjYwMzMwMDgwMTAyWjAzMTEwLwYDVQQD
EyhmZWNjYzc3NWRjNmUzYzE2NTcyNTI2Njc5Zjk0NzNkOWQwMTk0MjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRWuisVSpwiCmmmFFx7I1Qyex02E
sDejMxduJ0sFNdZUTZso5gzvIr7tQ9iGYpxPLmRNmvqSxqroGHm/brbwiDCKGSjh
23aS2qzmcHktIp9Ub5oaACHB7h4PbjcygN9obMdnaOGybAv41lii7QTHCuSa/NEp
Zv5wCLnf3/UxrAoPZgjSjctuPvgTyiKPqfPhKGI8VZ0GNOqxcW/4/iekh4FvzinY
itJ7XuZ2Z9ItxO2rnnPYgo4PrxHsKAT8OVP4sRlk9IsCzhkVKTbyOUrNendOT6vt
K8UhfLjaa77F4PDAf17d02MJ723r/jR+/j3aU9Dqr9MKA6ld3rMxC2eYxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7Mx3XcbjwWVyUmZ5+Uc9nQGUKPMB8GA1UdIwQY
MBaAFIqkfQj8hSE99P2iz5VhuOaLwnPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGIt
ZTZiMWU5ODZmOTVmLzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGItZTZiMWU5ODZmOTVm
LzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAT1hh4T2
2H10SN1An31s4JwJ4vkd3nrs7jWCHA44Bi1QlohOTIuKIvu3h5ID6I+KiYSTgkr3
U2BZP9UbnHIzH2gaH4vR3wWeOjVk1pvQziZWH/evyNbHQ2cScK7y0pdxYKf1c0Ki
OLsNXszBdwB7MdHMblWO8oZAMNjlFOFaHQyAUIkPuHTau2tBHabawQYsF5PR2YTS
PFJqUQcmm8Isy5Ykj5n+4ZiNr2Ex6TzApLq7JzkYLcIgJNdD1mW74DNSwdWVUgI3
O4EQuLX5TnffUsar2bo7WOtraAAVHZ99v1ghXLYvmCPwvAIGCFsq98tkFvoskvDC
BQ3QDQwjNLXs0A==
-----END CERTIFICATE-----