Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/030646-7bb4-484b-8f67-3b4f6a4be50d/1/F9LKgB4WduKghonur6RC87ZoWB0.mft
File:                     F9LKgB4WduKghonur6RC87ZoWB0.mft (raw, json)
Hash identifier:          nuuJx96XFNzpnmYTx+SivzeG25of1XwfSTZzqitZSIY=
Subject key identifier:   97:51:B8:C3:96:F5:FF:3B:9A:88:4F:77:0C:F0:6C:CD:4D:EB:99:CB
Authority key identifier: 17:D2:CA:80:1E:16:76:E2:A0:86:89:EE:AF:A4:42:F3:B6:68:58:1D
Certificate issuer:       /CN=17d2ca801e1676e2a08689eeafa442f3b668581d
Certificate serial:       019D390991AA7C0B28FDA0BE1FC48CD00DF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9LKgB4WduKghonur6RC87ZoWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/030646-7bb4-484b-8f67-3b4f6a4be50d/1/F9LKgB4WduKghonur6RC87ZoWB0.mft
Manifest number:          B3
Signing time:             Sun 29 Mar 2026 10:00:21 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:21 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:21 +0000
Files and hashes:         1: F9LKgB4WduKghonur6RC87ZoWB0.crl (hash: z7g+lvJsg3Ow26vA0qjJLdPInWkwkLC8w4gQbBXTMn4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/030646-7bb4-484b-8f67-3b4f6a4be50d/1/F9LKgB4WduKghonur6RC87ZoWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/030646-7bb4-484b-8f67-3b4f6a4be50d/1/F9LKgB4WduKghonur6RC87ZoWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F9LKgB4WduKghonur6RC87ZoWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:91:aa:7c:0b:28:fd:a0:be:1f:c4:8c:d0:0d:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d2ca801e1676e2a08689eeafa442f3b668581d
        Validity
            Not Before: Mar 29 10:00:21 2026 GMT
            Not After : Mar 30 10:00:21 2026 GMT
        Subject: CN=9751b8c396f5ff3b9a884f770cf06ccd4deb99cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c9:3b:83:d5:72:8f:d7:eb:0f:bc:d1:a9:2f:
                    17:cc:06:33:b2:9f:ff:13:d5:b4:78:3c:6e:c7:ba:
                    b4:b7:e9:85:ee:2c:1f:3e:59:17:65:f5:11:d3:f7:
                    7b:fb:c0:52:e0:fe:71:4b:30:68:49:32:3a:de:05:
                    cf:e9:f1:32:4c:18:cc:d4:8b:cb:de:0c:b5:6c:67:
                    43:98:b0:66:51:69:91:a2:bc:f1:80:5c:a2:01:da:
                    f2:69:23:c1:db:cc:4e:45:31:b9:73:29:43:7a:45:
                    da:8d:15:c0:15:e9:cc:b9:4e:5e:5a:49:76:66:f5:
                    8f:10:fb:11:d1:c5:d5:c6:d9:ba:d2:3c:58:e6:19:
                    81:a7:32:44:36:20:22:09:9f:dd:90:a0:59:cb:69:
                    25:da:8a:00:5b:66:3d:c6:15:4d:b9:8f:e9:a3:9d:
                    ce:08:c5:a8:9a:8e:5d:0d:22:f6:2a:97:0b:0e:11:
                    3f:e1:8e:21:08:4a:3f:ce:bf:ca:e9:6f:c6:e7:8b:
                    69:0b:33:76:0d:d7:a0:b1:f4:46:1a:f0:14:26:76:
                    be:9c:cc:2e:ec:ca:c4:1b:08:f0:54:cf:a3:56:d3:
                    87:50:87:63:e3:86:8a:dd:ec:25:92:64:42:73:c9:
                    cb:e9:57:d8:f0:59:98:c4:bf:33:6c:4a:73:eb:85:
                    dd:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:51:B8:C3:96:F5:FF:3B:9A:88:4F:77:0C:F0:6C:CD:4D:EB:99:CB
            X509v3 Authority Key Identifier:
                keyid:17:D2:CA:80:1E:16:76:E2:A0:86:89:EE:AF:A4:42:F3:B6:68:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9LKgB4WduKghonur6RC87ZoWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/030646-7bb4-484b-8f67-3b4f6a4be50d/1/F9LKgB4WduKghonur6RC87ZoWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/030646-7bb4-484b-8f67-3b4f6a4be50d/1/F9LKgB4WduKghonur6RC87ZoWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:b4:7c:98:d5:ac:ad:1a:6e:90:4a:c0:ca:0c:6f:33:cd:54:
         d6:32:7d:4f:02:07:c7:5c:ce:b8:a5:6b:cc:30:48:5a:d9:78:
         9e:c9:41:3a:81:5f:e4:b0:e4:ff:06:69:5c:05:97:e7:ed:d2:
         1e:9b:64:c6:b2:43:4f:67:b8:c4:54:e0:c7:7d:bb:af:b3:00:
         42:2c:78:aa:3d:f7:11:79:14:27:f2:8a:b0:5a:93:7e:7d:fa:
         2a:50:4a:ab:d6:3e:aa:d3:a2:47:f3:f9:14:a8:15:d9:8b:02:
         8c:20:3e:fb:77:a0:e4:9c:e2:dc:4f:04:c4:73:c4:91:71:85:
         ab:14:00:25:5c:84:28:be:7a:50:24:7c:32:96:47:db:31:f7:
         b9:55:45:e8:76:c8:1c:ba:56:0a:95:a8:ee:7d:ef:10:05:ec:
         0e:0e:34:66:08:a7:82:d8:28:82:2d:2b:86:ae:5f:c7:c8:c4:
         d1:25:ad:30:e7:d3:17:0b:f8:e2:de:e9:95:75:7c:d9:cb:5c:
         90:d4:a2:b2:16:f1:af:3c:6b:9b:8d:ff:3d:cb:50:ba:bc:38:
         5b:9a:84:1e:a7:6f:c5:0f:f1:36:ba:88:63:fc:59:30:2f:d6:
         92:cf:57:a5:15:ac:b5:1b:4b:30:7e:a0:40:0b:dd:b3:17:7a:
         81:7c:24:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CZGqfAso/aC+H8SM0A3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDJjYTgwMWUxNjc2ZTJhMDg2ODllZWFmYTQ0MmYzYjY2
ODU4MWQwHhcNMjYwMzI5MTAwMDIxWhcNMjYwMzMwMTAwMDIxWjAzMTEwLwYDVQQD
Eyg5NzUxYjhjMzk2ZjVmZjNiOWE4ODRmNzcwY2YwNmNjZDRkZWI5OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAock7g9Vyj9frD7zRqS8XzAYzsp//
E9W0eDxux7q0t+mF7iwfPlkXZfUR0/d7+8BS4P5xSzBoSTI63gXP6fEyTBjM1IvL
3gy1bGdDmLBmUWmRorzxgFyiAdryaSPB28xORTG5cylDekXajRXAFenMuU5eWkl2
ZvWPEPsR0cXVxtm60jxY5hmBpzJENiAiCZ/dkKBZy2kl2ooAW2Y9xhVNuY/po53O
CMWomo5dDSL2KpcLDhE/4Y4hCEo/zr/K6W/G54tpCzN2DdegsfRGGvAUJna+nMwu
7MrEGwjwVM+jVtOHUIdj44aK3ewlkmRCc8nL6VfY8FmYxL8zbEpz64XdowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdRuMOW9f87mohPdwzwbM1N65nLMB8GA1UdIwQY
MBaAFBfSyoAeFnbioIaJ7q+kQvO2aFgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlMS2dCNFdkdUtnaG9udXI2UkM4N1pvV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8wMzA2NDYtN2JiNC00ODRiLThmNjct
M2I0ZjZhNGJlNTBkLzEvRjlMS2dCNFdkdUtnaG9udXI2UkM4N1pvV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8wMzA2NDYtN2JiNC00ODRiLThmNjctM2I0ZjZhNGJlNTBk
LzEvRjlMS2dCNFdkdUtnaG9udXI2UkM4N1pvV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL7R8mNWs
rRpukErAygxvM81U1jJ9TwIHx1zOuKVrzDBIWtl4nslBOoFf5LDk/wZpXAWX5+3S
HptkxrJDT2e4xFTgx327r7MAQix4qj33EXkUJ/KKsFqTfn36KlBKq9Y+qtOiR/P5
FKgV2YsCjCA++3eg5Jzi3E8ExHPEkXGFqxQAJVyEKL56UCR8MpZH2zH3uVVF6HbI
HLpWCpWo7n3vEAXsDg40Zgingtgogi0rhq5fx8jE0SWtMOfTFwv44t7plXV82ctc
kNSishbxrzxrm43/PctQurw4W5qEHqdvxQ/xNrqIY/xZMC/Wks9XpRWstRtLMH6g
QAvdsxd6gXwkSA==
-----END CERTIFICATE-----