Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
File:                     goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json)
Hash identifier:          ZmKZBVJVPoxDs3DkuqODoKyztfRb+1GrpG9J1wWlCW0=
Subject key identifier:   F0:69:06:0E:1B:DA:21:7E:32:51:F1:A1:D6:A7:08:32:18:A4:89:BC
Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16
Certificate issuer:       /CN=82821e92cc2700761930398e2380c23aa4755f16
Certificate serial:       019D3865838A655C797D1E1D2C7735493259
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
Manifest number:          0944
Signing time:             Sun 29 Mar 2026 07:01:10 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:10 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:10 +0000
Files and hashes:         1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: R3QJFnjXfYjeOO1PuohCX1oJRX1E78PFRSdo06DPL2w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:83:8a:65:5c:79:7d:1e:1d:2c:77:35:49:32:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16
        Validity
            Not Before: Mar 29 07:01:10 2026 GMT
            Not After : Mar 30 07:01:10 2026 GMT
        Subject: CN=f069060e1bda217e3251f1a1d6a7083218a489bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:41:f2:b2:58:42:ef:93:7a:a6:e6:8b:95:3f:
                    e0:19:03:99:c6:74:1b:db:42:35:50:67:15:02:71:
                    d8:92:54:1a:09:ee:d7:2c:36:15:ce:96:ec:69:46:
                    7b:d0:4c:91:fe:8d:af:4b:9e:11:91:b5:4c:11:cb:
                    a3:fc:0f:8d:77:2b:9e:a5:2e:a2:a5:5f:20:66:5c:
                    40:ae:01:d8:96:f7:c6:8e:2a:e2:25:0c:b3:ef:10:
                    cc:5c:3f:26:4f:02:9d:fe:8c:af:57:c5:61:98:4f:
                    fe:62:db:aa:b8:55:50:67:ac:67:87:7f:7d:ee:d4:
                    cc:00:6e:a8:df:fe:b6:33:36:8e:0f:55:e1:d9:43:
                    98:52:1f:73:7b:a8:29:43:a0:28:d9:e6:42:85:97:
                    02:0b:de:9c:7c:81:f2:7b:c1:bd:da:de:ed:ed:86:
                    b4:37:bd:1d:da:8b:73:a5:b7:39:02:b3:c8:e2:2e:
                    ee:ea:43:0a:cc:37:0f:c9:67:b8:a7:1d:c7:52:b1:
                    d5:46:f3:8d:a2:fc:2c:f9:3f:ff:c8:29:a6:20:b8:
                    b5:70:d6:1b:9d:d9:e1:7a:a7:eb:45:00:7b:41:4a:
                    b5:1c:4d:eb:0e:7f:fd:a5:d8:d5:44:19:70:ed:97:
                    2a:20:ac:3a:97:c5:66:f0:0a:e8:2e:7c:d1:c7:8d:
                    ea:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:69:06:0E:1B:DA:21:7E:32:51:F1:A1:D6:A7:08:32:18:A4:89:BC
            X509v3 Authority Key Identifier:
                keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:44:1d:97:fb:7c:01:77:f8:aa:83:ef:50:0a:c8:67:b8:34:
         2d:89:6f:8a:ab:0f:e8:8d:48:18:f1:9b:4d:fd:9a:a5:04:9a:
         98:67:29:57:e0:21:76:c6:49:f7:67:b2:b5:6d:6e:f9:74:06:
         98:cb:be:d1:64:4b:33:14:69:71:6a:09:e3:aa:79:a3:f7:02:
         54:d7:38:2c:8e:12:e8:6b:e0:22:17:69:e7:68:a1:4b:ff:d7:
         6e:11:c6:f6:53:0e:ec:0d:ef:d9:c4:74:a9:e0:0e:78:e2:72:
         27:f1:e6:96:f1:5b:53:16:30:56:8f:03:f1:bc:ca:5a:e7:df:
         37:e7:54:01:d1:67:1b:e9:ff:6f:48:66:26:cb:df:1d:31:05:
         7a:38:25:9f:f9:68:7d:9e:bd:e0:7f:87:fe:68:82:9f:86:d3:
         5b:69:bc:41:2f:db:33:af:33:5e:0e:37:3c:19:83:b3:c1:f2:
         01:d2:fd:76:91:40:95:ff:8a:6a:f8:dc:1c:5a:9b:a1:d6:36:
         3e:46:75:d0:c5:8d:3b:94:3b:2d:f9:9a:5d:66:c3:bc:42:ba:
         e9:40:57:4f:61:a5:ed:29:42:7c:a0:56:62:ac:d6:a5:6b:a0:
         3b:a0:a2:f6:70:7b:0a:3e:b7:8f:64:c6:c4:71:2e:93:3b:50:
         ec:5b:f2:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYOKZVx5fR4dLHc1STJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3
NTVmMTYwHhcNMjYwMzI5MDcwMTEwWhcNMjYwMzMwMDcwMTEwWjAzMTEwLwYDVQQD
EyhmMDY5MDYwZTFiZGEyMTdlMzI1MWYxYTFkNmE3MDgzMjE4YTQ4OWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70HyslhC75N6puaLlT/gGQOZxnQb
20I1UGcVAnHYklQaCe7XLDYVzpbsaUZ70EyR/o2vS54RkbVMEcuj/A+NdyuepS6i
pV8gZlxArgHYlvfGjiriJQyz7xDMXD8mTwKd/oyvV8VhmE/+YtuquFVQZ6xnh399
7tTMAG6o3/62MzaOD1Xh2UOYUh9ze6gpQ6Ao2eZChZcCC96cfIHye8G92t7t7Ya0
N70d2otzpbc5ArPI4i7u6kMKzDcPyWe4px3HUrHVRvONovws+T//yCmmILi1cNYb
ndnheqfrRQB7QUq1HE3rDn/9pdjVRBlw7ZcqIKw6l8Vm8AroLnzRx43qbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPBpBg4b2iF+MlHxodanCDIYpIm8MB8GA1UdIwQY
MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt
MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx
LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIUQdl/t8
AXf4qoPvUArIZ7g0LYlviqsP6I1IGPGbTf2apQSamGcpV+AhdsZJ92eytW1u+XQG
mMu+0WRLMxRpcWoJ46p5o/cCVNc4LI4S6GvgIhdp52ihS//XbhHG9lMO7A3v2cR0
qeAOeOJyJ/HmlvFbUxYwVo8D8bzKWuffN+dUAdFnG+n/b0hmJsvfHTEFejgln/lo
fZ694H+H/miCn4bTW2m8QS/bM68zXg43PBmDs8HyAdL9dpFAlf+KavjcHFqbodY2
PkZ10MWNO5Q7LfmaXWbDvEK66UBXT2Gl7SlCfKBWYqzWpWugO6Ci9nB7Cj63j2TG
xHEukztQ7Fvymw==
-----END CERTIFICATE-----