Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft
File:                     8VzG8-5-0llTHW0Izp4JNztxYGI.mft (raw, json)
Hash identifier:          p2rHhRjJaa3+aZH27k8hEqRZhz1wtGaKBafLM/mawu4=
Subject key identifier:   D0:70:0A:B4:32:92:32:2A:4E:94:B2:7A:D8:5C:0D:66:5A:B3:D4:60
Authority key identifier: F1:5C:C6:F3:EE:7E:D2:59:53:1D:6D:08:CE:9E:09:37:3B:71:60:62
Certificate issuer:       /CN=f15cc6f3ee7ed259531d6d08ce9e09373b716062
Certificate serial:       019D3909D94F20CF97BBCC0B3482ACA491DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft
Manifest number:          062C
Signing time:             Sun 29 Mar 2026 10:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:39 +0000
Files and hashes:         1: 8VzG8-5-0llTHW0Izp4JNztxYGI.crl (hash: yb324CgFrXGsc3ZT8tQkKvm6ZYIbJNzV9ivrtu1dMR0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:d9:4f:20:cf:97:bb:cc:0b:34:82:ac:a4:91:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f15cc6f3ee7ed259531d6d08ce9e09373b716062
        Validity
            Not Before: Mar 29 10:00:39 2026 GMT
            Not After : Mar 30 10:00:39 2026 GMT
        Subject: CN=d0700ab43292322a4e94b27ad85c0d665ab3d460
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a3:03:2a:c7:73:3d:9e:a5:5d:f5:bd:45:da:
                    e0:cc:c9:cd:d6:69:5e:e7:ad:2c:45:e3:a8:a5:29:
                    db:27:8c:11:18:15:a0:e7:2b:47:75:a4:78:d7:1f:
                    47:31:79:97:b6:23:19:5d:26:12:bd:ab:71:19:a6:
                    98:78:c7:f5:0e:e6:76:58:f8:04:d2:f8:42:ee:d9:
                    07:56:bb:c6:19:32:bc:fc:6f:01:08:b1:40:d1:60:
                    fe:42:3b:bc:b7:2f:4a:fb:c2:0b:bf:8e:3e:a9:07:
                    68:4a:09:03:0e:4e:34:2b:92:d2:6b:37:f0:83:fc:
                    e5:68:f2:ff:d8:8c:52:b0:49:bc:84:cb:a3:0f:d5:
                    23:dd:42:29:22:1a:43:39:07:8f:77:cc:07:a6:05:
                    2c:e9:77:27:f9:3a:10:a8:9e:37:ca:b0:a6:e8:f8:
                    d6:74:ea:dd:c9:32:03:34:46:86:45:ee:0b:6b:36:
                    82:13:37:56:fa:b2:87:47:f4:92:78:4f:70:dc:97:
                    cf:46:0a:10:8e:a3:4d:e4:0e:c9:6e:db:7e:87:eb:
                    3d:f0:f0:92:38:e3:13:27:68:2e:24:bb:8d:d3:41:
                    86:73:3e:c1:c6:eb:44:82:61:2b:93:63:0a:4b:dd:
                    88:ff:70:87:65:20:b6:6f:4e:a0:a5:7b:41:42:d9:
                    c6:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:70:0A:B4:32:92:32:2A:4E:94:B2:7A:D8:5C:0D:66:5A:B3:D4:60
            X509v3 Authority Key Identifier:
                keyid:F1:5C:C6:F3:EE:7E:D2:59:53:1D:6D:08:CE:9E:09:37:3B:71:60:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8VzG8-5-0llTHW0Izp4JNztxYGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/87e9b7-ead4-4b5b-bc88-691ee41a6014/1/8VzG8-5-0llTHW0Izp4JNztxYGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:d2:a1:da:ec:59:dc:0f:f7:8c:4a:a2:52:5f:7d:2f:3b:91:
         68:37:1e:6d:28:cd:b8:f4:4b:88:92:73:d4:74:68:49:31:5c:
         10:ea:31:e2:8f:ff:7d:df:8d:d7:4a:1c:9f:2a:98:5d:4f:94:
         21:a2:21:05:a0:45:49:ca:17:c5:f3:e7:8c:a1:0d:1b:5b:e8:
         45:8f:84:25:f0:33:23:45:cb:3d:08:bc:65:0c:33:99:78:32:
         0f:b3:04:f5:68:83:a3:7b:ae:04:b4:8a:06:8e:88:2b:2a:2e:
         56:c5:57:a4:52:21:e3:00:dc:11:23:70:e1:b5:96:75:a5:59:
         d2:93:77:8b:8c:f0:99:90:e5:03:23:fc:b1:8f:b0:69:17:ae:
         58:a8:92:73:a0:6c:40:06:32:11:d9:7f:76:f0:60:ef:01:f3:
         d0:f2:b7:08:5e:62:8a:d9:a8:57:7f:9c:35:a5:56:24:f3:52:
         35:4c:2b:08:5a:d7:f8:5b:5c:3f:c3:0a:88:8d:fe:d2:10:9c:
         a1:a7:44:36:ee:e5:cf:99:fe:8e:26:47:93:5d:dc:ab:50:4f:
         ef:fe:e6:35:5f:ff:bb:b7:86:81:d1:fc:c6:9a:1a:0b:d4:22:
         a3:73:df:d1:be:4a:12:53:c8:2a:36:9f:5d:d8:64:fe:aa:c1:
         a3:c0:17:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CdlPIM+Xu8wLNIKspJHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNWNjNmYzZWU3ZWQyNTk1MzFkNmQwOGNlOWUwOTM3M2I3
MTYwNjIwHhcNMjYwMzI5MTAwMDM5WhcNMjYwMzMwMTAwMDM5WjAzMTEwLwYDVQQD
EyhkMDcwMGFiNDMyOTIzMjJhNGU5NGIyN2FkODVjMGQ2NjVhYjNkNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKMDKsdzPZ6lXfW9RdrgzMnN1mle
560sReOopSnbJ4wRGBWg5ytHdaR41x9HMXmXtiMZXSYSvatxGaaYeMf1DuZ2WPgE
0vhC7tkHVrvGGTK8/G8BCLFA0WD+Qju8ty9K+8ILv44+qQdoSgkDDk40K5LSazfw
g/zlaPL/2IxSsEm8hMujD9Uj3UIpIhpDOQePd8wHpgUs6Xcn+ToQqJ43yrCm6PjW
dOrdyTIDNEaGRe4LazaCEzdW+rKHR/SSeE9w3JfPRgoQjqNN5A7Jbtt+h+s98PCS
OOMTJ2guJLuN00GGcz7BxutEgmErk2MKS92I/3CHZSC2b06gpXtBQtnGZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBwCrQykjIqTpSyethcDWZas9RgMB8GA1UdIwQY
MBaAFPFcxvPuftJZUx1tCM6eCTc7cWBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi84N2U5YjctZWFkNC00YjViLWJjODgt
NjkxZWU0MWE2MDE0LzEvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi84N2U5YjctZWFkNC00YjViLWJjODgtNjkxZWU0MWE2MDE0
LzEvOFZ6RzgtNS0wbGxUSFcwSXpwNEpOenR4WUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgdKh2uxZ
3A/3jEqiUl99LzuRaDcebSjNuPRLiJJz1HRoSTFcEOox4o//fd+N10ocnyqYXU+U
IaIhBaBFScoXxfPnjKENG1voRY+EJfAzI0XLPQi8ZQwzmXgyD7ME9WiDo3uuBLSK
Bo6IKyouVsVXpFIh4wDcESNw4bWWdaVZ0pN3i4zwmZDlAyP8sY+waReuWKiSc6Bs
QAYyEdl/dvBg7wHz0PK3CF5iitmoV3+cNaVWJPNSNUwrCFrX+FtcP8MKiI3+0hCc
oadENu7lz5n+jiZHk13cq1BP7/7mNV//u7eGgdH8xpoaC9Qio3Pf0b5KElPIKjaf
Xdhk/qrBo8AXnw==
-----END CERTIFICATE-----