Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          hxz70JnIas3Tz7FrZAmPBk4vBkgTurAHx67vbrppXyk=
Subject key identifier:   D0:71:F4:16:1D:93:C1:FA:64:E9:72:D6:14:AD:1E:E5:8F:76:E4:81
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       019D3865E0940270629C69BF933CD93D83EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0CF1
Signing time:             Sun 29 Mar 2026 07:01:33 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:33 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:33 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: l4QZt/fh5Newfobd+MPuA2JEOTX6mrPRNctBsL1LHvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:e0:94:02:70:62:9c:69:bf:93:3c:d9:3d:83:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Mar 29 07:01:33 2026 GMT
            Not After : Mar 30 07:01:33 2026 GMT
        Subject: CN=d071f4161d93c1fa64e972d614ad1ee58f76e481
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:72:71:85:96:42:b8:72:e6:3a:93:75:f3:57:
                    b9:eb:f5:be:99:1a:a6:d2:dc:6d:3c:5c:16:a8:43:
                    35:49:ca:37:ae:0c:be:71:31:66:ad:ab:1a:16:75:
                    81:84:33:03:7f:a7:67:b1:7b:b5:b5:16:9a:da:06:
                    85:9e:ba:5c:70:da:b3:b0:4d:2f:da:64:a9:a2:3a:
                    25:d4:59:42:25:99:c9:75:5f:e0:02:97:ca:c1:c2:
                    ec:25:5e:1b:62:a7:f3:91:d0:56:de:2a:e3:08:81:
                    11:26:73:ca:c1:bb:62:13:52:d3:19:26:07:0c:df:
                    8b:4d:b9:42:80:c6:51:e7:ec:e7:6c:41:f9:03:78:
                    8b:5a:ce:dc:69:0f:e8:df:a8:77:49:dc:2a:76:f0:
                    3d:5b:1d:f8:2c:c3:a4:5a:d9:21:83:68:d9:2b:00:
                    b1:db:91:87:b0:bf:c6:49:1b:75:02:45:a0:8b:98:
                    35:1b:d8:25:33:71:ce:6d:03:69:58:86:2d:a8:f6:
                    09:a1:4f:b4:23:7e:81:8e:7b:78:d9:18:72:81:74:
                    19:0c:01:1a:c3:4f:e3:f1:33:07:dc:4d:a7:c3:47:
                    ec:22:bf:8c:fb:ee:bc:3b:93:7a:93:96:b0:43:a0:
                    78:d0:a7:66:df:77:6b:a4:15:b1:d9:ee:c8:60:f0:
                    22:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:71:F4:16:1D:93:C1:FA:64:E9:72:D6:14:AD:1E:E5:8F:76:E4:81
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:17:18:da:80:e3:d4:74:22:01:95:a3:e9:fc:61:4d:37:aa:
         60:49:97:57:08:9d:86:0d:cf:5f:b8:2b:75:ad:4d:32:3a:02:
         b2:be:a2:c6:d1:4f:ce:d9:99:66:01:ab:b8:0d:b6:87:85:f7:
         ac:f6:2f:16:6c:90:bc:88:f5:0a:c5:54:7c:78:33:eb:92:83:
         34:d5:a2:b4:20:87:bf:86:58:78:c2:ce:7d:92:b1:e9:bb:5c:
         77:d5:e4:6a:95:34:d2:92:16:b8:86:1a:a8:c3:79:4d:3b:2b:
         53:61:5e:8e:3b:fb:af:2e:4c:2b:55:6e:58:1a:be:8a:92:1a:
         38:a9:df:d8:51:ad:3c:89:8b:db:cf:6d:ac:a7:56:c1:c9:b4:
         62:53:0d:b5:d7:cd:96:19:83:ca:1b:ec:68:ea:db:f4:85:3e:
         f4:8a:26:b4:65:82:ad:eb:e7:c1:15:77:70:91:c2:97:41:76:
         51:65:79:fc:bc:51:eb:cd:f5:24:e1:8f:ba:fa:4d:89:a2:28:
         a5:04:39:49:42:cc:89:7d:61:b0:b5:3b:fb:77:01:40:aa:8f:
         2c:29:47:cf:b4:ed:b9:42:fc:ec:4b:49:d3:4c:b2:4d:3e:76:
         0a:92:16:62:dc:b7:37:83:ac:93:66:b3:9b:ad:c2:c4:7b:40:
         25:dd:21:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZeCUAnBinGm/kzzZPYPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjYwMzI5MDcwMTMzWhcNMjYwMzMwMDcwMTMzWjAzMTEwLwYDVQQD
EyhkMDcxZjQxNjFkOTNjMWZhNjRlOTcyZDYxNGFkMWVlNThmNzZlNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHJxhZZCuHLmOpN181e56/W+mRqm
0txtPFwWqEM1Sco3rgy+cTFmrasaFnWBhDMDf6dnsXu1tRaa2gaFnrpccNqzsE0v
2mSpojol1FlCJZnJdV/gApfKwcLsJV4bYqfzkdBW3irjCIERJnPKwbtiE1LTGSYH
DN+LTblCgMZR5+znbEH5A3iLWs7caQ/o36h3SdwqdvA9Wx34LMOkWtkhg2jZKwCx
25GHsL/GSRt1AkWgi5g1G9glM3HObQNpWIYtqPYJoU+0I36Bjnt42RhygXQZDAEa
w0/j8TMH3E2nw0fsIr+M++68O5N6k5awQ6B40Kdm33drpBWx2e7IYPAi3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNBx9BYdk8H6ZOly1hStHuWPduSBMB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAxcY2oDj
1HQiAZWj6fxhTTeqYEmXVwidhg3PX7grda1NMjoCsr6ixtFPztmZZgGruA22h4X3
rPYvFmyQvIj1CsVUfHgz65KDNNWitCCHv4ZYeMLOfZKx6btcd9XkapU00pIWuIYa
qMN5TTsrU2Fejjv7ry5MK1VuWBq+ipIaOKnf2FGtPImL289trKdWwcm0YlMNtdfN
lhmDyhvsaOrb9IU+9IomtGWCrevnwRV3cJHCl0F2UWV5/LxR6831JOGPuvpNiaIo
pQQ5SULMiX1hsLU7+3cBQKqPLClHz7TtuUL87EtJ00yyTT52CpIWYty3N4Osk2az
m63CxHtAJd0hLg==
-----END CERTIFICATE-----