Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
File:                     RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft (raw, json)
Hash identifier:          8KlN50/5WlYttPssIErx3v//sUojRaFpABO9gdhyfEo=
Subject key identifier:   C1:FF:F3:CA:03:BF:15:7F:F1:19:84:DF:27:9E:6E:97:64:6F:4B:0B
Authority key identifier: 46:54:F3:E6:92:7E:C4:C7:C9:7D:0F:23:6A:8C:24:53:4A:7F:CD:D4
Certificate issuer:       /CN=4654f3e6927ec4c7c97d0f236a8c24534a7fcdd4
Certificate serial:       019D3940D9EE9D136B5C8C4B94F42700DB87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
Manifest number:          09D6
Signing time:             Sun 29 Mar 2026 11:00:44 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:44 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:44 +0000
Files and hashes:         1: RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl (hash: 47LSw+Gnw7nzksdtyy1Y0SQymz9JyuHo9UJgU1T/AMc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:d9:ee:9d:13:6b:5c:8c:4b:94:f4:27:00:db:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4654f3e6927ec4c7c97d0f236a8c24534a7fcdd4
        Validity
            Not Before: Mar 29 11:00:44 2026 GMT
            Not After : Mar 30 11:00:44 2026 GMT
        Subject: CN=c1fff3ca03bf157ff11984df279e6e97646f4b0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c7:7c:6a:f9:ea:88:a3:99:64:28:67:48:1e:
                    fb:c3:3e:09:30:91:f7:a3:c6:f0:b3:8a:28:2a:5f:
                    04:b0:ab:0c:be:9d:13:78:ad:1b:f6:28:95:b1:48:
                    ac:e9:a9:96:1a:a2:c2:1b:6c:88:0d:e5:5f:fd:c9:
                    cc:a1:aa:1f:b8:ad:ba:7e:d4:41:20:d4:d9:5c:e4:
                    b3:ed:2e:72:7c:4b:a8:84:db:c9:97:17:9f:f6:42:
                    5d:6b:da:8a:7a:24:e6:39:df:4f:eb:9b:08:d5:3c:
                    6c:cc:4f:84:d8:ab:c3:4c:72:bb:68:57:80:23:20:
                    73:7d:6e:fa:2b:b0:a1:36:8f:85:17:69:e2:b6:74:
                    69:a8:db:eb:85:e5:f7:18:68:70:c4:e0:a4:34:05:
                    62:dc:90:64:0a:5d:c3:66:3d:2c:a6:43:aa:76:dc:
                    da:78:4d:e3:f4:3b:87:87:e1:a8:75:29:5d:df:7d:
                    69:68:1a:af:3f:a2:47:1a:f6:37:9b:be:6e:3d:f2:
                    16:de:ad:ba:c6:47:d3:ac:e4:2f:71:63:8c:d5:13:
                    de:00:33:a7:c2:08:57:df:7b:37:5d:1f:db:f8:5e:
                    0a:47:0d:08:81:5b:b3:5b:04:76:c2:50:fe:53:ca:
                    d1:ff:4c:6c:04:7a:a2:63:ba:d8:bf:d9:00:5e:49:
                    a3:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:FF:F3:CA:03:BF:15:7F:F1:19:84:DF:27:9E:6E:97:64:6F:4B:0B
            X509v3 Authority Key Identifier:
                keyid:46:54:F3:E6:92:7E:C4:C7:C9:7D:0F:23:6A:8C:24:53:4A:7F:CD:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:88:24:c2:67:ef:e9:c7:34:b1:59:bf:1c:d3:43:20:0f:d2:
         9d:46:29:65:14:c4:88:69:7d:49:62:38:64:5a:5b:c0:1a:5a:
         1b:04:0d:b0:cd:c6:93:b9:53:a6:98:26:26:59:81:a0:c0:c9:
         5b:ee:cf:5a:47:91:b1:51:af:5d:f6:aa:41:9c:a9:5d:38:6d:
         de:40:f2:95:0f:49:a3:2b:b2:31:38:36:09:e8:c2:2b:12:18:
         49:17:04:b8:5b:55:35:7a:2a:c3:08:5b:2b:21:b4:a1:13:18:
         d8:21:5a:04:5f:a0:fb:3f:03:e4:2d:5c:e5:1d:02:85:7f:25:
         4c:b3:09:3a:92:70:90:2b:b9:54:96:9a:99:62:ab:aa:82:8c:
         a8:91:39:1f:1e:a9:9d:ee:a3:ac:b5:72:ef:95:e0:1f:17:48:
         52:7f:c0:40:95:63:0f:20:b6:c2:ed:e3:16:f4:c3:ab:d5:c2:
         f1:fb:7d:2e:05:c9:d9:28:c9:1e:e8:12:26:01:81:55:69:16:
         50:4c:d6:05:af:08:b1:59:8c:12:6a:1c:d3:e4:f2:d8:ac:e4:
         f7:3e:57:22:22:ae:1d:30:51:a9:f2:20:78:96:58:03:2d:4e:
         a5:13:bc:c1:0e:d9:ca:0d:7d:87:b6:a2:36:d6:9b:dd:68:c1:
         dc:a3:b8:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QNnunRNrXIxLlPQnANuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NTRmM2U2OTI3ZWM0YzdjOTdkMGYyMzZhOGMyNDUzNGE3
ZmNkZDQwHhcNMjYwMzI5MTEwMDQ0WhcNMjYwMzMwMTEwMDQ0WjAzMTEwLwYDVQQD
EyhjMWZmZjNjYTAzYmYxNTdmZjExOTg0ZGYyNzllNmU5NzY0NmY0YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMd8avnqiKOZZChnSB77wz4JMJH3
o8bws4ooKl8EsKsMvp0TeK0b9iiVsUis6amWGqLCG2yIDeVf/cnMoaofuK26ftRB
INTZXOSz7S5yfEuohNvJlxef9kJda9qKeiTmOd9P65sI1TxszE+E2KvDTHK7aFeA
IyBzfW76K7ChNo+FF2nitnRpqNvrheX3GGhwxOCkNAVi3JBkCl3DZj0spkOqdtza
eE3j9DuHh+GodSld331paBqvP6JHGvY3m75uPfIW3q26xkfTrOQvcWOM1RPeADOn
wghX33s3XR/b+F4KRw0IgVuzWwR2wlD+U8rR/0xsBHqiY7rYv9kAXkmjyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMH/88oDvxV/8RmE3yeebpdkb0sLMB8GA1UdIwQY
MBaAFEZU8+aSfsTHyX0PI2qMJFNKf83UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83ZmY0YTMtZDE5MS00YzZiLTgzNWEt
YjgwNTA2MjJhYTk2LzEvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83ZmY0YTMtZDE5MS00YzZiLTgzNWEtYjgwNTA2MjJhYTk2
LzEvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIogkwmfv
6cc0sVm/HNNDIA/SnUYpZRTEiGl9SWI4ZFpbwBpaGwQNsM3Gk7lTppgmJlmBoMDJ
W+7PWkeRsVGvXfaqQZypXTht3kDylQ9JoyuyMTg2CejCKxIYSRcEuFtVNXoqwwhb
KyG0oRMY2CFaBF+g+z8D5C1c5R0ChX8lTLMJOpJwkCu5VJaamWKrqoKMqJE5Hx6p
ne6jrLVy75XgHxdIUn/AQJVjDyC2wu3jFvTDq9XC8ft9LgXJ2SjJHugSJgGBVWkW
UEzWBa8IsVmMEmoc0+Ty2Kzk9z5XIiKuHTBRqfIgeJZYAy1OpRO8wQ7Zyg19h7ai
Ntab3WjB3KO4hw==
-----END CERTIFICATE-----