Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
File:                     P9WU69efjdhbR5LpUzvkaBaohgY.mft (raw, json)
Hash identifier:          bkNQHqWMfTa0TT1BaUUi12Ycoh/45xJ/bXVpWp8vd/U=
Subject key identifier:   AC:88:40:2F:D6:EB:BE:A0:2E:0B:BA:C4:4F:0B:74:41:52:2F:5A:44
Authority key identifier: 3F:D5:94:EB:D7:9F:8D:D8:5B:47:92:E9:53:3B:E4:68:16:A8:86:06
Certificate issuer:       /CN=3fd594ebd79f8dd85b4792e9533be46816a88606
Certificate serial:       019D37C018BAFE33B4840CEF77E2FFF46F86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
Manifest number:          140D
Signing time:             Sun 29 Mar 2026 04:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:29 +0000
Files and hashes:         1: P9WU69efjdhbR5LpUzvkaBaohgY.crl (hash: 9Hpj5qlt2kcNlnk+3YsQD9CGQkChoUMVGKCqj0jrxtI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:18:ba:fe:33:b4:84:0c:ef:77:e2:ff:f4:6f:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd594ebd79f8dd85b4792e9533be46816a88606
        Validity
            Not Before: Mar 29 04:00:29 2026 GMT
            Not After : Mar 30 04:00:29 2026 GMT
        Subject: CN=ac88402fd6ebbea02e0bbac44f0b7441522f5a44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:09:46:08:8c:39:0a:fb:d7:d5:fe:26:9f:38:
                    ba:f7:21:63:78:38:13:fb:54:14:90:ea:b3:95:1a:
                    bd:5d:2b:67:95:53:33:98:de:51:d1:81:1f:1b:97:
                    3e:45:a4:25:04:e3:ec:4d:11:02:66:f0:3a:3a:44:
                    2c:97:eb:fd:2f:88:19:1d:6b:5c:e8:af:32:26:4c:
                    ae:de:35:74:17:b9:bb:3b:0b:64:9b:32:34:4c:72:
                    80:9c:ea:1c:63:e0:dc:f5:a8:08:c0:28:f9:ee:ff:
                    85:f8:54:c2:9a:58:a0:e4:a4:0b:35:50:b3:ca:10:
                    ee:65:cf:a0:e5:4f:f5:a1:0d:c2:f3:d3:b0:77:94:
                    5f:51:8d:8a:5a:a8:30:90:cf:4e:56:c5:bd:42:95:
                    38:d4:fe:3a:48:9c:62:0d:03:66:b8:96:8a:9c:74:
                    e4:4f:56:9b:ca:8e:f4:0d:b3:64:fb:3b:c8:59:92:
                    9f:00:2b:be:50:8b:a9:dd:ca:4c:8d:c3:fd:c6:7d:
                    a6:a9:de:a0:27:aa:f2:6c:56:43:50:9a:c9:d3:9f:
                    75:f8:bf:67:8e:6e:62:6e:77:18:1d:4b:47:82:e4:
                    46:5d:69:be:a9:ca:b6:7c:a2:4e:f5:1a:ae:43:f9:
                    06:12:e2:9f:af:a2:ad:8c:9b:8e:68:25:a7:ec:f7:
                    26:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:88:40:2F:D6:EB:BE:A0:2E:0B:BA:C4:4F:0B:74:41:52:2F:5A:44
            X509v3 Authority Key Identifier:
                keyid:3F:D5:94:EB:D7:9F:8D:D8:5B:47:92:E9:53:3B:E4:68:16:A8:86:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:80:c2:c8:93:e1:76:a9:ad:2e:a4:be:26:50:6b:7e:06:39:
         fb:a8:d9:81:ca:eb:5d:c9:d0:02:b1:e2:37:03:58:6b:2f:ea:
         0b:3c:6b:00:d0:bc:b1:14:19:8c:4a:d0:c4:5b:c9:a6:cf:e6:
         d4:b9:2c:0f:3f:40:99:e6:28:01:17:03:56:5c:e2:8d:45:3d:
         dd:90:d8:3a:9d:bd:5f:d3:b1:40:f9:50:02:71:b1:6f:4b:cc:
         88:e4:8f:18:de:79:e5:24:1f:b6:08:4d:a3:22:48:01:63:52:
         da:49:03:2f:0a:14:8d:ef:4d:c2:ac:71:c7:3b:75:2b:4e:7d:
         fb:90:bb:5c:8b:0c:8f:5e:e1:d8:50:70:52:49:1c:93:a3:3a:
         fc:1e:34:23:6b:07:94:2f:47:c1:da:29:8c:cf:e5:e4:24:33:
         cf:b8:33:21:78:1b:f9:c6:93:9a:a5:08:ee:4b:a4:8c:a6:b5:
         27:2b:14:f5:8f:b5:12:3e:d3:2e:0d:38:f0:08:5b:f9:03:78:
         12:cf:76:bb:1e:36:ae:50:42:c8:92:c6:72:bd:a1:2b:ab:1b:
         a4:8e:cb:1a:eb:d0:8c:e9:aa:b5:6c:31:7e:d3:b1:16:1d:b6:
         5a:85:36:7d:32:d4:1d:f9:c1:3b:d4:c8:00:0b:d5:6e:a0:9e:
         54:c9:6e:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wBi6/jO0hAzvd+L/9G+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDU5NGViZDc5ZjhkZDg1YjQ3OTJlOTUzM2JlNDY4MTZh
ODg2MDYwHhcNMjYwMzI5MDQwMDI5WhcNMjYwMzMwMDQwMDI5WjAzMTEwLwYDVQQD
EyhhYzg4NDAyZmQ2ZWJiZWEwMmUwYmJhYzQ0ZjBiNzQ0MTUyMmY1YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQlGCIw5CvvX1f4mnzi69yFjeDgT
+1QUkOqzlRq9XStnlVMzmN5R0YEfG5c+RaQlBOPsTRECZvA6OkQsl+v9L4gZHWtc
6K8yJkyu3jV0F7m7OwtkmzI0THKAnOocY+Dc9agIwCj57v+F+FTCmlig5KQLNVCz
yhDuZc+g5U/1oQ3C89Owd5RfUY2KWqgwkM9OVsW9QpU41P46SJxiDQNmuJaKnHTk
T1abyo70DbNk+zvIWZKfACu+UIup3cpMjcP9xn2mqd6gJ6rybFZDUJrJ0591+L9n
jm5ibncYHUtHguRGXWm+qcq2fKJO9RquQ/kGEuKfr6KtjJuOaCWn7PcmlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyIQC/W676gLgu6xE8LdEFSL1pEMB8GA1UdIwQY
MBaAFD/VlOvXn43YW0eS6VM75GgWqIYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zMGE4NmQtYjk3Mi00MTVlLWI4ZmEt
NjYyNDY5MWY2ZjEzLzEvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zMGE4NmQtYjk3Mi00MTVlLWI4ZmEtNjYyNDY5MWY2ZjEz
LzEvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFIDCyJPh
dqmtLqS+JlBrfgY5+6jZgcrrXcnQArHiNwNYay/qCzxrANC8sRQZjErQxFvJps/m
1LksDz9AmeYoARcDVlzijUU93ZDYOp29X9OxQPlQAnGxb0vMiOSPGN555SQftghN
oyJIAWNS2kkDLwoUje9Nwqxxxzt1K059+5C7XIsMj17h2FBwUkkck6M6/B40I2sH
lC9HwdopjM/l5CQzz7gzIXgb+caTmqUI7kukjKa1JysU9Y+1Ej7TLg048Ahb+QN4
Es92ux42rlBCyJLGcr2hK6sbpI7LGuvQjOmqtWwxftOxFh22WoU2fTLUHfnBO9TI
AAvVbqCeVMluuA==
-----END CERTIFICATE-----