Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
File:                     ET9u8WzirCilmQYD0folvUl1lN0.mft (raw, json)
Hash identifier:          eNKptihJ6ja/t7nOvUaQEpGUn0DMiHSu2w2ImB6/pUY=
Subject key identifier:   F8:44:8C:8B:B1:9A:6F:EC:97:34:12:48:C8:BD:35:81:F3:3B:79:94
Authority key identifier: 11:3F:6E:F1:6C:E2:AC:28:A5:99:06:03:D1:FA:25:BD:49:75:94:DD
Certificate issuer:       /CN=113f6ef16ce2ac28a5990603d1fa25bd497594dd
Certificate serial:       019D394127B529A71EEB96C10811B3384A34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
Manifest number:          0743
Signing time:             Sun 29 Mar 2026 11:01:04 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:04 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:04 +0000
Files and hashes:         1: ET9u8WzirCilmQYD0folvUl1lN0.crl (hash: KOqtLQrUujJXiuIOBoVVRc3XQ6CDXiAvVj2HMgBatN4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:27:b5:29:a7:1e:eb:96:c1:08:11:b3:38:4a:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=113f6ef16ce2ac28a5990603d1fa25bd497594dd
        Validity
            Not Before: Mar 29 11:01:04 2026 GMT
            Not After : Mar 30 11:01:04 2026 GMT
        Subject: CN=f8448c8bb19a6fec97341248c8bd3581f33b7994
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:2f:47:5f:6b:5d:60:2b:a1:9b:f4:ed:eb:b4:
                    43:dc:59:33:22:05:59:74:05:fe:cf:bc:8d:16:84:
                    4f:35:af:6c:a7:aa:34:a6:be:1e:db:b8:c1:ac:e9:
                    78:96:0c:30:90:e0:65:26:39:60:5e:51:91:dc:88:
                    23:37:cd:02:54:42:fb:77:8b:4c:f8:3d:f7:61:d2:
                    16:f2:f1:89:21:fd:00:04:95:d3:ec:8e:93:5f:72:
                    a1:94:0b:9b:da:46:b5:5a:4e:03:ca:5f:0d:a7:9b:
                    f4:b2:ca:aa:a8:0a:32:7d:f8:99:ca:44:ed:c6:b9:
                    a3:d9:87:8e:ed:28:1e:6d:cc:e3:0c:16:af:bb:2d:
                    f5:d0:6f:b4:99:85:78:f9:15:c1:27:72:d7:79:0f:
                    70:06:42:ab:d6:33:66:c2:7e:f0:2b:48:5a:3f:36:
                    87:a8:bf:00:74:3c:30:b4:6b:72:3b:00:fb:80:6a:
                    3d:84:1e:b0:0d:b8:ad:f0:45:03:37:67:35:d5:00:
                    58:10:5d:c7:66:12:0a:7a:66:e4:8c:5e:11:41:c7:
                    10:96:a5:ff:cc:75:d6:6b:ef:2c:38:ab:c3:f7:96:
                    04:cb:6b:c1:94:5d:fb:ae:01:42:4c:fc:66:89:10:
                    51:21:cb:99:8e:c5:3f:81:d5:53:f2:d3:21:e8:3f:
                    4c:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:44:8C:8B:B1:9A:6F:EC:97:34:12:48:C8:BD:35:81:F3:3B:79:94
            X509v3 Authority Key Identifier:
                keyid:11:3F:6E:F1:6C:E2:AC:28:A5:99:06:03:D1:FA:25:BD:49:75:94:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ET9u8WzirCilmQYD0folvUl1lN0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3b5877-aa65-49fc-859d-905dbab8bd57/1/ET9u8WzirCilmQYD0folvUl1lN0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:96:21:97:31:3a:c7:d5:47:b9:ab:a7:40:83:aa:04:13:e3:
         bf:69:3f:62:f1:f0:4a:72:26:31:ea:16:31:15:24:c1:f0:9e:
         43:b9:79:c4:3d:6b:20:9a:0c:27:29:a7:b8:35:2c:c3:08:09:
         36:bf:39:05:6c:94:f8:cd:db:f7:1d:dc:db:68:3e:ad:b9:7a:
         b4:ae:9f:a3:85:fd:f1:82:c5:55:a3:c4:23:c0:51:1e:42:f7:
         55:3b:4b:c6:fd:70:dd:70:b9:ef:d5:d9:78:73:4a:4e:4d:a1:
         63:cb:b3:b4:ab:53:73:4a:3d:0b:a2:59:54:bc:3d:27:ba:f5:
         52:77:f6:fb:8f:2a:a3:cf:b5:71:0c:44:1d:3b:be:a0:e5:54:
         84:43:22:a1:4d:37:32:07:85:4e:4f:9f:26:9d:55:ab:f6:a6:
         97:af:4e:40:06:83:e8:69:de:22:b9:90:9c:10:4c:1c:72:13:
         6e:d5:5f:ae:d0:00:33:3b:9b:65:ab:80:ae:73:92:5a:20:a1:
         3f:a7:1a:16:49:1d:dc:a3:10:2f:39:6a:41:fc:2b:4e:db:16:
         40:c3:7d:5f:dd:9b:f0:35:dd:c5:47:6b:6a:bc:66:be:83:a4:
         ee:4b:4e:83:25:ba:89:3f:a8:be:5a:13:bb:ae:b0:18:ea:ae:
         22:4e:91:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QSe1Kace65bBCBGzOEo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExM2Y2ZWYxNmNlMmFjMjhhNTk5MDYwM2QxZmEyNWJkNDk3
NTk0ZGQwHhcNMjYwMzI5MTEwMTA0WhcNMjYwMzMwMTEwMTA0WjAzMTEwLwYDVQQD
EyhmODQ0OGM4YmIxOWE2ZmVjOTczNDEyNDhjOGJkMzU4MWYzM2I3OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyS9HX2tdYCuhm/Tt67RD3FkzIgVZ
dAX+z7yNFoRPNa9sp6o0pr4e27jBrOl4lgwwkOBlJjlgXlGR3IgjN80CVEL7d4tM
+D33YdIW8vGJIf0ABJXT7I6TX3KhlAub2ka1Wk4Dyl8Np5v0ssqqqAoyffiZykTt
xrmj2YeO7SgebczjDBavuy310G+0mYV4+RXBJ3LXeQ9wBkKr1jNmwn7wK0haPzaH
qL8AdDwwtGtyOwD7gGo9hB6wDbit8EUDN2c11QBYEF3HZhIKembkjF4RQccQlqX/
zHXWa+8sOKvD95YEy2vBlF37rgFCTPxmiRBRIcuZjsU/gdVT8tMh6D9MnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhEjIuxmm/slzQSSMi9NYHzO3mUMB8GA1UdIwQY
MBaAFBE/bvFs4qwopZkGA9H6Jb1JdZTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zYjU4NzctYWE2NS00OWZjLTg1OWQt
OTA1ZGJhYjhiZDU3LzEvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zYjU4NzctYWE2NS00OWZjLTg1OWQtOTA1ZGJhYjhiZDU3
LzEvRVQ5dThXemlyQ2lsbVFZRDBmb2x2VWwxbE4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbJYhlzE6
x9VHuaunQIOqBBPjv2k/YvHwSnImMeoWMRUkwfCeQ7l5xD1rIJoMJymnuDUswwgJ
Nr85BWyU+M3b9x3c22g+rbl6tK6fo4X98YLFVaPEI8BRHkL3VTtLxv1w3XC579XZ
eHNKTk2hY8uztKtTc0o9C6JZVLw9J7r1Unf2+48qo8+1cQxEHTu+oOVUhEMioU03
MgeFTk+fJp1Vq/aml69OQAaD6GneIrmQnBBMHHITbtVfrtAAMzubZauArnOSWiCh
P6caFkkd3KMQLzlqQfwrTtsWQMN9X92b8DXdxUdrarxmvoOk7ktOgyW6iT+ovloT
u66wGOquIk6RzQ==
-----END CERTIFICATE-----