Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
File:                     97KiPZsF9XV53i8CRJtmYD4-Vzo.mft (raw, json)
Hash identifier:          q8wSfNgdrsLctDLExWwlbEIRKs/PGdfe+QDZbq0ZKS0=
Subject key identifier:   B6:ED:A2:AF:75:FD:E8:CF:58:79:4C:DD:91:83:3B:A0:F7:93:66:3B
Authority key identifier: F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A
Certificate issuer:       /CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
Certificate serial:       019D39AE9948789E14D35B1A19A8FBF02DD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
Manifest number:          1443
Signing time:             Sun 29 Mar 2026 13:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:36 +0000
Files and hashes:         1: 97KiPZsF9XV53i8CRJtmYD4-Vzo.crl (hash: XawNHxV0nXib92dhYRVsVjmQc3raEJh83mJX8iFBTzk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:99:48:78:9e:14:d3:5b:1a:19:a8:fb:f0:2d:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
        Validity
            Not Before: Mar 29 13:00:36 2026 GMT
            Not After : Mar 30 13:00:36 2026 GMT
        Subject: CN=b6eda2af75fde8cf58794cdd91833ba0f793663b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f2:54:d9:14:3d:86:ce:94:6e:d9:51:b6:95:
                    55:0d:94:b1:34:77:37:69:fa:c6:58:0d:05:63:d0:
                    9e:53:03:ec:f3:70:ff:b8:3a:97:d6:52:b7:04:05:
                    f8:01:5d:e9:77:de:0d:9a:54:f7:84:f9:8c:23:b1:
                    0f:ef:e8:b3:8e:63:19:0c:6f:5d:31:fb:36:98:75:
                    cd:dc:42:8f:42:83:9b:33:fa:d8:41:54:1c:6e:d5:
                    9e:a4:fc:8d:8f:f9:24:2a:17:99:dc:6f:80:e6:9a:
                    ec:10:62:5a:c1:4e:4e:3e:8c:ba:d4:85:84:8b:02:
                    27:04:40:c2:32:ed:40:27:2b:b6:36:33:31:6c:fd:
                    46:65:12:83:76:8b:e8:93:ad:24:d5:e7:8b:aa:73:
                    29:5f:a9:99:82:4b:75:4c:14:73:9d:dd:26:c0:7f:
                    34:e1:ea:6a:02:b6:08:9b:b5:9f:9c:d3:c9:66:e5:
                    e7:db:aa:61:76:7b:25:f7:d6:44:40:70:b0:16:2c:
                    99:c1:16:28:3a:d9:32:db:3e:82:af:a5:53:92:7d:
                    0e:eb:56:75:cd:ff:b2:6f:e8:7c:04:6e:f2:8c:27:
                    2c:26:c2:a4:db:5b:c7:2a:9f:54:20:9a:92:30:b9:
                    31:54:f2:d7:a3:15:c7:46:8b:fd:95:31:32:91:50:
                    2a:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:ED:A2:AF:75:FD:E8:CF:58:79:4C:DD:91:83:3B:A0:F7:93:66:3B
            X509v3 Authority Key Identifier:
                keyid:F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:8c:b3:6a:c7:81:df:f6:b4:ac:41:bb:ce:88:85:d6:e9:be:
         c3:21:27:35:42:63:fc:6b:41:23:0a:77:3f:e2:00:11:0e:e5:
         a4:7d:81:4c:ad:ff:96:38:3c:cd:29:8e:15:5d:a5:80:9a:b8:
         83:c1:28:e5:f6:80:dd:f5:1c:18:c4:a6:03:d3:69:53:0f:e6:
         ac:be:b8:ed:e2:e3:20:1f:5a:f3:44:79:a3:53:1b:6c:a5:76:
         55:fa:4b:7b:50:2b:78:6b:dc:e9:2c:e0:ca:f1:8b:ee:be:42:
         12:7a:9b:76:21:0a:e1:14:87:fa:e2:d4:19:0c:27:7a:b2:02:
         cb:2a:41:fa:9e:b9:50:8c:53:4c:1d:97:3b:91:08:fc:9e:32:
         53:af:be:d4:b5:88:c1:e3:a1:a7:39:3e:ad:ad:95:0b:d5:77:
         57:bd:1e:98:5b:c7:94:48:fd:2c:0e:13:76:f2:44:47:2c:6e:
         2a:5b:60:60:ce:1e:e4:f2:8b:87:20:2c:ed:c5:b2:f6:6a:98:
         47:f0:48:b0:b7:5b:fd:59:3f:0d:aa:c1:89:c7:68:3a:4c:df:
         59:dc:26:ed:b2:5e:a5:4b:f5:0c:a7:93:95:6e:5a:bb:37:f7:
         be:8e:52:2c:96:c2:92:5c:cc:00:9d:03:d3:1e:df:03:5f:5e:
         ad:8f:95:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rplIeJ4U01saGaj78C3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjJhMjNkOWIwNWY1NzU3OWRlMmYwMjQ0OWI2NjYwM2Uz
ZTU3M2EwHhcNMjYwMzI5MTMwMDM2WhcNMjYwMzMwMTMwMDM2WjAzMTEwLwYDVQQD
EyhiNmVkYTJhZjc1ZmRlOGNmNTg3OTRjZGQ5MTgzM2JhMGY3OTM2NjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvJU2RQ9hs6UbtlRtpVVDZSxNHc3
afrGWA0FY9CeUwPs83D/uDqX1lK3BAX4AV3pd94NmlT3hPmMI7EP7+izjmMZDG9d
Mfs2mHXN3EKPQoObM/rYQVQcbtWepPyNj/kkKheZ3G+A5prsEGJawU5OPoy61IWE
iwInBEDCMu1AJyu2NjMxbP1GZRKDdovok60k1eeLqnMpX6mZgkt1TBRznd0mwH80
4epqArYIm7WfnNPJZuXn26phdnsl99ZEQHCwFiyZwRYoOtky2z6Cr6VTkn0O61Z1
zf+yb+h8BG7yjCcsJsKk21vHKp9UIJqSMLkxVPLXoxXHRov9lTEykVAqswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLbtoq91/ejPWHlM3ZGDO6D3k2Y7MB8GA1UdIwQY
MBaAFPeyoj2bBfV1ed4vAkSbZmA+Plc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMt
NWJlNmE3NTlmMzE4LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMtNWJlNmE3NTlmMzE4
LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVYyzaseB
3/a0rEG7zoiF1um+wyEnNUJj/GtBIwp3P+IAEQ7lpH2BTK3/ljg8zSmOFV2lgJq4
g8Eo5faA3fUcGMSmA9NpUw/mrL647eLjIB9a80R5o1MbbKV2VfpLe1AreGvc6Szg
yvGL7r5CEnqbdiEK4RSH+uLUGQwnerICyypB+p65UIxTTB2XO5EI/J4yU6++1LWI
weOhpzk+ra2VC9V3V70emFvHlEj9LA4TdvJERyxuKltgYM4e5PKLhyAs7cWy9mqY
R/BIsLdb/Vk/DarBicdoOkzfWdwm7bJepUv1DKeTlW5auzf3vo5SLJbCklzMAJ0D
0x7fA19erY+VQQ==
-----END CERTIFICATE-----