Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
File:                     97KiPZsF9XV53i8CRJtmYD4-Vzo.mft (raw, json)
Hash identifier:          0aAIgSLRMiEecE5y+TTMzcw2vw3jEQZq0MhbdvFENRo=
Subject key identifier:   DB:9D:3B:3E:F9:08:B0:00:89:40:44:B3:AB:CA:F1:5A:97:81:DF:BF
Authority key identifier: F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A
Certificate issuer:       /CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
Certificate serial:       019E30E0FD865341AAA1BD88664D91B2BCBB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
Manifest number:          14C3
Signing time:             Sat 16 May 2026 13:01:51 +0000
Manifest this update:     Sat 16 May 2026 13:01:51 +0000
Manifest next update:     Sun 17 May 2026 13:01:51 +0000
Files and hashes:         1: 97KiPZsF9XV53i8CRJtmYD4-Vzo.crl (hash: a0gCqZTyzHj4YoeVBGdqjKJyI4U7bgXBiNF5g+U/VCE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:30:e0:fd:86:53:41:aa:a1:bd:88:66:4d:91:b2:bc:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
        Validity
            Not Before: May 16 13:01:51 2026 GMT
            Not After : May 17 13:01:51 2026 GMT
        Subject: CN=db9d3b3ef908b000894044b3abcaf15a9781dfbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e6:cd:b6:89:32:66:22:08:e3:9a:6c:d3:3f:
                    e9:3c:e7:7f:a9:c4:c5:76:c6:44:05:0e:27:6c:d2:
                    e3:ab:42:3b:40:83:2e:84:97:da:13:d4:93:bb:c8:
                    6f:24:8e:19:06:b3:e2:e3:43:ee:b8:8c:6b:1f:21:
                    cd:bc:57:42:0b:a9:38:e5:4f:33:1f:5d:2b:8d:74:
                    fc:46:22:b9:ce:95:cd:7a:f0:d6:a7:91:9f:1b:83:
                    76:f7:74:0e:31:38:00:67:b8:11:ee:53:bc:16:8f:
                    25:3f:e9:69:67:88:33:62:ac:ce:bf:82:fe:a4:2f:
                    fa:13:cc:5e:3a:e5:99:8b:dc:09:76:b6:8d:44:fa:
                    4e:98:e6:6a:d6:30:59:ad:ff:9f:74:ac:89:73:7e:
                    1c:5c:b1:8b:a7:53:ef:d3:e3:79:ec:d4:53:b7:c7:
                    b2:bd:38:51:31:1b:bc:ce:d3:6f:9b:12:24:5c:16:
                    13:55:a3:3f:8f:42:c4:3d:58:69:c6:76:a9:82:b8:
                    92:01:ca:c1:eb:d4:7b:8d:61:2a:20:ff:5c:9b:1a:
                    9c:3f:89:87:73:8c:3f:08:6c:9f:14:b5:ff:e3:20:
                    57:76:7e:e4:29:72:52:14:e2:57:52:3d:1e:aa:84:
                    a7:de:fa:59:17:f2:c9:75:1e:cb:86:58:71:ac:d2:
                    35:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:9D:3B:3E:F9:08:B0:00:89:40:44:B3:AB:CA:F1:5A:97:81:DF:BF
            X509v3 Authority Key Identifier:
                keyid:F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:3b:1a:9f:8a:f0:c1:79:08:d6:e8:db:0f:e2:34:c1:df:58:
         0d:d2:3f:0a:56:fa:ee:ab:e3:0a:6c:a5:ce:02:1a:b9:0d:fa:
         19:70:f3:8e:35:e6:3d:a4:64:59:77:e9:53:0b:07:a1:57:02:
         f4:54:a4:af:09:8d:e5:50:09:65:c2:5a:f2:13:ec:c7:cd:83:
         99:a3:f4:d0:00:0e:ef:44:f9:3a:3c:de:9b:f3:21:3b:62:29:
         92:25:96:3a:a6:e8:c6:bf:ca:84:ad:64:e7:93:d0:8e:86:17:
         d7:5b:17:3a:c9:85:44:bc:8c:93:a0:8e:19:60:10:ad:ff:cf:
         60:4a:2c:e7:13:51:a0:1f:24:c0:00:75:0e:44:71:22:a6:23:
         cd:17:26:bc:d5:b6:db:4f:ca:e4:c9:31:04:bc:f6:df:98:57:
         7d:44:43:84:a1:98:ee:16:c4:70:36:e6:f9:65:b0:e0:22:5e:
         72:bd:fb:e9:05:a7:02:61:a3:19:c2:d8:35:14:c7:a6:08:77:
         d8:ac:64:34:f5:ee:aa:49:61:66:60:13:ac:2d:e6:03:15:20:
         82:68:6c:22:0e:08:11:76:76:d5:6f:13:d4:de:5f:bc:7a:cf:
         7b:c8:5a:90:45:dd:36:27:f7:1c:bd:bb:21:ad:3e:15:86:80:
         6d:cf:bb:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4w4P2GU0Gqob2IZk2Rsry7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjJhMjNkOWIwNWY1NzU3OWRlMmYwMjQ0OWI2NjYwM2Uz
ZTU3M2EwHhcNMjYwNTE2MTMwMTUxWhcNMjYwNTE3MTMwMTUxWjAzMTEwLwYDVQQD
EyhkYjlkM2IzZWY5MDhiMDAwODk0MDQ0YjNhYmNhZjE1YTk3ODFkZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ObNtokyZiII45ps0z/pPOd/qcTF
dsZEBQ4nbNLjq0I7QIMuhJfaE9STu8hvJI4ZBrPi40PuuIxrHyHNvFdCC6k45U8z
H10rjXT8RiK5zpXNevDWp5GfG4N293QOMTgAZ7gR7lO8Fo8lP+lpZ4gzYqzOv4L+
pC/6E8xeOuWZi9wJdraNRPpOmOZq1jBZrf+fdKyJc34cXLGLp1Pv0+N57NRTt8ey
vThRMRu8ztNvmxIkXBYTVaM/j0LEPVhpxnapgriSAcrB69R7jWEqIP9cmxqcP4mH
c4w/CGyfFLX/4yBXdn7kKXJSFOJXUj0eqoSn3vpZF/LJdR7LhlhxrNI1PwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNudOz75CLAAiUBEs6vK8VqXgd+/MB8GA1UdIwQY
MBaAFPeyoj2bBfV1ed4vAkSbZmA+Plc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMt
NWJlNmE3NTlmMzE4LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMtNWJlNmE3NTlmMzE4
LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhDsan4rw
wXkI1ujbD+I0wd9YDdI/Clb67qvjCmylzgIauQ36GXDzjjXmPaRkWXfpUwsHoVcC
9FSkrwmN5VAJZcJa8hPsx82DmaP00AAO70T5Ojzem/MhO2IpkiWWOqboxr/KhK1k
55PQjoYX11sXOsmFRLyMk6COGWAQrf/PYEos5xNRoB8kwAB1DkRxIqYjzRcmvNW2
20/K5MkxBLz235hXfURDhKGY7hbEcDbm+WWw4CJecr376QWnAmGjGcLYNRTHpgh3
2KxkNPXuqklhZmATrC3mAxUggmhsIg4IEXZ21W8T1N5fvHrPe8hakEXdNif3HL27
Ia0+FYaAbc+78w==
-----END CERTIFICATE-----