Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
File:                     I6IOrOflZNlFaAhkd3q-nCu41NY.mft (raw, json)
Hash identifier:          xrrGgE/O6L3OHbVU5h1rnWe1YLrdegjen94imo2FWd0=
Subject key identifier:   B1:62:E2:9B:B5:35:9E:49:7C:04:13:36:0E:1E:55:20:DD:DD:E7:FF
Authority key identifier: 23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6
Certificate issuer:       /CN=23a20eace7e564d945680864777abe9c2bb8d4d6
Certificate serial:       019D38D2D58AAAEC55EFAF7AD2A4BEF0D688
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
Manifest number:          02DD
Signing time:             Sun 29 Mar 2026 09:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:34 +0000
Files and hashes:         1: I6IOrOflZNlFaAhkd3q-nCu41NY.crl (hash: qb8OZOK8yGnXFhoo4JopfDjSQctP8CSVekgCARv0AqA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:d5:8a:aa:ec:55:ef:af:7a:d2:a4:be:f0:d6:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23a20eace7e564d945680864777abe9c2bb8d4d6
        Validity
            Not Before: Mar 29 09:00:34 2026 GMT
            Not After : Mar 30 09:00:34 2026 GMT
        Subject: CN=b162e29bb5359e497c0413360e1e5520dddde7ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:f0:67:d5:c8:b0:21:9f:9a:95:6b:5b:17:62:
                    ad:84:13:ea:78:97:dd:ed:ba:43:86:d5:3d:db:68:
                    a1:e0:00:86:1b:a9:a5:17:0a:df:f0:8c:af:c1:20:
                    ab:27:d6:b0:bd:c4:23:00:01:cd:90:fe:b1:29:4e:
                    e3:51:42:77:31:9f:31:88:bc:5c:1e:78:c2:1a:f9:
                    e4:22:8b:91:c5:3a:ad:ee:bd:32:e2:1e:b9:75:e2:
                    d7:23:d1:49:0d:7e:35:61:81:df:1d:5d:7f:f3:7f:
                    8b:15:75:f1:7f:6c:c8:2b:4f:22:ca:f6:da:1b:a4:
                    86:78:bd:34:23:e9:0b:f0:9e:a7:8c:3d:c3:ea:31:
                    62:e5:fd:ee:1e:68:b1:4a:f7:b4:14:26:26:36:88:
                    c4:b6:d9:6c:8e:58:f7:f2:33:bc:70:c0:20:fa:9c:
                    98:5b:f4:d9:87:47:c3:ef:4e:06:da:22:56:dd:be:
                    06:1f:94:55:f7:a9:19:3a:21:0c:aa:48:2a:cd:dd:
                    d6:6a:05:fa:34:c6:d4:b9:b3:29:6a:01:d7:08:d3:
                    6f:6b:9a:69:dc:c6:25:5b:14:39:b2:90:39:ae:c0:
                    2a:8e:6f:cb:81:df:cc:37:45:77:0d:b3:10:cc:4d:
                    82:9f:64:03:f0:1a:a6:59:89:a6:7e:4c:7d:de:fe:
                    21:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:62:E2:9B:B5:35:9E:49:7C:04:13:36:0E:1E:55:20:DD:DD:E7:FF
            X509v3 Authority Key Identifier:
                keyid:23:A2:0E:AC:E7:E5:64:D9:45:68:08:64:77:7A:BE:9C:2B:B8:D4:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6IOrOflZNlFaAhkd3q-nCu41NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9a0aa5-5bd3-4e87-9d2f-75e0d479753f/1/I6IOrOflZNlFaAhkd3q-nCu41NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:09:ba:79:5e:32:d6:27:72:cd:89:0b:e3:0d:b6:39:53:6d:
         3a:a1:a3:1c:86:43:67:9b:a4:2c:66:c0:24:7a:39:45:b8:8a:
         b8:ca:15:79:b9:75:bf:51:3a:e9:0e:9b:7f:91:e6:57:48:bf:
         40:6e:73:77:4e:6d:a0:e2:40:4e:4c:60:3d:96:21:72:4f:e6:
         fd:e2:08:d7:a5:1f:a2:85:dd:79:18:4e:7b:94:6c:2b:c3:79:
         2a:4e:07:3b:1f:11:1a:94:71:19:df:e1:08:7e:7b:7b:6b:fc:
         9f:f5:eb:ed:c1:37:16:65:8f:27:db:70:a6:d9:aa:26:f3:2b:
         e5:68:68:01:4f:18:ae:cc:9b:82:b1:00:0a:37:d4:1a:a9:88:
         56:38:49:e2:c8:e2:1b:8e:3f:73:59:57:56:eb:bd:27:b4:bd:
         bf:b2:e4:82:aa:6a:c0:9a:a6:6f:ac:aa:15:4e:88:cb:89:5f:
         8c:ed:bc:1e:1a:ad:46:7b:ee:fb:db:8c:b7:0a:4e:56:9e:f8:
         43:6e:09:8e:e6:f5:e7:ce:1c:68:85:72:ee:26:96:aa:63:7d:
         1b:36:49:08:84:41:32:f3:0c:72:15:f1:f7:ce:fc:bf:f2:99:
         06:cd:14:93:31:99:56:85:0e:1d:74:d1:d2:2f:bb:e3:7d:87:
         7a:8b:cb:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tWKquxV76960qS+8NaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTIwZWFjZTdlNTY0ZDk0NTY4MDg2NDc3N2FiZTljMmJi
OGQ0ZDYwHhcNMjYwMzI5MDkwMDM0WhcNMjYwMzMwMDkwMDM0WjAzMTEwLwYDVQQD
EyhiMTYyZTI5YmI1MzU5ZTQ5N2MwNDEzMzYwZTFlNTUyMGRkZGRlN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/Bn1ciwIZ+alWtbF2KthBPqeJfd
7bpDhtU922ih4ACGG6mlFwrf8IyvwSCrJ9awvcQjAAHNkP6xKU7jUUJ3MZ8xiLxc
HnjCGvnkIouRxTqt7r0y4h65deLXI9FJDX41YYHfHV1/83+LFXXxf2zIK08iyvba
G6SGeL00I+kL8J6njD3D6jFi5f3uHmixSve0FCYmNojEttlsjlj38jO8cMAg+pyY
W/TZh0fD704G2iJW3b4GH5RV96kZOiEMqkgqzd3WagX6NMbUubMpagHXCNNva5pp
3MYlWxQ5spA5rsAqjm/Lgd/MN0V3DbMQzE2Cn2QD8BqmWYmmfkx93v4huQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFi4pu1NZ5JfAQTNg4eVSDd3ef/MB8GA1UdIwQY
MBaAFCOiDqzn5WTZRWgIZHd6vpwruNTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYt
NzVlMGQ0Nzk3NTNmLzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85YTBhYTUtNWJkMy00ZTg3LTlkMmYtNzVlMGQ0Nzk3NTNm
LzEvSTZJT3JPZmxaTmxGYUFoa2QzcS1uQ3U0MU5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlwm6eV4y
1idyzYkL4w22OVNtOqGjHIZDZ5ukLGbAJHo5RbiKuMoVebl1v1E66Q6bf5HmV0i/
QG5zd05toOJATkxgPZYhck/m/eII16UfooXdeRhOe5RsK8N5Kk4HOx8RGpRxGd/h
CH57e2v8n/Xr7cE3FmWPJ9twptmqJvMr5WhoAU8YrsybgrEACjfUGqmIVjhJ4sji
G44/c1lXVuu9J7S9v7LkgqpqwJqmb6yqFU6Iy4lfjO28HhqtRnvu+9uMtwpOVp74
Q24Jjub1584caIVy7iaWqmN9GzZJCIRBMvMMchXx9878v/KZBs0UkzGZVoUOHXTR
0i+7432HeovLZQ==
-----END CERTIFICATE-----