Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
File:                     M4YMg3IhmQcJz1rqKduBaJU-feA.mft (raw, json)
Hash identifier:          SiTvyUpF6snXWNlN3KsD1pwO2iXyX3xcJsXTr9WvStU=
Subject key identifier:   1E:38:24:B6:C2:0F:68:D0:98:8D:C3:61:22:82:3A:6F:4A:3B:FB:8E
Authority key identifier: 33:86:0C:83:72:21:99:07:09:CF:5A:EA:29:DB:81:68:95:3E:7D:E0
Certificate issuer:       /CN=33860c837221990709cf5aea29db8168953e7de0
Certificate serial:       019D38D35B6AC217955342E02C4668938E36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
Manifest number:          09C6
Signing time:             Sun 29 Mar 2026 09:01:08 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:08 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:08 +0000
Files and hashes:         1: M4YMg3IhmQcJz1rqKduBaJU-feA.crl (hash: tSXFLD+hQtUAeJKrm4J7dALmKkCmSCsAkL8RPK8xoNM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:5b:6a:c2:17:95:53:42:e0:2c:46:68:93:8e:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33860c837221990709cf5aea29db8168953e7de0
        Validity
            Not Before: Mar 29 09:01:08 2026 GMT
            Not After : Mar 30 09:01:08 2026 GMT
        Subject: CN=1e3824b6c20f68d0988dc36122823a6f4a3bfb8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:3f:7e:60:73:79:e0:47:7a:0e:65:5b:57:47:
                    bf:40:aa:2b:b3:a1:e8:ca:b6:38:49:fc:e7:d1:ff:
                    8a:87:47:0d:d8:2f:2f:b5:e2:35:9c:39:04:80:bf:
                    b7:7e:02:5f:30:74:d3:1f:32:91:74:9c:4c:89:18:
                    0c:8c:51:20:b4:1b:93:1c:ba:dd:8a:e5:bb:b3:39:
                    8f:d6:c9:9e:3e:02:66:6f:44:ab:39:71:fd:a9:d4:
                    54:63:7b:e6:ec:a4:07:90:87:06:f4:bd:25:5d:30:
                    77:0e:b5:c4:a1:36:ff:22:10:d0:f1:cf:de:72:b5:
                    84:c0:2b:29:76:fb:f2:df:aa:85:dd:ee:5e:36:4a:
                    41:90:53:0a:ff:b4:1b:d1:8d:ce:f0:00:b4:0a:ff:
                    30:79:1d:4e:7e:d2:49:53:ed:ee:36:2a:92:5b:a7:
                    0b:59:08:b0:e5:52:b3:8d:71:40:e4:1b:ac:c1:75:
                    07:8a:4f:87:b4:de:65:f2:96:80:78:f5:e6:fe:be:
                    98:a2:08:00:54:b8:58:9c:58:45:4f:cd:66:b9:ab:
                    79:77:f1:f9:1b:ef:fb:81:20:e8:bd:f6:b1:7e:c2:
                    20:b6:ce:f6:3b:0d:6a:81:72:79:93:1e:3d:9b:c6:
                    8c:80:99:bb:bc:85:8c:f9:51:da:e4:6a:d9:0b:41:
                    a2:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:38:24:B6:C2:0F:68:D0:98:8D:C3:61:22:82:3A:6F:4A:3B:FB:8E
            X509v3 Authority Key Identifier:
                keyid:33:86:0C:83:72:21:99:07:09:CF:5A:EA:29:DB:81:68:95:3E:7D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M4YMg3IhmQcJz1rqKduBaJU-feA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a5ebcb-f011-4801-94ff-b82e53010597/1/M4YMg3IhmQcJz1rqKduBaJU-feA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:7f:43:12:43:16:1d:ba:9b:fb:5a:9b:d4:ee:fa:d4:16:14:
         99:4e:47:ef:c0:07:a1:65:09:73:28:50:bf:6d:8a:f9:53:ad:
         de:14:13:ac:ac:ac:e8:f7:5c:d4:fc:f5:c3:5d:4f:cd:c1:33:
         3a:0a:0c:10:63:a8:9b:c4:82:63:a0:d6:79:13:b2:f8:82:ee:
         c8:61:a1:38:4e:08:5e:a3:b9:aa:3b:4f:a0:30:4a:fa:a8:71:
         da:a8:e5:16:5a:bd:ef:df:07:4c:19:ed:9e:c3:df:4e:82:99:
         2f:14:c9:a7:69:47:c5:4a:a9:77:47:ed:91:2e:0c:e2:52:4f:
         d9:47:ad:9d:5a:66:1a:60:3f:47:8f:5e:28:ac:ef:85:32:db:
         0d:15:ee:b3:0e:a7:1c:8e:21:ff:58:95:82:29:f9:af:f1:08:
         b4:e6:5f:ec:a9:3f:01:c0:d3:e5:90:c9:a0:e4:bf:72:14:08:
         63:30:fc:2d:58:fa:37:b0:e7:b3:50:29:98:11:f1:bd:51:4c:
         c3:04:7e:21:be:d5:87:7b:7e:3a:3c:b2:9c:c1:93:8a:40:c1:
         f0:bd:48:27:7d:4c:ae:e8:8e:ae:8b:24:15:d2:64:c4:9a:c6:
         02:5f:40:c9:99:e4:c7:a1:5b:a3:a8:68:c5:bb:14:ce:40:7b:
         88:16:d9:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0401tqwheVU0LgLEZok442MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzODYwYzgzNzIyMTk5MDcwOWNmNWFlYTI5ZGI4MTY4OTUz
ZTdkZTAwHhcNMjYwMzI5MDkwMTA4WhcNMjYwMzMwMDkwMTA4WjAzMTEwLwYDVQQD
EygxZTM4MjRiNmMyMGY2OGQwOTg4ZGMzNjEyMjgyM2E2ZjRhM2JmYjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT9+YHN54Ed6DmVbV0e/QKors6Ho
yrY4Sfzn0f+Kh0cN2C8vteI1nDkEgL+3fgJfMHTTHzKRdJxMiRgMjFEgtBuTHLrd
iuW7szmP1smePgJmb0SrOXH9qdRUY3vm7KQHkIcG9L0lXTB3DrXEoTb/IhDQ8c/e
crWEwCspdvvy36qF3e5eNkpBkFMK/7Qb0Y3O8AC0Cv8weR1OftJJU+3uNiqSW6cL
WQiw5VKzjXFA5BuswXUHik+HtN5l8paAePXm/r6YoggAVLhYnFhFT81muat5d/H5
G+/7gSDovfaxfsIgts72Ow1qgXJ5kx49m8aMgJm7vIWM+VHa5GrZC0GiiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB44JLbCD2jQmI3DYSKCOm9KO/uOMB8GA1UdIwQY
MBaAFDOGDINyIZkHCc9a6inbgWiVPn3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hNWViY2ItZjAxMS00ODAxLTk0ZmYt
YjgyZTUzMDEwNTk3LzEvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hNWViY2ItZjAxMS00ODAxLTk0ZmYtYjgyZTUzMDEwNTk3
LzEvTTRZTWczSWhtUWNKejFycUtkdUJhSlUtZmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu39DEkMW
Hbqb+1qb1O761BYUmU5H78AHoWUJcyhQv22K+VOt3hQTrKys6Pdc1Pz1w11PzcEz
OgoMEGOom8SCY6DWeROy+ILuyGGhOE4IXqO5qjtPoDBK+qhx2qjlFlq9798HTBnt
nsPfToKZLxTJp2lHxUqpd0ftkS4M4lJP2UetnVpmGmA/R49eKKzvhTLbDRXusw6n
HI4h/1iVgin5r/EItOZf7Kk/AcDT5ZDJoOS/chQIYzD8LVj6N7Dns1ApmBHxvVFM
wwR+Ib7Vh3t+OjyynMGTikDB8L1IJ31MruiOroskFdJkxJrGAl9AyZnkx6Fbo6ho
xbsUzkB7iBbZGA==
-----END CERTIFICATE-----