Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/b2e161-1512-44fa-bc52-8080bb0dc45a/1/pOdI-oL64pRirh4wH5ZftkuWxzE.mft
File:                     pOdI-oL64pRirh4wH5ZftkuWxzE.mft (raw, json)
Hash identifier:          2Sr9sqT6qYmVgmSlqw3g6A1azCv15pXFLcKrrCXJ59Q=
Subject key identifier:   9F:DF:19:EE:73:AB:6F:64:10:AE:61:B5:41:00:8C:44:E3:C3:67:F3
Authority key identifier: A4:E7:48:FA:82:FA:E2:94:62:AE:1E:30:1F:96:5F:B6:4B:96:C7:31
Certificate issuer:       /CN=a4e748fa82fae29462ae1e301f965fb64b96c731
Certificate serial:       019D3752137EC1F1F9E86D285708C7A21B20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pOdI-oL64pRirh4wH5ZftkuWxzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/b2e161-1512-44fa-bc52-8080bb0dc45a/1/pOdI-oL64pRirh4wH5ZftkuWxzE.mft
Manifest number:          2A
Signing time:             Sun 29 Mar 2026 02:00:18 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:18 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:18 +0000
Files and hashes:         1: pOdI-oL64pRirh4wH5ZftkuWxzE.crl (hash: TSLH5ILRa6oVsnHWnpQFWqukfFrSq6WDxPaX/+vzQio=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/b2e161-1512-44fa-bc52-8080bb0dc45a/1/pOdI-oL64pRirh4wH5ZftkuWxzE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/b2e161-1512-44fa-bc52-8080bb0dc45a/1/pOdI-oL64pRirh4wH5ZftkuWxzE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pOdI-oL64pRirh4wH5ZftkuWxzE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:13:7e:c1:f1:f9:e8:6d:28:57:08:c7:a2:1b:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4e748fa82fae29462ae1e301f965fb64b96c731
        Validity
            Not Before: Mar 29 02:00:18 2026 GMT
            Not After : Mar 30 02:00:18 2026 GMT
        Subject: CN=9fdf19ee73ab6f6410ae61b541008c44e3c367f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:80:a8:23:48:73:39:f5:34:e0:1a:6b:f9:a0:
                    b2:3b:54:4e:e5:84:c5:71:1a:bb:45:fd:c4:bc:a0:
                    67:ea:fe:45:d9:13:71:88:13:c7:a7:20:79:dc:48:
                    9d:bb:c5:57:6c:ca:5d:fa:59:d4:fa:b2:b1:e8:23:
                    d4:e1:87:32:51:b4:7c:bc:5a:3b:f4:5b:0e:15:21:
                    75:51:bb:2a:64:88:f1:fe:42:ca:ba:fb:aa:11:bc:
                    3d:f6:fc:9e:c4:43:56:14:21:4b:5e:48:36:e8:e9:
                    40:d0:11:c7:6e:c6:d2:be:e2:7d:87:af:54:8a:8f:
                    df:ea:ea:8e:28:eb:33:15:51:05:12:81:68:42:1e:
                    aa:db:d1:81:c2:09:10:30:9a:c3:7e:96:65:58:f8:
                    c3:a2:b7:d9:7b:18:16:13:4b:5e:09:70:5a:d3:ac:
                    68:86:10:8f:8a:4e:f1:94:a7:56:46:f6:2a:0f:14:
                    4d:19:20:94:0b:f0:90:ca:64:0e:09:6f:02:4f:5a:
                    56:37:92:d6:9f:77:5f:dd:fd:53:29:b8:ff:1b:22:
                    80:18:0e:e6:ee:e7:08:80:e8:b9:85:2c:76:fa:c5:
                    7b:8f:d8:72:81:72:bb:5a:87:23:84:6a:df:ca:50:
                    12:8f:98:fe:06:e4:60:4c:e6:97:a6:85:94:bb:58:
                    f6:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:DF:19:EE:73:AB:6F:64:10:AE:61:B5:41:00:8C:44:E3:C3:67:F3
            X509v3 Authority Key Identifier:
                keyid:A4:E7:48:FA:82:FA:E2:94:62:AE:1E:30:1F:96:5F:B6:4B:96:C7:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOdI-oL64pRirh4wH5ZftkuWxzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b2e161-1512-44fa-bc52-8080bb0dc45a/1/pOdI-oL64pRirh4wH5ZftkuWxzE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/b2e161-1512-44fa-bc52-8080bb0dc45a/1/pOdI-oL64pRirh4wH5ZftkuWxzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:7a:9c:fd:28:4a:36:98:4e:7c:a9:e9:f1:cc:51:85:aa:23:
         e0:ff:8e:46:2f:d1:6a:54:6a:a5:dc:8f:33:68:ee:a6:c0:d2:
         f1:58:d4:e0:b6:a7:1b:9a:a2:7c:82:b6:02:8f:73:a6:8a:1d:
         d8:53:ff:77:9d:85:3b:66:22:54:2c:50:31:eb:a8:69:cb:a9:
         ee:d2:02:67:3f:a5:81:37:3a:8b:50:ca:b5:88:91:82:7b:bb:
         2b:1b:30:e3:e6:b1:e9:08:13:62:f1:bd:bd:eb:0d:be:02:7d:
         55:89:4c:25:46:bb:e3:d2:26:6d:8e:25:27:1f:f1:24:10:dd:
         ca:80:0d:92:25:8c:c9:b4:e9:8d:19:a3:d8:6e:a8:fc:06:1e:
         7d:9a:70:bb:0f:08:68:8d:60:24:59:04:92:c7:fa:2b:b1:af:
         d6:4f:b3:94:12:0f:74:62:78:6a:8b:bc:39:cb:05:f0:f5:6e:
         2b:0c:e7:ba:c9:16:90:9a:90:a0:ad:56:ac:c8:38:4b:e1:47:
         ce:c9:8e:c3:50:82:f0:68:93:2d:7f:53:92:22:a0:a0:d3:94:
         cf:12:07:dd:3f:2d:62:a3:3d:43:25:78:fd:30:19:65:3d:55:
         2a:4d:61:d2:cf:c7:8d:85:b0:81:18:af:bd:81:5b:ba:c2:4b:
         26:83:ef:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UhN+wfH56G0oVwjHohsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTc0OGZhODJmYWUyOTQ2MmFlMWUzMDFmOTY1ZmI2NGI5
NmM3MzEwHhcNMjYwMzI5MDIwMDE4WhcNMjYwMzMwMDIwMDE4WjAzMTEwLwYDVQQD
Eyg5ZmRmMTllZTczYWI2ZjY0MTBhZTYxYjU0MTAwOGM0NGUzYzM2N2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4CoI0hzOfU04Bpr+aCyO1RO5YTF
cRq7Rf3EvKBn6v5F2RNxiBPHpyB53Eidu8VXbMpd+lnU+rKx6CPU4YcyUbR8vFo7
9FsOFSF1UbsqZIjx/kLKuvuqEbw99vyexENWFCFLXkg26OlA0BHHbsbSvuJ9h69U
io/f6uqOKOszFVEFEoFoQh6q29GBwgkQMJrDfpZlWPjDorfZexgWE0teCXBa06xo
hhCPik7xlKdWRvYqDxRNGSCUC/CQymQOCW8CT1pWN5LWn3df3f1TKbj/GyKAGA7m
7ucIgOi5hSx2+sV7j9hygXK7WocjhGrfylASj5j+BuRgTOaXpoWUu1j2JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ/fGe5zq29kEK5htUEAjETjw2fzMB8GA1UdIwQY
MBaAFKTnSPqC+uKUYq4eMB+WX7ZLlscxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9kSS1vTDY0cFJpcmg0d0g1WmZ0a3VXeHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iMmUxNjEtMTUxMi00NGZhLWJjNTIt
ODA4MGJiMGRjNDVhLzEvcE9kSS1vTDY0cFJpcmg0d0g1WmZ0a3VXeHpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iMmUxNjEtMTUxMi00NGZhLWJjNTItODA4MGJiMGRjNDVh
LzEvcE9kSS1vTDY0cFJpcmg0d0g1WmZ0a3VXeHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbXqc/ShK
NphOfKnp8cxRhaoj4P+ORi/RalRqpdyPM2jupsDS8VjU4LanG5qifIK2Ao9zpood
2FP/d52FO2YiVCxQMeuoacup7tICZz+lgTc6i1DKtYiRgnu7Kxsw4+ax6QgTYvG9
vesNvgJ9VYlMJUa749ImbY4lJx/xJBDdyoANkiWMybTpjRmj2G6o/AYefZpwuw8I
aI1gJFkEksf6K7Gv1k+zlBIPdGJ4aou8OcsF8PVuKwznuskWkJqQoK1WrMg4S+FH
zsmOw1CC8GiTLX9TkiKgoNOUzxIH3T8tYqM9QyV4/TAZZT1VKk1h0s/HjYWwgRiv
vYFbusJLJoPvTA==
-----END CERTIFICATE-----