Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
File:                     F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft (raw, json)
Hash identifier:          63qPjiZCYyhB6ixE3gq0almNmztDIVJtfGh9sPVJgKw=
Subject key identifier:   C2:98:71:BC:15:7A:F8:04:0B:41:F2:12:6C:E1:18:90:25:0F:2F:97
Authority key identifier: 17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C
Certificate issuer:       /CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
Certificate serial:       019D38665A9BC486788ED3B2723AB588048B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
Manifest number:          1030
Signing time:             Sun 29 Mar 2026 07:02:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:05 +0000
Files and hashes:         1: F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl (hash: ATOZNag2Z/rCfn8bktrogH2jw+FAFfvM0Gxt9V3NJ8A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:5a:9b:c4:86:78:8e:d3:b2:72:3a:b5:88:04:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17d873120653b3cfe55172a9dc6057e8ccd0cb5c
        Validity
            Not Before: Mar 29 07:02:05 2026 GMT
            Not After : Mar 30 07:02:05 2026 GMT
        Subject: CN=c29871bc157af8040b41f2126ce11890250f2f97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:24:80:29:3a:1e:de:d3:d1:ad:15:74:11:5b:
                    ff:08:b9:17:06:1e:1b:45:bb:4c:06:fe:d9:61:30:
                    90:fc:59:cd:7d:39:b6:42:84:65:98:6b:22:c7:40:
                    7b:7c:50:e1:ec:dd:ef:5c:55:36:6e:54:f3:8d:b9:
                    df:29:66:52:f9:8e:64:4b:0d:a9:4b:6a:99:e5:e8:
                    a8:05:06:dd:0c:02:3a:9f:4a:94:b8:d9:6b:6e:22:
                    b9:fc:66:bd:c1:83:55:55:e5:f2:54:13:fe:91:12:
                    b3:a2:3b:45:62:80:7f:fd:c2:79:35:e8:87:ea:7c:
                    fd:3f:3e:0a:6b:00:b5:4f:4a:02:f7:50:24:a6:4b:
                    89:33:fe:a0:cb:33:d2:25:9a:06:b2:18:17:bd:12:
                    2b:b5:05:c8:b4:1b:20:00:c6:9d:ce:a8:f6:67:d9:
                    31:ab:fa:9c:8d:7f:43:b0:61:2f:23:f7:19:2a:e4:
                    86:7e:0f:c3:70:95:bb:56:e4:dd:46:fe:db:14:22:
                    ae:a3:4a:93:97:56:21:ff:30:14:e0:a8:5c:e3:86:
                    65:f5:a7:1f:43:56:8c:1a:5f:db:b7:16:ac:2b:4d:
                    d8:f3:02:e0:17:c4:e0:20:a1:e0:b2:01:73:be:74:
                    62:17:43:18:80:4a:1f:86:65:3d:2a:6f:51:eb:e0:
                    c5:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:98:71:BC:15:7A:F8:04:0B:41:F2:12:6C:E1:18:90:25:0F:2F:97
            X509v3 Authority Key Identifier:
                keyid:17:D8:73:12:06:53:B3:CF:E5:51:72:A9:DC:60:57:E8:CC:D0:CB:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9hzEgZTs8_lUXKp3GBX6MzQy1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/65ea32-6fd3-4c85-92d6-b00c1c145fe7/1/F9hzEgZTs8_lUXKp3GBX6MzQy1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:15:0b:f2:9c:31:fd:79:9c:17:b2:43:93:a0:8b:a1:03:f2:
         de:ed:e5:74:a0:cc:df:f4:66:38:03:9e:76:c7:db:b6:6e:96:
         cf:2c:d7:cf:71:11:56:c3:d2:91:aa:1d:e5:fa:d7:04:41:62:
         02:a4:2d:75:d3:cb:b0:d6:d9:f0:8c:ad:31:50:0e:28:3c:03:
         e2:3f:54:5e:64:b6:55:d1:ca:6d:8c:d2:33:96:a8:89:78:63:
         15:ec:f9:62:4a:fa:c8:4f:e8:14:21:8d:fb:69:52:d6:6c:a5:
         ff:41:73:0f:8c:5c:39:d8:80:4d:b1:16:2f:70:88:49:bb:26:
         10:82:08:ab:af:70:e7:74:0c:04:ef:20:b4:29:46:e1:2b:21:
         5d:72:d9:c6:6a:ee:f2:37:ec:2c:b8:08:39:89:ae:a7:6d:f4:
         83:3a:fd:3f:ca:97:40:9f:1f:bb:65:1a:4b:48:05:2d:db:c0:
         28:c3:09:6f:69:c9:45:61:f6:18:29:5f:bd:28:33:ec:d9:1f:
         d0:7b:ce:aa:49:ed:b0:4a:e8:a7:39:cb:bf:c8:15:c8:5a:29:
         18:a6:c1:65:81:49:b7:2c:16:55:1a:7a:6a:6b:f3:45:71:13:
         73:f5:07:8d:2f:2c:49:a4:bf:13:19:13:5a:6d:c1:59:26:a2:
         82:38:7e:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZlqbxIZ4jtOycjq1iASLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDg3MzEyMDY1M2IzY2ZlNTUxNzJhOWRjNjA1N2U4Y2Nk
MGNiNWMwHhcNMjYwMzI5MDcwMjA1WhcNMjYwMzMwMDcwMjA1WjAzMTEwLwYDVQQD
EyhjMjk4NzFiYzE1N2FmODA0MGI0MWYyMTI2Y2UxMTg5MDI1MGYyZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CSAKToe3tPRrRV0EVv/CLkXBh4b
RbtMBv7ZYTCQ/FnNfTm2QoRlmGsix0B7fFDh7N3vXFU2blTzjbnfKWZS+Y5kSw2p
S2qZ5eioBQbdDAI6n0qUuNlrbiK5/Ga9wYNVVeXyVBP+kRKzojtFYoB//cJ5NeiH
6nz9Pz4KawC1T0oC91AkpkuJM/6gyzPSJZoGshgXvRIrtQXItBsgAMadzqj2Z9kx
q/qcjX9DsGEvI/cZKuSGfg/DcJW7VuTdRv7bFCKuo0qTl1Yh/zAU4Khc44Zl9acf
Q1aMGl/btxasK03Y8wLgF8TgIKHgsgFzvnRiF0MYgEofhmU9Km9R6+DFpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKYcbwVevgEC0HyEmzhGJAlDy+XMB8GA1UdIwQY
MBaAFBfYcxIGU7PP5VFyqdxgV+jM0MtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYt
YjAwYzFjMTQ1ZmU3LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82NWVhMzItNmZkMy00Yzg1LTkyZDYtYjAwYzFjMTQ1ZmU3
LzEvRjloekVnWlRzOF9sVVhLcDNHQlg2TXpReTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaRUL8pwx
/XmcF7JDk6CLoQPy3u3ldKDM3/RmOAOedsfbtm6WzyzXz3ERVsPSkaod5frXBEFi
AqQtddPLsNbZ8IytMVAOKDwD4j9UXmS2VdHKbYzSM5aoiXhjFez5Ykr6yE/oFCGN
+2lS1myl/0FzD4xcOdiATbEWL3CISbsmEIIIq69w53QMBO8gtClG4SshXXLZxmru
8jfsLLgIOYmup230gzr9P8qXQJ8fu2UaS0gFLdvAKMMJb2nJRWH2GClfvSgz7Nkf
0HvOqkntsEropznLv8gVyFopGKbBZYFJtywWVRp6amvzRXETc/UHjS8sSaS/ExkT
Wm3BWSaigjh+ZA==
-----END CERTIFICATE-----