Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          a54LmdOtkKQ0QRqO0gTzN9yALO1vz8OIzy6rOXvL0XI=
Subject key identifier:   69:D9:B2:AD:BE:42:2A:AD:5C:0C:0E:B1:96:F4:E7:26:C8:38:C3:FE
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       019D38656F9AD2006E0ED0369D638862F0D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          0AB8
Signing time:             Sun 29 Mar 2026 07:01:04 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:04 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:04 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: VHrNr+bnI7m3Y9WBPvZDy6PoTzNgG0upKsA9I/wt5mc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:6f:9a:d2:00:6e:0e:d0:36:9d:63:88:62:f0:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Mar 29 07:01:04 2026 GMT
            Not After : Mar 30 07:01:04 2026 GMT
        Subject: CN=69d9b2adbe422aad5c0c0eb196f4e726c838c3fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:92:0b:e5:bc:a6:d5:d3:51:ec:f5:93:e7:4b:
                    cb:a1:06:d0:44:a4:70:84:18:19:eb:d1:ba:b9:47:
                    f3:e8:b6:e0:c4:1e:27:6e:d6:31:58:5d:a6:df:fa:
                    09:f8:93:f0:38:3d:28:e3:25:03:51:8a:2f:1d:75:
                    c9:c2:5c:70:d5:c4:e7:32:7b:4d:63:4f:3f:d6:22:
                    b4:ab:81:f5:a0:e2:65:a3:ea:83:bf:f2:11:f5:c1:
                    e2:6d:d5:1a:1e:f4:24:ff:49:63:a4:9d:6e:75:4f:
                    50:4c:1d:53:06:51:c9:6c:9d:75:cf:d0:2e:3c:ee:
                    0b:73:ab:31:d8:6c:b1:4b:80:7f:c5:6a:25:0b:01:
                    da:cd:50:8b:91:00:9d:17:2c:be:03:d4:98:1d:75:
                    aa:7e:37:c8:20:ae:97:a1:82:fa:78:7d:5d:21:85:
                    22:f5:9d:95:94:92:0a:4f:e6:15:b5:44:b2:e2:8d:
                    db:70:74:34:80:d1:a2:6f:ea:7c:4c:20:a6:a3:0d:
                    1e:cb:1f:fb:b4:c1:a8:bd:98:da:a2:d6:35:b1:ff:
                    50:fd:15:74:30:24:cc:1a:c7:79:d7:8e:73:f7:d6:
                    4e:fb:10:60:3e:c9:3d:b2:bb:93:7b:b1:98:bd:03:
                    0c:eb:31:b4:8f:e7:64:22:e2:fc:5e:71:a1:48:f6:
                    6b:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:D9:B2:AD:BE:42:2A:AD:5C:0C:0E:B1:96:F4:E7:26:C8:38:C3:FE
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:cf:9e:f5:b3:4f:88:af:ba:66:d5:43:13:44:b7:8c:94:42:
         9d:72:d4:0d:e1:1d:79:da:d0:73:64:d9:f0:88:1b:90:f7:a1:
         35:68:82:1e:9d:0d:29:9b:f5:12:05:d0:3a:88:2d:df:9b:a1:
         d9:7c:8c:a5:d5:8a:69:80:41:30:35:24:b1:b9:47:37:fc:83:
         88:f5:38:e5:fb:96:61:0b:46:dc:f4:72:c4:a5:82:98:e5:7c:
         4b:8e:7d:04:ce:c8:5e:f3:5d:7d:83:da:3d:38:33:8d:bd:af:
         64:df:f0:9c:26:12:8f:97:df:8d:ef:fa:b3:f0:30:8b:75:29:
         8f:52:2d:84:db:ec:c9:c8:6c:78:fb:17:0c:a6:33:6e:1e:ce:
         da:ef:54:e8:ec:44:14:95:49:d4:0f:e1:d7:cb:78:33:dd:6e:
         88:a0:48:28:fc:43:ea:0a:55:d5:a5:7d:85:d4:0e:3d:ab:68:
         22:11:af:79:ab:3a:c0:3a:50:b3:a9:64:18:dd:22:3a:71:f2:
         c4:f1:b9:1a:b3:1c:c9:2a:71:fb:89:97:63:5d:4c:ab:63:16:
         44:8d:bd:13:c5:4b:dc:16:a4:a3:21:6c:e0:a9:fb:36:2d:6e:
         cc:d2:da:27:1a:27:db:cb:1b:c9:0e:25:5d:45:5b:1e:ee:2d:
         8a:42:de:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZW+a0gBuDtA2nWOIYvDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjYwMzI5MDcwMTA0WhcNMjYwMzMwMDcwMTA0WjAzMTEwLwYDVQQD
Eyg2OWQ5YjJhZGJlNDIyYWFkNWMwYzBlYjE5NmY0ZTcyNmM4MzhjM2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJIL5bym1dNR7PWT50vLoQbQRKRw
hBgZ69G6uUfz6LbgxB4nbtYxWF2m3/oJ+JPwOD0o4yUDUYovHXXJwlxw1cTnMntN
Y08/1iK0q4H1oOJlo+qDv/IR9cHibdUaHvQk/0ljpJ1udU9QTB1TBlHJbJ11z9Au
PO4Lc6sx2GyxS4B/xWolCwHazVCLkQCdFyy+A9SYHXWqfjfIIK6XoYL6eH1dIYUi
9Z2VlJIKT+YVtUSy4o3bcHQ0gNGib+p8TCCmow0eyx/7tMGovZjaotY1sf9Q/RV0
MCTMGsd5145z99ZO+xBgPsk9sruTe7GYvQMM6zG0j+dkIuL8XnGhSPZrfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGnZsq2+QiqtXAwOsZb05ybIOMP+MB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGM+e9bNP
iK+6ZtVDE0S3jJRCnXLUDeEdedrQc2TZ8IgbkPehNWiCHp0NKZv1EgXQOogt35uh
2XyMpdWKaYBBMDUksblHN/yDiPU45fuWYQtG3PRyxKWCmOV8S459BM7IXvNdfYPa
PTgzjb2vZN/wnCYSj5ffje/6s/Awi3Upj1IthNvsychsePsXDKYzbh7O2u9U6OxE
FJVJ1A/h18t4M91uiKBIKPxD6gpV1aV9hdQOPatoIhGveas6wDpQs6lkGN0iOnHy
xPG5GrMcySpx+4mXY11Mq2MWRI29E8VL3BakoyFs4Kn7Ni1uzNLaJxon28sbyQ4l
XUVbHu4tikLe0g==
-----END CERTIFICATE-----