Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          mK/OpSQh41C02VViOY8Gpspvl4+hPzb4cX0LytPP0IQ=
Subject key identifier:   D9:32:D2:D9:70:1F:E7:57:AE:D2:32:1E:F8:8C:F2:51:9A:8C:73:13
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       019D37892E62FE0BFAE69BEF992833AD319B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          0820
Signing time:             Sun 29 Mar 2026 03:00:30 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:30 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:30 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: RPWjMbgEIPTsR2QQBTmV9f44Q+ARR4pHnfXbwvY9rEw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:2e:62:fe:0b:fa:e6:9b:ef:99:28:33:ad:31:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Mar 29 03:00:30 2026 GMT
            Not After : Mar 30 03:00:30 2026 GMT
        Subject: CN=d932d2d9701fe757aed2321ef88cf2519a8c7313
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8b:46:b4:bd:63:c5:a0:2c:c2:a5:e9:55:29:
                    7d:e3:66:47:6e:a2:04:14:3d:d2:1f:82:b3:18:8a:
                    ea:e4:a0:5a:8f:90:b3:3d:f8:92:db:b4:f7:b2:38:
                    28:52:d6:19:2c:f8:76:99:9d:3b:ab:cc:91:5d:4e:
                    6b:16:8f:39:90:33:c6:0a:51:5c:c4:d1:cf:60:02:
                    fb:b3:ea:ba:ec:47:3e:f5:07:81:4b:8c:c4:07:a8:
                    11:06:9b:42:db:cd:46:3b:c2:c6:29:c5:39:67:3d:
                    39:3d:9f:08:94:aa:d3:5d:96:20:ca:bf:d7:14:a8:
                    58:28:00:93:fc:33:ff:4a:a2:51:c7:10:95:d1:85:
                    2a:f9:30:d1:2b:1a:09:89:3a:4f:7d:2a:83:ac:aa:
                    3a:ca:6f:ab:85:79:ac:d5:c5:52:ca:89:96:b0:8e:
                    26:da:0b:75:5a:83:e8:8e:69:82:7b:56:48:be:8c:
                    39:75:88:5e:25:ef:3c:56:d6:0f:57:23:ae:fa:e7:
                    ba:da:cd:2f:b0:35:b5:34:ae:ea:fc:e1:df:37:11:
                    b2:f5:d0:e8:55:9f:96:04:3f:bc:f5:f2:9c:6b:5f:
                    48:87:71:c9:da:8a:c2:e6:8a:8a:77:73:5e:46:4b:
                    dc:d5:7d:a3:90:26:49:84:85:eb:6e:e9:2c:83:57:
                    f4:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:32:D2:D9:70:1F:E7:57:AE:D2:32:1E:F8:8C:F2:51:9A:8C:73:13
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:13:62:04:8c:22:de:d9:ac:7d:4e:3f:da:c1:5d:53:b8:d1:
         b5:a5:b0:04:fe:99:25:c2:38:d4:31:ff:a6:00:74:6f:45:80:
         f3:fc:21:23:17:ae:67:ea:18:cc:e2:93:61:ed:57:4c:62:bd:
         6b:a2:25:98:36:75:97:96:b3:68:b9:2b:ed:1b:c5:ac:ef:f3:
         d0:27:33:17:dd:7a:2e:ce:7d:03:c8:9e:7d:6b:b1:b5:3f:70:
         0d:a2:04:f4:0a:5f:21:c7:e9:91:70:83:23:ce:0f:eb:d5:52:
         da:86:83:c8:02:7c:1b:b6:95:a8:ee:17:04:f9:db:d9:8a:e1:
         32:2b:d1:fe:51:35:87:e5:f3:c6:e2:3f:1f:21:12:af:5f:7a:
         1e:2c:0d:e3:b8:63:93:62:4a:b0:79:22:19:48:8a:ba:d1:5e:
         e7:cf:86:62:de:13:16:09:09:c1:3f:7d:6c:f1:85:d4:fb:34:
         42:a4:da:4b:00:d5:1d:e9:17:14:42:db:c9:50:25:aa:6b:7a:
         d8:b3:8d:5a:d6:8e:10:0c:68:7c:9a:fe:81:98:ca:70:b2:d3:
         9e:76:a1:be:ee:9b:e8:23:21:30:92:f2:62:83:87:d3:9d:f2:
         df:d8:5b:98:c2:82:30:cf:f3:1f:d8:6b:c7:70:0a:af:8e:0b:
         94:47:15:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iS5i/gv65pvvmSgzrTGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjYwMzI5MDMwMDMwWhcNMjYwMzMwMDMwMDMwWjAzMTEwLwYDVQQD
EyhkOTMyZDJkOTcwMWZlNzU3YWVkMjMyMWVmODhjZjI1MTlhOGM3MzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4tGtL1jxaAswqXpVSl942ZHbqIE
FD3SH4KzGIrq5KBaj5CzPfiS27T3sjgoUtYZLPh2mZ07q8yRXU5rFo85kDPGClFc
xNHPYAL7s+q67Ec+9QeBS4zEB6gRBptC281GO8LGKcU5Zz05PZ8IlKrTXZYgyr/X
FKhYKACT/DP/SqJRxxCV0YUq+TDRKxoJiTpPfSqDrKo6ym+rhXms1cVSyomWsI4m
2gt1WoPojmmCe1ZIvow5dYheJe88VtYPVyOu+ue62s0vsDW1NK7q/OHfNxGy9dDo
VZ+WBD+89fKca19Ih3HJ2orC5oqKd3NeRkvc1X2jkCZJhIXrbuksg1f0CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNky0tlwH+dXrtIyHviM8lGajHMTMB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnxNiBIwi
3tmsfU4/2sFdU7jRtaWwBP6ZJcI41DH/pgB0b0WA8/whIxeuZ+oYzOKTYe1XTGK9
a6IlmDZ1l5azaLkr7RvFrO/z0CczF916Ls59A8iefWuxtT9wDaIE9ApfIcfpkXCD
I84P69VS2oaDyAJ8G7aVqO4XBPnb2YrhMivR/lE1h+XzxuI/HyESr196HiwN47hj
k2JKsHkiGUiKutFe58+GYt4TFgkJwT99bPGF1Ps0QqTaSwDVHekXFELbyVAlqmt6
2LONWtaOEAxofJr+gZjKcLLTnnahvu6b6CMhMJLyYoOH053y39hbmMKCMM/zH9hr
x3AKr44LlEcVQw==
-----END CERTIFICATE-----