Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.mft
File:                     J83PK9CaINK63Tq2yMft-h_Vwsw.mft (raw, json)
Hash identifier:          YDquwbkdu1Zim2G4VCpwvtTtBpLj2dz6GUppibRvuVo=
Subject key identifier:   5D:D3:A5:A4:BE:92:2C:F8:02:30:2C:5A:1C:5D:29:27:A2:D2:14:7B
Authority key identifier: 27:CD:CF:2B:D0:9A:20:D2:BA:DD:3A:B6:C8:C7:ED:FA:1F:D5:C2:CC
Certificate issuer:       /CN=27cdcf2bd09a20d2badd3ab6c8c7edfa1fd5c2cc
Certificate serial:       019D3752655B32C9F999F210079F26351FBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J83PK9CaINK63Tq2yMft-h_Vwsw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.mft
Manifest number:          05A8
Signing time:             Sun 29 Mar 2026 02:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:39 +0000
Files and hashes:         1: J83PK9CaINK63Tq2yMft-h_Vwsw.crl (hash: XK2rlw5hBmQb7IuW50xNOH5u0MV5XWXD8GMNqeG3kVU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/J83PK9CaINK63Tq2yMft-h_Vwsw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:65:5b:32:c9:f9:99:f2:10:07:9f:26:35:1f:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27cdcf2bd09a20d2badd3ab6c8c7edfa1fd5c2cc
        Validity
            Not Before: Mar 29 02:00:39 2026 GMT
            Not After : Mar 30 02:00:39 2026 GMT
        Subject: CN=5dd3a5a4be922cf802302c5a1c5d2927a2d2147b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:33:d4:98:f5:be:a1:e5:13:0d:a6:84:02:e9:
                    99:8a:03:dd:69:ea:7e:e9:1e:54:1c:68:c1:ef:5b:
                    88:bc:40:ff:bf:9f:0e:d8:cc:6a:08:2b:cd:c2:c3:
                    53:21:85:31:f0:3b:f7:f2:40:ec:b0:54:4f:7f:7f:
                    df:98:51:2c:0a:b0:fb:85:22:5d:b0:40:2d:a4:b0:
                    d5:09:c5:60:18:0a:71:ab:db:cb:78:e7:65:b6:94:
                    d3:55:b4:a1:ec:71:9d:c2:5e:ba:95:2b:6a:f8:d2:
                    f9:d4:0c:5f:1c:a2:8b:4f:16:c5:3b:7d:6c:7c:00:
                    e1:5a:fa:71:d0:ea:ac:d7:9c:22:34:4a:6d:89:c3:
                    c3:bf:37:72:80:fc:b5:d3:99:58:b8:49:97:26:48:
                    30:f0:20:b0:e9:6a:3d:e8:f2:f9:c8:43:0a:80:1b:
                    7b:a0:54:ba:95:3c:e3:11:1e:b9:5b:c0:7c:6e:3b:
                    4e:1b:8a:1b:0a:00:bb:48:d7:1c:50:44:0f:8f:a6:
                    e2:5f:77:db:1f:e3:47:3a:51:5c:6d:b9:b4:85:59:
                    d7:05:1f:15:9b:9c:30:54:90:3e:97:ab:21:cd:7b:
                    7b:a7:8b:7b:5d:00:a2:4a:76:60:ec:bd:e2:50:b4:
                    d9:58:c9:0b:1d:85:9d:0d:ba:38:5d:74:0d:4d:09:
                    7c:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:D3:A5:A4:BE:92:2C:F8:02:30:2C:5A:1C:5D:29:27:A2:D2:14:7B
            X509v3 Authority Key Identifier:
                keyid:27:CD:CF:2B:D0:9A:20:D2:BA:DD:3A:B6:C8:C7:ED:FA:1F:D5:C2:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J83PK9CaINK63Tq2yMft-h_Vwsw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/d2bc90-2950-4322-a92e-c63fcd03a89b/1/J83PK9CaINK63Tq2yMft-h_Vwsw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:88:57:fc:95:17:18:01:7c:af:0f:f5:85:25:6b:e0:01:e6:
         6b:ee:6a:72:26:5f:b6:d5:fc:58:d3:45:3f:d1:3c:e0:a9:c7:
         f7:30:6c:e0:db:f1:54:5a:f8:02:79:43:1c:92:2c:cd:42:53:
         fe:1f:9e:22:29:a1:98:a2:bb:4d:b7:7d:e5:56:08:77:56:4b:
         cb:98:03:58:2b:5f:6d:7a:e0:d0:65:c1:b3:70:48:90:d8:aa:
         d5:97:f7:ef:96:2c:fc:fd:b7:e6:78:50:98:3a:51:e8:d5:33:
         78:80:ce:dd:18:89:ed:eb:81:62:33:13:73:36:48:4f:68:bb:
         0f:e9:ca:3a:af:65:94:27:48:f5:80:3b:32:3f:cd:1d:e8:5b:
         71:77:c4:dc:7e:35:46:f2:4a:26:f6:4e:c4:7b:b7:7f:a3:83:
         b3:9e:df:b4:08:1e:7b:40:b0:37:b8:bd:8c:96:2c:8e:76:2b:
         25:03:87:ed:30:c4:d5:83:ac:d5:ca:68:27:2d:df:9a:0a:c5:
         19:fc:e3:93:1b:a5:8d:dc:5a:06:fc:9b:c7:bc:dd:59:ac:50:
         82:8b:bd:3b:00:05:32:88:8d:7c:64:41:af:f8:82:93:77:6d:
         7b:3d:0e:7f:71:d4:ad:d7:30:19:4d:06:62:bc:0e:3c:e6:37:
         6e:ff:c6:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UmVbMsn5mfIQB58mNR++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3Y2RjZjJiZDA5YTIwZDJiYWRkM2FiNmM4YzdlZGZhMWZk
NWMyY2MwHhcNMjYwMzI5MDIwMDM5WhcNMjYwMzMwMDIwMDM5WjAzMTEwLwYDVQQD
Eyg1ZGQzYTVhNGJlOTIyY2Y4MDIzMDJjNWExYzVkMjkyN2EyZDIxNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzPUmPW+oeUTDaaEAumZigPdaep+
6R5UHGjB71uIvED/v58O2MxqCCvNwsNTIYUx8Dv38kDssFRPf3/fmFEsCrD7hSJd
sEAtpLDVCcVgGApxq9vLeOdltpTTVbSh7HGdwl66lStq+NL51AxfHKKLTxbFO31s
fADhWvpx0Oqs15wiNEpticPDvzdygPy105lYuEmXJkgw8CCw6Wo96PL5yEMKgBt7
oFS6lTzjER65W8B8bjtOG4obCgC7SNccUEQPj6biX3fbH+NHOlFcbbm0hVnXBR8V
m5wwVJA+l6shzXt7p4t7XQCiSnZg7L3iULTZWMkLHYWdDbo4XXQNTQl85wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3TpaS+kiz4AjAsWhxdKSei0hR7MB8GA1UdIwQY
MBaAFCfNzyvQmiDSut06tsjH7fof1cLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjgzUEs5Q2FJTks2M1RxMnlNZnQtaF9Wd3N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kMmJjOTAtMjk1MC00MzIyLWE5MmUt
YzYzZmNkMDNhODliLzEvSjgzUEs5Q2FJTks2M1RxMnlNZnQtaF9Wd3N3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kMmJjOTAtMjk1MC00MzIyLWE5MmUtYzYzZmNkMDNhODli
LzEvSjgzUEs5Q2FJTks2M1RxMnlNZnQtaF9Wd3N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZIhX/JUX
GAF8rw/1hSVr4AHma+5qciZfttX8WNNFP9E84KnH9zBs4NvxVFr4AnlDHJIszUJT
/h+eIimhmKK7Tbd95VYId1ZLy5gDWCtfbXrg0GXBs3BIkNiq1Zf375Ys/P235nhQ
mDpR6NUzeIDO3RiJ7euBYjMTczZIT2i7D+nKOq9llCdI9YA7Mj/NHehbcXfE3H41
RvJKJvZOxHu3f6ODs57ftAgee0CwN7i9jJYsjnYrJQOH7TDE1YOs1cpoJy3fmgrF
GfzjkxuljdxaBvybx7zdWaxQgou9OwAFMoiNfGRBr/iCk3dtez0Of3HUrdcwGU0G
YrwOPOY3bv/GeA==
-----END CERTIFICATE-----