Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
File:                     8p5p65n-wSVjcxHUMFL3kx2P3TI.mft (raw, json)
Hash identifier:          seYF9nq2ZPTuRT6ACRLGlTCE6bL0PmqF+zLXgOJnEP4=
Subject key identifier:   8F:0F:BB:4F:94:9F:2B:9D:35:E1:7C:E6:8D:8A:55:01:2C:45:5E:9D
Authority key identifier: F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32
Certificate issuer:       /CN=f29e69eb99fec125637311d43052f7931d8fdd32
Certificate serial:       019D38D36630FEE0F924594B3B65DA7B5E75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
Manifest number:          0829
Signing time:             Sun 29 Mar 2026 09:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:11 +0000
Files and hashes:         1: 8p5p65n-wSVjcxHUMFL3kx2P3TI.crl (hash: CMKRl7CQzuqU5Bd/K49jQC0ZFCbI6jBvKdIuImvfVIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:66:30:fe:e0:f9:24:59:4b:3b:65:da:7b:5e:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f29e69eb99fec125637311d43052f7931d8fdd32
        Validity
            Not Before: Mar 29 09:01:11 2026 GMT
            Not After : Mar 30 09:01:11 2026 GMT
        Subject: CN=8f0fbb4f949f2b9d35e17ce68d8a55012c455e9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5d:31:01:1a:f8:53:10:1a:55:99:90:2d:1e:
                    b2:ba:0c:9e:9b:93:d2:31:97:b2:21:ba:8c:25:65:
                    c0:66:63:dc:77:43:12:bf:39:59:c1:07:2d:89:0a:
                    be:d5:6f:16:2a:f4:ad:b9:ca:f7:c2:05:64:43:ea:
                    e2:8c:1a:c7:dd:0c:6c:1a:8c:27:c2:5a:0b:1e:05:
                    b3:c7:42:80:09:9c:08:d7:b1:ff:ea:67:26:be:57:
                    bf:21:f6:49:78:f1:a4:e0:8b:34:da:db:df:e9:60:
                    9a:e0:97:1c:b0:a0:db:0c:a3:fb:72:92:7d:bf:bc:
                    64:76:e0:d7:53:ab:ad:c0:96:4a:3c:74:0c:c9:62:
                    75:b1:0b:2a:e9:dc:b9:ac:b1:66:b7:0d:81:79:6b:
                    53:6e:d8:f8:2e:5f:3c:a9:44:58:40:ec:8a:b9:e5:
                    bc:45:10:56:10:8a:46:63:6b:d5:05:02:83:15:92:
                    02:c2:35:f4:fa:a2:f8:30:17:d8:ac:55:a9:cc:a3:
                    74:c3:6c:c9:e7:a4:ed:cd:bb:db:4b:bc:1e:81:5c:
                    b0:c5:82:7d:60:7a:21:2d:91:d6:29:8c:49:fa:f8:
                    27:33:a3:fa:6f:35:c4:30:8c:fa:17:66:6b:47:f9:
                    d8:a7:2f:5b:50:ec:21:09:fe:f7:24:ef:a7:eb:c3:
                    02:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:0F:BB:4F:94:9F:2B:9D:35:E1:7C:E6:8D:8A:55:01:2C:45:5E:9D
            X509v3 Authority Key Identifier:
                keyid:F2:9E:69:EB:99:FE:C1:25:63:73:11:D4:30:52:F7:93:1D:8F:DD:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p5p65n-wSVjcxHUMFL3kx2P3TI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c826d-93b8-4c3a-a21f-513403e3d820/1/8p5p65n-wSVjcxHUMFL3kx2P3TI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:5c:3d:82:51:23:c8:52:d8:6b:c8:53:b4:fc:9b:61:e6:14:
         85:e1:b6:34:7f:61:e5:e7:bf:9e:51:58:f4:cc:24:db:91:04:
         ae:d7:27:80:20:eb:06:c2:b8:ad:35:59:73:87:e6:87:e8:06:
         c9:5e:48:06:c3:9b:a9:ef:7a:dd:d3:86:5a:84:1c:e8:0f:67:
         33:10:6a:0f:ef:ed:8a:a2:07:88:3d:46:0b:58:bb:43:30:0f:
         23:e0:2b:1a:07:8b:0a:0f:05:6f:9b:49:d4:3d:8f:56:8e:a9:
         2f:ad:3f:08:af:6c:30:f6:1e:9f:ba:c8:f0:b8:fc:11:ba:7e:
         39:6f:21:94:f0:0a:98:25:22:19:28:8b:6c:51:d7:7f:5a:77:
         39:91:49:9b:84:89:5d:df:6e:5b:8c:80:fe:cf:87:5d:e0:e4:
         f3:d9:e3:24:17:01:90:f0:d6:95:7e:cc:11:89:e0:27:17:ba:
         eb:1f:26:59:e2:6e:9d:78:05:9c:ec:77:5c:1d:c7:45:8f:2a:
         70:7b:56:b0:e0:85:d8:c9:74:9f:9b:fc:6e:7e:e5:d0:3f:22:
         67:eb:5c:96:70:4b:d7:4f:64:df:77:1f:52:c4:a5:9a:66:b8:
         d2:66:ab:02:79:75:5f:7b:22:bd:84:10:2d:14:5b:df:b3:8c:
         3f:d3:c9:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0402Yw/uD5JFlLO2Xae151MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyOWU2OWViOTlmZWMxMjU2MzczMTFkNDMwNTJmNzkzMWQ4
ZmRkMzIwHhcNMjYwMzI5MDkwMTExWhcNMjYwMzMwMDkwMTExWjAzMTEwLwYDVQQD
Eyg4ZjBmYmI0Zjk0OWYyYjlkMzVlMTdjZTY4ZDhhNTUwMTJjNDU1ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql0xARr4UxAaVZmQLR6yugyem5PS
MZeyIbqMJWXAZmPcd0MSvzlZwQctiQq+1W8WKvStucr3wgVkQ+rijBrH3QxsGown
wloLHgWzx0KACZwI17H/6mcmvle/IfZJePGk4Is02tvf6WCa4JccsKDbDKP7cpJ9
v7xkduDXU6utwJZKPHQMyWJ1sQsq6dy5rLFmtw2BeWtTbtj4Ll88qURYQOyKueW8
RRBWEIpGY2vVBQKDFZICwjX0+qL4MBfYrFWpzKN0w2zJ56TtzbvbS7wegVywxYJ9
YHohLZHWKYxJ+vgnM6P6bzXEMIz6F2ZrR/nYpy9bUOwhCf73JO+n68MCHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI8Pu0+UnyudNeF85o2KVQEsRV6dMB8GA1UdIwQY
MBaAFPKeaeuZ/sElY3MR1DBS95Mdj90yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYt
NTEzNDAzZTNkODIwLzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzgyNmQtOTNiOC00YzNhLWEyMWYtNTEzNDAzZTNkODIw
LzEvOHA1cDY1bi13U1ZqY3hIVU1GTDNreDJQM1RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwVw9glEj
yFLYa8hTtPybYeYUheG2NH9h5ee/nlFY9Mwk25EErtcngCDrBsK4rTVZc4fmh+gG
yV5IBsObqe963dOGWoQc6A9nMxBqD+/tiqIHiD1GC1i7QzAPI+ArGgeLCg8Fb5tJ
1D2PVo6pL60/CK9sMPYen7rI8Lj8Ebp+OW8hlPAKmCUiGSiLbFHXf1p3OZFJm4SJ
Xd9uW4yA/s+HXeDk89njJBcBkPDWlX7MEYngJxe66x8mWeJunXgFnOx3XB3HRY8q
cHtWsOCF2Ml0n5v8bn7l0D8iZ+tclnBL109k33cfUsSlmma40marAnl1X3sivYQQ
LRRb37OMP9PJPw==
-----END CERTIFICATE-----