Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          MsYn3nPtw0/AIBXWjtHPaBvSctxodWOk/HJYXk4SSoU=
Subject key identifier:   16:6C:CE:55:54:9E:18:67:64:25:B2:67:39:6B:F7:3F:F6:15:EF:77
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       019D38D348EAB496142772D2B0BE6246A07C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          09E1
Signing time:             Sun 29 Mar 2026 09:01:03 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:03 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:03 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: 53eXj/6DH8uAwTJU7mcoqD2SqBCXkN0fwVH/Mh1S2Ro=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:48:ea:b4:96:14:27:72:d2:b0:be:62:46:a0:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Mar 29 09:01:03 2026 GMT
            Not After : Mar 30 09:01:03 2026 GMT
        Subject: CN=166cce55549e18676425b267396bf73ff615ef77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:37:24:84:08:75:a5:c8:25:dd:70:a2:76:a0:
                    c3:b2:eb:96:87:b6:5c:58:36:0d:07:93:d4:fe:2b:
                    7a:71:d8:1f:71:ed:53:62:d1:a9:bb:50:71:5d:9f:
                    b9:69:4e:f7:0b:15:14:b4:26:65:c5:5e:bc:44:4a:
                    57:b5:58:82:58:54:17:3f:57:aa:2d:55:62:16:85:
                    33:d1:56:eb:1a:bd:ea:ca:75:ee:15:82:1d:de:c6:
                    8c:e0:3f:83:58:ff:63:c0:83:1b:46:77:9f:b6:32:
                    04:fc:f3:a3:b6:c3:25:df:2b:d9:a3:38:ea:17:ab:
                    d9:63:18:30:b1:ff:f2:b4:4a:df:e7:54:c8:09:69:
                    f1:0e:c6:a6:be:b7:9c:a0:27:07:40:c3:48:a7:30:
                    30:d0:45:5a:e5:3d:c7:1b:b3:e8:07:d6:4c:32:04:
                    0f:55:bc:21:e3:fa:ba:c7:d0:bf:de:c5:04:12:8c:
                    a1:26:2e:1b:de:6d:c6:6e:7d:c7:c5:8b:0d:72:14:
                    1d:60:02:de:d4:3e:4b:85:d2:5f:d6:c7:3d:cc:6b:
                    4b:7e:c4:71:ad:cc:06:02:0e:f6:93:99:56:d2:bf:
                    9a:5a:48:a6:6e:bd:6d:6c:5f:3d:3a:9a:36:c2:6a:
                    07:a7:38:8f:16:9a:a9:1b:19:00:bd:d2:1c:f8:57:
                    3e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:6C:CE:55:54:9E:18:67:64:25:B2:67:39:6B:F7:3F:F6:15:EF:77
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:98:df:d3:5c:49:7d:de:11:17:25:9a:f9:85:6e:c8:64:93:
         aa:37:ae:d4:15:b0:01:a1:9d:c8:46:5e:6c:40:ca:2b:9b:97:
         0b:f3:27:ca:a7:b7:da:cd:67:c4:5b:c4:50:ae:04:ed:bc:f0:
         ff:a6:8a:ca:08:91:f9:d2:e6:e0:31:92:30:db:30:97:0f:31:
         7d:9f:3d:4e:35:f8:46:fd:f0:74:02:f8:36:d2:5d:ee:8b:94:
         d7:ef:a3:51:0d:d5:61:e9:45:28:99:e5:c5:d8:fb:3b:92:85:
         0a:0f:cd:24:dc:a2:b2:70:6a:58:51:d1:bd:67:6e:1f:d4:62:
         ff:ac:cc:6f:ad:2b:04:d4:cc:e4:82:cb:74:0e:0b:b9:38:97:
         80:30:ef:ce:ea:4a:6e:db:45:f6:67:14:e7:1f:a4:37:a6:2f:
         c6:31:de:13:50:85:a9:4d:dd:63:96:cd:47:33:40:a9:38:6b:
         51:a6:59:71:6b:5b:2b:34:f1:f7:1c:9f:cc:02:1f:16:42:d0:
         af:d9:6d:ba:33:b6:d9:18:85:5c:0e:cc:08:88:a3:7a:19:8f:
         9f:28:d3:70:76:00:09:47:01:e9:7e:cc:49:f6:86:f8:da:3a:
         7b:c1:e6:d1:0a:07:49:25:9e:bc:e4:27:df:e2:af:37:c3:5c:
         ea:cc:3c:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0400jqtJYUJ3LSsL5iRqB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjYwMzI5MDkwMTAzWhcNMjYwMzMwMDkwMTAzWjAzMTEwLwYDVQQD
EygxNjZjY2U1NTU0OWUxODY3NjQyNWIyNjczOTZiZjczZmY2MTVlZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDckhAh1pcgl3XCidqDDsuuWh7Zc
WDYNB5PU/it6cdgfce1TYtGpu1BxXZ+5aU73CxUUtCZlxV68REpXtViCWFQXP1eq
LVViFoUz0VbrGr3qynXuFYId3saM4D+DWP9jwIMbRneftjIE/POjtsMl3yvZozjq
F6vZYxgwsf/ytErf51TICWnxDsamvrecoCcHQMNIpzAw0EVa5T3HG7PoB9ZMMgQP
Vbwh4/q6x9C/3sUEEoyhJi4b3m3Gbn3HxYsNchQdYALe1D5LhdJf1sc9zGtLfsRx
rcwGAg72k5lW0r+aWkimbr1tbF89Opo2wmoHpziPFpqpGxkAvdIc+Fc+LwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZszlVUnhhnZCWyZzlr9z/2Fe93MB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiJjf01xJ
fd4RFyWa+YVuyGSTqjeu1BWwAaGdyEZebEDKK5uXC/Mnyqe32s1nxFvEUK4E7bzw
/6aKygiR+dLm4DGSMNswlw8xfZ89TjX4Rv3wdAL4NtJd7ouU1++jUQ3VYelFKJnl
xdj7O5KFCg/NJNyisnBqWFHRvWduH9Ri/6zMb60rBNTM5ILLdA4LuTiXgDDvzupK
bttF9mcU5x+kN6YvxjHeE1CFqU3dY5bNRzNAqThrUaZZcWtbKzTx9xyfzAIfFkLQ
r9ltujO22RiFXA7MCIijehmPnyjTcHYACUcB6X7MSfaG+No6e8Hm0QoHSSWevOQn
3+KvN8Nc6sw8Gw==
-----END CERTIFICATE-----