Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft
File:                     4tccU1qnoKzpP62r22WD-ISmxiY.mft (raw, json)
Hash identifier:          YlFz6sN7o1B3hUZNjNpcksWucUAYkMgakn4zmy3wZ7c=
Subject key identifier:   61:80:22:24:55:AD:D8:07:33:50:6D:A9:01:45:57:43:B9:95:6C:1B
Authority key identifier: E2:D7:1C:53:5A:A7:A0:AC:E9:3F:AD:AB:DB:65:83:F8:84:A6:C6:26
Certificate issuer:       /CN=e2d71c535aa7a0ace93fadabdb6583f884a6c626
Certificate serial:       019D3865868C66ACE79F15697AFD06D55AE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tccU1qnoKzpP62r22WD-ISmxiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft
Manifest number:          0968
Signing time:             Sun 29 Mar 2026 07:01:10 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:10 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:10 +0000
Files and hashes:         1: 4tccU1qnoKzpP62r22WD-ISmxiY.crl (hash: r9a/KmEWTiK1O65gMpB8VJSvx1QYP1wFhinYbnAjFKs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tccU1qnoKzpP62r22WD-ISmxiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:86:8c:66:ac:e7:9f:15:69:7a:fd:06:d5:5a:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d71c535aa7a0ace93fadabdb6583f884a6c626
        Validity
            Not Before: Mar 29 07:01:10 2026 GMT
            Not After : Mar 30 07:01:10 2026 GMT
        Subject: CN=6180222455add80733506da901455743b9956c1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c3:85:e0:e9:07:60:bd:48:d3:34:9a:a0:5e:
                    22:89:cf:fd:ae:5b:41:3f:22:f4:32:ba:26:4a:be:
                    4d:74:fa:85:a2:82:18:aa:06:8b:7a:08:e9:2d:2e:
                    94:b6:fe:b1:48:33:44:51:bb:81:bd:6c:0a:cd:81:
                    6b:b9:e2:c7:39:62:0d:0b:99:c6:6a:b7:04:8b:ff:
                    59:81:22:5e:49:da:3b:10:26:fc:ea:08:a3:a6:92:
                    02:f9:06:0d:24:e5:5d:55:42:a5:c8:b1:6a:53:f6:
                    0e:c6:11:b1:95:69:84:86:be:3f:0a:0b:36:27:f3:
                    20:04:71:c7:00:e9:aa:48:2e:78:ee:aa:2a:a7:ac:
                    12:64:a8:68:5e:87:51:7a:10:3b:cc:a1:08:98:61:
                    b3:53:15:f0:8e:e0:25:9e:44:48:72:d1:90:48:f3:
                    1a:95:e2:9a:81:ea:cc:6a:23:55:6b:4e:12:57:86:
                    0e:0a:eb:1f:66:c7:58:20:08:b3:be:ae:12:3e:31:
                    5b:05:92:e9:88:cd:68:93:43:8e:3f:2f:7d:68:27:
                    14:8e:73:ab:8e:9d:e7:ea:1e:8b:51:10:20:6b:fa:
                    48:d2:6c:96:65:d9:ec:01:eb:60:96:93:9e:7d:a6:
                    65:d0:42:c8:b6:6e:2e:a3:18:95:61:fc:23:92:b7:
                    13:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:80:22:24:55:AD:D8:07:33:50:6D:A9:01:45:57:43:B9:95:6C:1B
            X509v3 Authority Key Identifier:
                keyid:E2:D7:1C:53:5A:A7:A0:AC:E9:3F:AD:AB:DB:65:83:F8:84:A6:C6:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tccU1qnoKzpP62r22WD-ISmxiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/2c708b-b6e2-4def-a2d9-b31011137a57/1/4tccU1qnoKzpP62r22WD-ISmxiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:70:d4:88:96:cf:11:98:9d:31:aa:9e:d3:10:bb:dc:bc:bf:
         0d:ba:14:e3:3c:9c:4b:da:46:21:d4:94:0f:a7:97:f0:f9:59:
         f9:ca:d3:cc:65:20:b3:5b:82:c0:b8:f9:5d:d6:49:35:cc:0b:
         92:b4:3a:14:10:95:cd:b0:e7:e4:c7:ec:34:d4:71:9b:1f:6e:
         8a:12:52:49:9f:18:91:db:70:0b:ce:e9:ad:2b:59:1a:de:3e:
         92:88:17:70:97:c1:f6:dc:fb:1b:6a:f1:31:9b:8c:40:38:5d:
         22:b8:44:5a:2d:21:a0:ee:5b:4f:0c:7a:e1:1e:28:2c:1c:da:
         7e:24:a9:e7:ab:bd:7f:fc:38:76:35:94:0f:74:d5:41:84:4a:
         79:6e:d2:a9:a2:05:fd:fb:ae:ec:6c:df:11:d3:9e:c2:5e:62:
         cd:a1:6c:e8:1e:f5:95:3f:ef:72:59:c0:b3:5d:de:cd:f4:bb:
         7a:ee:26:34:51:78:fd:c6:8b:64:ce:70:9d:07:83:69:06:38:
         0f:ef:31:f6:43:21:2a:f2:5d:2d:87:6c:20:6c:8b:a7:9c:fd:
         91:4e:5c:0d:4f:fc:59:f2:2c:d3:bd:2c:6e:4a:01:69:c8:95:
         44:73:ba:e8:c2:7e:a7:cd:7b:d7:df:09:51:48:f6:07:ce:ba:
         03:74:6b:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYaMZqznnxVpev0G1VrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDcxYzUzNWFhN2EwYWNlOTNmYWRhYmRiNjU4M2Y4ODRh
NmM2MjYwHhcNMjYwMzI5MDcwMTEwWhcNMjYwMzMwMDcwMTEwWjAzMTEwLwYDVQQD
Eyg2MTgwMjIyNDU1YWRkODA3MzM1MDZkYTkwMTQ1NTc0M2I5OTU2YzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocOF4OkHYL1I0zSaoF4iic/9rltB
PyL0MromSr5NdPqFooIYqgaLegjpLS6Utv6xSDNEUbuBvWwKzYFrueLHOWINC5nG
arcEi/9ZgSJeSdo7ECb86gijppIC+QYNJOVdVUKlyLFqU/YOxhGxlWmEhr4/Cgs2
J/MgBHHHAOmqSC547qoqp6wSZKhoXodRehA7zKEImGGzUxXwjuAlnkRIctGQSPMa
leKagerMaiNVa04SV4YOCusfZsdYIAizvq4SPjFbBZLpiM1ok0OOPy99aCcUjnOr
jp3n6h6LURAga/pI0myWZdnsAetglpOefaZl0ELItm4uoxiVYfwjkrcTaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGAIiRVrdgHM1BtqQFFV0O5lWwbMB8GA1UdIwQY
MBaAFOLXHFNap6Cs6T+tq9tlg/iEpsYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRjY1UxcW5vS3pwUDYycjIyV0QtSVNteGlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8yYzcwOGItYjZlMi00ZGVmLWEyZDkt
YjMxMDExMTM3YTU3LzEvNHRjY1UxcW5vS3pwUDYycjIyV0QtSVNteGlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8yYzcwOGItYjZlMi00ZGVmLWEyZDktYjMxMDExMTM3YTU3
LzEvNHRjY1UxcW5vS3pwUDYycjIyV0QtSVNteGlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnnDUiJbP
EZidMaqe0xC73Ly/DboU4zycS9pGIdSUD6eX8PlZ+crTzGUgs1uCwLj5XdZJNcwL
krQ6FBCVzbDn5MfsNNRxmx9uihJSSZ8YkdtwC87prStZGt4+kogXcJfB9tz7G2rx
MZuMQDhdIrhEWi0hoO5bTwx64R4oLBzafiSp56u9f/w4djWUD3TVQYRKeW7SqaIF
/fuu7GzfEdOewl5izaFs6B71lT/vclnAs13ezfS7eu4mNFF4/caLZM5wnQeDaQY4
D+8x9kMhKvJdLYdsIGyLp5z9kU5cDU/8WfIs070sbkoBaciVRHO66MJ+p817198J
UUj2B866A3RrAA==
-----END CERTIFICATE-----