Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft
File:                     IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft (raw, json)
Hash identifier:          iXPBATXV35uEuqAwamMt9FYw+wviWQl4J9EHr9U0IIs=
Subject key identifier:   B0:C1:20:22:F1:D3:B7:86:A3:AA:CC:A2:C8:AC:52:07:B9:AB:A7:0E
Authority key identifier: 21:D8:5D:23:1A:D5:4B:84:39:C2:AA:ED:91:A5:77:58:6A:C4:60:00
Certificate issuer:       /CN=21d85d231ad54b8439c2aaed91a577586ac46000
Certificate serial:       019D37C00CAA0B7A837438E7F9F0AD32A097
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft
Manifest number:          1390
Signing time:             Sun 29 Mar 2026 04:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:26 +0000
Files and hashes:         1: IdhdIxrVS4Q5wqrtkaV3WGrEYAA.crl (hash: pxa0QCwsI/Oold3jKjLmrLOTXlGP8JbcAmcbAaOAZ9E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:0c:aa:0b:7a:83:74:38:e7:f9:f0:ad:32:a0:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21d85d231ad54b8439c2aaed91a577586ac46000
        Validity
            Not Before: Mar 29 04:00:26 2026 GMT
            Not After : Mar 30 04:00:26 2026 GMT
        Subject: CN=b0c12022f1d3b786a3aacca2c8ac5207b9aba70e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:24:84:5f:0d:cb:86:58:70:77:63:5d:71:18:
                    94:32:8c:3d:23:61:b8:61:00:fb:9d:75:8d:87:de:
                    89:9d:99:ce:50:e4:a6:b5:c6:2e:8a:2d:23:37:d6:
                    04:39:b9:52:1c:1e:2f:c1:45:f5:f2:1d:ab:ba:a1:
                    b7:2b:9b:3a:be:58:40:b8:57:15:60:92:63:f3:c2:
                    55:4a:2b:76:d6:3e:0b:d3:58:a9:62:8f:ad:c8:d6:
                    03:07:4f:ba:0d:6a:2d:b5:c1:f7:36:84:d3:60:c4:
                    30:66:8c:fc:c7:ee:88:78:2d:92:7d:9b:ed:df:0e:
                    d4:f7:d6:fe:69:78:3f:fd:f9:9d:4a:1d:1f:95:f1:
                    f9:44:0e:61:d2:28:e5:ae:47:db:bf:b5:b7:4b:12:
                    f4:6d:15:56:51:b0:4c:a7:13:c6:09:e1:81:9c:9f:
                    82:d2:5f:a1:b3:01:21:a0:30:b4:13:bb:d3:c7:f0:
                    68:e7:36:9c:6c:a9:35:42:8d:cc:b1:46:fe:4c:2d:
                    db:40:ae:77:6a:84:04:61:8f:c3:dc:04:8c:20:af:
                    24:6b:da:aa:ad:53:e4:ca:92:25:99:9f:c6:68:e3:
                    14:a0:16:e8:94:88:87:79:27:c7:b3:af:2e:d4:cc:
                    ed:ab:6e:a6:7c:86:31:0f:1e:6f:d6:74:8c:76:63:
                    be:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:C1:20:22:F1:D3:B7:86:A3:AA:CC:A2:C8:AC:52:07:B9:AB:A7:0E
            X509v3 Authority Key Identifier:
                keyid:21:D8:5D:23:1A:D5:4B:84:39:C2:AA:ED:91:A5:77:58:6A:C4:60:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/6a6b55-ca02-458d-8b5d-74d77302b184/1/IdhdIxrVS4Q5wqrtkaV3WGrEYAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:68:e9:d1:21:d0:29:45:3e:60:9c:c4:4c:68:8b:a9:30:05:
         8e:96:e4:38:11:68:a0:55:28:54:cb:da:78:7f:69:9a:06:81:
         1b:7e:39:76:72:61:9b:31:9c:91:ad:1b:9e:7c:24:2c:40:31:
         8a:17:9c:12:05:64:6c:61:1a:a1:7b:48:6f:99:54:65:bf:3d:
         40:33:3d:54:d6:b4:12:97:9b:ab:05:dd:18:21:29:e0:91:55:
         cd:07:09:bf:c6:95:aa:bc:86:7b:8a:28:33:70:65:72:5d:21:
         ac:72:aa:0c:c3:fa:2d:fd:62:d8:01:d6:b2:4b:b8:19:70:64:
         62:55:71:3f:5f:0d:ce:06:2c:ac:84:01:20:de:de:b0:3e:9a:
         97:46:76:7d:14:9a:0f:e4:93:db:ba:09:50:26:99:b0:87:ea:
         20:2c:14:36:7b:26:5c:e1:23:03:54:b7:ed:40:c8:23:17:8f:
         6e:db:69:d7:6a:e6:ba:7c:fe:41:aa:49:7d:1b:67:b7:a9:fc:
         9a:bd:53:c0:f4:c0:cc:91:04:c2:f9:48:ae:92:d0:07:6b:dd:
         4e:a7:9e:ef:58:15:8a:cb:9d:e5:13:c2:86:96:98:5d:06:69:
         8c:79:d5:df:c7:3c:47:4e:d8:f9:da:7e:50:c5:e7:8d:65:ac:
         76:4a:42:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wAyqC3qDdDjn+fCtMqCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZDg1ZDIzMWFkNTRiODQzOWMyYWFlZDkxYTU3NzU4NmFj
NDYwMDAwHhcNMjYwMzI5MDQwMDI2WhcNMjYwMzMwMDQwMDI2WjAzMTEwLwYDVQQD
EyhiMGMxMjAyMmYxZDNiNzg2YTNhYWNjYTJjOGFjNTIwN2I5YWJhNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuySEXw3Lhlhwd2NdcRiUMow9I2G4
YQD7nXWNh96JnZnOUOSmtcYuii0jN9YEOblSHB4vwUX18h2ruqG3K5s6vlhAuFcV
YJJj88JVSit21j4L01ipYo+tyNYDB0+6DWottcH3NoTTYMQwZoz8x+6IeC2SfZvt
3w7U99b+aXg//fmdSh0flfH5RA5h0ijlrkfbv7W3SxL0bRVWUbBMpxPGCeGBnJ+C
0l+hswEhoDC0E7vTx/Bo5zacbKk1Qo3MsUb+TC3bQK53aoQEYY/D3ASMIK8ka9qq
rVPkypIlmZ/GaOMUoBbolIiHeSfHs68u1Mztq26mfIYxDx5v1nSMdmO+5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDBICLx07eGo6rMosisUge5q6cOMB8GA1UdIwQY
MBaAFCHYXSMa1UuEOcKq7ZGld1hqxGAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWRoZEl4clZTNFE1d3FydGthVjNXR3JFWUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82YTZiNTUtY2EwMi00NThkLThiNWQt
NzRkNzczMDJiMTg0LzEvSWRoZEl4clZTNFE1d3FydGthVjNXR3JFWUFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS82YTZiNTUtY2EwMi00NThkLThiNWQtNzRkNzczMDJiMTg0
LzEvSWRoZEl4clZTNFE1d3FydGthVjNXR3JFWUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2jp0SHQ
KUU+YJzETGiLqTAFjpbkOBFooFUoVMvaeH9pmgaBG345dnJhmzGcka0bnnwkLEAx
ihecEgVkbGEaoXtIb5lUZb89QDM9VNa0EpebqwXdGCEp4JFVzQcJv8aVqryGe4oo
M3Blcl0hrHKqDMP6Lf1i2AHWsku4GXBkYlVxP18NzgYsrIQBIN7esD6al0Z2fRSa
D+ST27oJUCaZsIfqICwUNnsmXOEjA1S37UDIIxePbttp12rmunz+QapJfRtnt6n8
mr1TwPTAzJEEwvlIrpLQB2vdTqee71gVisud5RPChpaYXQZpjHnV38c8R07Y+dp+
UMXnjWWsdkpCog==
-----END CERTIFICATE-----