Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          XGlawSsqQkHZUQgMrHZ7JvoKgmT0kgu5F9scr8+VLTs=
Subject key identifier:   ED:D2:6C:9F:03:08:07:1C:4D:63:CC:5A:05:4D:F7:BB:6E:38:64:EB
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       019D38658DC900AF700D777F86B66DE66B5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0E19
Signing time:             Sun 29 Mar 2026 07:01:12 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:12 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:12 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: ZpsXmWeft2MdwD9/bVzhDAgDvUqzpd8fd9y5tEIz98M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:8d:c9:00:af:70:0d:77:7f:86:b6:6d:e6:6b:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: Mar 29 07:01:12 2026 GMT
            Not After : Mar 30 07:01:12 2026 GMT
        Subject: CN=edd26c9f0308071c4d63cc5a054df7bb6e3864eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:81:75:33:f2:1e:03:cf:9d:79:43:a5:f3:dc:
                    ed:82:3c:8b:74:49:64:76:fa:b1:fc:c1:bf:8f:4f:
                    df:0b:21:69:5a:c0:74:c3:7a:33:e6:78:d4:77:5c:
                    2d:30:14:f3:4a:4e:4b:b1:e1:8c:43:c2:2c:54:1a:
                    a3:ff:9a:c5:8d:71:ff:bc:8a:76:cc:b7:b8:ac:b1:
                    a0:43:05:12:cb:c6:c4:9f:bc:1d:b8:5f:e6:a1:18:
                    6d:c7:c5:f4:e0:22:da:65:9c:5f:07:7a:de:5b:fd:
                    3d:13:c2:e7:ed:6c:82:42:af:63:0f:97:17:1e:18:
                    43:5d:2b:10:e1:34:44:58:15:86:54:33:00:0e:17:
                    05:e4:99:5d:39:2f:64:22:59:51:fb:cb:79:5d:1a:
                    0a:a4:ec:b8:f7:28:8d:e4:13:e4:d3:62:e9:15:ab:
                    8f:9c:aa:56:e2:50:63:c6:f1:85:a8:52:b6:54:b2:
                    db:9f:df:12:45:c6:18:44:32:88:9f:95:4b:91:c9:
                    9b:63:54:b0:2b:0e:f4:67:f8:13:db:58:11:d9:12:
                    e9:df:06:04:61:89:68:7a:94:06:d3:c5:ad:fc:15:
                    12:61:d7:04:75:b2:51:3d:bf:36:9a:fa:fb:f6:ea:
                    86:02:29:16:4a:80:cc:25:97:a1:c7:7f:9b:75:ac:
                    8e:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:D2:6C:9F:03:08:07:1C:4D:63:CC:5A:05:4D:F7:BB:6E:38:64:EB
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:f8:e5:67:9f:e6:fe:a9:08:c2:2c:ba:a7:4c:b8:03:63:44:
         ef:2e:80:ba:e3:ba:e2:43:9f:f8:2d:99:0c:65:cd:4a:60:3a:
         49:15:1f:54:bd:89:21:68:f1:fd:92:29:3f:6e:64:5b:b5:e6:
         f7:94:07:7d:d2:b1:60:bc:28:ab:a0:9c:38:42:bf:2f:ba:ac:
         7b:3f:7b:b4:e8:9e:35:c3:5c:8d:31:dc:b2:73:6a:44:16:1f:
         4b:c8:03:e8:ba:b0:32:ad:6f:27:e2:05:5f:16:af:24:07:17:
         27:75:9b:39:77:c5:61:b5:41:f9:2a:f5:14:11:96:41:c1:31:
         fb:2d:fd:7f:62:92:56:77:b8:7f:09:bb:ea:2a:18:35:6d:ab:
         da:eb:46:5b:b3:2a:55:d3:3f:ee:f0:8b:74:5f:51:5d:49:8d:
         e8:80:4a:de:6d:f8:22:84:eb:cc:a4:d5:e2:00:d6:a1:4f:29:
         21:d6:d2:47:34:50:95:27:05:66:60:74:f2:0e:92:cd:f8:15:
         11:54:df:85:0b:9e:9f:66:23:db:26:53:e0:f9:40:62:8d:ef:
         ef:43:5e:0e:db:a7:44:db:97:97:44:1a:9f:06:9c:c1:5e:60:
         a4:6f:a5:59:ec:65:a8:81:cb:73:fd:d9:bd:f1:48:49:eb:6a:
         23:1c:3b:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZY3JAK9wDXd/hrZt5mtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjYwMzI5MDcwMTEyWhcNMjYwMzMwMDcwMTEyWjAzMTEwLwYDVQQD
EyhlZGQyNmM5ZjAzMDgwNzFjNGQ2M2NjNWEwNTRkZjdiYjZlMzg2NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroF1M/IeA8+deUOl89ztgjyLdElk
dvqx/MG/j0/fCyFpWsB0w3oz5njUd1wtMBTzSk5LseGMQ8IsVBqj/5rFjXH/vIp2
zLe4rLGgQwUSy8bEn7wduF/moRhtx8X04CLaZZxfB3reW/09E8Ln7WyCQq9jD5cX
HhhDXSsQ4TREWBWGVDMADhcF5JldOS9kIllR+8t5XRoKpOy49yiN5BPk02LpFauP
nKpW4lBjxvGFqFK2VLLbn98SRcYYRDKIn5VLkcmbY1SwKw70Z/gT21gR2RLp3wYE
YYloepQG08Wt/BUSYdcEdbJRPb82mvr79uqGAikWSoDMJZehx3+bdayOuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3SbJ8DCAccTWPMWgVN97tuOGTrMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIvjlZ5/m
/qkIwiy6p0y4A2NE7y6AuuO64kOf+C2ZDGXNSmA6SRUfVL2JIWjx/ZIpP25kW7Xm
95QHfdKxYLwoq6CcOEK/L7qsez97tOieNcNcjTHcsnNqRBYfS8gD6LqwMq1vJ+IF
XxavJAcXJ3WbOXfFYbVB+Sr1FBGWQcEx+y39f2KSVne4fwm76ioYNW2r2utGW7Mq
VdM/7vCLdF9RXUmN6IBK3m34IoTrzKTV4gDWoU8pIdbSRzRQlScFZmB08g6SzfgV
EVTfhQuen2Yj2yZT4PlAYo3v70NeDtunRNuXl0QanwacwV5gpG+lWexlqIHLc/3Z
vfFISetqIxw7kA==
-----END CERTIFICATE-----