Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
File:                     p2H8O2oE10MHa9KG3oIURfBlTvc.mft (raw, json)
Hash identifier:          /BIauUfWopWA3ugAjKdn2eO3rKDMClYBRcG3nFt029c=
Subject key identifier:   0C:86:2F:3B:E8:99:8E:74:8E:6E:A4:54:D6:A0:8E:81:B9:59:6D:85
Authority key identifier: A7:61:FC:3B:6A:04:D7:43:07:6B:D2:86:DE:82:14:45:F0:65:4E:F7
Certificate issuer:       /CN=a761fc3b6a04d743076bd286de821445f0654ef7
Certificate serial:       019D39098BB68ADF47CF571CDF673907C8ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
Manifest number:          181E
Signing time:             Sun 29 Mar 2026 10:00:19 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:19 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:19 +0000
Files and hashes:         1: p2H8O2oE10MHa9KG3oIURfBlTvc.crl (hash: vl86ujt21AW9/2aAD5iTT/7zuakdjoFWWu+3PJzu1z0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:8b:b6:8a:df:47:cf:57:1c:df:67:39:07:c8:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a761fc3b6a04d743076bd286de821445f0654ef7
        Validity
            Not Before: Mar 29 10:00:19 2026 GMT
            Not After : Mar 30 10:00:19 2026 GMT
        Subject: CN=0c862f3be8998e748e6ea454d6a08e81b9596d85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e9:1d:09:05:21:f6:e7:bb:01:ca:16:dd:3d:
                    60:2e:4a:c4:cf:e7:6b:45:27:0a:b8:f4:0a:03:ad:
                    31:b7:ea:6c:03:39:d3:e9:d7:b3:64:f6:3d:e7:e5:
                    f2:bb:24:cc:3d:bd:f8:92:7a:3f:a6:75:3a:e1:b7:
                    f5:ac:17:36:fb:a9:dc:c9:02:ad:5c:56:93:f6:15:
                    ad:06:ee:55:94:26:81:6c:24:3b:94:c9:82:c8:dd:
                    85:c5:38:b4:9a:a5:3b:bf:db:e3:20:6c:91:7b:9b:
                    d8:ce:f0:3b:f4:54:b1:bf:7d:d3:e2:1d:4f:22:52:
                    33:1e:7c:ff:2c:11:08:e2:52:05:48:e2:06:e5:79:
                    03:c5:59:29:77:98:52:40:d3:ff:a9:b1:3f:fb:e5:
                    27:06:a7:8b:f4:cd:57:9b:5d:c4:65:4d:22:ca:b0:
                    db:07:b6:b1:9c:96:0b:50:97:21:65:1d:14:0f:11:
                    2c:b7:30:d7:9c:ec:0a:c2:e4:86:22:ed:17:3d:83:
                    5b:5e:fe:d6:c6:c8:29:1e:b1:b9:17:ff:e9:fb:0f:
                    97:5f:42:5f:1f:c6:8f:08:85:a1:f9:d5:e3:6b:6f:
                    8e:9a:26:93:03:cc:88:59:bb:a0:7d:aa:7e:45:c4:
                    e4:c9:ea:eb:6c:6b:0e:06:8d:fb:dd:61:8e:ca:e5:
                    69:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:86:2F:3B:E8:99:8E:74:8E:6E:A4:54:D6:A0:8E:81:B9:59:6D:85
            X509v3 Authority Key Identifier:
                keyid:A7:61:FC:3B:6A:04:D7:43:07:6B:D2:86:DE:82:14:45:F0:65:4E:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:cf:d6:16:ff:45:ea:ce:3f:7b:9e:8a:d3:64:98:bd:e2:ca:
         ed:45:c1:67:40:46:c8:41:3e:6a:33:e3:3c:8a:2f:12:93:ba:
         6e:eb:f3:66:35:d7:b2:c4:d3:32:41:21:ec:86:4a:48:c5:e1:
         9d:19:8b:bf:d1:4b:6d:a5:50:37:94:b3:42:09:a2:f5:1e:56:
         8c:c4:bc:60:20:31:75:a1:02:62:9a:5c:1e:5b:fe:41:74:55:
         04:f8:7f:cd:e6:2a:23:9c:59:6c:7f:87:53:00:dd:4e:61:84:
         bc:14:ec:cb:21:9f:b1:d6:d0:a0:69:6b:3f:fe:da:03:3d:f0:
         09:0b:66:f7:a0:1e:97:d1:79:14:2b:b3:e5:3c:2b:1d:cd:d3:
         be:9e:ab:79:ec:de:2e:94:de:bd:87:39:c2:94:1d:a5:4e:94:
         10:9e:2b:b1:27:b5:99:90:4d:5d:36:77:2c:46:f4:7a:44:fe:
         7e:54:b1:0d:62:3d:de:1e:ad:1b:64:c6:7a:c5:cf:0e:c4:25:
         a1:15:00:39:79:1f:b5:e4:57:61:c2:16:34:a4:8c:42:cc:af:
         a3:a3:ce:79:a2:dd:e7:a0:96:d1:bf:64:27:74:ff:df:33:75:
         a6:5e:62:0f:5b:7a:a7:df:c7:12:22:a7:64:8f:f0:ce:8c:24:
         ca:2e:a1:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CYu2it9Hz1cc32c5B8jtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NjFmYzNiNmEwNGQ3NDMwNzZiZDI4NmRlODIxNDQ1ZjA2
NTRlZjcwHhcNMjYwMzI5MTAwMDE5WhcNMjYwMzMwMTAwMDE5WjAzMTEwLwYDVQQD
EygwYzg2MmYzYmU4OTk4ZTc0OGU2ZWE0NTRkNmEwOGU4MWI5NTk2ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+kdCQUh9ue7AcoW3T1gLkrEz+dr
RScKuPQKA60xt+psAznT6dezZPY95+XyuyTMPb34kno/pnU64bf1rBc2+6ncyQKt
XFaT9hWtBu5VlCaBbCQ7lMmCyN2FxTi0mqU7v9vjIGyRe5vYzvA79FSxv33T4h1P
IlIzHnz/LBEI4lIFSOIG5XkDxVkpd5hSQNP/qbE/++UnBqeL9M1Xm13EZU0iyrDb
B7axnJYLUJchZR0UDxEstzDXnOwKwuSGIu0XPYNbXv7WxsgpHrG5F//p+w+XX0Jf
H8aPCIWh+dXja2+OmiaTA8yIWbugfap+RcTkyerrbGsOBo373WGOyuVpbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyGLzvomY50jm6kVNagjoG5WW2FMB8GA1UdIwQY
MBaAFKdh/DtqBNdDB2vSht6CFEXwZU73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83MjkzNGUtZmU3My00YTk5LTgxMWYt
YTBjZGU3YmE4YmJlLzEvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83MjkzNGUtZmU3My00YTk5LTgxMWYtYTBjZGU3YmE4YmJl
LzEvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhs/WFv9F
6s4/e56K02SYveLK7UXBZ0BGyEE+ajPjPIovEpO6buvzZjXXssTTMkEh7IZKSMXh
nRmLv9FLbaVQN5SzQgmi9R5WjMS8YCAxdaECYppcHlv+QXRVBPh/zeYqI5xZbH+H
UwDdTmGEvBTsyyGfsdbQoGlrP/7aAz3wCQtm96Ael9F5FCuz5TwrHc3Tvp6reeze
LpTevYc5wpQdpU6UEJ4rsSe1mZBNXTZ3LEb0ekT+flSxDWI93h6tG2TGesXPDsQl
oRUAOXkfteRXYcIWNKSMQsyvo6POeaLd56CW0b9kJ3T/3zN1pl5iD1t6p9/HEiKn
ZI/wzowkyi6hRw==
-----END CERTIFICATE-----