Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
File:                     71j4Vyvdd9mBQRGA4u-aioAsdqw.mft (raw, json)
Hash identifier:          uBv1jKDS/ksOtF261ovPlDMML5ZLuqqpvD8wuBgzRQI=
Subject key identifier:   18:AA:4F:32:C4:14:BD:DC:64:EC:56:09:43:24:7F:CC:B1:88:5B:42
Authority key identifier: EF:58:F8:57:2B:DD:77:D9:81:41:11:80:E2:EF:9A:8A:80:2C:76:AC
Certificate issuer:       /CN=ef58f8572bdd77d981411180e2ef9a8a802c76ac
Certificate serial:       019D37BFF79631E14281D0497496C0ABE29B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
Manifest number:          040A
Signing time:             Sun 29 Mar 2026 04:00:20 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:20 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:20 +0000
Files and hashes:         1: 71j4Vyvdd9mBQRGA4u-aioAsdqw.crl (hash: 2kaRY/OPE71J/+SubXyGk1G+KOJhxurW3e0MhmxuR4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:bf:f7:96:31:e1:42:81:d0:49:74:96:c0:ab:e2:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef58f8572bdd77d981411180e2ef9a8a802c76ac
        Validity
            Not Before: Mar 29 04:00:20 2026 GMT
            Not After : Mar 30 04:00:20 2026 GMT
        Subject: CN=18aa4f32c414bddc64ec560943247fccb1885b42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:84:9b:b3:39:b2:79:80:e9:66:1b:23:5a:f2:
                    53:39:c2:e0:25:2b:fa:d4:03:da:76:f0:86:ad:d6:
                    d9:54:54:04:86:dd:54:2d:ef:87:e6:c8:cd:f4:a0:
                    83:3d:aa:7f:4a:1d:d4:bd:2e:74:fa:eb:f5:3b:c3:
                    8e:6f:b4:48:25:3b:c1:e0:ce:18:72:35:1c:f2:07:
                    2d:68:6c:41:35:d5:5d:56:61:7f:c1:a6:8b:d4:c0:
                    9a:3a:34:26:71:a9:09:18:8e:4b:0d:93:61:82:51:
                    32:80:e5:23:a4:aa:e8:18:61:50:d8:30:11:34:5c:
                    a5:12:00:d4:c8:a2:d2:74:b6:8b:3e:51:09:8b:f8:
                    60:f1:6b:32:78:25:9c:2d:99:87:03:fe:5b:80:11:
                    9f:86:32:be:7a:35:b4:06:00:9b:4e:97:21:c8:32:
                    7a:31:e4:ae:d3:2f:0a:e4:e4:fc:ca:cc:21:22:30:
                    01:cb:7a:ad:be:14:2f:81:af:74:fc:b8:c9:f3:37:
                    48:97:e1:25:b9:d1:d3:3f:70:35:c0:14:da:b6:03:
                    7f:fe:3c:dc:b7:a4:dd:cf:66:10:21:67:e0:e4:fa:
                    cd:60:0f:f4:16:b2:81:cb:51:37:aa:c8:3c:b6:ec:
                    ce:51:e1:1f:47:94:62:87:db:0b:bd:28:61:8c:5e:
                    c6:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:AA:4F:32:C4:14:BD:DC:64:EC:56:09:43:24:7F:CC:B1:88:5B:42
            X509v3 Authority Key Identifier:
                keyid:EF:58:F8:57:2B:DD:77:D9:81:41:11:80:E2:EF:9A:8A:80:2C:76:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:a7:55:f4:34:f5:7b:d9:ad:c7:eb:65:4a:66:e4:d0:07:7a:
         ca:9a:91:b1:11:23:1b:a9:69:ff:08:6b:1b:c7:2e:5f:cb:e9:
         59:fc:e4:5a:59:ab:ce:46:f5:3d:e5:4d:de:f7:9e:15:cd:a7:
         69:da:36:e5:61:42:6d:ef:a8:74:68:fe:94:75:d0:26:9e:9d:
         7c:74:bc:32:cb:b3:64:68:2b:a5:ac:98:74:a1:aa:13:ec:8d:
         c4:bb:17:ed:23:f8:20:66:24:f5:43:41:ba:e1:25:b7:31:bb:
         fb:fd:38:15:b6:a6:62:58:b4:f8:72:21:2e:2c:89:86:0f:54:
         f5:fe:a4:55:ae:ec:11:d0:a7:9b:15:39:71:84:6a:df:cd:65:
         cb:40:6d:fb:71:90:39:7f:4e:8a:f3:90:78:2b:bc:11:43:bc:
         8f:60:1e:6f:e6:87:ab:03:47:44:db:59:ea:89:1e:87:1d:f9:
         3a:76:9e:be:f0:29:1c:1c:ad:39:10:f0:20:f0:8a:4e:a4:ac:
         89:02:85:f3:b8:ab:6b:a8:37:29:3f:56:a0:d7:fe:75:3e:e7:
         84:7f:1f:a7:0d:61:ef:c2:cb:35:99:3f:1e:e1:c9:3c:ea:33:
         b2:54:fa:12:4d:21:d2:ba:54:d4:35:b7:c2:8a:fb:3b:20:ab:
         5c:b0:46:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03v/eWMeFCgdBJdJbAq+KbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNThmODU3MmJkZDc3ZDk4MTQxMTE4MGUyZWY5YThhODAy
Yzc2YWMwHhcNMjYwMzI5MDQwMDIwWhcNMjYwMzMwMDQwMDIwWjAzMTEwLwYDVQQD
EygxOGFhNGYzMmM0MTRiZGRjNjRlYzU2MDk0MzI0N2ZjY2IxODg1YjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYSbszmyeYDpZhsjWvJTOcLgJSv6
1APadvCGrdbZVFQEht1ULe+H5sjN9KCDPap/Sh3UvS50+uv1O8OOb7RIJTvB4M4Y
cjUc8gctaGxBNdVdVmF/waaL1MCaOjQmcakJGI5LDZNhglEygOUjpKroGGFQ2DAR
NFylEgDUyKLSdLaLPlEJi/hg8WsyeCWcLZmHA/5bgBGfhjK+ejW0BgCbTpchyDJ6
MeSu0y8K5OT8yswhIjABy3qtvhQvga90/LjJ8zdIl+EludHTP3A1wBTatgN//jzc
t6Tdz2YQIWfg5PrNYA/0FrKBy1E3qsg8tuzOUeEfR5Rih9sLvShhjF7G9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBiqTzLEFL3cZOxWCUMkf8yxiFtCMB8GA1UdIwQY
MBaAFO9Y+Fcr3XfZgUERgOLvmoqALHasMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni85YjcxMDgtZTEyZi00ZjhhLWE1ZTAt
MzhlODA1ZmY0YzczLzEvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni85YjcxMDgtZTEyZi00ZjhhLWE1ZTAtMzhlODA1ZmY0Yzcz
LzEvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARKdV9DT1
e9mtx+tlSmbk0Ad6ypqRsREjG6lp/whrG8cuX8vpWfzkWlmrzkb1PeVN3veeFc2n
ado25WFCbe+odGj+lHXQJp6dfHS8MsuzZGgrpayYdKGqE+yNxLsX7SP4IGYk9UNB
uuEltzG7+/04FbamYli0+HIhLiyJhg9U9f6kVa7sEdCnmxU5cYRq381ly0Bt+3GQ
OX9OivOQeCu8EUO8j2Aeb+aHqwNHRNtZ6okehx35OnaevvApHBytORDwIPCKTqSs
iQKF87ira6g3KT9WoNf+dT7nhH8fpw1h78LLNZk/HuHJPOozslT6Ek0h0rpU1DW3
wor7OyCrXLBGMQ==
-----END CERTIFICATE-----