Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
File:                     iPdXItsls3I97Npdhw32m_DYZa4.mft (raw, json)
Hash identifier:          np5p5IYnJXCW+yh71HYRsxMBdKMjk3RxRiW13rGMfSc=
Subject key identifier:   00:03:7D:C3:F2:4A:CD:8F:EF:3B:B0:A2:67:53:0B:CD:50:05:57:F2
Authority key identifier: 88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE
Certificate issuer:       /CN=88f75722db25b3723decda5d870df69bf0d865ae
Certificate serial:       019D38666E91DACCF55E73533D1B906D68EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
Manifest number:          1287
Signing time:             Sun 29 Mar 2026 07:02:10 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:10 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:10 +0000
Files and hashes:         1: iPdXItsls3I97Npdhw32m_DYZa4.crl (hash: gO90R3FSaP1jJiuvHih8XQ5TIQ5mn/AZKBX618AJNbU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:6e:91:da:cc:f5:5e:73:53:3d:1b:90:6d:68:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88f75722db25b3723decda5d870df69bf0d865ae
        Validity
            Not Before: Mar 29 07:02:10 2026 GMT
            Not After : Mar 30 07:02:10 2026 GMT
        Subject: CN=00037dc3f24acd8fef3bb0a267530bcd500557f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:72:08:78:f5:64:0c:53:0c:e6:0f:34:3e:39:
                    6a:22:9d:bb:8c:eb:87:f0:e0:0a:03:f9:0b:f4:c5:
                    57:8f:73:64:a9:cb:84:cf:34:4d:db:85:a5:71:fe:
                    59:8e:24:76:83:7f:75:43:c5:b2:53:10:c6:67:f1:
                    41:09:56:f1:f7:5f:7e:d5:49:41:bc:99:ac:81:19:
                    01:82:e2:17:01:11:22:d9:af:f3:2a:65:9e:54:44:
                    9a:48:7c:17:c8:94:2b:2a:7c:f9:a3:de:a3:a1:f2:
                    e3:16:50:e0:0a:6e:37:01:14:4a:a6:01:fa:17:63:
                    50:e2:b2:92:b0:c8:28:20:73:18:2f:c2:5d:7c:dc:
                    d3:29:8c:55:43:8c:c5:1b:70:91:49:a0:4f:a3:12:
                    90:53:c8:e1:53:f7:c0:ef:52:10:71:e3:2c:12:51:
                    e6:fc:8f:89:1b:08:e0:6a:03:7a:82:e7:81:91:3a:
                    eb:0f:de:ea:23:1b:9e:7d:02:d4:21:74:d6:7a:14:
                    7e:8d:7f:e6:b4:6a:40:5d:ce:cd:c6:02:e6:26:0f:
                    95:11:45:5f:33:84:bd:88:4d:2f:7c:4d:3a:54:66:
                    f7:45:2c:d5:31:fa:03:28:ab:12:8f:00:f5:2a:62:
                    bb:5f:41:85:91:d3:6b:5c:20:8e:f6:b7:f8:9b:bb:
                    08:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:03:7D:C3:F2:4A:CD:8F:EF:3B:B0:A2:67:53:0B:CD:50:05:57:F2
            X509v3 Authority Key Identifier:
                keyid:88:F7:57:22:DB:25:B3:72:3D:EC:DA:5D:87:0D:F6:9B:F0:D8:65:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPdXItsls3I97Npdhw32m_DYZa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/2fa725-945c-48df-b629-2d140e4c5a3f/1/iPdXItsls3I97Npdhw32m_DYZa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:33:0e:c6:25:d8:5e:c2:70:27:59:4f:99:75:b7:64:e0:1a:
         37:5c:74:2b:95:a8:09:6d:e2:22:56:82:a1:ed:7d:7e:62:3e:
         14:a3:61:26:65:10:bc:c0:d6:6f:d2:80:38:dc:95:b4:ee:38:
         db:31:a1:93:6f:3f:77:9d:d2:cf:56:f3:f3:4f:f7:d4:5c:3c:
         8d:09:12:20:06:fc:1f:66:b7:12:e0:b4:93:a9:28:aa:3b:48:
         0c:8d:68:95:df:97:aa:3c:6f:9f:35:9b:f0:04:63:cb:be:f5:
         c9:95:55:71:8f:6f:8b:92:3d:7b:7e:4f:d1:19:50:a8:dc:21:
         8f:dd:7e:7b:3f:a1:ae:60:d4:8a:f4:43:e2:fd:37:65:c7:09:
         f3:38:48:58:4a:7d:52:22:13:f3:25:09:c4:1e:50:29:f6:43:
         03:9b:0f:a7:e6:63:28:91:af:bd:c5:79:11:9c:60:0f:2b:62:
         b3:6e:8b:64:68:3a:b2:1e:ca:41:bb:b4:c1:5c:b2:56:43:24:
         a9:3c:8b:d8:16:80:96:59:2c:8c:40:c0:25:ca:9a:ab:ec:f7:
         9f:d4:a6:a0:bc:08:0b:61:dc:1a:fb:f6:70:30:e0:a2:e2:f9:
         dd:98:56:b0:79:19:ea:78:5d:3f:bb:9e:83:cd:af:fb:59:91:
         03:80:cf:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zm6R2sz1XnNTPRuQbWjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Zjc1NzIyZGIyNWIzNzIzZGVjZGE1ZDg3MGRmNjliZjBk
ODY1YWUwHhcNMjYwMzI5MDcwMjEwWhcNMjYwMzMwMDcwMjEwWjAzMTEwLwYDVQQD
EygwMDAzN2RjM2YyNGFjZDhmZWYzYmIwYTI2NzUzMGJjZDUwMDU1N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nIIePVkDFMM5g80PjlqIp27jOuH
8OAKA/kL9MVXj3NkqcuEzzRN24Wlcf5ZjiR2g391Q8WyUxDGZ/FBCVbx919+1UlB
vJmsgRkBguIXAREi2a/zKmWeVESaSHwXyJQrKnz5o96jofLjFlDgCm43ARRKpgH6
F2NQ4rKSsMgoIHMYL8JdfNzTKYxVQ4zFG3CRSaBPoxKQU8jhU/fA71IQceMsElHm
/I+JGwjgagN6gueBkTrrD97qIxuefQLUIXTWehR+jX/mtGpAXc7NxgLmJg+VEUVf
M4S9iE0vfE06VGb3RSzVMfoDKKsSjwD1KmK7X0GFkdNrXCCO9rf4m7sIQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAADfcPySs2P7zuwomdTC81QBVfyMB8GA1UdIwQY
MBaAFIj3VyLbJbNyPezaXYcN9pvw2GWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2Mjkt
MmQxNDBlNGM1YTNmLzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yZmE3MjUtOTQ1Yy00OGRmLWI2MjktMmQxNDBlNGM1YTNm
LzEvaVBkWEl0c2xzM0k5N05wZGh3MzJtX0RZWmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHDMOxiXY
XsJwJ1lPmXW3ZOAaN1x0K5WoCW3iIlaCoe19fmI+FKNhJmUQvMDWb9KAONyVtO44
2zGhk28/d53Sz1bz80/31Fw8jQkSIAb8H2a3EuC0k6koqjtIDI1old+XqjxvnzWb
8ARjy771yZVVcY9vi5I9e35P0RlQqNwhj91+ez+hrmDUivRD4v03ZccJ8zhIWEp9
UiIT8yUJxB5QKfZDA5sPp+ZjKJGvvcV5EZxgDytis26LZGg6sh7KQbu0wVyyVkMk
qTyL2BaAllksjEDAJcqaq+z3n9SmoLwIC2HcGvv2cDDgouL53ZhWsHkZ6nhdP7ue
g82v+1mRA4DPyg==
-----END CERTIFICATE-----