Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
File:                     IIP4tbYgnefJQAjzM3vjQ2866-Y.mft (raw, json)
Hash identifier:          dqNPvYa0EV/vM6cYK3YRIRzXLl5251+BV+5zx0VHQvs=
Subject key identifier:   2B:B0:16:58:C1:5F:CE:29:22:07:65:54:FB:4A:9A:1A:E4:30:10:14
Authority key identifier: 20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6
Certificate issuer:       /CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
Certificate serial:       019D3789A208C3E4F33E52F635A75DE85C98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
Manifest number:          08E3
Signing time:             Sun 29 Mar 2026 03:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:59 +0000
Files and hashes:         1: IIP4tbYgnefJQAjzM3vjQ2866-Y.crl (hash: lvsrBlVsWIQl+I7T6+DHAi4xcr/FyX33QYXAZXk1cmY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:a2:08:c3:e4:f3:3e:52:f6:35:a7:5d:e8:5c:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
        Validity
            Not Before: Mar 29 03:00:59 2026 GMT
            Not After : Mar 30 03:00:59 2026 GMT
        Subject: CN=2bb01658c15fce2922076554fb4a9a1ae4301014
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9a:0a:63:f0:85:96:9b:8f:18:b5:fe:cf:11:
                    7d:c5:8f:03:3f:99:85:3f:db:26:01:87:70:7f:90:
                    b0:ab:93:04:d7:b2:e4:1f:f0:fc:29:13:ac:00:a0:
                    be:f6:47:28:4c:dc:9e:77:60:5a:8c:de:fe:f0:a4:
                    28:e5:26:4f:a7:bd:20:48:1d:a0:1a:97:cb:24:12:
                    e6:e5:8d:19:c5:38:c8:6d:66:e0:8d:aa:d1:17:f4:
                    24:02:5b:d6:8c:df:6f:a6:ad:a1:1d:a8:e2:e6:92:
                    f8:9d:0b:9b:49:b9:12:e9:45:93:c9:03:ef:29:6a:
                    46:94:cc:67:50:99:25:6a:cc:82:57:62:b2:e9:ce:
                    a6:6a:c7:b2:0a:83:b1:bc:61:bd:89:97:37:30:7c:
                    e8:7a:4b:73:61:93:d2:dd:27:e6:fb:5f:87:8f:ff:
                    0d:d1:9a:cc:68:a2:c5:17:74:f7:c9:63:7e:62:e4:
                    ff:08:80:37:3a:06:f2:8f:1a:f1:d9:97:ae:71:1c:
                    2a:fc:4e:88:96:39:d5:e8:65:57:89:7e:6f:bc:65:
                    49:1a:67:40:83:20:2b:e6:24:76:d7:32:33:93:87:
                    b2:c9:e6:6a:bc:4d:19:a3:1c:5f:0d:56:44:2e:72:
                    37:d0:7d:8a:1a:2f:c3:2c:ec:61:02:d6:25:c3:00:
                    57:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:B0:16:58:C1:5F:CE:29:22:07:65:54:FB:4A:9A:1A:E4:30:10:14
            X509v3 Authority Key Identifier:
                keyid:20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ce:1f:7d:3e:95:e6:9f:3c:f8:7d:0c:2f:99:0b:86:3a:fb:c7:
         01:77:bd:92:75:e8:0f:6e:93:a8:53:c7:67:0a:85:9e:ff:fc:
         73:88:69:57:37:2e:d1:b5:0c:dd:7e:e9:ab:f1:eb:d7:4d:24:
         a2:c2:41:a9:9e:3d:3d:8b:75:b0:c0:29:20:c5:fb:ac:7b:cf:
         8e:aa:e9:8c:b3:50:1f:25:29:fa:d6:f8:89:bd:c9:3c:76:76:
         d2:1c:8e:45:f6:ba:9e:de:48:0f:07:12:9e:64:ea:ae:dd:3e:
         cf:2b:a4:f8:4c:1f:81:ea:43:4f:f5:98:9f:bb:1b:f8:86:c0:
         16:6c:8a:3d:f2:8b:64:7f:35:78:5b:07:86:37:7b:95:73:36:
         17:88:5f:7f:92:70:42:af:8e:9b:91:29:4c:68:26:69:4f:f6:
         fa:06:af:39:76:b5:89:de:1f:48:d3:d1:9c:74:9d:f0:9e:08:
         a8:fa:d7:ed:24:0b:8e:51:60:b6:20:9f:b2:29:85:17:28:23:
         6e:b0:58:99:6d:f0:88:e7:09:15:4d:ff:62:59:93:04:2d:05:
         1c:f0:9d:08:41:66:0c:fd:60:d7:67:08:72:4c:2a:7a:4b:24:
         77:54:cc:56:35:f1:cc:d5:ec:4e:39:f9:57:3f:a4:99:10:ad:
         82:af:dc:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iaIIw+TzPlL2Nadd6FyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwODNmOGI1YjYyMDlkZTdjOTQwMDhmMzMzN2JlMzQzNmYz
YWViZTYwHhcNMjYwMzI5MDMwMDU5WhcNMjYwMzMwMDMwMDU5WjAzMTEwLwYDVQQD
EygyYmIwMTY1OGMxNWZjZTI5MjIwNzY1NTRmYjRhOWExYWU0MzAxMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpoKY/CFlpuPGLX+zxF9xY8DP5mF
P9smAYdwf5Cwq5ME17LkH/D8KROsAKC+9kcoTNyed2BajN7+8KQo5SZPp70gSB2g
GpfLJBLm5Y0ZxTjIbWbgjarRF/QkAlvWjN9vpq2hHaji5pL4nQubSbkS6UWTyQPv
KWpGlMxnUJklasyCV2Ky6c6maseyCoOxvGG9iZc3MHzoektzYZPS3Sfm+1+Hj/8N
0ZrMaKLFF3T3yWN+YuT/CIA3Ogbyjxrx2ZeucRwq/E6IljnV6GVXiX5vvGVJGmdA
gyAr5iR21zIzk4eyyeZqvE0ZoxxfDVZELnI30H2KGi/DLOxhAtYlwwBXgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuwFljBX84pIgdlVPtKmhrkMBAUMB8GA1UdIwQY
MBaAFCCD+LW2IJ3nyUAI8zN740NvOuvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAt
YWNiZWYwMThkMDNhLzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAtYWNiZWYwMThkMDNh
LzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzh99PpXm
nzz4fQwvmQuGOvvHAXe9knXoD26TqFPHZwqFnv/8c4hpVzcu0bUM3X7pq/Hr100k
osJBqZ49PYt1sMApIMX7rHvPjqrpjLNQHyUp+tb4ib3JPHZ20hyORfa6nt5IDwcS
nmTqrt0+zyuk+EwfgepDT/WYn7sb+IbAFmyKPfKLZH81eFsHhjd7lXM2F4hff5Jw
Qq+Om5EpTGgmaU/2+gavOXa1id4fSNPRnHSd8J4IqPrX7SQLjlFgtiCfsimFFygj
brBYmW3wiOcJFU3/YlmTBC0FHPCdCEFmDP1g12cIckwqekskd1TMVjXxzNXsTjn5
Vz+kmRCtgq/ceA==
-----END CERTIFICATE-----