Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          RKafIJkrrmtkOvqbYCNXNNJG4+gXacUAZoF0RL93K1I=
Subject key identifier:   8C:11:9E:6B:D7:3A:C8:D4:D9:D5:2A:73:06:B9:DC:16:B5:AF:AF:ED
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       019D38D2D2505FE9EEF131517D75066DF4E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          07B9
Signing time:             Sun 29 Mar 2026 09:00:33 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:33 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:33 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: 2wGZKWYShDJnrNXO83jy2SNDD4sqPsk5lGhnY8wEkjI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:d2:50:5f:e9:ee:f1:31:51:7d:75:06:6d:f4:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Mar 29 09:00:33 2026 GMT
            Not After : Mar 30 09:00:33 2026 GMT
        Subject: CN=8c119e6bd73ac8d4d9d52a7306b9dc16b5afafed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:83:43:14:4e:5a:f8:70:d0:b4:bd:c0:95:4d:
                    c0:5a:ab:73:35:11:f7:61:6b:4c:04:73:7c:d7:5d:
                    e3:39:bb:ae:f6:4a:28:73:e5:0e:73:a1:22:d7:74:
                    03:07:03:d0:c0:01:7d:fe:94:8d:2d:2d:34:84:b5:
                    6a:28:21:64:58:52:25:7f:e5:bb:4f:ba:d4:d9:f4:
                    5d:a6:8b:be:25:a0:93:28:b6:4f:b7:16:5c:8a:a4:
                    23:e6:49:9e:42:cf:ed:ed:12:c1:df:cc:35:d1:38:
                    5c:72:64:b5:ac:ce:b2:16:af:9b:67:a7:54:3b:2a:
                    7d:73:45:44:8e:1a:1b:59:92:df:10:bc:2f:ee:af:
                    2a:ba:83:b9:90:5d:ef:b3:4d:52:f9:a6:fc:40:bd:
                    c1:ed:53:0a:a5:a6:93:58:4b:19:68:c9:00:62:6b:
                    e3:16:59:65:c6:d7:ec:ae:b2:10:43:4e:c5:22:ca:
                    0e:eb:75:67:a7:a1:61:34:57:3c:0a:02:b4:32:fb:
                    c0:78:96:4b:ed:cf:bf:35:26:01:e0:68:d7:b5:a6:
                    ee:46:57:21:14:70:d0:f1:76:ba:96:60:c8:2e:80:
                    d3:14:19:a2:9f:3a:51:fd:69:88:92:d7:82:de:85:
                    52:6c:bc:6f:fd:79:a4:8d:77:e4:74:90:9b:7d:c6:
                    16:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:11:9E:6B:D7:3A:C8:D4:D9:D5:2A:73:06:B9:DC:16:B5:AF:AF:ED
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:0b:05:33:f2:ec:5c:07:56:be:55:f4:cc:9c:64:a3:17:43:
         4c:3b:68:f5:b9:7c:3f:97:73:b8:2b:bb:d1:64:cd:d8:72:aa:
         d1:ef:3e:a2:d3:12:52:82:c1:d8:a6:f5:8a:fb:a1:a2:4e:5c:
         be:f9:a1:53:06:2e:88:6d:a9:31:35:4d:5d:27:67:ea:92:92:
         77:3b:6e:a4:76:67:39:84:e3:85:92:85:6c:93:aa:34:21:c6:
         5b:92:9f:ae:4a:cd:4d:a1:c5:a6:e4:79:50:9d:81:f7:fd:50:
         9a:99:75:e4:da:c0:99:65:b4:2d:e9:ae:0f:fa:3e:13:59:9d:
         77:91:97:92:31:fb:59:87:13:a6:ee:41:a9:17:18:cc:5d:1a:
         fe:e3:ab:75:dc:d5:26:a3:30:c9:6b:0c:a7:8f:bc:12:e2:02:
         7a:f8:0d:37:20:8c:32:8a:5c:36:f2:57:94:4c:b8:f7:49:44:
         8b:57:6c:20:6f:6f:25:d7:b4:60:76:1b:de:8a:57:23:a5:19:
         bc:7f:cb:44:9f:0c:04:d1:85:9f:f5:2b:f0:84:92:16:45:d3:
         05:90:16:13:37:9d:86:9b:00:d9:c4:41:7b:c3:5e:08:e0:4d:
         13:ff:50:7a:21:39:b4:d4:d3:40:5a:e1:6f:25:aa:52:08:02:
         77:8b:8e:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tJQX+nu8TFRfXUGbfTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjYwMzI5MDkwMDMzWhcNMjYwMzMwMDkwMDMzWjAzMTEwLwYDVQQD
Eyg4YzExOWU2YmQ3M2FjOGQ0ZDlkNTJhNzMwNmI5ZGMxNmI1YWZhZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYNDFE5a+HDQtL3AlU3AWqtzNRH3
YWtMBHN8113jObuu9kooc+UOc6Ei13QDBwPQwAF9/pSNLS00hLVqKCFkWFIlf+W7
T7rU2fRdpou+JaCTKLZPtxZciqQj5kmeQs/t7RLB38w10ThccmS1rM6yFq+bZ6dU
Oyp9c0VEjhobWZLfELwv7q8quoO5kF3vs01S+ab8QL3B7VMKpaaTWEsZaMkAYmvj
FlllxtfsrrIQQ07FIsoO63Vnp6FhNFc8CgK0MvvAeJZL7c+/NSYB4GjXtabuRlch
FHDQ8Xa6lmDILoDTFBminzpR/WmIkteC3oVSbLxv/XmkjXfkdJCbfcYWaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwRnmvXOsjU2dUqcwa53Ba1r6/tMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXgsFM/Ls
XAdWvlX0zJxkoxdDTDto9bl8P5dzuCu70WTN2HKq0e8+otMSUoLB2Kb1ivuhok5c
vvmhUwYuiG2pMTVNXSdn6pKSdztupHZnOYTjhZKFbJOqNCHGW5KfrkrNTaHFpuR5
UJ2B9/1Qmpl15NrAmWW0LemuD/o+E1mdd5GXkjH7WYcTpu5BqRcYzF0a/uOrddzV
JqMwyWsMp4+8EuICevgNNyCMMopcNvJXlEy490lEi1dsIG9vJde0YHYb3opXI6UZ
vH/LRJ8MBNGFn/Ur8ISSFkXTBZAWEzedhpsA2cRBe8NeCOBNE/9QeiE5tNTTQFrh
byWqUggCd4uOcQ==
-----END CERTIFICATE-----