Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          dHH5SLG6FbnwtoC2unEkjvY/It9WMbPEC4y25Oz01rk=
Subject key identifier:   48:DC:98:99:8A:9E:D7:43:28:AF:F3:6E:9D:85:F0:21:5C:C9:2C:94
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       019D38D3908BF5DCF92A60FED8C067CAB6D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          1889
Signing time:             Sun 29 Mar 2026 09:01:22 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:22 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:22 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: I+S1L2ECfzAvTbgoEDZvYnlXK3QGOooyd5sv+YO0Tug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:90:8b:f5:dc:f9:2a:60:fe:d8:c0:67:ca:b6:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: Mar 29 09:01:22 2026 GMT
            Not After : Mar 30 09:01:22 2026 GMT
        Subject: CN=48dc98998a9ed74328aff36e9d85f0215cc92c94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:99:d7:9c:3f:1d:41:86:dc:64:11:92:ac:89:
                    07:03:b1:0f:13:e9:4b:e2:4b:a6:ab:d4:da:29:c1:
                    ce:93:55:2a:a2:a1:6d:f2:69:cc:68:7d:37:e1:bf:
                    b9:79:ab:d1:b1:29:de:98:af:00:d6:f2:b2:46:bf:
                    9c:9b:64:6a:f0:36:cb:45:d1:bd:f1:45:b0:2b:e7:
                    a3:48:29:fe:e7:3f:a5:c7:60:52:a3:11:9c:ba:cd:
                    1f:8b:2f:49:16:7f:2c:d8:78:3d:e1:3b:ef:8d:64:
                    e2:1d:0b:3e:b8:92:c7:5f:e2:1c:39:84:b2:ad:5f:
                    1e:d3:ad:a9:ca:69:fb:d2:96:c5:83:9c:2f:9b:1d:
                    82:1a:aa:20:4c:f4:08:96:f7:be:c5:c9:61:7d:91:
                    6e:cf:b2:38:d2:6f:ca:af:60:f1:18:31:28:90:ad:
                    74:9e:f3:96:ea:96:bd:43:a8:10:3a:28:75:ec:6d:
                    28:11:dc:12:97:7c:9a:d0:6b:0c:05:36:45:ec:3a:
                    5d:b9:ee:60:15:e9:8e:e9:bc:ae:7e:a6:80:f8:d5:
                    6d:25:18:67:58:d0:f0:d0:fa:eb:d7:fe:c4:98:63:
                    7c:7f:0a:16:7b:3c:06:c3:d9:cf:02:eb:b5:7f:cc:
                    5b:da:81:87:0e:95:4e:b8:7e:47:d9:9d:66:e4:6f:
                    0f:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:DC:98:99:8A:9E:D7:43:28:AF:F3:6E:9D:85:F0:21:5C:C9:2C:94
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:16:c4:a2:ff:c5:e7:7b:3e:31:d0:3f:7b:18:1c:f4:2c:49:
         45:e6:4d:eb:ea:2a:58:90:cd:bd:50:f3:00:b2:22:06:92:e2:
         f7:c7:04:22:12:85:fb:08:49:19:c4:54:ae:3a:3c:59:30:90:
         35:79:4c:33:27:4c:76:7f:37:1e:83:ef:e1:1d:d4:67:1a:d4:
         63:56:20:ce:cc:99:b2:f0:c5:e6:d5:d2:25:ec:14:d3:9e:6b:
         0d:ec:f9:fc:9d:d9:90:15:77:8b:21:66:70:0b:06:82:4f:c5:
         16:bc:f5:ce:c1:cb:62:c5:da:12:2c:e0:52:98:76:a0:94:11:
         15:80:8c:f6:f1:90:74:9d:28:89:da:b6:d8:1e:5c:a2:a7:e9:
         2a:4b:b7:48:11:bc:76:f0:41:61:45:6a:04:87:3d:3d:2c:7b:
         63:26:5f:49:dd:9f:04:97:3f:bb:e7:79:eb:f0:67:db:4d:af:
         9d:84:2c:23:c4:52:04:ea:33:a9:05:3c:9d:5b:76:c3:32:18:
         44:82:7e:36:7d:90:ff:50:b2:6a:f1:30:f4:d2:3b:3f:51:bc:
         6b:e8:67:6f:c6:54:3a:a6:4b:5e:db:5d:fd:79:60:08:33:c6:
         19:b3:54:58:e4:fe:2c:ae:15:1d:60:8c:e4:97:96:d9:8d:64:
         69:71:ee:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0405CL9dz5KmD+2MBnyrbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjYwMzI5MDkwMTIyWhcNMjYwMzMwMDkwMTIyWjAzMTEwLwYDVQQD
Eyg0OGRjOTg5OThhOWVkNzQzMjhhZmYzNmU5ZDg1ZjAyMTVjYzkyYzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5nXnD8dQYbcZBGSrIkHA7EPE+lL
4kumq9TaKcHOk1UqoqFt8mnMaH034b+5eavRsSnemK8A1vKyRr+cm2Rq8DbLRdG9
8UWwK+ejSCn+5z+lx2BSoxGcus0fiy9JFn8s2Hg94TvvjWTiHQs+uJLHX+IcOYSy
rV8e062pymn70pbFg5wvmx2CGqogTPQIlve+xclhfZFuz7I40m/Kr2DxGDEokK10
nvOW6pa9Q6gQOih17G0oEdwSl3ya0GsMBTZF7Dpdue5gFemO6byufqaA+NVtJRhn
WNDw0Prr1/7EmGN8fwoWezwGw9nPAuu1f8xb2oGHDpVOuH5H2Z1m5G8PrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjcmJmKntdDKK/zbp2F8CFcySyUMB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuBbEov/F
53s+MdA/exgc9CxJReZN6+oqWJDNvVDzALIiBpLi98cEIhKF+whJGcRUrjo8WTCQ
NXlMMydMdn83HoPv4R3UZxrUY1YgzsyZsvDF5tXSJewU055rDez5/J3ZkBV3iyFm
cAsGgk/FFrz1zsHLYsXaEizgUph2oJQRFYCM9vGQdJ0oidq22B5coqfpKku3SBG8
dvBBYUVqBIc9PSx7YyZfSd2fBJc/u+d56/Bn202vnYQsI8RSBOozqQU8nVt2wzIY
RIJ+Nn2Q/1CyavEw9NI7P1G8a+hnb8ZUOqZLXttd/XlgCDPGGbNUWOT+LK4VHWCM
5JeW2Y1kaXHuPg==
-----END CERTIFICATE-----