Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft
File:                     rENzvP5MWzcCARWd-W2xNzaYur0.mft (raw, json)
Hash identifier:          0QVd72BFS/9k4M8ldZW9B/fr5tC9Zh+MIAszMsCVl4I=
Subject key identifier:   1F:7F:18:D4:29:C2:43:D6:C9:39:09:A2:1A:D6:8C:9E:31:D3:7A:33
Authority key identifier: AC:43:73:BC:FE:4C:5B:37:02:01:15:9D:F9:6D:B1:37:36:98:BA:BD
Certificate issuer:       /CN=ac4373bcfe4c5b370201159df96db1373698babd
Certificate serial:       019D389C182FFA96E411240B93301C2062DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rENzvP5MWzcCARWd-W2xNzaYur0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft
Manifest number:          01B8
Signing time:             Sun 29 Mar 2026 08:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:47 +0000
Files and hashes:         1: rENzvP5MWzcCARWd-W2xNzaYur0.crl (hash: H0zBbnC9phm+r80u7lFrHDYee4XpcbHh5kCE8yV4bHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rENzvP5MWzcCARWd-W2xNzaYur0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9c:18:2f:fa:96:e4:11:24:0b:93:30:1c:20:62:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ac4373bcfe4c5b370201159df96db1373698babd
        Validity
            Not Before: Mar 29 08:00:47 2026 GMT
            Not After : Mar 30 08:00:47 2026 GMT
        Subject: CN=1f7f18d429c243d6c93909a21ad68c9e31d37a33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3c:d7:04:27:3f:c2:6f:e6:c3:8d:91:77:39:
                    eb:7f:56:36:ef:e2:c2:ca:66:a6:3b:2d:07:90:69:
                    b8:57:c1:6d:18:31:ea:3a:61:46:88:47:b1:91:b5:
                    9f:c2:33:d9:1e:b5:3a:2c:b7:30:9b:1d:e7:35:6c:
                    cf:b7:83:eb:af:59:a2:d3:17:5a:28:13:6d:d6:d4:
                    53:ea:7b:6f:30:6e:97:fc:eb:d3:2c:87:e7:33:8f:
                    3e:64:b8:4b:f4:96:67:2e:35:46:ce:49:c2:90:27:
                    11:d3:cd:a6:13:96:ce:ac:f3:0f:79:e9:ef:3a:32:
                    54:d2:18:9b:3a:07:06:0d:6e:9f:e7:76:8c:4b:ac:
                    11:86:dd:5b:4b:b2:eb:8e:54:88:04:01:3a:9d:0d:
                    a3:64:b9:cd:7b:c9:92:c3:34:f6:cc:97:74:4f:26:
                    b1:ac:c0:51:fe:c5:2c:90:85:82:1c:27:cc:72:43:
                    d8:b0:83:1b:8b:de:7b:d7:ea:46:81:67:5d:d0:d4:
                    81:97:59:d4:ef:33:f7:25:52:bf:a4:23:3c:6a:8c:
                    65:49:59:be:f7:25:16:3a:e3:98:41:14:83:09:51:
                    14:06:76:a0:c9:e3:64:9f:9a:71:f8:17:64:89:99:
                    c6:99:ee:9a:c6:a9:ae:d0:dd:e1:d5:15:91:5e:1a:
                    6b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:7F:18:D4:29:C2:43:D6:C9:39:09:A2:1A:D6:8C:9E:31:D3:7A:33
            X509v3 Authority Key Identifier:
                keyid:AC:43:73:BC:FE:4C:5B:37:02:01:15:9D:F9:6D:B1:37:36:98:BA:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rENzvP5MWzcCARWd-W2xNzaYur0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/559200-c501-4ac0-a5f5-e5a35a847273/1/rENzvP5MWzcCARWd-W2xNzaYur0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:c6:2d:ca:78:10:80:b2:f5:57:57:53:52:02:33:9c:80:bf:
         34:b7:63:86:66:60:d5:ee:e1:11:25:c3:be:9d:5a:cd:6d:1e:
         ae:54:73:be:48:be:b3:80:42:09:d6:87:42:63:ec:21:fe:fd:
         ed:52:80:ff:86:39:e0:d7:d1:52:94:3b:00:5d:d0:d8:61:6b:
         67:7e:f4:d2:ee:3a:5e:ee:ea:e2:ea:92:26:a1:fc:3e:ee:84:
         1e:d0:a8:9a:42:6b:e1:84:8c:6a:19:8b:81:8b:76:ad:6a:f9:
         b9:51:4e:c7:ba:b5:33:fa:9a:06:91:c0:a6:0e:c7:23:45:e2:
         b7:6c:61:8d:f7:f3:58:97:bb:28:06:f7:bc:bd:7f:ab:4a:2f:
         24:dc:6c:cc:31:56:ef:20:58:0a:db:97:6b:b5:62:a3:a7:7a:
         96:41:e2:8c:3a:30:91:96:33:1f:a4:34:d0:cd:5f:00:6c:e1:
         96:d9:40:2e:26:02:fa:ae:fa:b0:f0:da:0f:73:18:b2:4e:69:
         b8:10:28:4a:06:3f:7b:a2:13:ab:e9:2e:de:48:19:5b:83:a3:
         10:27:2a:e0:50:d3:c4:44:27:10:13:55:a7:ce:ed:9b:6e:a2:
         cd:2f:9b:08:7a:43:bd:fd:2a:e3:f4:ac:5e:fe:4d:90:2e:9a:
         bb:6a:2e:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nBgv+pbkESQLkzAcIGLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNDM3M2JjZmU0YzViMzcwMjAxMTU5ZGY5NmRiMTM3MzY5
OGJhYmQwHhcNMjYwMzI5MDgwMDQ3WhcNMjYwMzMwMDgwMDQ3WjAzMTEwLwYDVQQD
EygxZjdmMThkNDI5YzI0M2Q2YzkzOTA5YTIxYWQ2OGM5ZTMxZDM3YTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDzXBCc/wm/mw42Rdznrf1Y27+LC
ymamOy0HkGm4V8FtGDHqOmFGiEexkbWfwjPZHrU6LLcwmx3nNWzPt4Prr1mi0xda
KBNt1tRT6ntvMG6X/OvTLIfnM48+ZLhL9JZnLjVGzknCkCcR082mE5bOrPMPeenv
OjJU0hibOgcGDW6f53aMS6wRht1bS7LrjlSIBAE6nQ2jZLnNe8mSwzT2zJd0Tyax
rMBR/sUskIWCHCfMckPYsIMbi9571+pGgWdd0NSBl1nU7zP3JVK/pCM8aoxlSVm+
9yUWOuOYQRSDCVEUBnagyeNkn5px+BdkiZnGme6axqmu0N3h1RWRXhprKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9/GNQpwkPWyTkJohrWjJ4x03ozMB8GA1UdIwQY
MBaAFKxDc7z+TFs3AgEVnfltsTc2mLq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckVOenZQNU1XemNDQVJXZC1XMnhOemFZdXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NTkyMDAtYzUwMS00YWMwLWE1ZjUt
ZTVhMzVhODQ3MjczLzEvckVOenZQNU1XemNDQVJXZC1XMnhOemFZdXIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81NTkyMDAtYzUwMS00YWMwLWE1ZjUtZTVhMzVhODQ3Mjcz
LzEvckVOenZQNU1XemNDQVJXZC1XMnhOemFZdXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAesYtyngQ
gLL1V1dTUgIznIC/NLdjhmZg1e7hESXDvp1azW0erlRzvki+s4BCCdaHQmPsIf79
7VKA/4Y54NfRUpQ7AF3Q2GFrZ3700u46Xu7q4uqSJqH8Pu6EHtComkJr4YSMahmL
gYt2rWr5uVFOx7q1M/qaBpHApg7HI0Xit2xhjffzWJe7KAb3vL1/q0ovJNxszDFW
7yBYCtuXa7Vio6d6lkHijDowkZYzH6Q00M1fAGzhltlALiYC+q76sPDaD3MYsk5p
uBAoSgY/e6ITq+ku3kgZW4OjECcq4FDTxEQnEBNVp87tm26izS+bCHpDvf0q4/Ss
Xv5NkC6au2oulg==
-----END CERTIFICATE-----