Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.mft
File:                     SYN20qIgPYbnmm1ESVq_xIkDFGU.mft (raw, json)
Hash identifier:          aTGEgZE1tlndTELmmofl6SBQqWrNNQSqj4pUkFhJgpQ=
Subject key identifier:   47:75:C0:55:62:53:DB:9C:24:00:AA:6F:A3:E0:44:9C:A0:58:B0:4F
Authority key identifier: 49:83:76:D2:A2:20:3D:86:E7:9A:6D:44:49:5A:BF:C4:89:03:14:65
Certificate issuer:       /CN=498376d2a2203d86e79a6d44495abfc489031465
Certificate serial:       019D38D3AEA18D3242CA080D8487AA24C8A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SYN20qIgPYbnmm1ESVq_xIkDFGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.mft
Manifest number:          0F74
Signing time:             Sun 29 Mar 2026 09:01:30 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:30 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:30 +0000
Files and hashes:         1: SYN20qIgPYbnmm1ESVq_xIkDFGU.crl (hash: v1Zlo9AZa+9B/SlRoHcxu5u9tg8trCgTCbHkosvJ/zo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SYN20qIgPYbnmm1ESVq_xIkDFGU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:ae:a1:8d:32:42:ca:08:0d:84:87:aa:24:c8:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=498376d2a2203d86e79a6d44495abfc489031465
        Validity
            Not Before: Mar 29 09:01:30 2026 GMT
            Not After : Mar 30 09:01:30 2026 GMT
        Subject: CN=4775c0556253db9c2400aa6fa3e0449ca058b04f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:1f:e0:d8:67:46:65:1b:08:79:fc:0a:cf:7c:
                    ed:11:4e:12:cd:ad:6b:5b:5a:a1:40:ed:08:c1:3b:
                    9f:c6:4b:7d:4d:06:ec:a7:b0:db:ca:3f:bb:f5:86:
                    d2:b2:f8:5d:3a:31:79:bd:0e:f5:d8:6e:af:6b:35:
                    da:e2:84:2c:0c:cf:3c:c0:16:97:e0:69:f9:29:2d:
                    9e:9b:5d:12:f5:da:63:6a:8e:d7:d7:ae:a6:fa:1e:
                    32:f6:63:f4:74:31:f1:16:4e:be:7f:2d:56:e1:e1:
                    d6:12:08:d1:22:5f:27:22:3c:80:d3:2d:6f:7e:76:
                    bf:b7:2d:3e:f1:3b:91:22:c5:a2:7a:61:2d:b4:9a:
                    17:c6:90:ef:3a:7e:e9:b5:25:94:6c:54:0f:3f:ea:
                    03:43:05:ff:ce:26:7c:86:1a:aa:d4:3f:b1:88:25:
                    49:62:0d:65:b6:ab:c4:30:81:33:40:91:e2:2e:ee:
                    5a:c1:e3:8a:84:ef:e1:f8:39:10:4d:09:16:b1:6d:
                    24:c9:81:6b:60:89:00:5a:81:b5:57:d2:fd:90:b9:
                    87:49:27:c6:69:20:c5:9f:d9:1c:9d:9d:1d:9e:75:
                    53:f4:f2:17:1d:2a:15:30:b5:27:fe:ac:ae:52:61:
                    bb:25:26:fa:ab:98:41:80:cf:f2:eb:b6:eb:54:01:
                    aa:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:75:C0:55:62:53:DB:9C:24:00:AA:6F:A3:E0:44:9C:A0:58:B0:4F
            X509v3 Authority Key Identifier:
                keyid:49:83:76:D2:A2:20:3D:86:E7:9A:6D:44:49:5A:BF:C4:89:03:14:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYN20qIgPYbnmm1ESVq_xIkDFGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9255bd-8b7f-46d2-9773-f50a2a006414/1/SYN20qIgPYbnmm1ESVq_xIkDFGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:cb:7e:7e:9c:61:84:95:70:97:37:4a:e2:a0:f6:db:c3:6d:
         f1:40:ee:be:22:e7:4e:9e:85:9f:ea:d1:d9:9a:e7:78:cf:e0:
         5f:24:94:f0:cc:0a:5d:63:a2:ff:59:fb:62:02:5b:54:96:94:
         20:53:be:aa:0c:d3:3b:1c:b1:8e:9c:59:c9:88:e7:a9:c0:e8:
         b5:58:4a:0d:c2:a2:90:72:6e:b1:17:25:b4:0d:d8:5d:aa:48:
         6e:f4:68:22:ea:15:a1:37:f7:79:83:63:64:4b:92:93:d5:29:
         1d:67:f8:eb:ea:73:5e:ff:be:3d:6f:b4:67:fe:67:b7:d4:19:
         54:6a:6e:6a:18:ae:86:f9:3d:fb:37:6d:5f:1a:a4:f0:1c:80:
         c5:c8:9a:a7:7c:b4:07:b6:34:96:0d:3a:cc:cf:cb:07:c0:09:
         9d:87:ea:c5:1d:99:eb:79:b4:a2:e6:09:db:18:3e:a5:08:68:
         77:e5:05:e1:8f:fc:8d:08:e5:b3:0d:e6:1f:db:fe:71:9c:31:
         2d:52:6f:82:7e:91:f4:d9:7e:ac:cf:fe:1a:47:b0:52:bb:c7:
         ae:40:28:5c:96:bd:00:33:5d:92:a9:f0:9d:c5:8b:c0:29:85:
         24:c2:ee:b3:55:00:55:b7:3d:8d:e1:c2:65:16:08:82:f5:34:
         6c:53:e0:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04066hjTJCyggNhIeqJMipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODM3NmQyYTIyMDNkODZlNzlhNmQ0NDQ5NWFiZmM0ODkw
MzE0NjUwHhcNMjYwMzI5MDkwMTMwWhcNMjYwMzMwMDkwMTMwWjAzMTEwLwYDVQQD
Eyg0Nzc1YzA1NTYyNTNkYjljMjQwMGFhNmZhM2UwNDQ5Y2EwNThiMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6h/g2GdGZRsIefwKz3ztEU4Sza1r
W1qhQO0IwTufxkt9TQbsp7Dbyj+79YbSsvhdOjF5vQ712G6vazXa4oQsDM88wBaX
4Gn5KS2em10S9dpjao7X166m+h4y9mP0dDHxFk6+fy1W4eHWEgjRIl8nIjyA0y1v
fna/ty0+8TuRIsWiemEttJoXxpDvOn7ptSWUbFQPP+oDQwX/ziZ8hhqq1D+xiCVJ
Yg1ltqvEMIEzQJHiLu5aweOKhO/h+DkQTQkWsW0kyYFrYIkAWoG1V9L9kLmHSSfG
aSDFn9kcnZ0dnnVT9PIXHSoVMLUn/qyuUmG7JSb6q5hBgM/y67brVAGqbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEd1wFViU9ucJACqb6PgRJygWLBPMB8GA1UdIwQY
MBaAFEmDdtKiID2G55ptRElav8SJAxRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lOMjBxSWdQWWJubW0xRVNWcV94SWtERkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85MjU1YmQtOGI3Zi00NmQyLTk3NzMt
ZjUwYTJhMDA2NDE0LzEvU1lOMjBxSWdQWWJubW0xRVNWcV94SWtERkdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85MjU1YmQtOGI3Zi00NmQyLTk3NzMtZjUwYTJhMDA2NDE0
LzEvU1lOMjBxSWdQWWJubW0xRVNWcV94SWtERkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqMt+fpxh
hJVwlzdK4qD228Nt8UDuviLnTp6Fn+rR2ZrneM/gXySU8MwKXWOi/1n7YgJbVJaU
IFO+qgzTOxyxjpxZyYjnqcDotVhKDcKikHJusRcltA3YXapIbvRoIuoVoTf3eYNj
ZEuSk9UpHWf46+pzXv++PW+0Z/5nt9QZVGpuahiuhvk9+zdtXxqk8ByAxciap3y0
B7Y0lg06zM/LB8AJnYfqxR2Z63m0ouYJ2xg+pQhod+UF4Y/8jQjlsw3mH9v+cZwx
LVJvgn6R9Nl+rM/+GkewUrvHrkAoXJa9ADNdkqnwncWLwCmFJMLus1UAVbc9jeHC
ZRYIgvU0bFPgGw==
-----END CERTIFICATE-----