Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
File:                     IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json)
Hash identifier:          zUmOD1cDzcfa6Iand+6VuxDQLmA6h3uBs8814dcTnbo=
Subject key identifier:   B3:AF:80:F4:43:9C:F5:96:25:BC:61:EC:27:BB:78:D1:35:27:90:71
Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4
Certificate issuer:       /CN=2204f15cf30d73848b074dfcac26138006156ad4
Certificate serial:       019D386620D768A9AA7FD9DBD1813FD17749
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
Manifest number:          0F9C
Signing time:             Sun 29 Mar 2026 07:01:50 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:50 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:50 +0000
Files and hashes:         1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: TLcsRY2hyAka4VxE14vQ0UBklN4m+3D+JJy9qtaQTqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:20:d7:68:a9:aa:7f:d9:db:d1:81:3f:d1:77:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4
        Validity
            Not Before: Mar 29 07:01:50 2026 GMT
            Not After : Mar 30 07:01:50 2026 GMT
        Subject: CN=b3af80f4439cf59625bc61ec27bb78d135279071
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a7:9a:98:fd:84:c0:8d:67:48:d4:ce:79:1e:
                    91:b8:88:67:fb:a6:9b:4d:22:f7:4f:a2:ec:e9:94:
                    81:23:d7:14:16:bc:4c:0d:17:c3:17:86:90:52:c2:
                    e0:f5:02:82:7d:d5:c3:7a:79:e8:91:e7:b9:f0:c9:
                    a2:62:74:8f:b5:09:74:70:45:3f:27:ce:8c:15:0f:
                    36:b8:33:ec:94:be:f7:a0:b1:b1:cb:5d:c2:7f:13:
                    37:a9:0b:6f:ef:42:09:9b:3e:42:fd:3c:4a:43:d8:
                    61:00:05:50:97:fa:2d:24:a7:81:85:3e:f5:e4:4a:
                    c0:14:af:63:c5:b9:5a:f3:11:7d:34:8c:f3:02:58:
                    0f:ec:38:09:0d:4a:0d:9f:8f:c3:bb:25:eb:c1:b6:
                    fb:f2:46:14:19:83:85:58:0a:9b:6d:e0:78:df:55:
                    fd:6f:3f:dc:37:fb:44:2a:5f:3a:f6:e0:23:44:b1:
                    f8:05:71:02:42:68:0d:b6:9a:af:36:e5:52:39:44:
                    18:f1:2e:45:a5:ce:04:1c:95:18:3a:b9:b1:bb:f2:
                    d0:c2:63:c6:18:cc:52:7b:fd:6c:ce:25:51:9a:92:
                    0b:c1:2c:64:1a:07:89:74:76:35:4e:f8:8d:06:72:
                    d1:09:86:d9:28:ae:a7:37:25:7e:f6:49:55:46:44:
                    ec:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:AF:80:F4:43:9C:F5:96:25:BC:61:EC:27:BB:78:D1:35:27:90:71
            X509v3 Authority Key Identifier:
                keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:d7:f7:d9:e7:59:12:7f:f2:ec:d8:ef:4b:06:ce:1e:13:af:
         19:d7:34:ed:86:ba:35:31:6e:f8:08:15:00:80:c9:70:9c:cd:
         69:de:87:c5:d5:d4:f2:03:b1:4f:2c:a1:03:e7:4b:de:47:c1:
         be:8e:cf:e6:30:12:d6:32:43:71:a7:10:59:cb:99:71:31:02:
         da:bf:14:88:b5:6f:aa:82:ca:9c:f1:42:62:b1:3c:e7:01:85:
         37:d9:97:35:b8:c5:f7:29:bc:6c:77:31:26:2d:60:d2:ef:9d:
         7f:e0:26:8a:44:3d:7b:2f:a7:17:d3:f5:e2:f1:db:1f:78:d1:
         ec:31:4e:f8:1b:d3:2a:e6:59:64:37:ea:d3:e7:d3:2c:e4:a0:
         5f:87:14:3b:6b:bc:f0:b7:22:98:26:0a:20:d9:d4:dd:6d:36:
         1d:39:81:92:86:81:48:b2:92:75:49:49:63:3a:b6:63:2e:60:
         25:a2:c5:f6:75:71:d8:34:ac:6d:cd:58:ca:b2:e8:2c:67:24:
         c5:d8:67:1c:6d:9e:b7:b9:4d:ce:f4:a1:75:d1:cf:4e:af:94:
         42:ff:8e:b4:fa:32:38:f9:f9:79:5c:2f:0f:cc:c8:75:94:9f:
         f1:61:75:ec:ac:81:ed:ec:a9:db:67:82:b3:4c:b9:ed:4c:33:
         d7:32:39:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiDXaKmqf9nb0YE/0XdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx
NTZhZDQwHhcNMjYwMzI5MDcwMTUwWhcNMjYwMzMwMDcwMTUwWjAzMTEwLwYDVQQD
EyhiM2FmODBmNDQzOWNmNTk2MjViYzYxZWMyN2JiNzhkMTM1Mjc5MDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6eamP2EwI1nSNTOeR6RuIhn+6ab
TSL3T6Ls6ZSBI9cUFrxMDRfDF4aQUsLg9QKCfdXDennokee58MmiYnSPtQl0cEU/
J86MFQ82uDPslL73oLGxy13CfxM3qQtv70IJmz5C/TxKQ9hhAAVQl/otJKeBhT71
5ErAFK9jxbla8xF9NIzzAlgP7DgJDUoNn4/DuyXrwbb78kYUGYOFWAqbbeB431X9
bz/cN/tEKl869uAjRLH4BXECQmgNtpqvNuVSOUQY8S5Fpc4EHJUYOrmxu/LQwmPG
GMxSe/1sziVRmpILwSxkGgeJdHY1TviNBnLRCYbZKK6nNyV+9klVRkTshQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOvgPRDnPWWJbxh7Ce7eNE1J5BxMB8GA1UdIwQY
MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt
YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4
LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo9f32edZ
En/y7NjvSwbOHhOvGdc07Ya6NTFu+AgVAIDJcJzNad6HxdXU8gOxTyyhA+dL3kfB
vo7P5jAS1jJDcacQWcuZcTEC2r8UiLVvqoLKnPFCYrE85wGFN9mXNbjF9ym8bHcx
Ji1g0u+df+AmikQ9ey+nF9P14vHbH3jR7DFO+BvTKuZZZDfq0+fTLOSgX4cUO2u8
8LcimCYKINnU3W02HTmBkoaBSLKSdUlJYzq2Yy5gJaLF9nVx2DSsbc1YyrLoLGck
xdhnHG2et7lNzvShddHPTq+UQv+OtPoyOPn5eVwvD8zIdZSf8WF17KyB7eyp22eC
s0y57Uwz1zI5+Q==
-----END CERTIFICATE-----