Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
File:                     PFlVXsIygmx91tmpJrU2AoN5SfY.mft (raw, json)
Hash identifier:          aNeJ5LWw7T3cVMLz1PxA1XFnX8+ZTCbwFFuFLdHAogk=
Subject key identifier:   F6:90:F1:1A:B7:F6:FB:A6:99:B3:B5:CE:89:69:38:42:79:AC:93:EA
Authority key identifier: 3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6
Certificate issuer:       /CN=3c59555ec232826c7dd6d9a926b53602837949f6
Certificate serial:       019D37F727D0A44FABC664F8FDFD6FC5305D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
Manifest number:          0443
Signing time:             Sun 29 Mar 2026 05:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:37 +0000
Files and hashes:         1: PFlVXsIygmx91tmpJrU2AoN5SfY.crl (hash: 50Kz5t6vlH/BiCBFImpYRREjp455QEQmLEexwE46QpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:27:d0:a4:4f:ab:c6:64:f8:fd:fd:6f:c5:30:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c59555ec232826c7dd6d9a926b53602837949f6
        Validity
            Not Before: Mar 29 05:00:37 2026 GMT
            Not After : Mar 30 05:00:37 2026 GMT
        Subject: CN=f690f11ab7f6fba699b3b5ce8969384279ac93ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:9f:dc:43:f5:aa:7c:44:48:95:fa:a9:b9:61:
                    2c:26:97:e3:32:4d:e0:3a:f8:34:0c:d4:8d:9a:16:
                    e7:ca:4c:a7:15:b6:9f:a9:c8:d3:b6:4a:73:8c:ca:
                    3a:eb:29:3b:e8:a8:30:4f:ab:11:dc:c4:3a:5e:38:
                    9e:dd:5d:71:c8:5a:28:a3:f6:77:de:53:d0:dc:20:
                    e8:6f:ab:4c:1a:32:ad:d7:d3:fb:ca:f0:a6:b1:a6:
                    31:6e:01:c5:8a:eb:c4:e1:a9:b7:3a:63:d6:c4:bc:
                    ea:2f:f9:54:5b:8e:ad:57:8b:19:06:e5:47:35:64:
                    d7:9a:e5:8f:90:28:ef:03:0e:b1:77:77:0e:3d:59:
                    03:f9:6e:17:8f:38:f4:ff:d4:60:75:e4:f0:23:5c:
                    73:09:92:a8:83:9e:8e:12:de:72:ea:11:ab:49:1e:
                    dc:cd:0e:60:0b:53:bf:51:98:29:4a:b8:68:dd:fc:
                    ab:90:5e:57:0d:d4:49:39:e1:0d:44:90:70:24:24:
                    83:04:3c:72:c4:cf:c5:6c:04:9e:b3:14:50:ab:01:
                    9f:ef:d2:e4:12:d8:bc:18:bd:9a:04:88:5a:b3:ca:
                    84:92:44:ea:fb:91:b9:77:38:ba:bf:2c:8e:27:f3:
                    09:3b:b9:d1:35:d0:ff:c3:4d:d2:15:fb:27:dd:f4:
                    15:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:90:F1:1A:B7:F6:FB:A6:99:B3:B5:CE:89:69:38:42:79:AC:93:EA
            X509v3 Authority Key Identifier:
                keyid:3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:d3:49:ad:fc:d0:f3:c8:3a:8e:f1:4d:6a:c0:ec:9e:b9:64:
         7a:01:44:7a:c0:54:7a:aa:02:f3:07:79:e2:d4:f1:8d:74:33:
         17:b9:ac:77:d9:34:ab:64:46:a6:42:87:24:a3:b6:e3:19:e1:
         f4:76:6e:8a:e0:0c:06:ea:97:48:ac:b5:41:5f:4b:b3:7c:e2:
         fa:17:87:ad:8f:d7:69:b3:84:1b:95:79:3e:8f:0b:5a:92:14:
         55:4c:f8:83:4d:69:93:f4:19:da:72:29:de:b0:00:e1:cf:e5:
         4a:5a:3f:91:86:9d:53:a4:88:8e:21:b9:e9:9c:8f:81:76:3d:
         f3:f1:1e:ba:ee:f7:a6:87:8e:2a:be:45:20:6e:46:cd:b1:f3:
         cb:a1:37:40:ed:85:1a:43:ff:13:85:c4:78:25:b7:a1:da:aa:
         b5:3b:d6:77:d2:23:5b:79:d7:4d:68:99:09:17:98:7a:45:5f:
         ff:96:e8:25:a2:b1:4a:44:14:25:ed:60:de:29:b7:fd:ec:25:
         76:74:d4:5a:2a:ea:64:1a:e3:5e:f3:5a:72:9e:30:4d:e2:12:
         3d:d5:e1:11:c9:78:14:1d:96:3e:90:2e:e3:6e:91:be:ed:5f:
         b1:c7:e5:b0:7e:ea:38:56:09:b2:20:d8:da:79:a4:47:d7:67:
         b3:c4:d6:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039yfQpE+rxmT4/f1vxTBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNTk1NTVlYzIzMjgyNmM3ZGQ2ZDlhOTI2YjUzNjAyODM3
OTQ5ZjYwHhcNMjYwMzI5MDUwMDM3WhcNMjYwMzMwMDUwMDM3WjAzMTEwLwYDVQQD
EyhmNjkwZjExYWI3ZjZmYmE2OTliM2I1Y2U4OTY5Mzg0Mjc5YWM5M2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ/cQ/WqfERIlfqpuWEsJpfjMk3g
Ovg0DNSNmhbnykynFbafqcjTtkpzjMo66yk76KgwT6sR3MQ6Xjie3V1xyFooo/Z3
3lPQ3CDob6tMGjKt19P7yvCmsaYxbgHFiuvE4am3OmPWxLzqL/lUW46tV4sZBuVH
NWTXmuWPkCjvAw6xd3cOPVkD+W4Xjzj0/9RgdeTwI1xzCZKog56OEt5y6hGrSR7c
zQ5gC1O/UZgpSrho3fyrkF5XDdRJOeENRJBwJCSDBDxyxM/FbASesxRQqwGf79Lk
Eti8GL2aBIhas8qEkkTq+5G5dzi6vyyOJ/MJO7nRNdD/w03SFfsn3fQVywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPaQ8Rq39vummbO1zolpOEJ5rJPqMB8GA1UdIwQY
MBaAFDxZVV7CMoJsfdbZqSa1NgKDeUn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUt
OTViMTM3M2M1Mzk5LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUtOTViMTM3M2M1Mzk5
LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGtNJrfzQ
88g6jvFNasDsnrlkegFEesBUeqoC8wd54tTxjXQzF7msd9k0q2RGpkKHJKO24xnh
9HZuiuAMBuqXSKy1QV9Ls3zi+heHrY/XabOEG5V5Po8LWpIUVUz4g01pk/QZ2nIp
3rAA4c/lSlo/kYadU6SIjiG56ZyPgXY98/Eeuu73poeOKr5FIG5GzbHzy6E3QO2F
GkP/E4XEeCW3odqqtTvWd9IjW3nXTWiZCReYekVf/5boJaKxSkQUJe1g3im3/ewl
dnTUWirqZBrjXvNacp4wTeISPdXhEcl4FB2WPpAu426Rvu1fscflsH7qOFYJsiDY
2nmkR9dns8TWjA==
-----END CERTIFICATE-----