Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.mft
File:                     9z1njq7ZSnm3Qt1DveP1TynbMVI.mft (raw, json)
Hash identifier:          Mos+M5nb3esaDiKKN/URvFkhc1kr62Jo6cbd+LZv2uo=
Subject key identifier:   3E:6B:81:53:28:58:3F:42:DB:03:F5:25:B5:BF:38:5F:2E:28:B2:6D
Authority key identifier: F7:3D:67:8E:AE:D9:4A:79:B7:42:DD:43:BD:E3:F5:4F:29:DB:31:52
Certificate issuer:       /CN=f73d678eaed94a79b742dd43bde3f54f29db3152
Certificate serial:       019D389BB3B43DD652EDDBD13DFC62B1388C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9z1njq7ZSnm3Qt1DveP1TynbMVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.mft
Manifest number:          0289
Signing time:             Sun 29 Mar 2026 08:00:21 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:21 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:21 +0000
Files and hashes:         1: 9z1njq7ZSnm3Qt1DveP1TynbMVI.crl (hash: Yba4noCHoO/YxiVFAv3LWlwO8pCXoE3phMpeUy7RRZc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9z1njq7ZSnm3Qt1DveP1TynbMVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:b3:b4:3d:d6:52:ed:db:d1:3d:fc:62:b1:38:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f73d678eaed94a79b742dd43bde3f54f29db3152
        Validity
            Not Before: Mar 29 08:00:21 2026 GMT
            Not After : Mar 30 08:00:21 2026 GMT
        Subject: CN=3e6b815328583f42db03f525b5bf385f2e28b26d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:2b:ea:eb:b5:00:60:50:d9:8a:9d:66:35:dc:
                    1e:6f:4d:4c:2d:1e:9f:47:86:46:13:47:06:a5:ae:
                    2c:7c:b6:cc:99:ff:02:fb:a1:1f:99:38:f2:c2:1e:
                    ba:fe:52:59:67:c1:a5:47:fd:7f:a0:bf:10:ee:bb:
                    e5:40:b6:ff:5e:1f:37:90:56:c3:72:68:26:03:43:
                    97:34:4a:f7:35:7c:27:19:8a:22:7a:3c:49:9c:2d:
                    52:d5:ab:af:e5:ec:9a:0f:79:dc:97:bc:44:aa:93:
                    b5:74:97:40:9a:82:10:75:e2:1e:37:06:c3:a3:96:
                    27:cd:d2:36:2c:73:0c:2f:4c:08:56:0c:46:b6:fd:
                    f8:d0:00:1c:2a:67:91:99:6d:eb:5d:fc:3e:33:fa:
                    6e:bb:9e:dd:64:54:16:4a:6e:42:46:a1:6f:95:36:
                    5a:3f:57:51:41:cc:3d:92:da:b5:6e:f8:d8:85:29:
                    df:fc:a7:ab:2b:45:7f:3a:ba:90:19:d0:07:62:c6:
                    3a:e3:8c:e8:68:be:7f:02:70:b2:6b:e4:ea:88:bb:
                    87:7d:e9:11:ee:92:c1:3d:15:04:03:3d:af:87:42:
                    61:59:ef:9a:02:5e:63:03:20:1e:86:0b:30:7f:f8:
                    d1:9b:df:4f:34:85:3e:59:5a:41:44:8c:7a:14:2d:
                    02:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:6B:81:53:28:58:3F:42:DB:03:F5:25:B5:BF:38:5F:2E:28:B2:6D
            X509v3 Authority Key Identifier:
                keyid:F7:3D:67:8E:AE:D9:4A:79:B7:42:DD:43:BD:E3:F5:4F:29:DB:31:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9z1njq7ZSnm3Qt1DveP1TynbMVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/497125-61fb-42e8-ac49-61673a477543/1/9z1njq7ZSnm3Qt1DveP1TynbMVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:56:d8:b6:57:1c:c4:30:93:07:8b:43:28:12:90:a1:f0:ab:
         cf:8e:68:79:c0:9e:c4:e2:9e:04:1e:cf:f6:9f:bc:03:60:0c:
         19:ec:3f:de:c8:e6:19:a1:fa:13:4b:8a:86:ff:f9:13:63:92:
         14:f2:69:0c:04:53:63:88:38:7b:dd:40:f5:5c:e5:18:49:f7:
         68:35:86:e2:e9:fd:ea:f4:1e:62:d6:2d:f1:ba:c5:e4:56:79:
         fd:8c:4a:3e:18:97:da:12:b3:c2:08:4d:c0:5e:58:90:1e:5f:
         1a:34:87:19:82:c2:db:b0:82:a9:6b:48:12:4a:23:81:86:d2:
         6d:ed:6a:d1:8c:40:b7:a2:07:b1:9c:06:60:82:95:f3:3f:5c:
         83:20:28:cb:e2:6c:a0:63:9d:14:82:cb:58:23:37:14:b4:1f:
         aa:28:ec:96:65:fa:ec:39:d8:cc:c5:5d:11:1b:00:f6:ab:36:
         e8:43:08:df:65:25:7f:5f:dc:1c:e1:7a:60:97:6e:59:75:b4:
         1e:3e:d1:b9:f4:83:78:54:06:d6:68:17:2b:fe:e9:29:6a:f1:
         70:04:d3:0c:f2:c0:01:ca:48:dd:f0:19:63:34:89:2c:ba:77:
         b3:cc:f1:d1:9f:e7:4a:fb:fd:df:aa:67:36:5f:ac:4f:37:24:
         92:a1:37:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m7O0PdZS7dvRPfxisTiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3M2Q2NzhlYWVkOTRhNzliNzQyZGQ0M2JkZTNmNTRmMjlk
YjMxNTIwHhcNMjYwMzI5MDgwMDIxWhcNMjYwMzMwMDgwMDIxWjAzMTEwLwYDVQQD
EygzZTZiODE1MzI4NTgzZjQyZGIwM2Y1MjViNWJmMzg1ZjJlMjhiMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSvq67UAYFDZip1mNdweb01MLR6f
R4ZGE0cGpa4sfLbMmf8C+6EfmTjywh66/lJZZ8GlR/1/oL8Q7rvlQLb/Xh83kFbD
cmgmA0OXNEr3NXwnGYoiejxJnC1S1auv5eyaD3ncl7xEqpO1dJdAmoIQdeIeNwbD
o5YnzdI2LHMML0wIVgxGtv340AAcKmeRmW3rXfw+M/puu57dZFQWSm5CRqFvlTZa
P1dRQcw9ktq1bvjYhSnf/KerK0V/OrqQGdAHYsY644zoaL5/AnCya+TqiLuHfekR
7pLBPRUEAz2vh0JhWe+aAl5jAyAehgswf/jRm99PNIU+WVpBRIx6FC0CEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5rgVMoWD9C2wP1JbW/OF8uKLJtMB8GA1UdIwQY
MBaAFPc9Z46u2Up5t0LdQ73j9U8p2zFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXoxbmpxN1pTbm0zUXQxRHZlUDFUeW5iTVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi80OTcxMjUtNjFmYi00MmU4LWFjNDkt
NjE2NzNhNDc3NTQzLzEvOXoxbmpxN1pTbm0zUXQxRHZlUDFUeW5iTVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi80OTcxMjUtNjFmYi00MmU4LWFjNDktNjE2NzNhNDc3NTQz
LzEvOXoxbmpxN1pTbm0zUXQxRHZlUDFUeW5iTVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALlbYtlcc
xDCTB4tDKBKQofCrz45oecCexOKeBB7P9p+8A2AMGew/3sjmGaH6E0uKhv/5E2OS
FPJpDARTY4g4e91A9VzlGEn3aDWG4un96vQeYtYt8brF5FZ5/YxKPhiX2hKzwghN
wF5YkB5fGjSHGYLC27CCqWtIEkojgYbSbe1q0YxAt6IHsZwGYIKV8z9cgyAoy+Js
oGOdFILLWCM3FLQfqijslmX67DnYzMVdERsA9qs26EMI32Ulf1/cHOF6YJduWXW0
Hj7RufSDeFQG1mgXK/7pKWrxcATTDPLAAcpI3fAZYzSJLLp3s8zx0Z/nSvv936pn
Nl+sTzckkqE31g==
-----END CERTIFICATE-----