Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
File:                     IQdBCPDRRZtitsetsn1pNLoL56U.mft (raw, json)
Hash identifier:          jhhIHSpDrwjFO91Ve+qxvoV3P5Bp3Y+jcGINk5REGPM=
Subject key identifier:   5A:95:CD:22:97:76:10:C5:0A:CB:23:63:BA:79:30:79:D4:AE:4F:2B
Authority key identifier: 21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5
Certificate issuer:       /CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
Certificate serial:       019D3909C2F45D7DD9945FAD12E12FD10649
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
Manifest number:          181D
Signing time:             Sun 29 Mar 2026 10:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:34 +0000
Files and hashes:         1: IQdBCPDRRZtitsetsn1pNLoL56U.crl (hash: iaBBO/bbBo1u0QUtHxZqLWD7LC/w3lqiBMYWgF/Jrlk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:c2:f4:5d:7d:d9:94:5f:ad:12:e1:2f:d1:06:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21074108f0d1459b62b6c7adb27d6934ba0be7a5
        Validity
            Not Before: Mar 29 10:00:34 2026 GMT
            Not After : Mar 30 10:00:34 2026 GMT
        Subject: CN=5a95cd22977610c50acb2363ba793079d4ae4f2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:08:e3:0b:d3:f3:a1:e2:71:b8:c3:94:bf:ca:
                    db:82:66:60:1d:c7:e0:a1:25:88:80:3a:6c:46:cd:
                    58:51:71:0f:53:b9:7c:46:6a:4c:49:83:91:86:0f:
                    ab:85:63:75:61:5a:71:b9:8c:65:ef:73:31:2d:5a:
                    e7:e3:76:e2:c0:8c:ef:61:4b:70:af:c2:03:3b:98:
                    53:13:ac:fc:8e:c3:0c:eb:b0:1a:96:60:52:8d:df:
                    46:c4:54:f2:42:32:62:29:05:68:19:ff:33:93:74:
                    d1:31:d5:8a:b4:d8:04:3d:c1:be:6f:16:da:2d:a2:
                    d9:48:8b:2d:f6:b3:ad:81:78:41:9a:a0:51:c9:20:
                    3d:3b:27:5f:e6:0a:c1:47:5e:f1:ae:3f:bb:0f:f2:
                    47:c0:68:7b:99:f3:c9:25:f6:10:13:f1:50:8d:67:
                    bd:6f:81:0f:49:e2:ad:00:7b:af:c0:89:1f:5b:39:
                    5e:d6:fb:1b:f8:97:41:0f:16:68:6c:de:0b:d3:7f:
                    cc:7d:1e:fe:4c:2f:70:f8:aa:85:80:f0:52:e7:e9:
                    23:3e:bd:fa:58:b3:82:a9:1b:67:b7:84:b4:b1:7e:
                    27:ed:3d:4b:d1:97:53:aa:5e:0a:b9:ad:c3:2b:db:
                    80:c2:0f:ed:ab:00:da:6c:3a:09:e9:a2:ad:c0:05:
                    72:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:95:CD:22:97:76:10:C5:0A:CB:23:63:BA:79:30:79:D4:AE:4F:2B
            X509v3 Authority Key Identifier:
                keyid:21:07:41:08:F0:D1:45:9B:62:B6:C7:AD:B2:7D:69:34:BA:0B:E7:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQdBCPDRRZtitsetsn1pNLoL56U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/6efb44-012b-415f-8220-c6220e185694/1/IQdBCPDRRZtitsetsn1pNLoL56U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:d3:8e:1d:6c:f9:d0:35:f7:be:34:65:32:45:31:45:7a:ee:
         93:81:fd:3b:52:20:1d:d3:e3:a3:69:c7:4a:45:02:56:07:e7:
         66:59:d1:4f:7c:48:bc:fd:12:92:c2:61:ee:64:d1:fd:0a:b0:
         76:93:4e:b3:38:b3:53:04:9f:40:3e:e9:e6:fe:8d:b3:cd:f4:
         75:26:94:8e:ea:13:79:49:03:ec:16:d3:e3:b5:1f:67:54:6b:
         90:5e:92:fe:54:83:33:34:87:74:bc:c1:62:5e:77:bb:5a:a3:
         b2:17:01:56:7a:13:ed:40:84:7e:77:cb:8d:34:9f:29:80:8b:
         19:70:da:c0:0b:74:a6:d0:fc:fc:20:5f:f2:c5:d2:a2:c1:be:
         ca:a4:81:9b:64:5d:46:68:4d:c9:df:ef:9d:86:32:80:21:14:
         ca:ba:cd:65:ed:81:a7:40:c1:80:4f:ba:17:18:c6:72:1f:a5:
         e9:cd:31:6b:ed:a2:8a:40:ee:19:2f:a5:4b:f8:8a:1a:d2:dd:
         c2:5c:e6:b3:21:c1:ac:c8:27:b1:29:93:06:1b:d8:57:70:58:
         0e:b9:38:c3:af:67:2d:db:59:f8:c3:af:cc:45:57:0f:9c:8c:
         aa:14:7f:72:68:9b:a0:5e:b4:88:42:05:da:42:ac:31:40:49:
         20:29:2e:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CcL0XX3ZlF+tEuEv0QZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDc0MTA4ZjBkMTQ1OWI2MmI2YzdhZGIyN2Q2OTM0YmEw
YmU3YTUwHhcNMjYwMzI5MTAwMDM0WhcNMjYwMzMwMTAwMDM0WjAzMTEwLwYDVQQD
Eyg1YTk1Y2QyMjk3NzYxMGM1MGFjYjIzNjNiYTc5MzA3OWQ0YWU0ZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QjjC9PzoeJxuMOUv8rbgmZgHcfg
oSWIgDpsRs1YUXEPU7l8RmpMSYORhg+rhWN1YVpxuYxl73MxLVrn43biwIzvYUtw
r8IDO5hTE6z8jsMM67AalmBSjd9GxFTyQjJiKQVoGf8zk3TRMdWKtNgEPcG+bxba
LaLZSIst9rOtgXhBmqBRySA9Oydf5grBR17xrj+7D/JHwGh7mfPJJfYQE/FQjWe9
b4EPSeKtAHuvwIkfWzle1vsb+JdBDxZobN4L03/MfR7+TC9w+KqFgPBS5+kjPr36
WLOCqRtnt4S0sX4n7T1L0ZdTql4Kua3DK9uAwg/tqwDabDoJ6aKtwAVyDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqVzSKXdhDFCssjY7p5MHnUrk8rMB8GA1UdIwQY
MBaAFCEHQQjw0UWbYrbHrbJ9aTS6C+elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAt
YzYyMjBlMTg1Njk0LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82ZWZiNDQtMDEyYi00MTVmLTgyMjAtYzYyMjBlMTg1Njk0
LzEvSVFkQkNQRFJSWnRpdHNldHNuMXBOTG9MNTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYdOOHWz5
0DX3vjRlMkUxRXruk4H9O1IgHdPjo2nHSkUCVgfnZlnRT3xIvP0SksJh7mTR/Qqw
dpNOszizUwSfQD7p5v6Ns830dSaUjuoTeUkD7BbT47UfZ1RrkF6S/lSDMzSHdLzB
Yl53u1qjshcBVnoT7UCEfnfLjTSfKYCLGXDawAt0ptD8/CBf8sXSosG+yqSBm2Rd
RmhNyd/vnYYygCEUyrrNZe2Bp0DBgE+6FxjGch+l6c0xa+2iikDuGS+lS/iKGtLd
wlzmsyHBrMgnsSmTBhvYV3BYDrk4w69nLdtZ+MOvzEVXD5yMqhR/cmiboF60iEIF
2kKsMUBJICkuag==
-----END CERTIFICATE-----