Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
File:                     RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft (raw, json)
Hash identifier:          U2nWnJbYES3zvP/1fiyaZjovWMCoh7D8+02xr4/8+R4=
Subject key identifier:   7C:5F:BE:6F:DD:6B:A1:AD:9C:EA:64:6B:F7:46:46:76:F3:29:C0:B0
Authority key identifier: 44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83
Certificate issuer:       /CN=44b14b1b3069f50c6e25c8a24afc61711d598583
Certificate serial:       019D389BB8C1525D2F3624B2F99AEB1CE435
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
Manifest number:          034E
Signing time:             Sun 29 Mar 2026 08:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:22 +0000
Files and hashes:         1: RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl (hash: 8J5axKDhriLVDSPR/Gk8YV2d1yRMuYCDzCkdXEi8KqA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:b8:c1:52:5d:2f:36:24:b2:f9:9a:eb:1c:e4:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44b14b1b3069f50c6e25c8a24afc61711d598583
        Validity
            Not Before: Mar 29 08:00:22 2026 GMT
            Not After : Mar 30 08:00:22 2026 GMT
        Subject: CN=7c5fbe6fdd6ba1ad9cea646bf7464676f329c0b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:3d:7f:1b:ce:dc:72:f0:a1:dd:91:c0:c8:8a:
                    a1:61:c9:77:d3:b9:76:e6:df:9a:e5:69:d6:23:c8:
                    3b:1d:5c:8a:e5:a5:30:7e:f5:5a:5a:8b:b7:59:15:
                    60:d7:bc:89:12:88:6a:3a:ff:c3:93:a8:0c:a1:df:
                    ff:97:14:b9:cb:a5:bd:a6:f0:9c:00:44:3a:52:75:
                    23:89:ce:7b:82:cb:45:12:60:d8:3a:66:75:98:de:
                    8b:c9:b9:ab:74:57:7f:9b:68:a1:bf:e5:e2:15:00:
                    d1:18:c2:5d:03:c3:1d:88:b8:f3:12:cd:f9:76:eb:
                    c8:87:78:15:66:fc:08:04:50:24:98:ce:d4:17:37:
                    d4:e2:51:45:f5:e3:33:b6:7c:20:19:bd:1f:2a:13:
                    3a:7e:78:a1:94:54:4f:64:a1:bf:4c:48:29:e6:9e:
                    e3:f1:18:cd:d3:ae:c3:e8:b5:a5:bc:45:56:e3:24:
                    26:2d:48:f2:94:e7:fe:6e:20:50:39:f1:8d:16:60:
                    f7:63:cf:3a:12:a5:a7:f9:e1:f3:5b:80:98:90:a9:
                    bb:32:70:d5:62:7a:7c:5b:1a:ee:b3:c4:d8:c1:75:
                    5b:96:7e:4d:fb:ef:1d:fc:a9:2f:b1:e8:53:b7:f7:
                    be:0e:a5:a6:f2:64:98:9c:3f:cc:b2:8d:72:5a:68:
                    a3:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:5F:BE:6F:DD:6B:A1:AD:9C:EA:64:6B:F7:46:46:76:F3:29:C0:B0
            X509v3 Authority Key Identifier:
                keyid:44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:5a:86:95:23:27:05:b8:12:e3:4b:bf:1a:6c:26:c9:81:17:
         c5:a1:46:87:da:ea:e0:eb:d8:d8:d4:0a:17:c0:89:1a:dc:0f:
         04:68:ba:50:dc:f2:63:f8:ab:4f:55:98:6d:90:28:88:4b:06:
         a2:18:66:10:f1:6b:3a:c9:ff:4b:ed:c4:06:10:80:5a:6b:c1:
         7b:a1:70:39:0c:f2:aa:64:60:6a:51:8c:14:b2:79:1c:9a:df:
         e2:a1:53:51:9d:7f:df:b7:bf:34:78:21:f1:30:87:e1:c5:6f:
         b7:03:01:e1:d8:c6:38:9e:d7:79:76:e2:ca:04:3b:2d:69:da:
         66:98:0d:8e:ef:31:30:d8:50:b9:28:21:72:cd:0e:23:3f:d0:
         ea:c2:37:c8:82:dc:6e:81:96:75:5a:14:f1:d8:1e:10:92:99:
         b0:a1:38:a4:75:25:98:d6:4a:e0:09:86:60:13:b9:64:a5:e4:
         0d:69:b6:d8:9d:f4:3b:70:ae:f2:3d:71:07:a7:da:b3:06:49:
         08:0d:f2:ef:7f:77:6d:e9:6f:9d:49:89:b5:52:ff:f6:91:35:
         66:b5:9f:5e:47:a0:4f:6f:fb:0b:fb:84:a5:f9:69:a9:08:db:
         74:85:73:a6:2c:59:a6:bd:5e:98:61:03:8b:49:9b:8f:52:d7:
         de:3a:6f:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m7jBUl0vNiSy+ZrrHOQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YjE0YjFiMzA2OWY1MGM2ZTI1YzhhMjRhZmM2MTcxMWQ1
OTg1ODMwHhcNMjYwMzI5MDgwMDIyWhcNMjYwMzMwMDgwMDIyWjAzMTEwLwYDVQQD
Eyg3YzVmYmU2ZmRkNmJhMWFkOWNlYTY0NmJmNzQ2NDY3NmYzMjljMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0D1/G87ccvCh3ZHAyIqhYcl307l2
5t+a5WnWI8g7HVyK5aUwfvVaWou3WRVg17yJEohqOv/Dk6gMod//lxS5y6W9pvCc
AEQ6UnUjic57gstFEmDYOmZ1mN6LybmrdFd/m2ihv+XiFQDRGMJdA8MdiLjzEs35
duvIh3gVZvwIBFAkmM7UFzfU4lFF9eMztnwgGb0fKhM6fnihlFRPZKG/TEgp5p7j
8RjN067D6LWlvEVW4yQmLUjylOf+biBQOfGNFmD3Y886EqWn+eHzW4CYkKm7MnDV
Ynp8Wxrus8TYwXVbln5N++8d/KkvsehTt/e+DqWm8mSYnD/Mso1yWmijJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxfvm/da6GtnOpka/dGRnbzKcCwMB8GA1UdIwQY
MBaAFESxSxswafUMbiXIokr8YXEdWYWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYt
YWNkNDM0NTZhZDkyLzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYtYWNkNDM0NTZhZDky
LzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQFqGlSMn
BbgS40u/GmwmyYEXxaFGh9rq4OvY2NQKF8CJGtwPBGi6UNzyY/irT1WYbZAoiEsG
ohhmEPFrOsn/S+3EBhCAWmvBe6FwOQzyqmRgalGMFLJ5HJrf4qFTUZ1/37e/NHgh
8TCH4cVvtwMB4djGOJ7XeXbiygQ7LWnaZpgNju8xMNhQuSghcs0OIz/Q6sI3yILc
boGWdVoU8dgeEJKZsKE4pHUlmNZK4AmGYBO5ZKXkDWm22J30O3Cu8j1xB6faswZJ
CA3y7393belvnUmJtVL/9pE1ZrWfXkegT2/7C/uEpflpqQjbdIVzpixZpr1emGED
i0mbj1LX3jpvaA==
-----END CERTIFICATE-----