Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
File:                     FhQcZCnqr_caNR-yVz32A7uV8nA.mft (raw, json)
Hash identifier:          FOq+sj1zdbEbeLZ+9ziMfA8kdC97cSq1rYncLPqvDnw=
Subject key identifier:   5C:C4:89:3E:D5:0D:48:18:34:78:D2:57:D0:EE:DD:41:0B:F3:35:BE
Authority key identifier: 16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70
Certificate issuer:       /CN=16141c6429eaaff71a351fb2573df603bb95f270
Certificate serial:       019D386617B619DF176C8D22DBFA1A814910
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
Manifest number:          0343
Signing time:             Sun 29 Mar 2026 07:01:48 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:48 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:48 +0000
Files and hashes:         1: FhQcZCnqr_caNR-yVz32A7uV8nA.crl (hash: jD1a/v20opEhgY2oUxyXkY3jHqmYqNyMVGUfNgneYk0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:17:b6:19:df:17:6c:8d:22:db:fa:1a:81:49:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16141c6429eaaff71a351fb2573df603bb95f270
        Validity
            Not Before: Mar 29 07:01:48 2026 GMT
            Not After : Mar 30 07:01:48 2026 GMT
        Subject: CN=5cc4893ed50d48183478d257d0eedd410bf335be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:25:59:57:c1:57:cb:68:2c:71:cf:9e:bf:9f:
                    7f:78:53:9d:41:4d:4d:b2:0a:14:b8:25:91:e6:16:
                    f6:b2:e1:49:1b:47:0c:03:c6:83:df:29:48:80:de:
                    fa:db:f4:aa:ad:f4:33:3b:81:6b:3b:35:f8:32:47:
                    a6:cc:7e:b6:f5:35:2b:d9:b1:c2:33:52:1a:df:a4:
                    ed:a0:be:9e:e4:a9:4f:8a:36:15:ff:bb:75:ae:29:
                    6f:74:5d:71:d7:d9:43:83:b6:a4:1d:9e:b5:73:b9:
                    3d:d8:57:3f:15:f2:ac:84:10:69:73:7e:c4:6e:ad:
                    44:d6:9b:e7:a5:1d:a0:b2:87:8c:1b:c9:34:03:22:
                    fa:72:06:c6:18:27:a5:61:5b:92:39:21:07:f1:9a:
                    02:d7:5d:3d:7f:e4:4f:df:0e:f8:fa:62:ac:93:df:
                    31:f5:39:26:3e:58:a1:64:02:78:1a:58:a2:a5:f3:
                    fc:da:9b:1d:a0:6c:6b:66:25:3b:f7:75:9b:28:1a:
                    69:e1:2e:a3:62:0a:63:02:52:64:87:23:be:26:9a:
                    10:2f:ea:ae:5d:3e:8c:6d:81:a4:c7:86:4e:04:ac:
                    35:0e:e7:f3:33:01:2f:3e:c1:67:20:8f:bb:f4:ec:
                    8e:ca:d3:18:7b:47:c0:c4:fe:8e:db:c6:61:a2:7f:
                    db:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:C4:89:3E:D5:0D:48:18:34:78:D2:57:D0:EE:DD:41:0B:F3:35:BE
            X509v3 Authority Key Identifier:
                keyid:16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:3a:fb:a5:38:16:46:9f:ee:c2:5b:19:0e:69:8f:16:d5:be:
         6c:ba:17:55:cb:85:27:f0:3b:82:d1:d1:5a:a8:89:cb:bb:88:
         09:e0:a3:c4:d3:35:78:15:13:1c:87:73:92:50:30:0d:a6:2a:
         b3:bd:62:a8:dd:8f:25:a8:4c:c7:14:4b:7f:16:cf:da:c6:c4:
         be:e1:a9:37:ed:c4:4a:f2:c9:0e:7e:96:6a:fa:e5:7e:0b:5b:
         42:ce:ec:54:24:f7:c2:b6:4f:f3:57:a9:0f:d7:a1:f4:90:76:
         20:ed:e4:9f:5d:dd:c2:0a:2b:60:8a:79:40:95:69:5d:d2:74:
         ee:2e:b2:61:8f:f7:02:2e:1c:a6:f1:e5:3f:bd:64:54:87:27:
         22:d3:9d:23:60:d0:5c:0d:57:7a:8d:b7:8e:52:cb:00:94:9a:
         df:8f:60:82:03:6b:26:f0:b8:90:d1:21:58:60:80:9f:cb:86:
         51:bd:6e:d0:be:50:05:9f:ae:e9:5a:8f:14:fb:84:31:be:be:
         75:8c:77:e8:01:1f:90:aa:69:a1:db:7e:6f:ab:7c:7e:4d:d0:
         25:91:a7:8b:b4:4a:47:44:f7:d6:33:e6:9c:4e:57:e7:25:31:
         03:d9:9b:75:d6:8d:0b:67:93:17:0e:7c:c1:b8:c9:48:5c:0d:
         b7:22:ae:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zhe2Gd8XbI0i2/oagUkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MTQxYzY0MjllYWFmZjcxYTM1MWZiMjU3M2RmNjAzYmI5
NWYyNzAwHhcNMjYwMzI5MDcwMTQ4WhcNMjYwMzMwMDcwMTQ4WjAzMTEwLwYDVQQD
Eyg1Y2M0ODkzZWQ1MGQ0ODE4MzQ3OGQyNTdkMGVlZGQ0MTBiZjMzNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SVZV8FXy2gscc+ev59/eFOdQU1N
sgoUuCWR5hb2suFJG0cMA8aD3ylIgN762/SqrfQzO4FrOzX4MkemzH629TUr2bHC
M1Ia36TtoL6e5KlPijYV/7t1rilvdF1x19lDg7akHZ61c7k92Fc/FfKshBBpc37E
bq1E1pvnpR2gsoeMG8k0AyL6cgbGGCelYVuSOSEH8ZoC1109f+RP3w74+mKsk98x
9TkmPlihZAJ4GliipfP82psdoGxrZiU793WbKBpp4S6jYgpjAlJkhyO+JpoQL+qu
XT6MbYGkx4ZOBKw1DufzMwEvPsFnII+79OyOytMYe0fAxP6O28Zhon/bEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFzEiT7VDUgYNHjSV9Du3UEL8zW+MB8GA1UdIwQY
MBaAFBYUHGQp6q/3GjUfslc99gO7lfJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQt
NWQ4ZmNlMGEwYmIyLzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQtNWQ4ZmNlMGEwYmIy
LzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhjr7pTgW
Rp/uwlsZDmmPFtW+bLoXVcuFJ/A7gtHRWqiJy7uICeCjxNM1eBUTHIdzklAwDaYq
s71iqN2PJahMxxRLfxbP2sbEvuGpN+3ESvLJDn6WavrlfgtbQs7sVCT3wrZP81ep
D9eh9JB2IO3kn13dwgorYIp5QJVpXdJ07i6yYY/3Ai4cpvHlP71kVIcnItOdI2DQ
XA1Xeo23jlLLAJSa349gggNrJvC4kNEhWGCAn8uGUb1u0L5QBZ+u6VqPFPuEMb6+
dYx36AEfkKppodt+b6t8fk3QJZGni7RKR0T31jPmnE5X5yUxA9mbddaNC2eTFw58
wbjJSFwNtyKuRQ==
-----END CERTIFICATE-----