Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.mft
File:                     IHBtyFxJaqb0yhHYQJGEbI3jWAY.mft (raw, json)
Hash identifier:          iSmGh4V2hBnlcJVhjA++wxXeOwx+xn1Aha+pBIC3A/M=
Subject key identifier:   91:00:CD:9F:EC:02:99:75:31:8B:B8:52:F0:00:0C:4F:85:79:9D:EE
Authority key identifier: 20:70:6D:C8:5C:49:6A:A6:F4:CA:11:D8:40:91:84:6C:8D:E3:58:06
Certificate issuer:       /CN=20706dc85c496aa6f4ca11d84091846c8de35806
Certificate serial:       019D39AE916281D63A49FA2982B43F91C204
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IHBtyFxJaqb0yhHYQJGEbI3jWAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.mft
Manifest number:          010D
Signing time:             Sun 29 Mar 2026 13:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:34 +0000
Files and hashes:         1: IHBtyFxJaqb0yhHYQJGEbI3jWAY.crl (hash: VagpMjDOH2pmU03ZcScyvo38KjN5MhIth2rP6IyNJhQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IHBtyFxJaqb0yhHYQJGEbI3jWAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 13:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:91:62:81:d6:3a:49:fa:29:82:b4:3f:91:c2:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20706dc85c496aa6f4ca11d84091846c8de35806
        Validity
            Not Before: Mar 29 13:00:34 2026 GMT
            Not After : Mar 30 13:00:34 2026 GMT
        Subject: CN=9100cd9fec029975318bb852f0000c4f85799dee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2e:c9:23:56:58:bb:62:de:42:ba:79:b8:0b:
                    ea:1e:33:90:22:c2:a4:dc:d9:eb:79:25:e7:c8:05:
                    aa:6c:d8:86:5f:f5:b9:bd:03:b0:64:0a:8d:b6:0d:
                    f3:d6:07:83:77:d0:98:e3:e0:e8:0f:24:cf:92:2c:
                    a1:6a:45:33:69:26:b9:84:f8:8f:d7:93:3e:15:0b:
                    d8:1b:cf:a5:74:30:79:d5:75:7c:d6:ec:32:92:f3:
                    08:16:49:34:c5:aa:f6:92:c7:d6:98:39:a0:93:49:
                    80:b9:ae:ea:5f:9f:94:a9:37:94:7b:ee:41:5b:b5:
                    81:8f:be:c6:49:02:38:70:9f:c4:09:6d:90:db:7d:
                    70:2f:92:95:2b:6b:1f:9f:5e:3e:cc:7b:55:b2:fc:
                    0c:ee:bc:1c:1a:f1:51:2f:fa:ac:d2:d7:8f:fa:6b:
                    c2:56:5c:cc:09:e4:a6:a5:7a:22:2d:50:7b:02:c4:
                    c9:7f:19:8c:6f:cf:4f:33:78:a1:ca:47:62:90:fd:
                    d4:de:3a:f5:b9:6d:eb:8d:05:e7:6f:2a:64:8c:aa:
                    94:c0:23:d4:ae:f1:32:3b:5b:19:d9:5f:b5:2a:86:
                    e6:b0:f3:2c:96:15:60:18:93:b0:05:db:13:34:6d:
                    b0:b9:94:91:df:e6:25:69:bd:9a:e6:54:7f:0c:fe:
                    dc:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:00:CD:9F:EC:02:99:75:31:8B:B8:52:F0:00:0C:4F:85:79:9D:EE
            X509v3 Authority Key Identifier:
                keyid:20:70:6D:C8:5C:49:6A:A6:F4:CA:11:D8:40:91:84:6C:8D:E3:58:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IHBtyFxJaqb0yhHYQJGEbI3jWAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2fbdc7-e55f-4841-b704-6cbb0acf84e7/1/IHBtyFxJaqb0yhHYQJGEbI3jWAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:e6:7f:fb:6d:4f:91:8a:18:95:a0:6a:9c:67:b7:20:f2:b0:
         0c:04:2e:80:65:53:63:9f:28:63:ad:e1:35:53:1e:1f:00:9e:
         ab:c8:5e:f8:e4:ba:3a:40:69:ae:ae:46:b9:ea:2d:8e:42:5f:
         78:2f:c5:dd:bf:d4:45:af:f4:ba:ce:00:19:f3:02:8b:ea:ee:
         4e:9e:86:d4:e2:06:0f:f1:84:d0:fe:9b:0c:9c:27:f4:d4:09:
         fc:18:85:1c:36:a9:41:f1:d6:be:1e:d9:43:e3:6c:f2:b5:fb:
         af:0f:c8:70:d4:c3:74:cb:a7:18:35:56:01:c8:27:91:c6:de:
         d6:25:0e:8a:9b:61:7b:4f:04:d3:ba:95:e8:4d:73:29:55:24:
         00:10:a8:e8:d3:39:bb:c5:44:f1:33:69:90:d7:4e:3d:e1:8c:
         6d:bd:9e:4a:b9:71:72:65:01:7d:37:5b:a1:ae:4f:24:8a:af:
         e2:0d:ee:92:33:74:70:1a:e8:08:9c:6b:22:43:fe:10:26:8b:
         be:61:17:90:d1:4c:cc:a6:3c:c0:22:15:80:2b:22:44:7d:cc:
         8f:ba:9c:22:70:0b:f5:40:23:69:d6:7e:dd:01:43:ce:e9:5d:
         00:b8:de:6c:af:97:0e:25:5f:98:8c:ab:9c:94:14:74:db:1d:
         cc:98:51:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rpFigdY6SfopgrQ/kcIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNzA2ZGM4NWM0OTZhYTZmNGNhMTFkODQwOTE4NDZjOGRl
MzU4MDYwHhcNMjYwMzI5MTMwMDM0WhcNMjYwMzMwMTMwMDM0WjAzMTEwLwYDVQQD
Eyg5MTAwY2Q5ZmVjMDI5OTc1MzE4YmI4NTJmMDAwMGM0Zjg1Nzk5ZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxi7JI1ZYu2LeQrp5uAvqHjOQIsKk
3NnreSXnyAWqbNiGX/W5vQOwZAqNtg3z1geDd9CY4+DoDyTPkiyhakUzaSa5hPiP
15M+FQvYG8+ldDB51XV81uwykvMIFkk0xar2ksfWmDmgk0mAua7qX5+UqTeUe+5B
W7WBj77GSQI4cJ/ECW2Q231wL5KVK2sfn14+zHtVsvwM7rwcGvFRL/qs0teP+mvC
VlzMCeSmpXoiLVB7AsTJfxmMb89PM3ihykdikP3U3jr1uW3rjQXnbypkjKqUwCPU
rvEyO1sZ2V+1KobmsPMslhVgGJOwBdsTNG2wuZSR3+Ylab2a5lR/DP7cYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEAzZ/sApl1MYu4UvAADE+FeZ3uMB8GA1UdIwQY
MBaAFCBwbchcSWqm9MoR2ECRhGyN41gGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUhCdHlGeEphcWIweWhIWVFKR0ViSTNqV0FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yZmJkYzctZTU1Zi00ODQxLWI3MDQt
NmNiYjBhY2Y4NGU3LzEvSUhCdHlGeEphcWIweWhIWVFKR0ViSTNqV0FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yZmJkYzctZTU1Zi00ODQxLWI3MDQtNmNiYjBhY2Y4NGU3
LzEvSUhCdHlGeEphcWIweWhIWVFKR0ViSTNqV0FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbOZ/+21P
kYoYlaBqnGe3IPKwDAQugGVTY58oY63hNVMeHwCeq8he+OS6OkBprq5GueotjkJf
eC/F3b/URa/0us4AGfMCi+ruTp6G1OIGD/GE0P6bDJwn9NQJ/BiFHDapQfHWvh7Z
Q+Ns8rX7rw/IcNTDdMunGDVWAcgnkcbe1iUOipthe08E07qV6E1zKVUkABCo6NM5
u8VE8TNpkNdOPeGMbb2eSrlxcmUBfTdboa5PJIqv4g3ukjN0cBroCJxrIkP+ECaL
vmEXkNFMzKY8wCIVgCsiRH3Mj7qcInAL9UAjadZ+3QFDzuldALjebK+XDiVfmIyr
nJQUdNsdzJhR4Q==
-----END CERTIFICATE-----