Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
File:                     IsOFEHH5YIjHtxGcteFGPLq5jFk.mft (raw, json)
Hash identifier:          32MdjOzv2uwKqmC02601WmAxPPfCC/gVaamutB5iDJM=
Subject key identifier:   8F:29:49:4F:87:00:6C:16:B8:7D:F4:52:0A:D0:BE:70:86:DB:84:A0
Authority key identifier: 22:C3:85:10:71:F9:60:88:C7:B7:11:9C:B5:E1:46:3C:BA:B9:8C:59
Certificate issuer:       /CN=22c3851071f96088c7b7119cb5e1463cbab98c59
Certificate serial:       019CE55B00CFEDC411FB3924C6ADE7AC251E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
Manifest number:          12B1
Signing time:             Fri 13 Mar 2026 04:01:12 +0000
Manifest this update:     Fri 13 Mar 2026 04:01:12 +0000
Manifest next update:     Sat 14 Mar 2026 04:01:12 +0000
Files and hashes:         1: IsOFEHH5YIjHtxGcteFGPLq5jFk.crl (hash: H7f5D4aMFeva3dJgbGWRZ4zYRkNlCC+uOecLgh1WIEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Mar 2026 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:e5:5b:00:cf:ed:c4:11:fb:39:24:c6:ad:e7:ac:25:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c3851071f96088c7b7119cb5e1463cbab98c59
        Validity
            Not Before: Mar 13 04:01:12 2026 GMT
            Not After : Mar 14 04:01:12 2026 GMT
        Subject: CN=8f29494f87006c16b87df4520ad0be7086db84a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d0:72:91:a7:bf:3e:4e:30:e7:c0:89:cd:8b:
                    c6:25:c6:db:61:5c:ac:4a:e9:f3:8f:cd:02:d1:8a:
                    5d:82:85:89:4f:e2:7b:84:0f:4b:98:33:b7:f0:e5:
                    47:35:05:d6:cf:47:bf:ff:c2:83:10:8a:d1:70:24:
                    11:a7:4a:6d:a9:4f:f9:49:cf:97:54:7c:20:ea:d4:
                    4e:80:a9:2d:5d:f3:cb:14:72:9a:1f:55:3e:14:74:
                    16:5f:f4:ee:e8:02:bf:9d:06:56:cb:89:29:84:87:
                    e1:c3:b9:84:aa:7f:ff:d6:ed:57:46:5e:c1:f7:80:
                    2b:85:5d:a5:e5:b3:ce:3b:e3:da:ca:74:1a:5b:a1:
                    b3:f3:b9:eb:c8:a4:85:02:90:bf:87:3b:6e:fa:0e:
                    06:02:67:10:e1:5a:92:5b:10:68:53:93:c2:9b:e5:
                    a1:33:50:1b:8b:d5:b6:19:00:37:55:b1:9f:0a:17:
                    6a:c7:33:35:e2:18:52:14:7c:7a:b1:db:c8:2a:b1:
                    d7:81:14:b6:03:42:ef:7f:c9:cd:fe:3f:f4:99:f6:
                    75:c9:fb:9b:64:12:77:63:a9:32:a0:6c:bb:7d:18:
                    4a:75:54:44:02:e3:87:68:9d:48:76:3b:3f:cc:83:
                    44:3d:c6:93:d0:8a:2e:2c:85:7e:36:0d:15:50:68:
                    ea:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:29:49:4F:87:00:6C:16:B8:7D:F4:52:0A:D0:BE:70:86:DB:84:A0
            X509v3 Authority Key Identifier:
                keyid:22:C3:85:10:71:F9:60:88:C7:B7:11:9C:B5:E1:46:3C:BA:B9:8C:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsOFEHH5YIjHtxGcteFGPLq5jFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f0ff5a-516c-4b8e-b9a2-cbfde0290708/1/IsOFEHH5YIjHtxGcteFGPLq5jFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:af:b8:2f:86:32:df:aa:b9:8f:43:32:9f:af:63:75:ca:c4:
         3e:0c:d9:95:84:58:00:e8:96:82:e5:f7:9e:7c:60:ac:11:9c:
         33:d8:c5:ce:6b:f8:26:c5:98:f3:69:9d:e6:cd:78:8c:4d:c8:
         54:79:4b:19:31:02:6f:ff:72:3d:00:aa:60:2d:1f:0e:c0:8e:
         02:2d:1d:71:2d:38:bf:cc:11:00:a3:b2:e4:aa:a6:a5:80:e6:
         ed:e3:6c:51:6f:26:4e:75:5e:d9:a1:9c:ff:44:d2:e4:84:46:
         de:52:95:e1:6c:89:14:6a:05:3c:28:9c:ad:fa:7d:80:77:b2:
         bf:f9:f5:a9:6f:fe:d4:c8:73:52:7b:89:0b:69:a1:4f:09:1c:
         7d:a1:b5:f8:f2:90:a9:47:8e:6b:27:53:e6:84:30:20:12:3c:
         32:33:4d:1d:a4:d6:31:0f:3a:f1:85:6d:64:a4:fd:3f:49:35:
         27:8a:25:88:86:0c:8e:78:fc:ac:fc:d1:68:8e:a3:b3:ea:61:
         7e:b4:63:ba:b2:09:60:63:c6:d2:18:fb:b2:14:0d:7d:a6:f2:
         b6:00:11:9c:6e:b5:dc:c3:4e:ab:d1:4c:35:4e:a8:c6:fb:28:
         51:44:5d:7b:2a:b4:14:f2:5b:d5:bb:1e:03:39:81:4d:4f:4a:
         00:7c:d6:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzlWwDP7cQR+zkkxq3nrCUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzM4NTEwNzFmOTYwODhjN2I3MTE5Y2I1ZTE0NjNjYmFi
OThjNTkwHhcNMjYwMzEzMDQwMTEyWhcNMjYwMzE0MDQwMTEyWjAzMTEwLwYDVQQD
Eyg4ZjI5NDk0Zjg3MDA2YzE2Yjg3ZGY0NTIwYWQwYmU3MDg2ZGI4NGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNBykae/Pk4w58CJzYvGJcbbYVys
Sunzj80C0YpdgoWJT+J7hA9LmDO38OVHNQXWz0e//8KDEIrRcCQRp0ptqU/5Sc+X
VHwg6tROgKktXfPLFHKaH1U+FHQWX/Tu6AK/nQZWy4kphIfhw7mEqn//1u1XRl7B
94ArhV2l5bPOO+PaynQaW6Gz87nryKSFApC/hztu+g4GAmcQ4VqSWxBoU5PCm+Wh
M1Abi9W2GQA3VbGfChdqxzM14hhSFHx6sdvIKrHXgRS2A0Lvf8nN/j/0mfZ1yfub
ZBJ3Y6kyoGy7fRhKdVREAuOHaJ1Idjs/zINEPcaT0IouLIV+Ng0VUGjqKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI8pSU+HAGwWuH30UgrQvnCG24SgMB8GA1UdIwQY
MBaAFCLDhRBx+WCIx7cRnLXhRjy6uYxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mMGZmNWEtNTE2Yy00YjhlLWI5YTIt
Y2JmZGUwMjkwNzA4LzEvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mMGZmNWEtNTE2Yy00YjhlLWI5YTItY2JmZGUwMjkwNzA4
LzEvSXNPRkVISDVZSWpIdHhHY3RlRkdQTHE1akZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm6+4L4Yy
36q5j0Myn69jdcrEPgzZlYRYAOiWguX3nnxgrBGcM9jFzmv4JsWY82md5s14jE3I
VHlLGTECb/9yPQCqYC0fDsCOAi0dcS04v8wRAKOy5KqmpYDm7eNsUW8mTnVe2aGc
/0TS5IRG3lKV4WyJFGoFPCicrfp9gHeyv/n1qW/+1MhzUnuJC2mhTwkcfaG1+PKQ
qUeOaydT5oQwIBI8MjNNHaTWMQ868YVtZKT9P0k1J4oliIYMjnj8rPzRaI6js+ph
frRjurIJYGPG0hj7shQNfabytgARnG613MNOq9FMNU6oxvsoUURdeyq0FPJb1bse
AzmBTU9KAHzWFQ==
-----END CERTIFICATE-----