Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
File:                     Iycd4-AQWavm0aWTxKJP9uGI1k8.mft (raw, json)
Hash identifier:          PDvHJ4eprs+IbdF5mqELfl6Bniq8zWYZJ1c6WfIRTRo=
Subject key identifier:   95:D0:78:67:6F:AC:D1:5B:F2:A7:89:64:1E:B6:FA:A0:1D:F1:D8:7A
Authority key identifier: 23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F
Certificate issuer:       /CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
Certificate serial:       019D38659E64CB36BF3424066F53DEA2EE45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
Manifest number:          108F
Signing time:             Sun 29 Mar 2026 07:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:16 +0000
Files and hashes:         1: Iycd4-AQWavm0aWTxKJP9uGI1k8.crl (hash: LH/2ul8bEu8ruuTqPossNvf5To5wPnxdCuJrAKTtcHA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:9e:64:cb:36:bf:34:24:06:6f:53:de:a2:ee:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23271de3e01059abe6d1a593c4a24ff6e188d64f
        Validity
            Not Before: Mar 29 07:01:16 2026 GMT
            Not After : Mar 30 07:01:16 2026 GMT
        Subject: CN=95d078676facd15bf2a789641eb6faa01df1d87a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:59:00:d8:c1:22:bb:0d:1f:ac:65:da:9b:48:
                    e1:fa:b5:4c:99:42:7e:50:70:d4:13:27:d2:dc:95:
                    ad:3e:52:28:7c:57:22:54:37:19:62:b4:46:a5:57:
                    30:a4:88:2d:fd:05:f0:9a:96:a2:cc:44:a9:5c:3c:
                    90:20:77:b3:d8:f4:83:af:92:56:15:d8:81:36:1f:
                    a9:5d:b9:1e:4d:59:ef:5a:94:58:09:89:45:95:f4:
                    ee:f3:34:1d:fe:3e:ed:aa:0f:80:1b:f2:21:25:ec:
                    b8:86:02:8e:0a:db:86:8d:69:a6:85:c1:3c:b7:5d:
                    59:7b:62:86:f0:6e:9a:7f:3a:68:89:34:69:1c:f6:
                    c6:31:34:c0:25:53:2e:0c:83:93:46:7d:be:8c:40:
                    39:4c:af:4f:ee:30:b5:69:ee:a8:b6:9f:f8:39:18:
                    cc:66:ae:65:01:ad:f4:00:09:6c:07:3a:70:eb:90:
                    fd:90:4c:0b:d1:a9:10:19:c7:01:de:86:40:c0:d9:
                    8d:9f:8a:56:5c:0b:ed:41:99:45:22:d1:29:e2:a6:
                    39:66:61:0a:40:9d:2b:fb:16:49:1b:8f:48:6b:a7:
                    f9:e9:ed:60:8c:ab:cc:96:6a:c6:32:3d:72:ca:39:
                    91:8d:3b:56:fa:1d:a2:83:4b:22:8d:ab:e0:7f:4f:
                    0d:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:D0:78:67:6F:AC:D1:5B:F2:A7:89:64:1E:B6:FA:A0:1D:F1:D8:7A
            X509v3 Authority Key Identifier:
                keyid:23:27:1D:E3:E0:10:59:AB:E6:D1:A5:93:C4:A2:4F:F6:E1:88:D6:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iycd4-AQWavm0aWTxKJP9uGI1k8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3f7a06-2b45-4a0b-ba6c-958c376506ed/1/Iycd4-AQWavm0aWTxKJP9uGI1k8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:77:ff:78:af:3c:60:bf:51:78:2d:65:42:79:9a:e2:ae:16:
         ed:40:cd:22:53:ec:42:2e:4f:bf:b0:8c:26:64:7c:ee:08:34:
         6d:89:6f:3a:b1:70:3d:d0:01:a9:ef:8f:3f:19:1f:03:85:43:
         83:cf:4b:f3:5f:5f:b5:f0:f2:f9:bc:ff:64:37:35:04:20:60:
         16:53:6f:b8:ac:e6:1e:35:db:2b:a7:d1:52:e1:82:8d:06:da:
         1a:c4:4a:a5:98:c8:1e:06:c7:c3:23:4f:d1:97:ac:72:68:78:
         a5:e8:6a:86:39:4c:18:c9:e1:1b:3e:60:66:6e:75:be:02:55:
         3b:8a:b8:92:0e:e3:30:fa:47:0c:ea:12:b8:80:30:99:a6:8a:
         18:50:ca:3d:06:b5:94:fe:55:22:ab:ee:e8:ad:14:67:8f:6c:
         09:89:be:69:98:76:63:59:d7:53:9a:2f:9e:9b:92:90:53:ef:
         dc:07:49:47:54:14:9c:84:b8:a4:8e:9a:eb:07:70:23:4b:de:
         ee:09:2b:e3:44:29:07:aa:9b:99:28:6f:91:40:4b:cf:5b:60:
         48:c2:89:e6:a7:79:d7:c2:00:20:42:85:8e:b1:75:6f:0d:30:
         85:dd:6c:7f:6f:84:cb:c2:d7:ea:07:22:f5:73:60:ab:42:57:
         8c:8d:da:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZ5kyza/NCQGb1Peou5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjcxZGUzZTAxMDU5YWJlNmQxYTU5M2M0YTI0ZmY2ZTE4
OGQ2NGYwHhcNMjYwMzI5MDcwMTE2WhcNMjYwMzMwMDcwMTE2WjAzMTEwLwYDVQQD
Eyg5NWQwNzg2NzZmYWNkMTViZjJhNzg5NjQxZWI2ZmFhMDFkZjFkODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1kA2MEiuw0frGXam0jh+rVMmUJ+
UHDUEyfS3JWtPlIofFciVDcZYrRGpVcwpIgt/QXwmpaizESpXDyQIHez2PSDr5JW
FdiBNh+pXbkeTVnvWpRYCYlFlfTu8zQd/j7tqg+AG/IhJey4hgKOCtuGjWmmhcE8
t11Ze2KG8G6afzpoiTRpHPbGMTTAJVMuDIOTRn2+jEA5TK9P7jC1ae6otp/4ORjM
Zq5lAa30AAlsBzpw65D9kEwL0akQGccB3oZAwNmNn4pWXAvtQZlFItEp4qY5ZmEK
QJ0r+xZJG49Ia6f56e1gjKvMlmrGMj1yyjmRjTtW+h2ig0sijavgf08N2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXQeGdvrNFb8qeJZB62+qAd8dh6MB8GA1UdIwQY
MBaAFCMnHePgEFmr5tGlk8SiT/bhiNZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMt
OTU4YzM3NjUwNmVkLzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zZjdhMDYtMmI0NS00YTBiLWJhNmMtOTU4YzM3NjUwNmVk
LzEvSXljZDQtQVFXYXZtMGFXVHhLSlA5dUdJMWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHnf/eK88
YL9ReC1lQnma4q4W7UDNIlPsQi5Pv7CMJmR87gg0bYlvOrFwPdABqe+PPxkfA4VD
g89L819ftfDy+bz/ZDc1BCBgFlNvuKzmHjXbK6fRUuGCjQbaGsRKpZjIHgbHwyNP
0Zescmh4pehqhjlMGMnhGz5gZm51vgJVO4q4kg7jMPpHDOoSuIAwmaaKGFDKPQa1
lP5VIqvu6K0UZ49sCYm+aZh2Y1nXU5ovnpuSkFPv3AdJR1QUnIS4pI6a6wdwI0ve
7gkr40QpB6qbmShvkUBLz1tgSMKJ5qd518IAIEKFjrF1bw0whd1sf2+Ey8LX6gci
9XNgq0JXjI3aww==
-----END CERTIFICATE-----