Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
File:                     jR3ulkqib4m9ECJ21GVjP7guqig.mft (raw, json)
Hash identifier:          f8WPwZticPNsQgXpN1prP53oSOzIp1zlia4JnyiqsMs=
Subject key identifier:   25:15:9E:89:86:2E:D5:65:98:08:0B:F4:A1:76:AE:66:4E:9B:2E:0D
Authority key identifier: 8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28
Certificate issuer:       /CN=8d1dee964aa26f89bd102276d465633fb82eaa28
Certificate serial:       019D371BE2771CD2FA04DB3FADEE30529E56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
Manifest number:          0CEE
Signing time:             Sun 29 Mar 2026 01:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 01:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 01:01:07 +0000
Files and hashes:         1: jR3ulkqib4m9ECJ21GVjP7guqig.crl (hash: HYwcvt1oo3FOtPWNYCvJt0yQik35r6tGTNROcJsPUno=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:e2:77:1c:d2:fa:04:db:3f:ad:ee:30:52:9e:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1dee964aa26f89bd102276d465633fb82eaa28
        Validity
            Not Before: Mar 29 01:01:07 2026 GMT
            Not After : Mar 30 01:01:07 2026 GMT
        Subject: CN=25159e89862ed56598080bf4a176ae664e9b2e0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:75:71:c6:8b:cb:ba:22:fd:ce:14:6c:d7:17:
                    23:24:ff:23:88:77:e5:85:6e:52:96:77:04:ca:66:
                    1b:d0:fc:d1:95:6c:73:b9:40:61:9f:f8:0d:b9:a1:
                    8f:a9:6d:de:1f:b0:54:b3:98:52:8c:07:cf:e3:11:
                    70:16:09:1a:7a:42:fb:0f:17:41:19:a2:27:78:70:
                    aa:d5:fb:a3:6b:b9:70:4b:f5:fc:5b:9a:63:f2:b6:
                    7d:07:ff:0a:22:1d:6f:e4:2e:b3:a5:ec:a8:b1:dd:
                    64:e5:31:69:b3:3d:d1:1d:1f:3f:74:23:4f:62:6e:
                    f2:0d:c8:88:03:c6:b8:b3:db:e4:59:a6:55:f6:84:
                    60:d4:50:7d:62:e2:bb:79:ed:5f:55:58:22:d1:61:
                    8f:1a:c8:f9:12:14:0b:a0:d4:63:69:ad:1b:5d:bf:
                    fe:9c:8d:3d:b1:8d:ca:2a:a2:a9:db:c7:5b:d7:e7:
                    fa:66:27:25:35:60:db:95:c1:84:9f:26:85:29:91:
                    7f:14:4a:db:cd:59:56:85:03:59:44:83:4b:a7:99:
                    9a:0a:75:af:0f:3e:c5:16:48:d8:99:ca:3e:41:d0:
                    a2:83:87:2c:fb:35:94:aa:16:81:22:c5:b8:59:dc:
                    b3:5f:af:be:26:59:70:fc:2f:4f:d8:8e:20:e0:f3:
                    16:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:15:9E:89:86:2E:D5:65:98:08:0B:F4:A1:76:AE:66:4E:9B:2E:0D
            X509v3 Authority Key Identifier:
                keyid:8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:53:55:e9:bf:f7:3c:80:d0:71:8a:6d:20:76:3e:57:af:2e:
         90:18:3f:2b:5a:1a:02:0b:66:51:9c:00:7f:d1:06:75:fa:26:
         21:c4:f2:82:7f:91:b6:9e:6b:a1:a1:95:be:2f:43:88:ca:56:
         3a:af:79:e8:4d:5a:36:63:11:de:51:b8:6a:df:18:0e:25:9a:
         07:82:f2:7b:88:04:ce:71:ee:da:d4:6c:ab:20:ae:10:d8:b8:
         50:7c:2c:bb:d1:9d:e5:a8:c3:2a:d1:ec:14:28:65:5e:b8:79:
         3e:aa:48:6c:63:cd:44:58:05:d9:4b:23:28:8b:c1:6d:14:c3:
         99:30:a0:8b:a7:08:bb:72:7b:11:d3:10:1a:a0:f8:38:64:1b:
         b5:ac:59:bc:96:8b:35:0d:2f:1f:fe:f3:4d:57:26:a3:fc:78:
         b7:0f:fd:1b:99:81:5f:13:98:19:ed:50:93:36:76:c9:c3:18:
         3b:ef:24:07:c4:af:51:65:a1:dc:10:c5:79:dc:23:dc:03:a2:
         58:b6:b5:04:bb:46:63:bf:15:d0:09:f2:1a:f0:68:42:6b:fe:
         b8:3e:a1:00:77:71:c8:44:25:3b:c5:10:9f:a4:39:bc:2c:04:
         52:bb:5b:26:1d:a6:11:a2:95:d2:a8:e4:ab:8c:1a:b6:05:59:
         e4:f3:a6:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G+J3HNL6BNs/re4wUp5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWRlZTk2NGFhMjZmODliZDEwMjI3NmQ0NjU2MzNmYjgy
ZWFhMjgwHhcNMjYwMzI5MDEwMTA3WhcNMjYwMzMwMDEwMTA3WjAzMTEwLwYDVQQD
EygyNTE1OWU4OTg2MmVkNTY1OTgwODBiZjRhMTc2YWU2NjRlOWIyZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXVxxovLuiL9zhRs1xcjJP8jiHfl
hW5SlncEymYb0PzRlWxzuUBhn/gNuaGPqW3eH7BUs5hSjAfP4xFwFgkaekL7DxdB
GaIneHCq1fuja7lwS/X8W5pj8rZ9B/8KIh1v5C6zpeyosd1k5TFpsz3RHR8/dCNP
Ym7yDciIA8a4s9vkWaZV9oRg1FB9YuK7ee1fVVgi0WGPGsj5EhQLoNRjaa0bXb/+
nI09sY3KKqKp28db1+f6ZiclNWDblcGEnyaFKZF/FErbzVlWhQNZRINLp5maCnWv
Dz7FFkjYmco+QdCig4cs+zWUqhaBIsW4WdyzX6++Jllw/C9P2I4g4PMWcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUVnomGLtVlmAgL9KF2rmZOmy4NMB8GA1UdIwQY
MBaAFI0d7pZKom+JvRAidtRlYz+4LqooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYt
MjU5NDIwZDMyNDcyLzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYtMjU5NDIwZDMyNDcy
LzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAilNV6b/3
PIDQcYptIHY+V68ukBg/K1oaAgtmUZwAf9EGdfomIcTygn+Rtp5roaGVvi9DiMpW
Oq956E1aNmMR3lG4at8YDiWaB4Lye4gEznHu2tRsqyCuENi4UHwsu9Gd5ajDKtHs
FChlXrh5PqpIbGPNRFgF2UsjKIvBbRTDmTCgi6cIu3J7EdMQGqD4OGQbtaxZvJaL
NQ0vH/7zTVcmo/x4tw/9G5mBXxOYGe1QkzZ2ycMYO+8kB8SvUWWh3BDFedwj3AOi
WLa1BLtGY78V0AnyGvBoQmv+uD6hAHdxyEQlO8UQn6Q5vCwEUrtbJh2mEaKV0qjk
q4watgVZ5POmWg==
-----END CERTIFICATE-----