Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
File:                     M1lkDZyLY0Pghqr4vosw6MMdK40.mft (raw, json)
Hash identifier:          WD7l45wj1IrmIh9E9Hq3ZMdkMBPa8oRq+XOhCbc7FuY=
Subject key identifier:   FE:3F:43:EB:C9:44:CE:25:5D:F1:DB:6E:81:F6:99:D7:10:DA:F9:53
Authority key identifier: 33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D
Certificate issuer:       /CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
Certificate serial:       019D3A53962C785FA9D7913D5D18773FD33E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
Manifest number:          0617
Signing time:             Sun 29 Mar 2026 16:00:49 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:49 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:49 +0000
Files and hashes:         1: M1lkDZyLY0Pghqr4vosw6MMdK40.crl (hash: iJXFJCYUdka+vOqDmZl3nCPgodw/8FuC38rFaznQGJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:96:2c:78:5f:a9:d7:91:3d:5d:18:77:3f:d3:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
        Validity
            Not Before: Mar 29 16:00:49 2026 GMT
            Not After : Mar 30 16:00:49 2026 GMT
        Subject: CN=fe3f43ebc944ce255df1db6e81f699d710daf953
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:33:c2:59:f5:47:f1:8f:31:9c:68:5f:44:cb:
                    af:f3:fb:97:ee:33:fa:85:34:f6:3f:8b:89:91:6e:
                    d7:90:cb:c7:46:96:0d:2e:d1:b2:68:e2:5b:8f:df:
                    83:7d:02:a5:b2:f1:e6:eb:ef:4d:46:52:6f:36:de:
                    10:c1:19:0f:28:1f:a7:57:bc:65:5a:1d:af:1b:42:
                    fa:6a:3b:bc:01:97:aa:84:7c:26:a4:68:6d:1e:fe:
                    0a:f1:69:8c:ec:48:fd:94:5d:29:f6:b9:ad:21:ef:
                    4a:3c:0e:b8:f7:35:8f:12:43:02:2b:96:3c:bc:e6:
                    1d:f9:67:fb:5b:28:4a:cf:df:a7:6c:bc:68:39:0f:
                    fa:9c:60:1e:aa:b1:3d:bf:6f:35:8e:63:e4:61:2a:
                    3f:b3:a7:57:f7:c1:90:75:40:11:a4:90:43:d7:cb:
                    91:01:31:61:13:0b:91:69:cc:01:96:93:61:e4:2f:
                    d4:ac:50:ee:9b:bd:9a:57:01:4a:4b:38:5c:e1:0a:
                    3c:32:d8:46:89:f3:29:e7:b0:1b:aa:ea:fe:63:e1:
                    4b:b2:2b:ca:91:27:5b:37:83:42:2f:b9:40:48:89:
                    07:6c:bc:b4:74:8b:62:a0:78:e2:6b:39:83:5f:4f:
                    5b:39:f5:f6:14:6e:5c:1a:42:13:b5:5c:49:04:96:
                    85:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:3F:43:EB:C9:44:CE:25:5D:F1:DB:6E:81:F6:99:D7:10:DA:F9:53
            X509v3 Authority Key Identifier:
                keyid:33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:a1:dd:02:19:fe:be:f7:c7:9f:44:fb:b5:8d:f8:66:a3:cd:
         05:bc:1f:8a:ea:37:25:b9:45:f1:56:70:7a:cb:71:01:9a:12:
         7e:98:48:45:aa:80:2a:77:a7:d0:2d:97:ba:6f:64:01:d5:35:
         28:fb:0b:d3:c3:15:a8:f7:e6:97:28:1f:08:ae:7f:9d:64:5a:
         56:08:af:4a:15:8c:a1:fe:1c:d1:9f:7d:57:c8:f7:8d:01:35:
         7b:fa:d9:2b:52:aa:86:bd:44:be:ed:bb:35:6f:e1:59:a0:22:
         cd:d8:b2:d0:1f:c9:79:09:01:8d:19:58:b6:dd:c8:1a:80:cb:
         fc:b0:0a:2e:3b:d4:4b:95:0a:ee:d7:e7:4a:26:e6:9c:f8:84:
         26:c9:04:1b:52:80:a2:31:ee:a9:21:ff:c3:66:c0:21:88:3e:
         2f:d7:48:14:24:ac:14:3a:c1:e5:41:d5:26:62:ac:3d:f3:5d:
         40:bc:ef:36:8c:71:15:c3:64:38:2d:f6:90:c7:ae:f9:ae:14:
         8c:56:9f:86:db:41:0a:80:80:39:39:31:48:ae:58:d6:25:8b:
         7a:76:00:86:cb:8b:bc:80:66:9a:6c:b3:86:df:e6:98:c6:ac:
         fc:fe:be:0a:2b:42:3d:2d:d3:e9:1b:7c:a7:49:5a:ad:fc:41:
         50:d8:7f:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U5YseF+p15E9XRh3P9M+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTk2NDBkOWM4YjYzNDNlMDg2YWFmOGJlOGIzMGU4YzMx
ZDJiOGQwHhcNMjYwMzI5MTYwMDQ5WhcNMjYwMzMwMTYwMDQ5WjAzMTEwLwYDVQQD
EyhmZTNmNDNlYmM5NDRjZTI1NWRmMWRiNmU4MWY2OTlkNzEwZGFmOTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTPCWfVH8Y8xnGhfRMuv8/uX7jP6
hTT2P4uJkW7XkMvHRpYNLtGyaOJbj9+DfQKlsvHm6+9NRlJvNt4QwRkPKB+nV7xl
Wh2vG0L6aju8AZeqhHwmpGhtHv4K8WmM7Ej9lF0p9rmtIe9KPA649zWPEkMCK5Y8
vOYd+Wf7WyhKz9+nbLxoOQ/6nGAeqrE9v281jmPkYSo/s6dX98GQdUARpJBD18uR
ATFhEwuRacwBlpNh5C/UrFDum72aVwFKSzhc4Qo8MthGifMp57Abqur+Y+FLsivK
kSdbN4NCL7lASIkHbLy0dItioHjiazmDX09bOfX2FG5cGkITtVxJBJaFSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4/Q+vJRM4lXfHbboH2mdcQ2vlTMB8GA1UdIwQY
MBaAFDNZZA2ci2ND4Iaq+L6LMOjDHSuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQt
YmRkYzMxNDNiMzEzLzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQtYmRkYzMxNDNiMzEz
LzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj6HdAhn+
vvfHn0T7tY34ZqPNBbwfiuo3JblF8VZwestxAZoSfphIRaqAKnen0C2Xum9kAdU1
KPsL08MVqPfmlygfCK5/nWRaVgivShWMof4c0Z99V8j3jQE1e/rZK1Kqhr1Evu27
NW/hWaAizdiy0B/JeQkBjRlYtt3IGoDL/LAKLjvUS5UK7tfnSibmnPiEJskEG1KA
ojHuqSH/w2bAIYg+L9dIFCSsFDrB5UHVJmKsPfNdQLzvNoxxFcNkOC32kMeu+a4U
jFafhttBCoCAOTkxSK5Y1iWLenYAhsuLvIBmmmyzht/mmMas/P6+CitCPS3T6Rt8
p0larfxBUNh/ZQ==
-----END CERTIFICATE-----