Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.mft
File:                     V25aWVM8ptDwtIgH0Md-FWhgTl4.mft (raw, json)
Hash identifier:          EB/aTGswgxOUsSoadZ3n3kCo9u5+/FrEnp4HUnRzj0o=
Subject key identifier:   4F:90:13:0F:F6:17:7F:76:3F:43:0B:61:42:F3:03:E7:E3:17:61:22
Authority key identifier: 57:6E:5A:59:53:3C:A6:D0:F0:B4:88:07:D0:C7:7E:15:68:60:4E:5E
Certificate issuer:       /CN=576e5a59533ca6d0f0b48807d0c77e1568604e5e
Certificate serial:       019D38D3A191A95E5644DC1F2E6401F37784
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V25aWVM8ptDwtIgH0Md-FWhgTl4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.mft
Manifest number:          08D0
Signing time:             Sun 29 Mar 2026 09:01:26 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:26 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:26 +0000
Files and hashes:         1: V25aWVM8ptDwtIgH0Md-FWhgTl4.crl (hash: zUBU5zDCKAZ9j4JBbAZCYDKrUYw4DjbBFqgctI0/+XM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/V25aWVM8ptDwtIgH0Md-FWhgTl4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:a1:91:a9:5e:56:44:dc:1f:2e:64:01:f3:77:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=576e5a59533ca6d0f0b48807d0c77e1568604e5e
        Validity
            Not Before: Mar 29 09:01:26 2026 GMT
            Not After : Mar 30 09:01:26 2026 GMT
        Subject: CN=4f90130ff6177f763f430b6142f303e7e3176122
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:cf:61:de:8f:39:07:d6:d7:55:e0:6e:f9:3e:
                    32:a5:19:22:de:47:b2:97:21:a5:89:c7:ce:6b:bc:
                    20:1b:d5:19:f2:f3:50:49:b7:d7:d1:96:09:21:2e:
                    e4:c6:c2:e0:c2:c3:b0:67:68:71:f5:d0:f0:3b:c4:
                    97:5d:4f:04:54:02:c2:ee:64:fe:58:22:d0:41:6f:
                    09:bd:98:3d:09:b1:49:eb:35:fc:23:6e:69:88:0c:
                    67:e3:ca:6d:35:74:65:9d:8c:16:1f:1a:e7:d1:e1:
                    79:67:05:67:ec:ed:50:e5:df:3f:ba:e0:4d:bf:5d:
                    2d:2e:77:91:9f:34:f2:c6:0a:9c:1e:9a:6e:86:f0:
                    90:df:2e:93:d6:82:6d:c7:fb:b5:f6:a9:36:28:88:
                    37:9e:10:3c:d3:4b:19:50:9c:91:b8:80:a5:60:97:
                    c0:4a:ab:1b:62:4b:47:a2:a8:1d:d5:2e:88:71:c2:
                    e7:31:55:0b:db:07:45:06:2d:17:68:e4:74:90:05:
                    7c:cb:bc:7f:e0:fd:b6:5e:ef:0c:ba:95:e0:eb:6a:
                    59:19:45:45:d5:e9:6e:36:6f:a7:7c:73:98:f6:2a:
                    3d:92:f0:8f:26:8f:82:79:0f:f9:e8:dd:07:4a:b6:
                    76:6b:0d:c9:35:b1:22:8d:79:f2:75:fd:ed:82:71:
                    ba:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:90:13:0F:F6:17:7F:76:3F:43:0B:61:42:F3:03:E7:E3:17:61:22
            X509v3 Authority Key Identifier:
                keyid:57:6E:5A:59:53:3C:A6:D0:F0:B4:88:07:D0:C7:7E:15:68:60:4E:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V25aWVM8ptDwtIgH0Md-FWhgTl4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8d2113-3ec0-4445-8dfe-7adb40dca7bd/1/V25aWVM8ptDwtIgH0Md-FWhgTl4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:96:f5:4c:36:dc:33:7c:df:cc:0c:dd:77:96:d3:bc:10:59:
         70:90:be:99:40:6d:53:13:64:96:e4:3e:68:97:0f:10:d1:8b:
         fe:32:09:0b:c3:af:e8:9c:77:41:c0:b5:42:be:87:c3:a0:e1:
         68:01:3d:de:67:43:77:33:95:40:f9:b9:16:cc:c5:84:f7:10:
         32:ce:ff:c4:05:4f:55:95:bb:a1:cd:9e:29:b7:9e:91:4b:d6:
         a2:79:7c:96:ff:ff:6d:dc:f8:ef:d3:36:d3:29:82:32:22:33:
         aa:94:42:0a:d4:d7:90:0d:08:68:c4:6f:76:cf:72:88:07:c7:
         60:06:66:2d:94:b5:e3:50:07:44:a2:ae:1a:2d:f1:cf:5e:f8:
         cc:68:7a:8f:ca:92:65:a3:93:fb:9b:ca:24:34:e3:b4:78:91:
         92:a8:66:5c:c2:5d:55:c9:d4:69:b4:ea:2c:fb:fc:b7:4f:d9:
         42:47:71:1f:09:56:ab:1c:62:b6:2d:8a:ef:0e:cc:c8:65:e8:
         6a:9d:63:59:6c:3a:a7:af:20:4a:e0:3c:38:6c:29:da:40:30:
         34:66:91:20:9a:74:b0:23:74:3b:91:40:bf:40:d8:f2:a4:79:
         c7:f7:26:81:df:6a:19:11:b2:8c:20:cd:54:9e:37:d5:cd:eb:
         df:e6:0a:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406GRqV5WRNwfLmQB83eEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmU1YTU5NTMzY2E2ZDBmMGI0ODgwN2QwYzc3ZTE1Njg2
MDRlNWUwHhcNMjYwMzI5MDkwMTI2WhcNMjYwMzMwMDkwMTI2WjAzMTEwLwYDVQQD
Eyg0ZjkwMTMwZmY2MTc3Zjc2M2Y0MzBiNjE0MmYzMDNlN2UzMTc2MTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs9h3o85B9bXVeBu+T4ypRki3key
lyGlicfOa7wgG9UZ8vNQSbfX0ZYJIS7kxsLgwsOwZ2hx9dDwO8SXXU8EVALC7mT+
WCLQQW8JvZg9CbFJ6zX8I25piAxn48ptNXRlnYwWHxrn0eF5ZwVn7O1Q5d8/uuBN
v10tLneRnzTyxgqcHppuhvCQ3y6T1oJtx/u19qk2KIg3nhA800sZUJyRuIClYJfA
SqsbYktHoqgd1S6IccLnMVUL2wdFBi0XaOR0kAV8y7x/4P22Xu8MupXg62pZGUVF
1eluNm+nfHOY9io9kvCPJo+CeQ/56N0HSrZ2aw3JNbEijXnydf3tgnG6IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+QEw/2F392P0MLYULzA+fjF2EiMB8GA1UdIwQY
MBaAFFduWllTPKbQ8LSIB9DHfhVoYE5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjI1YVdWTThwdER3dElnSDBNZC1GV2hnVGw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS84ZDIxMTMtM2VjMC00NDQ1LThkZmUt
N2FkYjQwZGNhN2JkLzEvVjI1YVdWTThwdER3dElnSDBNZC1GV2hnVGw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS84ZDIxMTMtM2VjMC00NDQ1LThkZmUtN2FkYjQwZGNhN2Jk
LzEvVjI1YVdWTThwdER3dElnSDBNZC1GV2hnVGw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARpb1TDbc
M3zfzAzdd5bTvBBZcJC+mUBtUxNkluQ+aJcPENGL/jIJC8Ov6Jx3QcC1Qr6Hw6Dh
aAE93mdDdzOVQPm5FszFhPcQMs7/xAVPVZW7oc2eKbeekUvWonl8lv//bdz479M2
0ymCMiIzqpRCCtTXkA0IaMRvds9yiAfHYAZmLZS141AHRKKuGi3xz174zGh6j8qS
ZaOT+5vKJDTjtHiRkqhmXMJdVcnUabTqLPv8t0/ZQkdxHwlWqxxiti2K7w7MyGXo
ap1jWWw6p68gSuA8OGwp2kAwNGaRIJp0sCN0O5FAv0DY8qR5x/cmgd9qGRGyjCDN
VJ431c3r3+YK1A==
-----END CERTIFICATE-----