Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
File:                     rl81puj7U5sZVMtDps516X-q4XU.mft (raw, json)
Hash identifier:          YKVv3h2gHdUonC+XXKr91tzDek2NOs0rnk94LOvKvEk=
Subject key identifier:   D0:27:B0:C8:BA:13:DF:FF:A8:46:66:42:C0:F6:F5:3C:1E:90:15:D2
Authority key identifier: AE:5F:35:A6:E8:FB:53:9B:19:54:CB:43:A6:CE:75:E9:7F:AA:E1:75
Certificate issuer:       /CN=ae5f35a6e8fb539b1954cb43a6ce75e97faae175
Certificate serial:       019D3865F086D8DE989F771F20DCFFD53F4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
Manifest number:          0C86
Signing time:             Sun 29 Mar 2026 07:01:37 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:37 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:37 +0000
Files and hashes:         1: rl81puj7U5sZVMtDps516X-q4XU.crl (hash: Tl9tAamIzO4BmYAhsYlDfIsjc1FeAIk6VGzKveRBJUg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:f0:86:d8:de:98:9f:77:1f:20:dc:ff:d5:3f:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae5f35a6e8fb539b1954cb43a6ce75e97faae175
        Validity
            Not Before: Mar 29 07:01:37 2026 GMT
            Not After : Mar 30 07:01:37 2026 GMT
        Subject: CN=d027b0c8ba13dfffa8466642c0f6f53c1e9015d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:0b:e8:25:28:c6:85:bd:e8:66:00:c4:9f:48:
                    90:f2:64:47:31:d5:7f:ed:1a:b5:33:eb:82:86:23:
                    95:0c:56:ab:fd:74:b4:33:64:e0:c7:60:b0:b2:bb:
                    d3:8b:c5:62:b4:a1:d1:a8:82:31:12:85:f7:6a:44:
                    8b:4c:87:3c:24:69:6e:70:a9:11:c4:1f:9a:12:95:
                    52:3b:ba:83:15:25:eb:2b:f1:e7:ce:86:65:00:2a:
                    95:a3:c3:55:25:d2:44:1d:f9:e0:86:46:67:2c:ad:
                    bd:5e:dd:8b:b3:a6:15:c4:5c:da:98:e2:13:f3:e6:
                    17:a3:16:1a:48:2c:5f:a4:7a:27:da:40:f0:38:bd:
                    2c:a3:4d:39:87:a0:dc:41:43:67:22:2d:4c:27:49:
                    57:14:46:6d:64:09:db:68:67:a5:df:cf:c0:b2:fe:
                    c6:13:18:ac:5d:6b:67:0b:ac:a9:06:08:d4:45:6c:
                    42:66:af:0b:08:9e:4c:6b:e1:dc:21:52:c4:bb:62:
                    25:8e:75:5f:2b:dc:f5:c7:d3:01:f2:e7:8b:82:db:
                    dd:7f:18:c2:65:b3:a8:3d:46:03:7d:fb:52:f6:53:
                    8f:cf:62:7a:c0:3d:99:d6:5c:59:9c:1e:d2:d2:12:
                    36:f0:df:d9:9c:c6:66:6c:cb:8c:28:29:6a:3f:37:
                    04:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:27:B0:C8:BA:13:DF:FF:A8:46:66:42:C0:F6:F5:3C:1E:90:15:D2
            X509v3 Authority Key Identifier:
                keyid:AE:5F:35:A6:E8:FB:53:9B:19:54:CB:43:A6:CE:75:E9:7F:AA:E1:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:c4:5a:ea:11:38:19:12:da:c9:4f:66:21:ab:d2:8d:4f:3f:
         3d:4f:98:50:91:a2:df:86:92:e8:d5:fd:5c:e4:f3:1b:7d:3d:
         ee:88:d9:63:06:8b:37:c3:d5:7c:a8:ce:28:4e:6d:73:ec:87:
         d8:e1:2b:85:9c:03:9f:3f:1a:1c:9f:da:37:05:6e:3d:5d:f6:
         ee:d7:7a:0a:2f:d6:20:7b:4d:b2:77:12:48:a7:e8:90:c0:2a:
         b3:1f:6b:66:00:fa:2e:a7:ef:36:80:8f:cb:ae:60:12:4e:68:
         d2:47:b1:03:67:e0:96:40:93:3f:84:f3:96:b5:95:7e:a4:83:
         86:a2:3b:38:7b:89:a9:53:b8:cc:d9:84:52:71:3c:af:7f:59:
         e5:e7:fe:30:2c:81:75:76:a6:7b:48:27:05:2b:0f:04:45:8c:
         00:65:ef:e5:d8:23:15:ee:1a:6b:56:58:9d:be:48:19:e1:4b:
         99:74:2c:ca:ab:ca:23:fa:15:0a:f6:d5:97:57:31:c4:45:26:
         28:9d:bf:a1:4d:d2:a5:d6:81:e5:cb:96:94:1f:d6:44:40:33:
         63:d2:32:86:67:66:dd:fc:fd:e8:32:02:ba:05:80:48:dc:07:
         ea:81:2f:31:0b:16:4e:39:c6:d6:d4:bb:cb:75:0d:d2:13:c3:
         a4:af:f7:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfCG2N6Yn3cfINz/1T9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNWYzNWE2ZThmYjUzOWIxOTU0Y2I0M2E2Y2U3NWU5N2Zh
YWUxNzUwHhcNMjYwMzI5MDcwMTM3WhcNMjYwMzMwMDcwMTM3WjAzMTEwLwYDVQQD
EyhkMDI3YjBjOGJhMTNkZmZmYTg0NjY2NDJjMGY2ZjUzYzFlOTAxNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wvoJSjGhb3oZgDEn0iQ8mRHMdV/
7Rq1M+uChiOVDFar/XS0M2Tgx2CwsrvTi8VitKHRqIIxEoX3akSLTIc8JGlucKkR
xB+aEpVSO7qDFSXrK/HnzoZlACqVo8NVJdJEHfnghkZnLK29Xt2Ls6YVxFzamOIT
8+YXoxYaSCxfpHon2kDwOL0so005h6DcQUNnIi1MJ0lXFEZtZAnbaGel38/Asv7G
ExisXWtnC6ypBgjURWxCZq8LCJ5Ma+HcIVLEu2IljnVfK9z1x9MB8ueLgtvdfxjC
ZbOoPUYDfftS9lOPz2J6wD2Z1lxZnB7S0hI28N/ZnMZmbMuMKClqPzcEWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNAnsMi6E9//qEZmQsD29TwekBXSMB8GA1UdIwQY
MBaAFK5fNabo+1ObGVTLQ6bOdel/quF1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9mZWI3ZTAtMmI3ZS00MjZjLWIwMzct
MjA5MWNjYThiYzQ4LzEvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9mZWI3ZTAtMmI3ZS00MjZjLWIwMzctMjA5MWNjYThiYzQ4
LzEvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEMRa6hE4
GRLayU9mIavSjU8/PU+YUJGi34aS6NX9XOTzG3097ojZYwaLN8PVfKjOKE5tc+yH
2OErhZwDnz8aHJ/aNwVuPV327td6Ci/WIHtNsncSSKfokMAqsx9rZgD6LqfvNoCP
y65gEk5o0kexA2fglkCTP4TzlrWVfqSDhqI7OHuJqVO4zNmEUnE8r39Z5ef+MCyB
dXame0gnBSsPBEWMAGXv5dgjFe4aa1ZYnb5IGeFLmXQsyqvKI/oVCvbVl1cxxEUm
KJ2/oU3SpdaB5cuWlB/WREAzY9Iyhmdm3fz96DICugWASNwH6oEvMQsWTjnG1tS7
y3UN0hPDpK/3zA==
-----END CERTIFICATE-----