Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/680c79-2735-4cf0-85b4-503414e9e328/1/hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.mft
File:                     hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.mft (raw, json)
Hash identifier:          N87Ldm4a6FlDkwBaV1L4tqKxQfcwYOHFIi3MxbuhXfM=
Subject key identifier:   D9:ED:B4:0A:1A:3B:FA:C9:CC:57:65:11:5F:DA:A6:B9:5F:2F:92:A8
Authority key identifier: 84:89:4E:4F:50:E8:C2:6C:F8:AC:74:7E:99:BF:06:7E:0A:7D:45:DC
Certificate issuer:       /CN=84894e4f50e8c26cf8ac747e99bf067e0a7d45dc
Certificate serial:       019D389BF78DF69999FB04C162E22D7E70D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/680c79-2735-4cf0-85b4-503414e9e328/1/hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.mft
Manifest number:          EB
Signing time:             Sun 29 Mar 2026 08:00:38 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:38 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:38 +0000
Files and hashes:         1: hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.crl (hash: f0OhE2YeaNcpAZK+5CAoJk16Lr+zLxxIPFdJ+1E0Xpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/680c79-2735-4cf0-85b4-503414e9e328/1/hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/680c79-2735-4cf0-85b4-503414e9e328/1/hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:f7:8d:f6:99:99:fb:04:c1:62:e2:2d:7e:70:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84894e4f50e8c26cf8ac747e99bf067e0a7d45dc
        Validity
            Not Before: Mar 29 08:00:38 2026 GMT
            Not After : Mar 30 08:00:38 2026 GMT
        Subject: CN=d9edb40a1a3bfac9cc5765115fdaa6b95f2f92a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:2d:4d:3f:a6:13:3b:b6:bb:dc:db:d4:83:7e:
                    5d:a8:6c:bf:58:a3:25:5d:e3:8f:11:53:19:c7:90:
                    af:92:64:33:65:c6:07:d9:e9:c4:b0:d5:cc:f1:48:
                    0e:0e:0a:d1:88:15:4e:75:6d:05:89:c3:e6:86:6f:
                    70:1b:dc:81:14:85:04:2f:0e:aa:f0:7b:25:14:6a:
                    4a:46:dd:00:ab:a0:84:c2:5f:04:6d:e9:8c:ab:eb:
                    53:ee:d5:13:f2:22:95:c4:68:58:37:e8:d8:ac:64:
                    17:e4:5d:8c:2e:f6:62:40:f9:15:80:50:c5:89:3a:
                    eb:ce:67:ee:8f:15:f8:b6:bd:74:af:17:09:30:f9:
                    32:d2:b2:64:5d:92:13:5b:76:a8:76:e4:a8:5c:a3:
                    67:71:d7:b3:de:8a:f0:b4:f4:f2:fc:81:d3:18:d4:
                    ad:68:06:dd:b9:30:5f:35:e1:ca:d4:01:ce:0a:f2:
                    ad:e9:9a:22:e8:60:c7:13:27:f8:67:ee:6b:01:55:
                    77:4a:09:58:64:53:2c:3b:bf:be:95:96:3e:96:36:
                    a5:a5:5c:60:e2:88:d8:38:65:67:05:8b:d5:af:04:
                    a3:a4:fc:f9:6a:71:47:32:7f:1a:0a:ca:d0:49:48:
                    0b:34:03:80:c9:ee:3c:36:7c:bc:8a:33:d3:79:88:
                    87:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:ED:B4:0A:1A:3B:FA:C9:CC:57:65:11:5F:DA:A6:B9:5F:2F:92:A8
            X509v3 Authority Key Identifier:
                keyid:84:89:4E:4F:50:E8:C2:6C:F8:AC:74:7E:99:BF:06:7E:0A:7D:45:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/680c79-2735-4cf0-85b4-503414e9e328/1/hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/680c79-2735-4cf0-85b4-503414e9e328/1/hIlOT1Dowmz4rHR-mb8Gfgp9Rdw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:3d:61:76:d0:d2:a5:25:79:44:2e:d7:bb:87:1b:49:d1:1a:
         c9:ab:ac:83:6b:ea:4f:df:b2:54:dd:6e:ea:dc:47:9c:9d:ba:
         fb:80:4d:0a:e6:4f:96:d4:b7:85:58:e4:f8:59:21:7f:da:1f:
         ac:df:d5:b7:e8:40:0d:ea:cb:66:0b:a0:b0:b5:9b:70:38:d4:
         be:44:10:a5:d0:a9:60:1c:25:62:0b:04:29:8c:e1:64:41:6a:
         22:5f:ac:a4:af:47:0b:37:65:2d:f5:08:bf:2b:a7:ba:ec:c8:
         3c:07:6b:3d:6f:1e:a6:55:96:f6:cd:a5:56:97:5b:a7:46:52:
         00:45:24:28:0c:d4:1a:11:e0:16:fd:c6:86:fe:80:d9:fb:a7:
         3e:1a:9f:90:5d:fd:b3:5a:45:c1:f9:e8:fa:68:52:4a:2d:8c:
         03:b4:a4:22:f9:aa:8a:81:ae:32:42:0d:72:f4:9c:6e:00:cf:
         e9:e5:85:a3:b1:ef:26:f4:59:04:91:e0:f2:dd:c2:d4:2f:f8:
         84:0f:23:e4:17:6c:80:8f:d3:0d:5b:87:31:87:63:98:0e:de:
         19:9b:ea:13:b0:77:d6:e9:9d:cd:5e:32:b0:bd:37:5f:eb:94:
         7f:97:4c:5c:94:be:01:0e:37:a9:cf:72:fd:31:a3:4d:b4:c3:
         cc:0a:64:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/eN9pmZ+wTBYuItfnDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ODk0ZTRmNTBlOGMyNmNmOGFjNzQ3ZTk5YmYwNjdlMGE3
ZDQ1ZGMwHhcNMjYwMzI5MDgwMDM4WhcNMjYwMzMwMDgwMDM4WjAzMTEwLwYDVQQD
EyhkOWVkYjQwYTFhM2JmYWM5Y2M1NzY1MTE1ZmRhYTZiOTVmMmY5MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy1NP6YTO7a73NvUg35dqGy/WKMl
XeOPEVMZx5CvkmQzZcYH2enEsNXM8UgODgrRiBVOdW0FicPmhm9wG9yBFIUELw6q
8HslFGpKRt0Aq6CEwl8EbemMq+tT7tUT8iKVxGhYN+jYrGQX5F2MLvZiQPkVgFDF
iTrrzmfujxX4tr10rxcJMPky0rJkXZITW3aoduSoXKNncdez3orwtPTy/IHTGNSt
aAbduTBfNeHK1AHOCvKt6Zoi6GDHEyf4Z+5rAVV3SglYZFMsO7++lZY+ljalpVxg
4ojYOGVnBYvVrwSjpPz5anFHMn8aCsrQSUgLNAOAye48Nny8ijPTeYiH3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnttAoaO/rJzFdlEV/aprlfL5KoMB8GA1UdIwQY
MBaAFISJTk9Q6MJs+Kx0fpm/Bn4KfUXcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaElsT1QxRG93bXo0ckhSLW1iOEdmZ3A5UmR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ODBjNzktMjczNS00Y2YwLTg1YjQt
NTAzNDE0ZTllMzI4LzEvaElsT1QxRG93bXo0ckhSLW1iOEdmZ3A5UmR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ODBjNzktMjczNS00Y2YwLTg1YjQtNTAzNDE0ZTllMzI4
LzEvaElsT1QxRG93bXo0ckhSLW1iOEdmZ3A5UmR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbD1hdtDS
pSV5RC7Xu4cbSdEayausg2vqT9+yVN1u6txHnJ26+4BNCuZPltS3hVjk+Fkhf9of
rN/Vt+hADerLZgugsLWbcDjUvkQQpdCpYBwlYgsEKYzhZEFqIl+spK9HCzdlLfUI
vyunuuzIPAdrPW8eplWW9s2lVpdbp0ZSAEUkKAzUGhHgFv3Ghv6A2funPhqfkF39
s1pFwfno+mhSSi2MA7SkIvmqioGuMkINcvScbgDP6eWFo7HvJvRZBJHg8t3C1C/4
hA8j5BdsgI/TDVuHMYdjmA7eGZvqE7B31umdzV4ysL03X+uUf5dMXJS+AQ43qc9y
/TGjTbTDzApkCg==
-----END CERTIFICATE-----