Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft
File:                     i7AWzMBcV2V0az92QtBD6BEgNwU.mft (raw, json)
Hash identifier:          oI2U+N4l+ml/pdBnJAZpP1DIiYDcegZRxdQDxEyulU4=
Subject key identifier:   88:A7:A3:B4:05:D6:AC:6F:F0:B2:95:38:47:DF:52:4C:AB:E7:EB:38
Authority key identifier: 8B:B0:16:CC:C0:5C:57:65:74:6B:3F:76:42:D0:43:E8:11:20:37:05
Certificate issuer:       /CN=8bb016ccc05c5765746b3f7642d043e811203705
Certificate serial:       019D3A8A75B649A90D36D5C6169ED05FDD80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i7AWzMBcV2V0az92QtBD6BEgNwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft
Manifest number:          037A
Signing time:             Sun 29 Mar 2026 17:00:45 +0000
Manifest this update:     Sun 29 Mar 2026 17:00:45 +0000
Manifest next update:     Mon 30 Mar 2026 17:00:45 +0000
Files and hashes:         1: i7AWzMBcV2V0az92QtBD6BEgNwU.crl (hash: fpttksznpRSYXP1rcfZayWiEUoh2LPYKU3ZmCiy+v5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i7AWzMBcV2V0az92QtBD6BEgNwU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:8a:75:b6:49:a9:0d:36:d5:c6:16:9e:d0:5f:dd:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bb016ccc05c5765746b3f7642d043e811203705
        Validity
            Not Before: Mar 29 17:00:45 2026 GMT
            Not After : Mar 30 17:00:45 2026 GMT
        Subject: CN=88a7a3b405d6ac6ff0b2953847df524cabe7eb38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:26:68:24:d7:f6:73:f5:3f:a7:db:39:a7:e9:
                    a0:b7:ff:d9:d2:79:8e:77:17:9d:28:bc:71:c0:a1:
                    ea:77:48:d9:ee:3c:62:40:96:f5:96:b1:9f:de:25:
                    3f:68:54:92:e1:14:f8:4e:d7:fe:6a:49:2f:84:55:
                    4e:3c:00:a5:b6:74:6d:bf:56:d8:78:a6:f4:75:0f:
                    fd:ac:fe:64:95:44:6b:f4:77:96:56:59:4e:ef:da:
                    12:26:e5:74:b6:35:96:eb:cf:d0:42:0b:ac:94:25:
                    4e:97:0a:6c:0c:45:50:29:61:92:a1:f6:6b:61:e2:
                    0b:da:02:55:e0:01:b7:dd:a6:f9:9c:57:e1:bb:50:
                    f9:ad:81:0f:43:0e:62:cf:86:91:b3:42:4c:e5:70:
                    70:90:03:13:f7:22:ef:be:a3:a5:65:f4:48:3b:2b:
                    be:ca:24:8c:f7:ea:81:39:df:4e:04:70:dd:3a:2b:
                    65:d9:56:1b:2a:4d:03:bb:8b:9f:c3:27:5e:98:3e:
                    be:4f:20:cd:56:62:28:5e:f7:4e:19:1e:36:99:46:
                    13:60:14:40:4f:49:de:68:63:40:16:e1:cb:25:dd:
                    35:55:f6:cb:1b:14:07:07:f4:2c:73:e3:bf:34:76:
                    81:6a:14:e2:ef:a0:83:61:a3:07:0b:9f:00:a0:a8:
                    e0:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:A7:A3:B4:05:D6:AC:6F:F0:B2:95:38:47:DF:52:4C:AB:E7:EB:38
            X509v3 Authority Key Identifier:
                keyid:8B:B0:16:CC:C0:5C:57:65:74:6B:3F:76:42:D0:43:E8:11:20:37:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7AWzMBcV2V0az92QtBD6BEgNwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/018fe7-e86a-466c-b710-fed55e6e52ef/1/i7AWzMBcV2V0az92QtBD6BEgNwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:58:5e:43:01:b5:72:c2:ab:ec:17:59:93:65:48:1d:6a:b9:
         2c:3d:8d:f9:d2:10:30:f0:84:d4:97:d4:b6:e9:85:98:96:54:
         c2:fe:0e:99:e6:a5:d5:b0:ba:82:29:d9:94:9e:d9:bb:4c:29:
         c3:04:81:3f:b3:9c:95:90:61:ea:65:3f:bb:f9:10:a0:cc:73:
         8e:7e:b5:90:57:9e:98:96:d5:21:17:81:97:e1:91:f0:00:48:
         35:ed:a2:0b:83:6b:ab:5d:34:5c:b6:1b:49:fd:b8:ea:d7:99:
         99:a5:a4:d5:08:e3:b6:f0:a0:db:9e:f3:0c:ed:b3:ab:72:f3:
         9a:7f:76:e8:0e:74:be:2a:87:35:b3:17:bb:f3:7b:57:ae:79:
         9a:c4:79:47:71:07:63:8d:c3:13:6d:c0:b1:44:bd:41:f0:69:
         33:d8:68:13:61:73:89:f7:96:dd:a6:a5:f0:89:c0:6d:8c:f6:
         56:86:cd:a2:59:53:37:72:d9:45:d2:4b:1c:b0:a2:93:40:05:
         ad:ff:bc:b5:b8:31:e9:f7:92:1d:e5:d9:7a:8d:1a:71:4d:17:
         ce:33:d7:be:93:71:42:20:52:6b:a9:82:e1:88:1a:f3:4b:55:
         93:ce:be:fe:a3:39:3a:c7:1c:3d:45:19:b1:90:85:fd:5f:91:
         cf:76:30:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06inW2SakNNtXGFp7QX92AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjAxNmNjYzA1YzU3NjU3NDZiM2Y3NjQyZDA0M2U4MTEy
MDM3MDUwHhcNMjYwMzI5MTcwMDQ1WhcNMjYwMzMwMTcwMDQ1WjAzMTEwLwYDVQQD
Eyg4OGE3YTNiNDA1ZDZhYzZmZjBiMjk1Mzg0N2RmNTI0Y2FiZTdlYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyZoJNf2c/U/p9s5p+mgt//Z0nmO
dxedKLxxwKHqd0jZ7jxiQJb1lrGf3iU/aFSS4RT4Ttf+akkvhFVOPACltnRtv1bY
eKb0dQ/9rP5klURr9HeWVllO79oSJuV0tjWW68/QQguslCVOlwpsDEVQKWGSofZr
YeIL2gJV4AG33ab5nFfhu1D5rYEPQw5iz4aRs0JM5XBwkAMT9yLvvqOlZfRIOyu+
yiSM9+qBOd9OBHDdOitl2VYbKk0Du4ufwydemD6+TyDNVmIoXvdOGR42mUYTYBRA
T0neaGNAFuHLJd01VfbLGxQHB/Qsc+O/NHaBahTi76CDYaMHC58AoKjg3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIino7QF1qxv8LKVOEffUkyr5+s4MB8GA1UdIwQY
MBaAFIuwFszAXFdldGs/dkLQQ+gRIDcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdBV3pNQmNWMlYwYXo5MlF0QkQ2QkVnTndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8wMThmZTctZTg2YS00NjZjLWI3MTAt
ZmVkNTVlNmU1MmVmLzEvaTdBV3pNQmNWMlYwYXo5MlF0QkQ2QkVnTndVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8wMThmZTctZTg2YS00NjZjLWI3MTAtZmVkNTVlNmU1MmVm
LzEvaTdBV3pNQmNWMlYwYXo5MlF0QkQ2QkVnTndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANVheQwG1
csKr7BdZk2VIHWq5LD2N+dIQMPCE1JfUtumFmJZUwv4Omeal1bC6ginZlJ7Zu0wp
wwSBP7OclZBh6mU/u/kQoMxzjn61kFeemJbVIReBl+GR8ABINe2iC4Nrq100XLYb
Sf246teZmaWk1QjjtvCg257zDO2zq3Lzmn926A50viqHNbMXu/N7V655msR5R3EH
Y43DE23AsUS9QfBpM9hoE2FzifeW3aal8InAbYz2VobNollTN3LZRdJLHLCik0AF
rf+8tbgx6feSHeXZeo0acU0XzjPXvpNxQiBSa6mC4Yga80tVk86+/qM5OsccPUUZ
sZCF/V+Rz3YwIw==
-----END CERTIFICATE-----