Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
File:                     iaWq49f3LuzoOWtBSSIIrdUhhDU.mft (raw, json)
Hash identifier:          ZyMM0aBb7gY6m0qapxURl/l5DhEV7JD+dupQPUPwg8w=
Subject key identifier:   08:CB:AB:96:FB:F9:B5:07:7F:A3:68:55:60:9C:51:E7:11:39:C5:3B
Authority key identifier: 89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35
Certificate issuer:       /CN=89a5aae3d7f72eece8396b41492208add5218435
Certificate serial:       019D39414F0EE81CFF9DDB1E79BDA689B0DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
Manifest number:          1780
Signing time:             Sun 29 Mar 2026 11:01:14 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:14 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:14 +0000
Files and hashes:         1: iaWq49f3LuzoOWtBSSIIrdUhhDU.crl (hash: wemHgg3RmaXNBvFcBs865a91shJ6GlHQ5ZMbN/nfyfg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:4f:0e:e8:1c:ff:9d:db:1e:79:bd:a6:89:b0:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89a5aae3d7f72eece8396b41492208add5218435
        Validity
            Not Before: Mar 29 11:01:14 2026 GMT
            Not After : Mar 30 11:01:14 2026 GMT
        Subject: CN=08cbab96fbf9b5077fa36855609c51e71139c53b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1c:c6:e2:da:1a:dd:2d:32:96:f2:74:63:72:
                    c4:07:7d:b3:72:93:1a:47:3b:c1:51:7e:a9:f0:54:
                    f2:b5:3d:8d:36:de:40:6d:42:72:79:47:e8:91:67:
                    96:cf:04:2a:5d:e3:de:20:b6:01:92:47:45:60:dd:
                    54:50:c1:28:75:7f:6e:6e:0d:b0:b2:11:a1:ab:b6:
                    c2:05:a1:c9:de:1f:57:78:03:da:81:e5:86:90:b7:
                    3d:0e:74:ad:ec:92:ee:ab:5b:48:c4:09:f7:67:df:
                    2d:67:2d:25:30:32:77:73:57:4e:79:b5:09:13:19:
                    89:7b:d3:b8:92:aa:f9:4d:fa:5a:64:9b:19:66:72:
                    d8:76:45:a9:1b:60:e8:9f:e9:bb:1c:6a:0a:55:09:
                    6b:2f:3f:58:0f:1f:b3:76:03:db:28:4e:1a:cd:c7:
                    a8:70:16:1d:45:d0:39:03:35:f9:a3:83:a0:7a:16:
                    db:1c:9c:be:94:a2:47:ff:1f:54:7a:1b:29:11:32:
                    ab:66:84:e3:58:8a:49:6b:59:71:4e:a5:9a:ce:f2:
                    f6:76:a2:b9:09:33:66:15:5a:ee:87:35:12:13:af:
                    d4:04:1f:03:3c:ca:45:da:ba:8e:6f:c1:01:f6:de:
                    80:44:16:51:ec:8d:03:01:f0:48:1c:78:e1:41:1e:
                    ef:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:CB:AB:96:FB:F9:B5:07:7F:A3:68:55:60:9C:51:E7:11:39:C5:3B
            X509v3 Authority Key Identifier:
                keyid:89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:00:a8:e9:b0:02:d4:d7:2f:a0:57:a8:63:4d:f9:ce:ad:80:
         90:e5:a2:ca:a4:6a:65:2a:b6:75:e7:ca:d5:1a:8e:dc:20:2f:
         97:e2:0e:6a:08:a0:d9:7c:e9:95:23:23:26:e6:48:93:8f:dc:
         19:4c:f5:d2:3b:0b:d2:8c:d1:0a:37:ff:94:9f:40:5b:85:b8:
         d6:13:a1:28:ba:e1:87:67:7b:a9:62:bd:b6:5c:42:d9:8d:7b:
         10:95:36:75:6c:a7:75:1e:45:6e:18:54:2a:31:19:12:ff:60:
         bd:b7:41:df:6e:08:57:f4:7c:eb:f1:0e:a1:9b:ee:15:00:44:
         3f:e0:e2:69:37:d8:d0:e5:65:49:5c:c5:c6:57:0a:76:10:90:
         83:16:b3:a4:d3:01:4f:2d:10:cb:ff:c6:e1:4e:ee:61:57:ed:
         70:da:ae:5d:20:a5:e4:96:98:fc:af:32:fa:3d:89:ff:ad:60:
         f6:64:c0:a4:15:e2:f5:cf:59:73:e6:b9:7e:8d:e9:eb:38:fb:
         04:62:7a:12:ae:8f:52:b0:21:54:e9:54:8d:83:f7:5a:c4:23:
         15:d6:4a:e0:24:18:21:9f:70:73:77:d4:f8:0d:28:ac:1b:03:
         95:9f:62:f4:83:b7:c0:36:5f:de:32:2e:ac:06:49:99:a9:4c:
         ee:92:1c:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QU8O6Bz/ndseeb2mibDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTVhYWUzZDdmNzJlZWNlODM5NmI0MTQ5MjIwOGFkZDUy
MTg0MzUwHhcNMjYwMzI5MTEwMTE0WhcNMjYwMzMwMTEwMTE0WjAzMTEwLwYDVQQD
EygwOGNiYWI5NmZiZjliNTA3N2ZhMzY4NTU2MDljNTFlNzExMzljNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRzG4toa3S0ylvJ0Y3LEB32zcpMa
RzvBUX6p8FTytT2NNt5AbUJyeUfokWeWzwQqXePeILYBkkdFYN1UUMEodX9ubg2w
shGhq7bCBaHJ3h9XeAPageWGkLc9DnSt7JLuq1tIxAn3Z98tZy0lMDJ3c1dOebUJ
ExmJe9O4kqr5TfpaZJsZZnLYdkWpG2Don+m7HGoKVQlrLz9YDx+zdgPbKE4azceo
cBYdRdA5AzX5o4OgehbbHJy+lKJH/x9UehspETKrZoTjWIpJa1lxTqWazvL2dqK5
CTNmFVruhzUSE6/UBB8DPMpF2rqOb8EB9t6ARBZR7I0DAfBIHHjhQR7vQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAjLq5b7+bUHf6NoVWCcUecROcU7MB8GA1UdIwQY
MBaAFImlquPX9y7s6DlrQUkiCK3VIYQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGIt
MDg3MTE1MmExYWEzLzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGItMDg3MTE1MmExYWEz
LzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwCo6bAC
1NcvoFeoY035zq2AkOWiyqRqZSq2defK1RqO3CAvl+IOagig2XzplSMjJuZIk4/c
GUz10jsL0ozRCjf/lJ9AW4W41hOhKLrhh2d7qWK9tlxC2Y17EJU2dWyndR5FbhhU
KjEZEv9gvbdB324IV/R86/EOoZvuFQBEP+DiaTfY0OVlSVzFxlcKdhCQgxazpNMB
Ty0Qy//G4U7uYVftcNquXSCl5JaY/K8y+j2J/61g9mTApBXi9c9Zc+a5fo3p6zj7
BGJ6Eq6PUrAhVOlUjYP3WsQjFdZK4CQYIZ9wc3fU+A0orBsDlZ9i9IO3wDZf3jIu
rAZJmalM7pIcrA==
-----END CERTIFICATE-----