Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          /KR+5nnD1KtFFfyaRopfqYyix6cOOimt1JYFozYV3Z8=
Subject key identifier:   28:C1:70:5E:DE:A6:0F:F8:BF:83:2F:FF:11:93:03:5F:36:9E:55:29
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       019D3A53740A883385F119E02D0BEC9CD4A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          0BC2
Signing time:             Sun 29 Mar 2026 16:00:40 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:40 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:40 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: z4XND5uZHf1FhLQkow24fDa48ea5DWdC/QkpDtXICgo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:74:0a:88:33:85:f1:19:e0:2d:0b:ec:9c:d4:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Mar 29 16:00:40 2026 GMT
            Not After : Mar 30 16:00:40 2026 GMT
        Subject: CN=28c1705edea60ff8bf832fff1193035f369e5529
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:73:a0:66:49:4e:a6:27:6d:43:c5:23:49:d1:
                    f4:2b:8b:4f:66:f4:a2:55:00:82:16:68:67:ce:ef:
                    29:4c:8f:2a:8c:81:34:22:5b:33:52:2c:95:16:74:
                    6e:3b:e4:8a:8f:f6:88:25:cf:90:79:f8:29:bf:c3:
                    60:b3:03:96:1e:93:b6:8e:c6:41:04:aa:ba:44:fa:
                    0e:3e:ab:d0:86:01:ff:e0:02:35:c3:d4:fe:56:b3:
                    86:a3:73:5d:b2:f2:7d:a7:d4:df:7e:71:02:33:77:
                    a9:e1:25:87:50:86:f0:1e:02:7d:4f:dd:b7:bd:22:
                    ac:27:e3:ab:cc:cb:ad:71:ba:32:86:d0:19:3d:05:
                    b3:7b:27:ba:c9:93:ba:e0:56:19:4b:da:10:5f:76:
                    9e:35:62:e2:78:81:bd:5a:14:33:3f:a4:87:33:e5:
                    17:62:17:d2:15:30:0b:9b:5f:89:c9:e5:c0:7c:1f:
                    e0:7d:aa:92:d6:41:97:b7:64:51:09:a6:af:65:3e:
                    3d:cc:54:9d:1d:19:1f:45:3e:10:fa:ac:be:53:22:
                    8f:b6:fd:01:b5:1d:6c:56:24:d0:0c:8c:9b:54:a7:
                    6a:3c:4e:77:33:06:8f:ea:24:ef:2f:61:53:5a:9b:
                    f6:b9:7b:32:cc:a6:99:8d:27:ab:18:bd:5f:4b:23:
                    73:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:C1:70:5E:DE:A6:0F:F8:BF:83:2F:FF:11:93:03:5F:36:9E:55:29
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:6f:6a:83:70:9d:7e:d4:f6:9a:a0:44:69:28:12:df:91:0e:
         45:a8:26:8f:6b:6f:22:06:2d:70:74:c9:81:73:33:b7:29:5a:
         fd:db:e4:d4:e2:36:73:16:3b:63:cb:a5:c1:3d:74:c8:73:b5:
         ee:ce:2c:d4:41:c0:b3:b1:95:cb:94:b1:9b:71:75:ac:93:57:
         52:23:e6:1a:1d:d0:92:9c:bc:f0:b8:cf:6d:33:97:2d:51:8c:
         cc:c5:7a:6c:80:49:94:c6:0e:f5:1a:7a:eb:87:1a:73:f6:3a:
         ac:3a:00:37:d9:db:d6:75:d0:8e:c3:1e:bc:ac:84:4e:14:10:
         ec:bf:ec:b1:60:82:7e:f3:82:a1:30:92:62:f9:a1:19:b1:1f:
         95:c7:c4:e7:fb:b8:30:f4:95:de:92:c9:8a:c7:fa:04:e5:1e:
         d3:5e:f9:10:2a:a2:d5:4b:db:36:b0:18:d1:c4:f6:54:b3:7d:
         f7:c6:2b:28:79:14:b9:5e:85:9a:2c:f7:d9:9e:85:48:97:72:
         a6:1e:61:16:bb:38:48:a3:d7:38:37:71:24:b6:9b:31:82:78:
         db:a2:6a:2f:0c:f6:52:0a:c7:a1:71:88:3a:ae:92:0c:3c:13:
         9b:f4:81:2b:b2:a7:8c:14:d6:67:22:c5:e7:49:35:1b:16:e4:
         8c:07:3a:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U3QKiDOF8RngLQvsnNSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjYwMzI5MTYwMDQwWhcNMjYwMzMwMTYwMDQwWjAzMTEwLwYDVQQD
EygyOGMxNzA1ZWRlYTYwZmY4YmY4MzJmZmYxMTkzMDM1ZjM2OWU1NTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HOgZklOpidtQ8UjSdH0K4tPZvSi
VQCCFmhnzu8pTI8qjIE0IlszUiyVFnRuO+SKj/aIJc+Qefgpv8NgswOWHpO2jsZB
BKq6RPoOPqvQhgH/4AI1w9T+VrOGo3NdsvJ9p9TffnECM3ep4SWHUIbwHgJ9T923
vSKsJ+OrzMutcboyhtAZPQWzeye6yZO64FYZS9oQX3aeNWLieIG9WhQzP6SHM+UX
YhfSFTALm1+JyeXAfB/gfaqS1kGXt2RRCaavZT49zFSdHRkfRT4Q+qy+UyKPtv0B
tR1sViTQDIybVKdqPE53MwaP6iTvL2FTWpv2uXsyzKaZjSerGL1fSyNzbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjBcF7epg/4v4Mv/xGTA182nlUpMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi29qg3Cd
ftT2mqBEaSgS35EORagmj2tvIgYtcHTJgXMztyla/dvk1OI2cxY7Y8ulwT10yHO1
7s4s1EHAs7GVy5Sxm3F1rJNXUiPmGh3Qkpy88LjPbTOXLVGMzMV6bIBJlMYO9Rp6
64cac/Y6rDoAN9nb1nXQjsMevKyEThQQ7L/ssWCCfvOCoTCSYvmhGbEflcfE5/u4
MPSV3pLJisf6BOUe0175ECqi1UvbNrAY0cT2VLN998YrKHkUuV6Fmiz32Z6FSJdy
ph5hFrs4SKPXODdxJLabMYJ426JqLwz2UgrHoXGIOq6SDDwTm/SBK7KnjBTWZyLF
50k1GxbkjAc6hg==
-----END CERTIFICATE-----