Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
File:                     ehKIruzRFJyedF-YZT5okK-iU6s.mft (raw, json)
Hash identifier:          tsJ9yVun6jikntDvccFJ1y0g9qyrWneHqnaAsqx1b84=
Subject key identifier:   69:96:EA:E8:B6:4B:06:AD:11:F6:A0:DC:82:23:6B:31:73:31:8C:81
Authority key identifier: 7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB
Certificate issuer:       /CN=7a1288aeecd1149c9e745f98653e6890afa253ab
Certificate serial:       019D371BC8AACE6864CCDCF34750B0AECBC4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
Manifest number:          037C
Signing time:             Sun 29 Mar 2026 01:01:00 +0000
Manifest this update:     Sun 29 Mar 2026 01:01:00 +0000
Manifest next update:     Mon 30 Mar 2026 01:01:00 +0000
Files and hashes:         1: ehKIruzRFJyedF-YZT5okK-iU6s.crl (hash: AWKp8mScCGx3H1v9RUjAzvcFt6WxiICAW5SYbmisJZw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:c8:aa:ce:68:64:cc:dc:f3:47:50:b0:ae:cb:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a1288aeecd1149c9e745f98653e6890afa253ab
        Validity
            Not Before: Mar 29 01:01:00 2026 GMT
            Not After : Mar 30 01:01:00 2026 GMT
        Subject: CN=6996eae8b64b06ad11f6a0dc82236b3173318c81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:f3:8f:02:a3:92:fc:52:ab:28:ee:2c:c5:6e:
                    ff:b0:96:2d:ec:9d:83:73:aa:25:d7:c1:a5:26:e5:
                    c5:e7:3c:d9:c2:12:87:f8:08:61:5b:1b:13:71:ce:
                    56:f6:cd:f9:a8:26:d3:96:10:02:48:03:b1:d3:91:
                    1e:f5:db:69:fd:17:08:97:ac:2c:7c:6e:58:d2:82:
                    e5:6f:0d:e1:32:5b:20:a2:4b:15:cc:81:1c:ab:61:
                    9e:68:cd:4d:09:f0:5d:a6:2a:35:aa:a3:1e:1b:d8:
                    86:03:e6:13:e8:c5:05:24:89:33:25:ec:79:b0:98:
                    7c:b7:6d:43:0b:2c:29:7a:6f:ee:0e:4d:5b:77:ac:
                    6b:63:c6:2d:70:aa:bf:cd:2a:81:de:a7:4c:07:24:
                    17:26:a3:64:25:35:9f:6f:42:d5:e1:80:49:1c:36:
                    64:3e:9c:84:ff:ff:b3:10:26:c2:c6:be:95:76:98:
                    95:17:aa:bd:54:1d:25:d0:0b:4e:ea:7b:a1:2a:31:
                    fe:30:b3:bc:97:db:3c:47:8f:0b:1f:0c:a1:c3:b1:
                    cc:a6:61:e3:30:4d:86:61:7c:e8:cb:8d:5f:63:27:
                    90:55:30:7d:22:36:c7:3e:ab:e6:a5:42:c0:25:06:
                    7b:6b:7b:fe:53:a9:b9:19:c3:ab:96:2b:48:b9:8c:
                    a7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:96:EA:E8:B6:4B:06:AD:11:F6:A0:DC:82:23:6B:31:73:31:8C:81
            X509v3 Authority Key Identifier:
                keyid:7A:12:88:AE:EC:D1:14:9C:9E:74:5F:98:65:3E:68:90:AF:A2:53:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ehKIruzRFJyedF-YZT5okK-iU6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b4f3d0-b1d1-46be-a190-8e2027695d07/1/ehKIruzRFJyedF-YZT5okK-iU6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:46:5f:19:d2:c0:ca:cb:1f:0e:7e:8e:f2:ad:1b:ba:cc:1d:
         f6:f1:78:42:7b:7e:09:8c:16:49:63:45:9a:49:ea:39:47:49:
         0a:1d:b3:00:7d:cb:61:3e:81:5e:a5:a4:ec:a5:17:08:64:4d:
         e0:fe:ad:2a:61:9d:30:c9:0f:e4:e0:d3:6e:bb:67:34:f8:f6:
         a9:bd:b5:5e:cd:7c:a7:0b:f4:c9:8b:d2:07:d0:d0:b8:f4:ba:
         b0:72:a6:47:bf:7e:00:8e:cd:7d:4f:15:2d:7b:af:37:3c:da:
         e1:d5:0f:61:0b:39:ff:ec:40:da:1d:04:60:2e:24:76:a2:eb:
         f9:6c:c4:0e:a0:0b:ee:1b:b2:12:a2:88:1a:82:d0:af:c6:eb:
         a5:d1:f1:28:c9:a5:d9:78:93:5b:fa:69:d4:fa:32:60:02:fb:
         62:ef:22:e5:1a:13:5c:44:96:c5:64:3b:6e:76:c9:e0:7f:12:
         38:2c:0d:ea:cb:24:54:af:b3:1c:41:c1:56:ed:89:66:a8:2b:
         a7:df:35:f9:c3:e0:eb:92:3c:c4:8a:39:e6:f5:90:93:7d:c7:
         fc:91:3f:88:17:18:e2:a8:69:d3:51:4a:93:f5:07:b7:42:27:
         26:97:95:b6:5b:20:d1:8c:ab:a9:d0:65:11:24:fb:80:53:f7:
         cd:86:d4:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G8iqzmhkzNzzR1CwrsvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMTI4OGFlZWNkMTE0OWM5ZTc0NWY5ODY1M2U2ODkwYWZh
MjUzYWIwHhcNMjYwMzI5MDEwMTAwWhcNMjYwMzMwMDEwMTAwWjAzMTEwLwYDVQQD
Eyg2OTk2ZWFlOGI2NGIwNmFkMTFmNmEwZGM4MjIzNmIzMTczMzE4YzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivOPAqOS/FKrKO4sxW7/sJYt7J2D
c6ol18GlJuXF5zzZwhKH+AhhWxsTcc5W9s35qCbTlhACSAOx05Ee9dtp/RcIl6ws
fG5Y0oLlbw3hMlsgoksVzIEcq2GeaM1NCfBdpio1qqMeG9iGA+YT6MUFJIkzJex5
sJh8t21DCywpem/uDk1bd6xrY8YtcKq/zSqB3qdMByQXJqNkJTWfb0LV4YBJHDZk
PpyE//+zECbCxr6VdpiVF6q9VB0l0AtO6nuhKjH+MLO8l9s8R48LHwyhw7HMpmHj
ME2GYXzoy41fYyeQVTB9IjbHPqvmpULAJQZ7a3v+U6m5GcOrlitIuYynBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGmW6ui2SwatEfag3IIjazFzMYyBMB8GA1UdIwQY
MBaAFHoSiK7s0RScnnRfmGU+aJCvolOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAt
OGUyMDI3Njk1ZDA3LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iNGYzZDAtYjFkMS00NmJlLWExOTAtOGUyMDI3Njk1ZDA3
LzEvZWhLSXJ1elJGSnllZEYtWVpUNW9rSy1pVTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUZfGdLA
yssfDn6O8q0buswd9vF4Qnt+CYwWSWNFmknqOUdJCh2zAH3LYT6BXqWk7KUXCGRN
4P6tKmGdMMkP5ODTbrtnNPj2qb21Xs18pwv0yYvSB9DQuPS6sHKmR79+AI7NfU8V
LXuvNzza4dUPYQs5/+xA2h0EYC4kdqLr+WzEDqAL7huyEqKIGoLQr8brpdHxKMml
2XiTW/pp1PoyYAL7Yu8i5RoTXESWxWQ7bnbJ4H8SOCwN6sskVK+zHEHBVu2JZqgr
p981+cPg65I8xIo55vWQk33H/JE/iBcY4qhp01FKk/UHt0InJpeVtlsg0YyrqdBl
EST7gFP3zYbUvA==
-----END CERTIFICATE-----