Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          /0T384ZU+GcxxUFpzNt/BB5twqVZQmADSfcWSFxY7EM=
Subject key identifier:   7C:08:81:7D:47:A3:33:8C:70:F0:3F:2B:21:FA:AC:86:D6:A2:99:FD
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       019D38D3C11D22ADEF207347CCF83F13A824
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          08E1
Signing time:             Sun 29 Mar 2026 09:01:34 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:34 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:34 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: 6ZDIQ9hQeuFgzzocwPD6NwFlzmPsCFjuOcLsnvyoVwo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:c1:1d:22:ad:ef:20:73:47:cc:f8:3f:13:a8:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: Mar 29 09:01:34 2026 GMT
            Not After : Mar 30 09:01:34 2026 GMT
        Subject: CN=7c08817d47a3338c70f03f2b21faac86d6a299fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:47:09:78:07:e0:c8:48:1f:16:09:81:d3:c2:
                    df:41:dd:33:d0:9d:64:7a:f8:a6:d5:ba:06:51:b7:
                    56:b6:a6:88:6e:1f:da:3e:4d:1c:b1:9d:20:f1:ef:
                    1d:51:73:c4:7d:2d:61:86:ff:a0:68:c2:49:0a:74:
                    94:e1:44:d9:a0:69:20:40:e6:e9:b0:7d:63:15:97:
                    89:f0:2a:e9:ee:3f:ab:d6:9c:09:71:d9:7f:ee:91:
                    39:a2:d1:a1:40:e5:e0:8a:b7:33:5c:66:9f:08:30:
                    a0:51:ec:e9:bb:93:ef:44:29:0b:6a:2a:01:1f:a4:
                    c7:f0:85:14:5d:f6:44:fe:da:93:9b:62:28:d1:cd:
                    b5:21:48:ce:86:a4:c9:4b:00:38:f2:c4:4b:41:15:
                    f4:44:89:8b:1e:5f:50:57:5b:bd:c7:19:e3:50:32:
                    9a:85:9e:26:53:90:3f:f2:70:ec:f8:0a:c9:24:d2:
                    9a:6a:35:31:cd:1b:b0:90:da:05:76:bf:a2:46:e6:
                    00:26:86:b7:5b:c2:66:dd:53:43:ce:7c:8b:86:03:
                    64:99:7b:1d:10:dd:cd:57:40:8b:e9:65:8e:b1:6a:
                    f1:38:9d:b8:97:bc:fa:5e:13:61:3a:4c:cd:27:99:
                    3e:0c:1b:a0:4c:84:00:b5:5a:84:bf:f6:72:17:8f:
                    fb:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:08:81:7D:47:A3:33:8C:70:F0:3F:2B:21:FA:AC:86:D6:A2:99:FD
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:84:b0:be:7f:b2:f0:4e:1f:06:c1:10:d1:d5:6d:62:6a:ec:
         9d:fb:1d:31:57:2f:15:8b:c8:69:dd:f5:7b:61:30:d8:49:84:
         04:e4:8d:79:af:a0:50:89:7b:ee:2e:da:f4:46:98:1a:a7:45:
         ee:b6:c9:b0:94:db:36:ac:d7:3c:15:ee:0c:2d:18:c1:08:3c:
         4c:f8:bd:98:08:ec:92:f3:6c:73:9c:71:e5:ed:ad:ae:80:59:
         e0:c1:75:8b:db:6c:09:2c:e4:29:fc:e0:18:d4:45:12:a1:df:
         9e:a6:b1:cf:ac:52:57:2f:0e:c8:e7:d1:ea:26:b7:a0:f0:50:
         80:ae:44:60:08:59:39:02:2b:0c:39:7c:7f:91:f1:b1:27:63:
         f8:42:70:0d:9b:a7:01:4c:87:af:15:40:52:c6:94:55:ae:1a:
         90:4f:19:ae:a5:aa:11:3f:8c:c9:b5:fb:70:e8:7b:c3:8d:46:
         b5:c1:fc:04:b6:69:bf:9d:93:16:22:64:ee:54:fa:d5:5e:b7:
         31:e7:62:fe:b6:f0:ac:4b:0f:63:bd:aa:b9:40:14:52:c8:29:
         d4:e3:e0:21:f4:3f:31:af:13:1d:f2:ca:4a:4a:52:14:d1:9d:
         68:40:1c:14:fe:5b:aa:11:ba:f1:79:d5:04:6b:03:cb:9d:6f:
         3a:b9:62:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0408EdIq3vIHNHzPg/E6gkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjYwMzI5MDkwMTM0WhcNMjYwMzMwMDkwMTM0WjAzMTEwLwYDVQQD
Eyg3YzA4ODE3ZDQ3YTMzMzhjNzBmMDNmMmIyMWZhYWM4NmQ2YTI5OWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEcJeAfgyEgfFgmB08LfQd0z0J1k
evim1boGUbdWtqaIbh/aPk0csZ0g8e8dUXPEfS1hhv+gaMJJCnSU4UTZoGkgQObp
sH1jFZeJ8Crp7j+r1pwJcdl/7pE5otGhQOXgirczXGafCDCgUezpu5PvRCkLaioB
H6TH8IUUXfZE/tqTm2Io0c21IUjOhqTJSwA48sRLQRX0RImLHl9QV1u9xxnjUDKa
hZ4mU5A/8nDs+ArJJNKaajUxzRuwkNoFdr+iRuYAJoa3W8Jm3VNDznyLhgNkmXsd
EN3NV0CL6WWOsWrxOJ24l7z6XhNhOkzNJ5k+DBugTIQAtVqEv/ZyF4/77QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwIgX1HozOMcPA/KyH6rIbWopn9MB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUISwvn+y
8E4fBsEQ0dVtYmrsnfsdMVcvFYvIad31e2Ew2EmEBOSNea+gUIl77i7a9EaYGqdF
7rbJsJTbNqzXPBXuDC0YwQg8TPi9mAjskvNsc5xx5e2troBZ4MF1i9tsCSzkKfzg
GNRFEqHfnqaxz6xSVy8OyOfR6ia3oPBQgK5EYAhZOQIrDDl8f5HxsSdj+EJwDZun
AUyHrxVAUsaUVa4akE8ZrqWqET+MybX7cOh7w41GtcH8BLZpv52TFiJk7lT61V63
Medi/rbwrEsPY72quUAUUsgp1OPgIfQ/Ma8THfLKSkpSFNGdaEAcFP5bqhG68XnV
BGsDy51vOrliOA==
-----END CERTIFICATE-----