Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
File:                     D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json)
Hash identifier:          6Gvl4crZN6GJ+4IG08mh8IH6sdt3MRx38m0sYpy9uNw=
Subject key identifier:   54:C0:C1:0D:C9:48:21:A3:23:CC:E8:17:10:09:D7:08:60:56:CE:29
Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37
Certificate issuer:       /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
Certificate serial:       019D38D2D1F36CEE24233BC173B5113C1DDB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
Manifest number:          03FE
Signing time:             Sun 29 Mar 2026 09:00:33 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:33 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:33 +0000
Files and hashes:         1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: D8aea5Twwgmrp+PK7JPlUhc1tJujU/GOFrsirGifq8E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:d1:f3:6c:ee:24:23:3b:c1:73:b5:11:3c:1d:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
        Validity
            Not Before: Mar 29 09:00:33 2026 GMT
            Not After : Mar 30 09:00:33 2026 GMT
        Subject: CN=54c0c10dc94821a323cce8171009d7086056ce29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4b:ab:2d:dc:6a:97:c0:cf:94:c4:1c:8a:00:
                    8d:82:bd:d4:55:7a:ca:c9:d9:3d:ea:f8:ed:97:7a:
                    d8:f4:3a:42:66:58:86:29:7c:ee:b0:df:57:ab:3c:
                    4b:b7:d1:f1:a9:e4:60:d5:5d:05:c5:12:8e:e4:01:
                    82:5b:d7:d4:a0:2a:03:02:bf:e7:2c:ec:2f:89:36:
                    7a:1e:48:7b:b3:91:29:46:b9:00:67:04:60:af:10:
                    ac:65:dc:b4:ce:2b:61:42:5b:4e:3a:77:87:cd:37:
                    be:07:d8:74:55:3b:bd:80:7b:37:49:ec:89:50:2d:
                    64:52:ea:be:cd:97:d3:c7:6e:f8:00:01:c4:eb:a3:
                    d3:e8:8f:f0:39:7e:ee:20:05:cc:34:78:95:60:27:
                    16:5e:1c:d0:9a:98:19:79:ed:71:f4:53:d0:8b:33:
                    24:bd:b7:3a:5c:a8:67:27:ed:48:8d:dd:1f:de:11:
                    e0:e8:cd:88:bb:f9:8e:cf:96:d3:d7:36:7b:8f:75:
                    96:b8:e4:30:4f:67:95:df:78:2c:a9:f6:32:64:3f:
                    97:6c:1f:1f:21:d9:90:ef:5a:c1:47:74:2f:77:bf:
                    7f:27:ff:a7:08:0b:2a:58:60:44:63:f7:dd:2a:77:
                    8e:2a:5a:32:a2:ad:91:3c:d4:4b:ac:e3:54:88:86:
                    36:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C0:C1:0D:C9:48:21:A3:23:CC:E8:17:10:09:D7:08:60:56:CE:29
            X509v3 Authority Key Identifier:
                keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:97:f6:55:6c:d9:97:97:e9:b1:da:9e:b5:5d:29:01:fe:35:
         e1:72:e8:a4:4f:23:4e:ee:e6:1a:46:b3:98:19:e8:9a:07:c8:
         c6:19:37:85:3c:f9:1e:3a:ba:cb:73:7e:f6:35:33:a2:19:b4:
         2c:ad:3d:0b:17:97:7b:80:f7:83:0b:4d:4e:4b:ab:5f:0d:1d:
         b1:ec:10:6b:d3:ce:8b:b4:81:01:29:35:63:ac:81:2a:41:24:
         df:b3:a1:a6:1b:e3:1a:96:64:89:51:3e:4b:1c:7e:33:46:82:
         07:26:fe:2d:fb:80:92:19:24:9a:a4:4f:dc:5b:2c:ad:48:43:
         1b:63:65:c2:96:62:a1:92:79:35:a4:b4:dd:9e:6b:68:25:6c:
         8d:09:80:df:53:35:74:a4:94:e4:28:ec:c6:51:51:ac:39:61:
         57:a1:6c:44:d0:0f:64:70:9e:db:76:69:f8:52:93:2b:bb:25:
         d7:31:b6:19:ee:18:a8:49:a3:f4:80:e8:05:7e:41:f0:12:a2:
         bf:a3:d8:26:55:2f:7f:77:d3:9b:f1:c5:6e:3d:43:27:91:6d:
         4c:8e:f2:a6:ec:5c:19:98:73:3e:68:60:42:1f:4e:00:04:1e:
         ba:e0:9f:40:29:77:37:23:58:62:a3:d9:3b:e2:a2:4c:ed:a4:
         f4:8e:1e:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tHzbO4kIzvBc7URPB3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy
YjM2MzcwHhcNMjYwMzI5MDkwMDMzWhcNMjYwMzMwMDkwMDMzWjAzMTEwLwYDVQQD
Eyg1NGMwYzEwZGM5NDgyMWEzMjNjY2U4MTcxMDA5ZDcwODYwNTZjZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskurLdxql8DPlMQcigCNgr3UVXrK
ydk96vjtl3rY9DpCZliGKXzusN9XqzxLt9HxqeRg1V0FxRKO5AGCW9fUoCoDAr/n
LOwviTZ6Hkh7s5EpRrkAZwRgrxCsZdy0zithQltOOneHzTe+B9h0VTu9gHs3SeyJ
UC1kUuq+zZfTx274AAHE66PT6I/wOX7uIAXMNHiVYCcWXhzQmpgZee1x9FPQizMk
vbc6XKhnJ+1Ijd0f3hHg6M2Iu/mOz5bT1zZ7j3WWuOQwT2eV33gsqfYyZD+XbB8f
IdmQ71rBR3Qvd79/J/+nCAsqWGBEY/fdKneOKloyoq2RPNRLrONUiIY2WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTAwQ3JSCGjI8zoFxAJ1whgVs4pMB8GA1UdIwQY
MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct
ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz
LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAppf2VWzZ
l5fpsdqetV0pAf414XLopE8jTu7mGkazmBnomgfIxhk3hTz5Hjq6y3N+9jUzohm0
LK09CxeXe4D3gwtNTkurXw0dsewQa9POi7SBASk1Y6yBKkEk37OhphvjGpZkiVE+
Sxx+M0aCByb+LfuAkhkkmqRP3FssrUhDG2NlwpZioZJ5NaS03Z5raCVsjQmA31M1
dKSU5CjsxlFRrDlhV6FsRNAPZHCe23Zp+FKTK7sl1zG2Ge4YqEmj9IDoBX5B8BKi
v6PYJlUvf3fTm/HFbj1DJ5FtTI7ypuxcGZhzPmhgQh9OAAQeuuCfQCl3NyNYYqPZ
O+KiTO2k9I4etA==
-----END CERTIFICATE-----