Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          DaRhduOSSJCbT0cjvwBmLftY9HQUXR6gLHYwG1JJHHQ=
Subject key identifier:   38:01:46:53:B3:BF:64:9A:2A:22:DE:61:BD:80:30:C5:EA:C1:D5:E2
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       019D38656EC3C92ED13167429130B772A679
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          09D3
Signing time:             Sun 29 Mar 2026 07:01:04 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:04 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:04 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: fvgFo775PUrImz6BiBoay13593PBHXDUvLnfWtEsFeQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:6e:c3:c9:2e:d1:31:67:42:91:30:b7:72:a6:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: Mar 29 07:01:04 2026 GMT
            Not After : Mar 30 07:01:04 2026 GMT
        Subject: CN=38014653b3bf649a2a22de61bd8030c5eac1d5e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e6:b6:b6:21:7b:6b:b3:ec:2f:af:ea:3b:f9:
                    37:a8:a8:06:0f:bc:69:8c:c6:0d:96:8a:7d:38:8b:
                    0d:ba:88:74:fd:99:1f:ad:57:4e:26:18:e6:df:d9:
                    d7:f8:87:82:91:ca:29:d7:66:70:5e:52:fe:8a:b7:
                    74:21:6e:43:17:69:dc:34:89:2f:5e:92:f4:2e:cb:
                    f1:b1:fc:c8:d6:77:4e:d9:da:e5:19:47:d4:2e:ae:
                    f5:b6:8b:83:71:b5:4e:8a:57:99:fd:d0:31:2e:8d:
                    1d:94:95:ab:3d:a9:40:fc:9b:e2:42:95:69:78:22:
                    01:ce:a0:dd:46:6b:20:4b:4e:54:8f:00:48:d8:7b:
                    fc:20:ff:0d:55:3f:67:ba:59:f5:7b:f2:d8:21:ac:
                    79:a3:aa:77:ed:2f:70:83:14:17:b2:6a:ca:42:0f:
                    e9:08:c9:6e:62:6f:dc:27:c5:95:53:39:dc:f3:a5:
                    f9:21:e7:7d:d8:99:de:1f:77:9e:a8:ff:75:f7:2e:
                    98:e4:71:29:2b:f2:23:76:b3:0d:bc:92:b5:d2:1b:
                    01:79:a9:2b:4c:d8:ff:1d:11:25:18:b1:af:93:85:
                    16:52:1b:0f:f7:0e:44:93:b5:41:24:a3:b7:dc:7e:
                    8e:ba:3b:54:dd:49:6f:50:e4:bf:67:f7:de:54:4e:
                    ae:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:01:46:53:B3:BF:64:9A:2A:22:DE:61:BD:80:30:C5:EA:C1:D5:E2
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:17:0a:0b:86:50:99:c2:12:db:f8:b5:e4:2e:e0:5b:19:5d:
         ea:4e:aa:26:3a:82:43:df:e1:69:ec:47:c7:b5:d0:6b:4d:93:
         bc:20:74:5e:22:84:b2:24:9d:d7:4d:22:29:92:b5:7c:4b:79:
         e0:32:5a:71:ed:ab:71:33:1f:72:56:8f:da:e4:db:0d:8b:bf:
         8d:5e:f8:65:17:3c:01:5d:91:aa:c8:fd:7b:91:a7:47:85:55:
         e2:f6:7f:6f:05:cd:f8:c5:53:f8:80:45:6b:68:2b:aa:67:50:
         06:b4:d0:05:15:3f:d5:9b:df:80:4e:24:3e:1f:bf:be:c0:74:
         a2:56:81:3c:54:55:7c:88:9d:5a:e1:0a:43:3d:33:2d:58:f5:
         24:98:f0:95:f4:a1:34:57:96:e3:38:59:9f:14:0c:07:e1:d3:
         e2:b7:76:fd:cb:e9:0e:28:fe:1d:c7:d1:e9:be:b7:93:c5:a0:
         02:6c:ac:e5:19:08:8f:54:5c:4d:75:f1:0c:7e:e4:80:07:d8:
         7a:bb:54:d9:85:98:59:f1:9e:2e:ae:a7:d6:e0:2f:67:c5:83:
         ac:a2:de:bd:4f:09:61:37:69:52:7a:7f:d5:e3:4c:37:f8:c0:
         e6:9f:c3:fc:13:aa:89:d5:ba:2c:b8:8b:76:90:68:65:c7:dc:
         fc:ae:96:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZW7DyS7RMWdCkTC3cqZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjYwMzI5MDcwMTA0WhcNMjYwMzMwMDcwMTA0WjAzMTEwLwYDVQQD
EygzODAxNDY1M2IzYmY2NDlhMmEyMmRlNjFiZDgwMzBjNWVhYzFkNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ea2tiF7a7PsL6/qO/k3qKgGD7xp
jMYNlop9OIsNuoh0/ZkfrVdOJhjm39nX+IeCkcop12ZwXlL+ird0IW5DF2ncNIkv
XpL0LsvxsfzI1ndO2drlGUfULq71touDcbVOileZ/dAxLo0dlJWrPalA/JviQpVp
eCIBzqDdRmsgS05UjwBI2Hv8IP8NVT9nuln1e/LYIax5o6p37S9wgxQXsmrKQg/p
CMluYm/cJ8WVUznc86X5Ied92JneH3eeqP919y6Y5HEpK/IjdrMNvJK10hsBeakr
TNj/HRElGLGvk4UWUhsP9w5Ek7VBJKO33H6OujtU3UlvUOS/Z/feVE6ugwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgBRlOzv2SaKiLeYb2AMMXqwdXiMB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAhcKC4ZQ
mcIS2/i15C7gWxld6k6qJjqCQ9/haexHx7XQa02TvCB0XiKEsiSd100iKZK1fEt5
4DJace2rcTMfclaP2uTbDYu/jV74ZRc8AV2Rqsj9e5GnR4VV4vZ/bwXN+MVT+IBF
a2grqmdQBrTQBRU/1ZvfgE4kPh+/vsB0olaBPFRVfIidWuEKQz0zLVj1JJjwlfSh
NFeW4zhZnxQMB+HT4rd2/cvpDij+HcfR6b63k8WgAmys5RkIj1RcTXXxDH7kgAfY
ertU2YWYWfGeLq6n1uAvZ8WDrKLevU8JYTdpUnp/1eNMN/jA5p/D/BOqidW6LLiL
dpBoZcfc/K6WFA==
-----END CERTIFICATE-----