Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
File:                     ScKchYIxItOsfH9IBdWyQocNLeI.mft (raw, json)
Hash identifier:          vYiuL4/CHTVMePUMmp6mE1GlumyUI1mv0MgXT+s6yCY=
Subject key identifier:   DB:9F:B3:D8:26:5C:C3:A7:8F:FD:92:53:81:8A:6C:6C:AA:A7:2D:8C
Authority key identifier: 49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2
Certificate issuer:       /CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
Certificate serial:       019D382E1EF635D121F20CE28C43BA12B2E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
Manifest number:          1624
Signing time:             Sun 29 Mar 2026 06:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:39 +0000
Files and hashes:         1: ScKchYIxItOsfH9IBdWyQocNLeI.crl (hash: Pm34XCPI7LZvCq8aKLIUPpJOQ53+V+F1q55hC93GzF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:1e:f6:35:d1:21:f2:0c:e2:8c:43:ba:12:b2:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
        Validity
            Not Before: Mar 29 06:00:39 2026 GMT
            Not After : Mar 30 06:00:39 2026 GMT
        Subject: CN=db9fb3d8265cc3a78ffd9253818a6c6caaa72d8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:42:f7:34:31:a0:1e:cf:68:98:cf:85:4b:73:
                    98:61:43:4b:30:30:df:bf:c5:16:cf:62:da:0b:36:
                    df:4a:da:c7:37:d2:1f:0b:43:52:dd:ad:aa:59:33:
                    35:6f:93:7e:c8:b5:4b:47:d1:84:ac:fd:85:ca:a8:
                    1c:e7:6d:8b:e7:30:62:4c:3d:b1:28:26:98:af:80:
                    95:4f:a0:cb:e0:c4:9a:5b:2b:23:3d:09:3b:9d:09:
                    69:f1:14:9f:28:10:6a:4f:5f:36:70:4c:8f:be:d3:
                    a4:1b:89:4b:b2:3b:45:2c:fa:66:7d:ad:5e:30:1e:
                    a7:22:7d:6b:ac:b2:47:f9:f2:68:0d:bb:b0:a2:09:
                    a6:56:d6:3b:ae:b3:ce:a3:c7:7a:f9:0b:62:69:5a:
                    ce:ae:aa:d4:b3:92:32:e7:db:57:1e:96:fd:4f:38:
                    d0:da:15:a7:65:ab:70:5d:0e:d4:55:b2:1b:7d:56:
                    61:ae:e9:6d:12:4e:de:5d:29:f2:d5:18:c3:e1:3a:
                    4b:af:db:3e:ec:5b:eb:8e:58:ce:47:c1:bd:c9:16:
                    1d:0b:d8:e7:89:29:dc:46:6d:bd:67:38:ca:1d:b1:
                    e9:c1:d1:e2:04:02:cd:13:4d:bf:63:37:0f:98:37:
                    19:a0:24:80:dc:a0:56:aa:2d:56:6f:d8:68:0b:23:
                    66:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:9F:B3:D8:26:5C:C3:A7:8F:FD:92:53:81:8A:6C:6C:AA:A7:2D:8C
            X509v3 Authority Key Identifier:
                keyid:49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:f5:f5:48:05:df:3f:48:50:9d:b9:5a:d6:d8:be:7b:21:2c:
         12:e1:41:6e:6d:6d:62:ba:57:f4:45:65:b8:c2:44:36:cf:09:
         60:4e:21:db:c4:a7:6d:36:13:04:9a:dc:80:f4:13:d1:2d:92:
         c1:56:26:80:ae:57:63:6c:b7:dd:59:af:d0:51:09:5e:80:68:
         78:5a:87:a6:ba:fa:e7:dd:42:40:a0:44:6c:5f:36:20:5e:b6:
         3f:cb:92:45:55:67:4f:a5:48:3e:04:f4:1a:7f:48:76:84:44:
         6b:f8:ec:14:f2:bd:fe:25:b6:ef:06:30:13:7f:44:db:7a:ec:
         8b:30:16:ce:06:8c:ca:04:b0:3a:af:bc:95:9d:de:34:8e:e7:
         33:4f:7e:1f:07:41:8e:cf:4b:ce:4b:9f:39:55:df:9a:6e:5b:
         24:98:3d:2a:af:67:a2:03:5c:0d:38:df:a8:72:9d:4e:7e:a9:
         c4:97:1e:38:07:23:a1:7a:60:b6:3c:1d:3e:48:e5:37:94:a2:
         3e:d6:86:1d:38:9e:df:83:b3:c0:6f:74:89:9a:08:ef:b6:f0:
         d5:79:59:09:2b:65:89:28:2b:c4:d8:47:cc:cd:20:19:ce:e8:
         ea:7f:03:23:34:13:34:e0:ce:b7:b9:96:6a:85:1f:bb:d9:6b:
         52:2c:e5:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lh72NdEh8gzijEO6ErLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YzI5Yzg1ODIzMTIyZDNhYzdjN2Y0ODA1ZDViMjQyODcw
ZDJkZTIwHhcNMjYwMzI5MDYwMDM5WhcNMjYwMzMwMDYwMDM5WjAzMTEwLwYDVQQD
EyhkYjlmYjNkODI2NWNjM2E3OGZmZDkyNTM4MThhNmM2Y2FhYTcyZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+UL3NDGgHs9omM+FS3OYYUNLMDDf
v8UWz2LaCzbfStrHN9IfC0NS3a2qWTM1b5N+yLVLR9GErP2Fyqgc522L5zBiTD2x
KCaYr4CVT6DL4MSaWysjPQk7nQlp8RSfKBBqT182cEyPvtOkG4lLsjtFLPpmfa1e
MB6nIn1rrLJH+fJoDbuwogmmVtY7rrPOo8d6+QtiaVrOrqrUs5Iy59tXHpb9TzjQ
2hWnZatwXQ7UVbIbfVZhrultEk7eXSny1RjD4TpLr9s+7FvrjljOR8G9yRYdC9jn
iSncRm29ZzjKHbHpwdHiBALNE02/YzcPmDcZoCSA3KBWqi1Wb9hoCyNmPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNufs9gmXMOnj/2SU4GKbGyqpy2MMB8GA1UdIwQY
MBaAFEnCnIWCMSLTrHx/SAXVskKHDS3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUt
OWMyZDA0NGRkNGFmLzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUtOWMyZDA0NGRkNGFm
LzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAvX1SAXf
P0hQnbla1ti+eyEsEuFBbm1tYrpX9EVluMJENs8JYE4h28SnbTYTBJrcgPQT0S2S
wVYmgK5XY2y33Vmv0FEJXoBoeFqHprr6591CQKBEbF82IF62P8uSRVVnT6VIPgT0
Gn9IdoREa/jsFPK9/iW27wYwE39E23rsizAWzgaMygSwOq+8lZ3eNI7nM09+HwdB
js9LzkufOVXfmm5bJJg9Kq9nogNcDTjfqHKdTn6pxJceOAcjoXpgtjwdPkjlN5Si
PtaGHTie34OzwG90iZoI77bw1XlZCStliSgrxNhHzM0gGc7o6n8DIzQTNODOt7mW
aoUfu9lrUizlHA==
-----END CERTIFICATE-----