Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
File:                     itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json)
Hash identifier:          WV2H/TQxT3INYh4ztCuAIgp9zeptwQioEpGe0G49JOk=
Subject key identifier:   BB:52:69:8D:01:06:A1:D7:26:FC:02:7E:8C:75:21:89:DB:A0:7E:25
Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48
Certificate issuer:       /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
Certificate serial:       019D3A538356A8B25F5C6676E71C985ECE0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
Manifest number:          059C
Signing time:             Sun 29 Mar 2026 16:00:44 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:44 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:44 +0000
Files and hashes:         1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: G09KU27HyZr2dajaUlzIyAZ18Xr+oWocJnI+vdyOwNQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:83:56:a8:b2:5f:5c:66:76:e7:1c:98:5e:ce:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
        Validity
            Not Before: Mar 29 16:00:44 2026 GMT
            Not After : Mar 30 16:00:44 2026 GMT
        Subject: CN=bb52698d0106a1d726fc027e8c752189dba07e25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ca:33:af:93:97:42:9b:db:53:67:b9:25:a7:
                    22:23:6b:89:27:48:85:0d:d3:da:14:67:8d:ab:1d:
                    05:c7:ad:00:f7:04:2e:63:d8:02:b9:55:cc:55:3b:
                    35:80:c6:49:89:0f:6f:c9:a2:98:6e:ec:a8:64:de:
                    67:25:48:c3:23:c5:05:c2:26:8f:9c:a2:98:d4:d6:
                    a9:9c:7a:c4:13:c7:e3:fa:55:fd:cd:f3:d8:bb:79:
                    1f:f0:32:5e:00:46:50:53:ad:a9:33:c7:b1:04:cc:
                    ae:ca:eb:34:32:c2:72:29:11:69:10:51:ed:82:e6:
                    c2:82:71:d5:a4:6d:ec:88:7d:32:25:ee:9e:31:01:
                    66:7a:d3:da:74:7c:70:fa:46:fd:fa:32:be:92:c0:
                    0b:fc:fa:9b:05:da:2e:a5:22:f5:6b:27:87:ce:69:
                    65:76:b4:68:8a:06:2b:dd:db:e5:78:41:8c:e9:cf:
                    10:58:96:ac:37:45:b2:ac:65:35:f6:fc:58:2b:67:
                    cd:63:50:cc:db:fd:78:a7:b9:91:37:3e:79:c7:85:
                    d8:d5:ce:be:d2:8d:1c:59:c2:c6:e8:4c:06:f2:5b:
                    7e:a7:1d:f5:18:00:ec:35:18:b3:8d:4a:7f:ff:38:
                    c6:ba:ab:da:a4:01:8b:12:c0:7a:48:56:7c:2f:39:
                    12:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:52:69:8D:01:06:A1:D7:26:FC:02:7E:8C:75:21:89:DB:A0:7E:25
            X509v3 Authority Key Identifier:
                keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:64:1a:c2:13:bd:58:c5:0f:51:96:97:15:8b:ec:ee:5a:4b:
         35:ee:08:e4:dc:69:83:a1:1e:51:fe:d3:43:77:c7:9a:68:58:
         d1:08:bf:bf:f5:5c:dc:76:a6:5a:dd:6f:55:56:30:71:f6:50:
         d4:5c:6b:f6:81:2d:5c:58:a2:b4:c7:42:75:31:9b:fa:8d:21:
         fa:7a:62:2a:f6:fe:fe:bd:35:ef:fe:a7:15:3b:05:ad:78:37:
         30:a4:46:1e:3b:ad:15:f9:dc:3c:f0:d5:5a:70:de:6e:32:f5:
         b3:5d:3b:99:4c:73:f8:c3:08:26:d5:b1:3f:64:bc:c2:e3:c8:
         b9:b0:20:29:f8:8d:3f:b1:36:b3:d3:02:20:38:00:c1:df:a6:
         1f:4a:e2:51:2c:2b:60:3f:b9:2a:13:e1:87:35:33:f6:df:ef:
         92:4a:30:55:4b:84:3e:a1:ad:06:c6:e3:2a:f5:5e:b4:3c:a7:
         e6:a2:12:93:f5:20:ab:c6:74:8a:29:0e:6d:02:9c:1a:7a:13:
         d9:e8:2c:c0:08:2b:0b:64:40:f4:ce:5b:8d:1b:31:56:55:b1:
         12:8f:84:04:ca:77:e6:c1:12:bc:94:70:71:e4:b7:c1:b3:7c:
         e5:32:00:9c:2f:04:60:38:b5:05:dd:2f:b3:cb:61:c7:c9:b5:
         ff:d3:8a:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U4NWqLJfXGZ25xyYXs4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy
NDMxNDgwHhcNMjYwMzI5MTYwMDQ0WhcNMjYwMzMwMTYwMDQ0WjAzMTEwLwYDVQQD
EyhiYjUyNjk4ZDAxMDZhMWQ3MjZmYzAyN2U4Yzc1MjE4OWRiYTA3ZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsozr5OXQpvbU2e5JaciI2uJJ0iF
DdPaFGeNqx0Fx60A9wQuY9gCuVXMVTs1gMZJiQ9vyaKYbuyoZN5nJUjDI8UFwiaP
nKKY1NapnHrEE8fj+lX9zfPYu3kf8DJeAEZQU62pM8exBMyuyus0MsJyKRFpEFHt
gubCgnHVpG3siH0yJe6eMQFmetPadHxw+kb9+jK+ksAL/PqbBdoupSL1ayeHzmll
drRoigYr3dvleEGM6c8QWJasN0WyrGU19vxYK2fNY1DM2/14p7mRNz55x4XY1c6+
0o0cWcLG6EwG8lt+px31GADsNRizjUp//zjGuqvapAGLEsB6SFZ8LzkSrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLtSaY0BBqHXJvwCfox1IYnboH4lMB8GA1UdIwQY
MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt
ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl
LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkmQawhO9
WMUPUZaXFYvs7lpLNe4I5Nxpg6EeUf7TQ3fHmmhY0Qi/v/Vc3HamWt1vVVYwcfZQ
1Fxr9oEtXFiitMdCdTGb+o0h+npiKvb+/r017/6nFTsFrXg3MKRGHjutFfncPPDV
WnDebjL1s107mUxz+MMIJtWxP2S8wuPIubAgKfiNP7E2s9MCIDgAwd+mH0riUSwr
YD+5KhPhhzUz9t/vkkowVUuEPqGtBsbjKvVetDyn5qISk/Ugq8Z0iikObQKcGnoT
2egswAgrC2RA9M5bjRsxVlWxEo+EBMp35sESvJRwceS3wbN85TIAnC8EYDi1Bd0v
s8thx8m1/9OKAQ==
-----END CERTIFICATE-----