Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft
File:                     tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft (raw, json)
Hash identifier:          kZaG/ipgjaQD4PV2MW8EdqbGbT8+pMDdtPRLpfP1nBs=
Subject key identifier:   E2:7C:99:8D:B7:59:EF:95:7A:3F:CB:76:44:57:4A:86:6F:37:A5:9E
Authority key identifier: B5:0E:DF:C9:6D:2B:61:78:86:89:53:31:42:96:9E:65:56:65:12:AA
Certificate issuer:       /CN=b50edfc96d2b61788689533142969e65566512aa
Certificate serial:       019D394132C661231404E291264CFCA7779A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft
Manifest number:          1810
Signing time:             Sun 29 Mar 2026 11:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:07 +0000
Files and hashes:         1: tQ7fyW0rYXiGiVMxQpaeZVZlEqo.crl (hash: Y1O16zR9/eLnWslG+7dsP3Hac4nFDJ+rvrkROmUH354=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:32:c6:61:23:14:04:e2:91:26:4c:fc:a7:77:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b50edfc96d2b61788689533142969e65566512aa
        Validity
            Not Before: Mar 29 11:01:07 2026 GMT
            Not After : Mar 30 11:01:07 2026 GMT
        Subject: CN=e27c998db759ef957a3fcb7644574a866f37a59e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:41:12:f1:4d:70:85:d7:57:e3:eb:4f:e1:38:
                    d4:8e:94:7e:df:17:87:ce:30:52:5c:05:76:e8:e2:
                    de:3e:83:6c:36:a5:d0:c8:bc:2a:35:75:64:38:97:
                    d8:7b:47:eb:55:81:70:56:0e:dd:5a:ad:40:18:1d:
                    7c:6b:90:cf:8f:2b:43:33:62:c8:06:4e:f1:f7:f0:
                    8c:26:9f:54:ba:fe:19:5a:7e:1c:88:30:ac:93:b2:
                    41:79:78:62:5c:50:21:9d:9d:02:49:18:57:ca:db:
                    b1:32:de:f4:99:18:5c:08:d0:27:02:fa:52:d6:1a:
                    c0:f6:64:bc:c6:82:25:67:66:96:a7:2d:b6:9b:1a:
                    4c:96:5b:fd:d3:73:e0:b9:b1:3f:24:a3:2b:2e:e3:
                    36:0d:74:a3:2e:0b:5c:99:f0:d2:b4:e2:db:2a:41:
                    50:ad:2f:4b:9c:96:10:84:8d:73:78:18:34:40:8b:
                    2c:44:05:09:cd:54:1d:2c:b1:c3:9c:be:7b:45:cb:
                    78:8d:b0:3d:3e:19:fc:35:af:8f:35:fd:11:56:2b:
                    bf:b3:32:15:5d:c8:5d:d0:60:3c:72:5a:f6:90:6e:
                    d2:62:0e:3b:7d:80:7d:45:70:a7:04:b3:29:8c:75:
                    d2:ad:69:b4:db:84:90:5b:8a:e0:a6:9c:72:27:d0:
                    ba:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:7C:99:8D:B7:59:EF:95:7A:3F:CB:76:44:57:4A:86:6F:37:A5:9E
            X509v3 Authority Key Identifier:
                keyid:B5:0E:DF:C9:6D:2B:61:78:86:89:53:31:42:96:9E:65:56:65:12:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:8b:aa:e4:35:9f:2d:c4:cd:7d:1e:89:48:76:38:c6:9c:59:
         63:4c:d4:92:75:32:72:77:33:e0:b3:9b:c0:af:5a:a7:f5:6d:
         d8:ca:4f:01:4e:5a:b0:c8:c2:d1:a3:41:87:98:de:2c:5a:df:
         3d:d7:e0:a6:4c:bc:02:9b:93:a7:dc:79:0e:72:93:0f:3d:3b:
         e1:06:50:94:9e:25:a8:89:0a:7f:24:03:b7:7b:63:17:6e:d3:
         1c:97:b3:fb:a3:0e:e1:36:d9:5b:0c:67:65:93:8c:8e:cb:97:
         73:64:7b:18:bd:ee:82:70:89:da:68:32:be:42:33:91:a5:4c:
         5a:90:b6:0f:02:ca:1d:75:f4:b1:26:87:b2:4d:9b:ed:a7:4d:
         ae:8a:2e:40:43:cf:a6:16:aa:f6:c6:31:9a:a2:7c:1b:b9:88:
         78:9f:35:53:fe:4e:e2:4f:97:bf:71:20:30:f4:6e:7a:c0:e8:
         63:56:ea:cf:8f:c1:5d:05:af:7d:fc:71:0e:4d:09:be:99:e3:
         f1:16:95:92:fd:c2:ab:25:95:8e:30:02:30:ba:3c:a4:74:d4:
         d3:39:17:b2:86:9e:66:a3:9f:38:93:0e:9c:ff:75:d2:96:34:
         51:12:59:6d:49:7e:74:f0:62:fc:c4:3a:43:11:2c:75:34:6d:
         91:f5:4a:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QTLGYSMUBOKRJkz8p3eaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MGVkZmM5NmQyYjYxNzg4Njg5NTMzMTQyOTY5ZTY1NTY2
NTEyYWEwHhcNMjYwMzI5MTEwMTA3WhcNMjYwMzMwMTEwMTA3WjAzMTEwLwYDVQQD
EyhlMjdjOTk4ZGI3NTllZjk1N2EzZmNiNzY0NDU3NGE4NjZmMzdhNTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEES8U1whddX4+tP4TjUjpR+3xeH
zjBSXAV26OLePoNsNqXQyLwqNXVkOJfYe0frVYFwVg7dWq1AGB18a5DPjytDM2LI
Bk7x9/CMJp9Uuv4ZWn4ciDCsk7JBeXhiXFAhnZ0CSRhXytuxMt70mRhcCNAnAvpS
1hrA9mS8xoIlZ2aWpy22mxpMllv903PgubE/JKMrLuM2DXSjLgtcmfDStOLbKkFQ
rS9LnJYQhI1zeBg0QIssRAUJzVQdLLHDnL57Rct4jbA9Phn8Na+PNf0RViu/szIV
Xchd0GA8clr2kG7SYg47fYB9RXCnBLMpjHXSrWm024SQW4rgppxyJ9C6pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJ8mY23We+Vej/LdkRXSoZvN6WeMB8GA1UdIwQY
MBaAFLUO38ltK2F4holTMUKWnmVWZRKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFE3ZnlXMHJZWGlHaVZNeFFwYWVaVlpsRXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9kYzA5Y2YtNzcwYy00MTcyLWE2ZWUt
YjYxMzg0ZmYwZWMyLzEvdFE3ZnlXMHJZWGlHaVZNeFFwYWVaVlpsRXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9kYzA5Y2YtNzcwYy00MTcyLWE2ZWUtYjYxMzg0ZmYwZWMy
LzEvdFE3ZnlXMHJZWGlHaVZNeFFwYWVaVlpsRXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATIuq5DWf
LcTNfR6JSHY4xpxZY0zUknUycncz4LObwK9ap/Vt2MpPAU5asMjC0aNBh5jeLFrf
Pdfgpky8ApuTp9x5DnKTDz074QZQlJ4lqIkKfyQDt3tjF27THJez+6MO4TbZWwxn
ZZOMjsuXc2R7GL3ugnCJ2mgyvkIzkaVMWpC2DwLKHXX0sSaHsk2b7adNroouQEPP
phaq9sYxmqJ8G7mIeJ81U/5O4k+Xv3EgMPRuesDoY1bqz4/BXQWvffxxDk0Jvpnj
8RaVkv3CqyWVjjACMLo8pHTU0zkXsoaeZqOfOJMOnP910pY0URJZbUl+dPBi/MQ6
QxEsdTRtkfVK/Q==
-----END CERTIFICATE-----