Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/3447dd-8dc4-405d-9c0b-6ffc5d9e0fed/1/lN7qVibZ6DJkDx7N9_i7clckCEc.mft
File:                     lN7qVibZ6DJkDx7N9_i7clckCEc.mft (raw, json)
Hash identifier:          uwXRye2+Ttz513ZX11veH+uKZcMr+k1nzGBJ6HTWEzE=
Subject key identifier:   A3:8A:E7:8A:38:A0:63:B4:07:C8:6C:47:64:7C:1B:B3:05:2F:5E:00
Authority key identifier: 94:DE:EA:56:26:D9:E8:32:64:0F:1E:CD:F7:F8:BB:72:57:24:08:47
Certificate issuer:       /CN=94deea5626d9e832640f1ecdf7f8bb7257240847
Certificate serial:       019D37893EE48F515E219B48F9B4D5EECD90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lN7qVibZ6DJkDx7N9_i7clckCEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/3447dd-8dc4-405d-9c0b-6ffc5d9e0fed/1/lN7qVibZ6DJkDx7N9_i7clckCEc.mft
Manifest number:          0D83
Signing time:             Sun 29 Mar 2026 03:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:34 +0000
Files and hashes:         1: lN7qVibZ6DJkDx7N9_i7clckCEc.crl (hash: 6F5LOftksTqr+Y8kA4k5yd92Ce9R/dPKwgjBJT1EAo8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/3447dd-8dc4-405d-9c0b-6ffc5d9e0fed/1/lN7qVibZ6DJkDx7N9_i7clckCEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/3447dd-8dc4-405d-9c0b-6ffc5d9e0fed/1/lN7qVibZ6DJkDx7N9_i7clckCEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lN7qVibZ6DJkDx7N9_i7clckCEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:3e:e4:8f:51:5e:21:9b:48:f9:b4:d5:ee:cd:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94deea5626d9e832640f1ecdf7f8bb7257240847
        Validity
            Not Before: Mar 29 03:00:34 2026 GMT
            Not After : Mar 30 03:00:34 2026 GMT
        Subject: CN=a38ae78a38a063b407c86c47647c1bb3052f5e00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7d:a8:92:7b:23:cd:4f:12:38:ea:39:0e:ab:
                    5c:d9:a9:d8:c9:67:91:57:e6:98:0b:7b:28:81:80:
                    a0:ea:1f:02:bd:92:e8:be:1e:8f:11:8a:bf:97:74:
                    01:99:b7:ff:ee:73:e7:c1:0e:80:15:ce:42:e1:19:
                    db:fa:b5:d5:ca:e2:94:95:4f:91:99:bb:01:ed:33:
                    e4:0a:57:87:69:30:63:b2:0d:ff:1c:dd:f0:2b:ea:
                    14:eb:f1:82:ae:27:87:8a:7f:10:31:e0:d5:80:33:
                    20:0e:7f:2a:02:47:ee:3d:fc:84:3e:c4:60:d6:ae:
                    fe:a3:9a:7c:0f:c1:35:20:5e:b7:0b:41:3b:0a:3f:
                    d3:55:09:5c:14:40:c4:6c:1f:a4:d7:e7:76:f7:43:
                    b7:d9:93:01:9b:e0:f4:7e:82:68:ca:69:84:61:16:
                    16:de:f3:a1:07:89:ef:e4:61:f4:58:5b:dc:2e:3c:
                    28:d4:9d:31:24:c8:87:23:a4:d2:93:31:c7:bc:2f:
                    73:5d:4a:0a:ec:f8:47:2d:96:87:c7:d1:47:d9:21:
                    9f:85:0f:08:fd:2f:a4:2b:d3:69:92:d6:d0:1a:e3:
                    40:cd:df:60:8b:a7:44:54:8b:62:b6:e5:66:da:83:
                    bd:ff:22:10:c9:d4:78:3c:8c:aa:88:ff:ea:4d:3a:
                    ac:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:8A:E7:8A:38:A0:63:B4:07:C8:6C:47:64:7C:1B:B3:05:2F:5E:00
            X509v3 Authority Key Identifier:
                keyid:94:DE:EA:56:26:D9:E8:32:64:0F:1E:CD:F7:F8:BB:72:57:24:08:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lN7qVibZ6DJkDx7N9_i7clckCEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/3447dd-8dc4-405d-9c0b-6ffc5d9e0fed/1/lN7qVibZ6DJkDx7N9_i7clckCEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/3447dd-8dc4-405d-9c0b-6ffc5d9e0fed/1/lN7qVibZ6DJkDx7N9_i7clckCEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:8f:35:27:6f:4b:93:ba:ab:dd:c5:6f:59:29:c5:38:cb:1d:
         14:03:b5:a6:8a:a8:32:cb:e1:75:d7:25:5a:91:f3:72:77:70:
         c2:6d:da:b1:02:76:c1:41:ec:31:09:56:e5:16:e1:5c:8d:36:
         6d:32:fa:1b:73:b8:79:19:64:2d:a9:b5:da:17:bf:37:7f:ba:
         3c:a7:78:95:ee:de:16:e8:a4:26:cd:9f:e4:46:b8:c0:5c:17:
         ee:db:73:dd:eb:52:be:3e:20:d5:d8:ac:65:57:00:42:e0:ba:
         44:b8:6e:ab:28:8f:96:1d:2c:8e:70:e7:14:68:68:da:7a:4f:
         43:dd:ef:30:74:40:0b:a5:b3:37:63:0c:48:34:48:4c:4a:b2:
         b8:50:72:bd:78:f9:3f:f6:2b:cc:04:48:55:ef:30:b4:74:39:
         51:43:34:26:2a:38:d4:61:a8:35:f9:0a:07:5b:84:ea:c0:c2:
         f1:2b:07:d0:fc:8f:e5:a5:6a:a1:d2:80:d7:0d:c4:01:7f:98:
         d6:73:c6:7f:fa:78:a2:7d:aa:30:66:86:02:69:74:68:6d:cd:
         c2:01:96:b4:07:4c:d0:cf:c7:d4:76:56:29:b9:51:53:16:de:
         59:f5:89:82:f0:82:e4:8f:58:8c:d6:c9:48:e5:c0:fc:1f:ad:
         97:db:ff:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iT7kj1FeIZtI+bTV7s2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZGVlYTU2MjZkOWU4MzI2NDBmMWVjZGY3ZjhiYjcyNTcy
NDA4NDcwHhcNMjYwMzI5MDMwMDM0WhcNMjYwMzMwMDMwMDM0WjAzMTEwLwYDVQQD
EyhhMzhhZTc4YTM4YTA2M2I0MDdjODZjNDc2NDdjMWJiMzA1MmY1ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn2oknsjzU8SOOo5Dqtc2anYyWeR
V+aYC3sogYCg6h8CvZLovh6PEYq/l3QBmbf/7nPnwQ6AFc5C4Rnb+rXVyuKUlU+R
mbsB7TPkCleHaTBjsg3/HN3wK+oU6/GCrieHin8QMeDVgDMgDn8qAkfuPfyEPsRg
1q7+o5p8D8E1IF63C0E7Cj/TVQlcFEDEbB+k1+d290O32ZMBm+D0foJoymmEYRYW
3vOhB4nv5GH0WFvcLjwo1J0xJMiHI6TSkzHHvC9zXUoK7PhHLZaHx9FH2SGfhQ8I
/S+kK9NpktbQGuNAzd9gi6dEVItituVm2oO9/yIQydR4PIyqiP/qTTqsJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKOK54o4oGO0B8hsR2R8G7MFL14AMB8GA1UdIwQY
MBaAFJTe6lYm2egyZA8ezff4u3JXJAhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE43cVZpYlo2REprRHg3TjlfaTdjbGNrQ0VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8zNDQ3ZGQtOGRjNC00MDVkLTljMGIt
NmZmYzVkOWUwZmVkLzEvbE43cVZpYlo2REprRHg3TjlfaTdjbGNrQ0VjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8zNDQ3ZGQtOGRjNC00MDVkLTljMGItNmZmYzVkOWUwZmVk
LzEvbE43cVZpYlo2REprRHg3TjlfaTdjbGNrQ0VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKI81J29L
k7qr3cVvWSnFOMsdFAO1poqoMsvhddclWpHzcndwwm3asQJ2wUHsMQlW5RbhXI02
bTL6G3O4eRlkLam12he/N3+6PKd4le7eFuikJs2f5Ea4wFwX7ttz3etSvj4g1dis
ZVcAQuC6RLhuqyiPlh0sjnDnFGho2npPQ93vMHRAC6WzN2MMSDRITEqyuFByvXj5
P/YrzARIVe8wtHQ5UUM0Jio41GGoNfkKB1uE6sDC8SsH0PyP5aVqodKA1w3EAX+Y
1nPGf/p4on2qMGaGAml0aG3NwgGWtAdM0M/H1HZWKblRUxbeWfWJgvCC5I9YjNbJ
SOXA/B+tl9v/sQ==
-----END CERTIFICATE-----