Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
File:                     pol1o9gy4UUny7or4QujwebGOFY.mft (raw, json)
Hash identifier:          1oLyDupMZvfkkWsScxr3N+SXvbOQmDwj0QSbQqJTb1k=
Subject key identifier:   D7:51:5B:5E:7E:ED:95:EB:92:74:F9:06:B0:B4:71:42:5E:90:C1:18
Authority key identifier: A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56
Certificate issuer:       /CN=a68975a3d832e14527cbba2be10ba3c1e6c63856
Certificate serial:       019D38662BCF756285312E33054F9EED1B3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
Manifest number:          0863
Signing time:             Sun 29 Mar 2026 07:01:53 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:53 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:53 +0000
Files and hashes:         1: pol1o9gy4UUny7or4QujwebGOFY.crl (hash: Fh0AtJbzWK/KUE03H9C+zjc8pvWfTG8JJlOKriy46cg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:2b:cf:75:62:85:31:2e:33:05:4f:9e:ed:1b:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a68975a3d832e14527cbba2be10ba3c1e6c63856
        Validity
            Not Before: Mar 29 07:01:53 2026 GMT
            Not After : Mar 30 07:01:53 2026 GMT
        Subject: CN=d7515b5e7eed95eb9274f906b0b471425e90c118
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:44:71:45:52:c4:eb:40:11:f9:0d:06:da:7c:
                    a0:e6:ea:9b:6a:31:0d:b6:48:1c:9b:b2:63:9e:a8:
                    cc:04:4a:7f:6d:ef:4c:d3:d2:d6:9f:3c:5e:0a:84:
                    ef:c2:c0:5a:d7:c4:66:2f:9b:b4:d0:10:44:ff:8f:
                    60:30:38:85:79:90:8e:07:85:31:a8:cb:cd:f9:e4:
                    81:57:3c:e1:33:5e:4b:63:f6:02:84:36:af:57:48:
                    3b:8c:21:9f:12:26:32:c3:e4:4d:14:6f:28:f1:5d:
                    f0:c9:a4:e5:82:24:8a:40:1c:30:12:55:b8:06:7d:
                    f8:9b:1e:2e:91:f8:d2:4a:2f:dd:fa:9d:04:aa:0a:
                    1f:21:9d:ce:04:31:c7:98:7c:c0:ee:84:59:e8:94:
                    60:74:88:68:a3:a1:72:39:e1:1e:3e:b5:5b:b8:0e:
                    d3:b8:5e:cc:30:0f:fd:1c:9a:3f:68:0c:17:ad:a5:
                    4a:32:b1:49:95:a0:99:fe:1f:2b:6a:34:bb:76:98:
                    23:05:f4:03:1a:a9:f8:06:61:57:5d:e4:71:d6:f9:
                    27:20:72:06:41:c9:a7:99:29:c5:35:54:34:42:a6:
                    81:6c:ec:34:b7:a6:89:30:1c:d8:9f:7a:11:f2:f0:
                    ba:ce:80:67:91:09:7a:1a:79:c7:9c:ab:07:91:cd:
                    16:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:51:5B:5E:7E:ED:95:EB:92:74:F9:06:B0:B4:71:42:5E:90:C1:18
            X509v3 Authority Key Identifier:
                keyid:A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:75:3f:3a:5d:8c:7a:ef:ff:40:06:ed:fa:b7:0d:39:9d:e8:
         74:d8:7c:79:ad:16:16:06:3e:07:f1:ca:8d:31:5d:70:3b:a5:
         44:61:e5:d5:2d:a2:5a:cf:8c:e6:5e:b2:21:b5:3e:2d:b2:00:
         ae:85:9e:17:98:6c:4a:bf:83:2d:97:71:bd:70:a9:73:9f:2a:
         54:33:67:75:d0:8c:84:0c:c8:eb:fe:82:85:d9:52:74:95:5d:
         25:5c:77:08:98:85:2b:23:aa:bd:6f:08:e8:a4:6c:34:00:d7:
         4d:dd:46:8f:66:04:eb:78:18:be:b0:9e:56:cf:f4:ae:05:ee:
         1e:96:63:6f:45:b2:a4:20:ce:d4:c8:d1:c7:c9:3c:98:39:9f:
         e2:bb:e7:cb:6d:b7:1b:d3:fa:bd:85:f6:2f:67:f2:28:49:fc:
         4b:a1:29:aa:23:79:bd:ee:be:f4:34:04:42:55:a7:53:75:96:
         fd:66:60:7b:ac:46:fe:9f:34:56:af:a5:9f:ab:c2:ca:80:0a:
         1c:ed:51:96:47:d7:6f:8d:6e:b7:33:b8:9b:a2:72:e2:cd:b3:
         c9:a7:b0:6d:f8:80:04:2a:52:79:e1:a8:88:12:ab:f2:48:dd:
         fc:0c:d2:e2:10:82:d4:7a:32:bd:59:68:34:87:d5:c8:65:ca:
         11:ef:b5:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZivPdWKFMS4zBU+e7Rs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ODk3NWEzZDgzMmUxNDUyN2NiYmEyYmUxMGJhM2MxZTZj
NjM4NTYwHhcNMjYwMzI5MDcwMTUzWhcNMjYwMzMwMDcwMTUzWjAzMTEwLwYDVQQD
EyhkNzUxNWI1ZTdlZWQ5NWViOTI3NGY5MDZiMGI0NzE0MjVlOTBjMTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukRxRVLE60AR+Q0G2nyg5uqbajEN
tkgcm7JjnqjMBEp/be9M09LWnzxeCoTvwsBa18RmL5u00BBE/49gMDiFeZCOB4Ux
qMvN+eSBVzzhM15LY/YChDavV0g7jCGfEiYyw+RNFG8o8V3wyaTlgiSKQBwwElW4
Bn34mx4ukfjSSi/d+p0EqgofIZ3OBDHHmHzA7oRZ6JRgdIhoo6FyOeEePrVbuA7T
uF7MMA/9HJo/aAwXraVKMrFJlaCZ/h8rajS7dpgjBfQDGqn4BmFXXeRx1vknIHIG
QcmnmSnFNVQ0QqaBbOw0t6aJMBzYn3oR8vC6zoBnkQl6GnnHnKsHkc0WCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdRW15+7ZXrknT5BrC0cUJekMEYMB8GA1UdIwQY
MBaAFKaJdaPYMuFFJ8u6K+ELo8HmxjhWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUt
MTMxNmFkODA1ZTY0LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUtMTMxNmFkODA1ZTY0
LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD3U/Ol2M
eu//QAbt+rcNOZ3odNh8ea0WFgY+B/HKjTFdcDulRGHl1S2iWs+M5l6yIbU+LbIA
roWeF5hsSr+DLZdxvXCpc58qVDNnddCMhAzI6/6ChdlSdJVdJVx3CJiFKyOqvW8I
6KRsNADXTd1Gj2YE63gYvrCeVs/0rgXuHpZjb0WypCDO1MjRx8k8mDmf4rvny223
G9P6vYX2L2fyKEn8S6EpqiN5ve6+9DQEQlWnU3WW/WZge6xG/p80Vq+ln6vCyoAK
HO1RlkfXb41utzO4m6Jy4s2zyaewbfiABCpSeeGoiBKr8kjd/AzS4hCC1HoyvVlo
NIfVyGXKEe+1hw==
-----END CERTIFICATE-----