Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
File:                     r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json)
Hash identifier:          1MaJOudTzuUSkako2DZJKAOmyW2H2B+ogGa6M+hNPcA=
Subject key identifier:   CB:8B:00:FF:49:C2:BF:F3:C5:5F:02:CB:59:30:FC:8C:18:A9:E3:FD
Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84
Certificate issuer:       /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
Certificate serial:       019D37528A7E852065CBDBC954F5A61AFBFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
Manifest number:          0500
Signing time:             Sun 29 Mar 2026 02:00:49 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:49 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:49 +0000
Files and hashes:         1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: 0cyeK2nZ7CfpNk6wIGtR9VrQPckiBBOk1KWzGuDqmuY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:8a:7e:85:20:65:cb:db:c9:54:f5:a6:1a:fb:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
        Validity
            Not Before: Mar 29 02:00:49 2026 GMT
            Not After : Mar 30 02:00:49 2026 GMT
        Subject: CN=cb8b00ff49c2bff3c55f02cb5930fc8c18a9e3fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:01:0d:9b:46:99:44:37:84:83:70:10:91:66:
                    7c:09:9f:51:83:0e:0d:d9:e2:99:1b:56:09:fa:ed:
                    9e:ed:91:f5:fe:5f:ee:57:07:11:19:2c:24:82:6e:
                    47:38:e0:cf:37:fa:51:70:fa:3c:d0:f6:c2:9a:19:
                    e4:0b:a2:9c:10:d1:86:39:4f:bc:84:4e:67:9f:9a:
                    60:e0:8f:b2:8b:93:26:44:bd:6f:09:7a:21:9a:94:
                    b0:6a:62:13:bf:18:20:91:a4:e2:61:5d:1f:d4:22:
                    35:f9:84:4a:18:d3:8a:02:a1:57:21:ef:0d:47:7b:
                    17:fb:b1:b3:c6:92:9d:f4:25:36:e7:21:92:5d:67:
                    94:3b:8c:2d:a2:42:8b:c3:f8:6c:e1:0f:9e:72:b9:
                    21:98:e3:c7:13:3a:8e:30:e7:49:fa:e6:f4:67:98:
                    29:1b:c1:3c:8c:aa:91:a2:f6:e8:f9:5e:ee:59:4d:
                    52:95:62:93:de:25:50:e4:38:9b:2b:6d:4a:ab:83:
                    b0:8c:9b:0a:7b:9b:bf:81:10:f5:dd:b3:78:88:37:
                    9f:4a:ca:96:64:fd:14:49:16:8b:87:ba:67:fe:73:
                    50:be:8b:f8:ff:44:bb:ba:27:53:9f:ff:d5:37:d8:
                    66:f8:b8:23:c6:ba:9b:2b:9b:f6:7a:25:3d:f2:a0:
                    78:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:8B:00:FF:49:C2:BF:F3:C5:5F:02:CB:59:30:FC:8C:18:A9:E3:FD
            X509v3 Authority Key Identifier:
                keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:fd:5d:e2:21:a7:bf:11:b0:ce:0d:c3:0f:ca:4f:74:30:3a:
         e7:9f:2e:50:81:79:81:11:f5:d5:f1:65:3a:61:ce:d1:cd:10:
         d4:66:07:25:d0:f6:b7:35:4e:8c:9e:45:51:9b:66:79:76:f1:
         5d:d8:29:f8:ab:b4:10:33:07:e9:5c:51:f0:90:dc:b8:ce:81:
         8f:9f:21:90:e7:6a:7a:40:7b:02:5f:ee:ce:81:1a:7a:83:ae:
         2c:da:b0:d5:cc:21:80:ea:a0:b2:d8:ce:eb:81:77:dc:ab:78:
         ed:1f:8c:50:9e:c5:37:f5:39:27:92:11:3a:b3:77:d8:07:b7:
         37:06:05:aa:b6:ad:c6:77:ae:f1:50:77:35:2a:14:99:7a:b2:
         b2:74:d0:f2:56:14:7c:73:58:6b:4a:d1:8e:9e:05:83:2e:17:
         64:19:eb:36:91:6b:0c:1f:50:e8:d5:08:52:12:10:89:a6:06:
         71:81:e1:7f:4b:7d:83:54:94:16:96:71:c2:4e:ed:eb:56:00:
         93:a8:b5:d7:af:24:db:dd:86:42:34:77:2b:18:35:09:74:41:
         28:00:ec:f6:71:f9:7b:2a:35:10:23:d2:ef:bc:bf:05:5b:a5:
         0a:51:3b:ce:44:c3:28:a8:a9:f1:c8:99:3a:d4:92:b1:34:be:
         9f:f4:46:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uop+hSBly9vJVPWmGvv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz
NzU5ODQwHhcNMjYwMzI5MDIwMDQ5WhcNMjYwMzMwMDIwMDQ5WjAzMTEwLwYDVQQD
EyhjYjhiMDBmZjQ5YzJiZmYzYzU1ZjAyY2I1OTMwZmM4YzE4YTllM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAENm0aZRDeEg3AQkWZ8CZ9Rgw4N
2eKZG1YJ+u2e7ZH1/l/uVwcRGSwkgm5HOODPN/pRcPo80PbCmhnkC6KcENGGOU+8
hE5nn5pg4I+yi5MmRL1vCXohmpSwamITvxggkaTiYV0f1CI1+YRKGNOKAqFXIe8N
R3sX+7GzxpKd9CU25yGSXWeUO4wtokKLw/hs4Q+ecrkhmOPHEzqOMOdJ+ub0Z5gp
G8E8jKqRovbo+V7uWU1SlWKT3iVQ5DibK21Kq4OwjJsKe5u/gRD13bN4iDefSsqW
ZP0USRaLh7pn/nNQvov4/0S7uidTn//VN9hm+LgjxrqbK5v2eiU98qB42QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMuLAP9Jwr/zxV8Cy1kw/IwYqeP9MB8GA1UdIwQY
MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct
NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4
LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEP1d4iGn
vxGwzg3DD8pPdDA6558uUIF5gRH11fFlOmHO0c0Q1GYHJdD2tzVOjJ5FUZtmeXbx
Xdgp+Ku0EDMH6VxR8JDcuM6Bj58hkOdqekB7Al/uzoEaeoOuLNqw1cwhgOqgstjO
64F33Kt47R+MUJ7FN/U5J5IROrN32Ae3NwYFqratxneu8VB3NSoUmXqysnTQ8lYU
fHNYa0rRjp4Fgy4XZBnrNpFrDB9Q6NUIUhIQiaYGcYHhf0t9g1SUFpZxwk7t61YA
k6i1168k292GQjR3Kxg1CXRBKADs9nH5eyo1ECPS77y/BVulClE7zkTDKKip8ciZ
OtSSsTS+n/RGoQ==
-----END CERTIFICATE-----