Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File:                     D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier:          XzLqGNJCZfBsopsesEWBl1U7JCw1a9tnQpswOmAWcD8=
Subject key identifier:   91:F1:F9:F1:53:AA:47:DA:AB:3A:84:4C:7A:0C:B6:EC:8B:E3:B0:E0
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer:       /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial:       019D3909CCFB28F50ACCA442794C9B8D8335
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number:          0974
Signing time:             Sun 29 Mar 2026 10:00:36 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:36 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:36 +0000
Files and hashes:         1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: SJ4pe2v2M6A99K4zJenjrx5qxd3j0yRzNqO93ErV5Ks=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:cc:fb:28:f5:0a:cc:a4:42:79:4c:9b:8d:83:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
        Validity
            Not Before: Mar 29 10:00:36 2026 GMT
            Not After : Mar 30 10:00:36 2026 GMT
        Subject: CN=91f1f9f153aa47daab3a844c7a0cb6ec8be3b0e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:76:07:1b:dd:14:5f:bf:b6:ed:3f:02:b7:c4:
                    1a:12:19:c2:a1:76:1a:9b:cf:70:ca:cc:5d:f2:37:
                    72:e5:67:f8:ea:fd:e6:da:54:77:42:5d:09:a5:f8:
                    d0:37:cf:e8:44:f8:2d:80:68:e6:2d:26:48:b0:14:
                    08:bd:9e:70:9b:48:3a:09:65:b8:f1:c3:e2:2c:35:
                    be:d6:61:0f:80:51:11:00:a5:fb:e0:9f:55:d3:b8:
                    e5:ed:81:9e:68:3c:bf:db:59:72:15:d1:6b:93:c7:
                    a3:62:24:41:70:10:9a:47:2b:d0:99:35:bc:4c:90:
                    cd:19:8b:32:15:bf:67:45:9f:4f:dd:5f:79:d1:d8:
                    0b:f9:dd:ff:9b:bd:48:a1:4b:36:ad:21:a2:3d:e6:
                    0a:7e:87:2e:be:2d:03:cf:b6:66:63:23:1b:a9:c0:
                    8a:2c:4c:d0:43:da:9f:21:05:a8:25:35:dd:18:a7:
                    ab:83:7d:66:ec:2a:46:4b:08:56:ee:1d:38:94:13:
                    1b:be:70:1d:8b:7c:4b:ac:23:7c:80:88:f5:54:64:
                    a6:85:38:54:32:8b:f0:27:28:03:8e:63:97:fc:1e:
                    e1:16:4c:88:b6:89:d4:1f:cd:21:a7:72:78:44:56:
                    78:90:44:30:7f:30:7c:65:ec:3b:b3:65:7a:f7:af:
                    d1:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:F1:F9:F1:53:AA:47:DA:AB:3A:84:4C:7A:0C:B6:EC:8B:E3:B0:E0
            X509v3 Authority Key Identifier:
                keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d9:a1:c3:5b:f5:bb:ec:90:7c:cd:c8:02:f9:d3:3c:64:0e:ec:
         56:54:bf:33:c6:0e:e2:c4:f4:91:95:ac:51:c4:79:69:6a:cd:
         b9:1b:35:31:cb:9f:c3:2e:a5:dd:15:1d:7f:bc:47:6a:a0:70:
         8c:60:cb:f8:9a:a1:57:26:da:ec:b9:b0:d0:e4:62:68:7b:f6:
         79:eb:87:d9:59:b9:cc:19:cd:31:32:e1:0d:d4:3e:af:c0:83:
         f5:1a:48:42:5d:27:a2:b5:18:52:ee:44:a5:99:a1:0d:87:a0:
         26:de:6f:5d:90:3a:35:fd:55:1f:94:54:f5:9c:aa:f3:71:fb:
         76:d9:d7:e9:69:40:f3:27:77:0c:0e:66:08:c6:14:b9:1c:34:
         9b:89:3f:31:e4:de:95:20:a7:0a:77:0d:fa:4d:5c:c8:f7:9f:
         43:31:c7:b0:d6:02:6e:80:6b:94:1a:aa:46:77:cc:11:fd:a5:
         54:a5:ca:60:d2:6a:55:e6:cf:ef:5b:03:87:f7:6c:6f:f1:50:
         f6:0e:a1:4f:74:8f:4f:f7:98:23:f4:ec:1e:fc:81:dd:a2:be:
         b2:47:bb:d2:5d:5a:f2:38:80:ff:e5:33:0b:6e:71:3c:de:64:
         d6:1b:74:c9:c3:c3:31:b2:1e:bb:95:13:2d:68:6e:be:4f:bf:
         40:d8:3f:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ccz7KPUKzKRCeUybjYM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjYwMzI5MTAwMDM2WhcNMjYwMzMwMTAwMDM2WjAzMTEwLwYDVQQD
Eyg5MWYxZjlmMTUzYWE0N2RhYWIzYTg0NGM3YTBjYjZlYzhiZTNiMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73YHG90UX7+27T8Ct8QaEhnCoXYa
m89wysxd8jdy5Wf46v3m2lR3Ql0JpfjQN8/oRPgtgGjmLSZIsBQIvZ5wm0g6CWW4
8cPiLDW+1mEPgFERAKX74J9V07jl7YGeaDy/21lyFdFrk8ejYiRBcBCaRyvQmTW8
TJDNGYsyFb9nRZ9P3V950dgL+d3/m71IoUs2rSGiPeYKfocuvi0Dz7ZmYyMbqcCK
LEzQQ9qfIQWoJTXdGKerg31m7CpGSwhW7h04lBMbvnAdi3xLrCN8gIj1VGSmhThU
MovwJygDjmOX/B7hFkyItonUH80hp3J4RFZ4kEQwfzB8Zew7s2V696/R+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHx+fFTqkfaqzqETHoMtuyL47DgMB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2aHDW/W7
7JB8zcgC+dM8ZA7sVlS/M8YO4sT0kZWsUcR5aWrNuRs1Mcufwy6l3RUdf7xHaqBw
jGDL+JqhVyba7Lmw0ORiaHv2eeuH2Vm5zBnNMTLhDdQ+r8CD9RpIQl0norUYUu5E
pZmhDYegJt5vXZA6Nf1VH5RU9Zyq83H7dtnX6WlA8yd3DA5mCMYUuRw0m4k/MeTe
lSCnCncN+k1cyPefQzHHsNYCboBrlBqqRnfMEf2lVKXKYNJqVebP71sDh/dsb/FQ
9g6hT3SPT/eYI/TsHvyB3aK+ske70l1a8jiA/+UzC25xPN5k1ht0ycPDMbIeu5UT
LWhuvk+/QNg/dA==
-----END CERTIFICATE-----