Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          rLciWDFTOf1inNXOcT2BJTh5rRO6rlD2KClmY97oWJY=
Subject key identifier:   D5:88:40:06:FB:98:67:91:88:A9:21:CF:9B:BB:29:2B:8C:83:5D:71
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       019D3865E760027B5A2228833A1FC59E21E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          0D7D
Signing time:             Sun 29 Mar 2026 07:01:35 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:35 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:35 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: kw/p/bbNfxWD05mvJ4DzNq6yIu0QS+JL+p1/VbFhwlg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:e7:60:02:7b:5a:22:28:83:3a:1f:c5:9e:21:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Mar 29 07:01:35 2026 GMT
            Not After : Mar 30 07:01:35 2026 GMT
        Subject: CN=d5884006fb98679188a921cf9bbb292b8c835d71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a1:ff:3c:7a:fa:a6:11:47:8a:62:00:01:15:
                    36:eb:0d:5a:ce:8a:ed:78:ae:8e:fe:89:ef:21:71:
                    2e:58:dc:e3:e5:0b:eb:d8:5a:20:19:15:e4:73:f2:
                    87:be:37:37:9c:6c:43:45:f4:62:33:3d:0a:8a:f2:
                    47:0a:84:49:f8:b9:83:9b:a4:83:83:1e:ac:d7:4d:
                    67:9d:5f:44:0d:b7:78:6b:4e:f0:48:93:67:ca:5a:
                    5b:da:31:6e:9b:c5:d1:2c:85:0e:d6:07:4f:57:aa:
                    64:b4:5c:e4:e9:97:a3:ea:e6:f7:18:62:05:2d:34:
                    c7:48:e0:ce:d0:ce:5a:7f:28:75:ec:f0:c0:e6:a4:
                    ea:59:1e:26:48:49:04:ad:97:28:0b:fd:d5:bc:ec:
                    31:23:7f:17:2c:f2:c9:1d:4a:1c:66:db:b5:a5:4c:
                    50:b3:ab:ab:83:a3:53:62:3a:93:0b:81:6f:47:d8:
                    59:89:de:5f:05:c0:c3:d0:30:73:a1:86:0e:24:11:
                    6a:09:45:e4:d9:a3:ca:d3:b4:45:f0:e3:cf:70:2d:
                    db:e7:f8:81:19:a4:67:38:96:38:c4:a6:3c:d0:17:
                    3b:4c:d7:d0:47:5f:fa:4a:57:a5:58:39:65:38:f5:
                    59:bc:93:bb:8e:2f:34:56:85:69:d7:52:30:a1:97:
                    0e:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:88:40:06:FB:98:67:91:88:A9:21:CF:9B:BB:29:2B:8C:83:5D:71
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:18:18:bb:ea:f1:69:79:9f:66:ab:db:6e:05:28:1b:19:d4:
         25:e4:9f:4e:34:71:1d:c7:1b:96:6a:30:f5:ad:40:33:7e:63:
         86:07:9c:42:21:7e:91:47:0c:c3:9a:70:e2:61:22:ae:49:00:
         27:88:be:70:06:0f:40:cd:5e:f1:5f:90:31:70:4f:93:f4:c1:
         99:4a:f2:bc:94:b2:57:a3:7f:79:5f:85:b5:9e:0c:27:0b:2c:
         c3:9c:5c:40:6f:1b:7b:21:79:87:12:11:1d:d9:e0:82:6c:8d:
         0b:43:46:95:e1:1a:ff:ff:9c:40:b8:65:74:06:26:5d:2a:d7:
         e8:d1:e2:25:ca:ac:15:59:7e:04:d8:e0:db:f1:3f:e5:ad:a4:
         b3:44:05:70:ab:a8:fe:c6:7a:24:ae:ae:a2:5e:e4:b0:8a:17:
         68:8d:e6:99:af:39:f8:02:ba:55:65:9a:5d:3f:bd:af:94:b7:
         09:79:a4:2f:af:9c:26:6c:96:f4:d9:b8:15:df:c9:9f:ca:a6:
         dd:d8:e1:a5:5a:79:35:1a:e8:e5:40:ff:b7:90:09:3a:d3:b3:
         5f:bc:fb:74:44:f0:dd:d1:fe:71:b4:ae:09:9a:86:01:6c:02:
         67:93:e0:d4:b5:b2:71:de:6f:61:3b:f0:df:64:9d:1e:a5:74:
         6c:1f:39:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZedgAntaIiiDOh/FniHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjYwMzI5MDcwMTM1WhcNMjYwMzMwMDcwMTM1WjAzMTEwLwYDVQQD
EyhkNTg4NDAwNmZiOTg2NzkxODhhOTIxY2Y5YmJiMjkyYjhjODM1ZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKH/PHr6phFHimIAARU26w1azort
eK6O/onvIXEuWNzj5Qvr2FogGRXkc/KHvjc3nGxDRfRiMz0KivJHCoRJ+LmDm6SD
gx6s101nnV9EDbd4a07wSJNnylpb2jFum8XRLIUO1gdPV6pktFzk6Zej6ub3GGIF
LTTHSODO0M5afyh17PDA5qTqWR4mSEkErZcoC/3VvOwxI38XLPLJHUocZtu1pUxQ
s6urg6NTYjqTC4FvR9hZid5fBcDD0DBzoYYOJBFqCUXk2aPK07RF8OPPcC3b5/iB
GaRnOJY4xKY80Bc7TNfQR1/6SlelWDllOPVZvJO7ji80VoVp11IwoZcOzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWIQAb7mGeRiKkhz5u7KSuMg11xMB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASxgYu+rx
aXmfZqvbbgUoGxnUJeSfTjRxHccblmow9a1AM35jhgecQiF+kUcMw5pw4mEirkkA
J4i+cAYPQM1e8V+QMXBPk/TBmUryvJSyV6N/eV+FtZ4MJwssw5xcQG8beyF5hxIR
HdnggmyNC0NGleEa//+cQLhldAYmXSrX6NHiJcqsFVl+BNjg2/E/5a2ks0QFcKuo
/sZ6JK6uol7ksIoXaI3mma85+AK6VWWaXT+9r5S3CXmkL6+cJmyW9Nm4Fd/Jn8qm
3djhpVp5NRro5UD/t5AJOtOzX7z7dETw3dH+cbSuCZqGAWwCZ5Pg1LWycd5vYTvw
32SdHqV0bB85tg==
-----END CERTIFICATE-----