Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.mft
File:                     riYajfUykscw4q4d_PxP4_92sdA.mft (raw, json)
Hash identifier:          N416Aw/mWqTKvzPDt8Fhf4Zymms7JkzG2r18fEXZkxg=
Subject key identifier:   7F:01:3B:16:CB:7C:30:48:79:6A:3E:7F:55:97:B5:84:76:F5:C8:08
Authority key identifier: AE:26:1A:8D:F5:32:92:C7:30:E2:AE:1D:FC:FC:4F:E3:FF:76:B1:D0
Certificate issuer:       /CN=ae261a8df53292c730e2ae1dfcfc4fe3ff76b1d0
Certificate serial:       019D390A1D208C2FB8E8CAB619E9A4A85ABE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.mft
Manifest number:          1896
Signing time:             Sun 29 Mar 2026 10:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:57 +0000
Files and hashes:         1: riYajfUykscw4q4d_PxP4_92sdA.crl (hash: 4c/USVSWTKMrnvgrbFKzH8rW1GQj5ULRbp6CbZaRYpI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:1d:20:8c:2f:b8:e8:ca:b6:19:e9:a4:a8:5a:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae261a8df53292c730e2ae1dfcfc4fe3ff76b1d0
        Validity
            Not Before: Mar 29 10:00:57 2026 GMT
            Not After : Mar 30 10:00:57 2026 GMT
        Subject: CN=7f013b16cb7c3048796a3e7f5597b58476f5c808
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:81:8f:17:af:60:44:a1:e1:d2:b0:7c:d4:f2:
                    b2:66:43:f7:db:12:ae:50:95:9c:a9:d4:41:cb:7a:
                    03:1a:bf:d5:50:aa:82:be:7c:0f:c2:49:41:72:6a:
                    48:58:ed:7d:dc:e3:66:f2:d7:61:1f:ed:9e:09:d0:
                    fb:06:39:9a:cb:2c:61:09:65:10:8f:ad:6a:f4:64:
                    85:8c:c3:0d:64:56:72:f4:62:23:44:0e:92:ff:20:
                    03:b9:be:07:c0:58:9f:59:a4:6f:0c:40:ef:83:78:
                    5c:8a:08:47:fe:7d:d0:0f:b7:ea:cc:44:5c:e0:6e:
                    45:4a:87:01:26:38:1a:5e:c3:2c:c0:c6:a2:e9:97:
                    95:30:ec:b4:96:61:b3:44:0f:d3:1b:c2:67:d1:1b:
                    16:df:3c:c3:43:48:01:d3:72:bb:16:0d:3f:3e:05:
                    e2:c7:74:65:a5:7d:8b:0b:9f:9e:dc:3c:df:83:03:
                    f8:a0:ab:b3:bc:8d:40:ea:dd:3d:25:59:15:ea:8f:
                    73:a8:a8:aa:ad:2e:0d:c1:1f:a1:63:16:e4:32:a2:
                    05:fc:12:30:d9:f0:b4:bf:83:f9:63:28:f1:2a:bf:
                    4d:d0:fc:b6:5c:2f:9c:e4:b3:9f:ed:f0:0e:7b:56:
                    1e:d9:9e:db:b7:e5:69:20:99:e4:36:5b:44:fd:a8:
                    ab:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:01:3B:16:CB:7C:30:48:79:6A:3E:7F:55:97:B5:84:76:F5:C8:08
            X509v3 Authority Key Identifier:
                keyid:AE:26:1A:8D:F5:32:92:C7:30:E2:AE:1D:FC:FC:4F:E3:FF:76:B1:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:bb:b0:e5:93:8e:13:7e:44:dd:98:d5:7b:67:f6:0c:ea:e6:
         eb:1f:0f:c6:8b:b3:dc:59:4e:26:fd:b6:b3:62:4f:d8:2b:6f:
         62:d4:8f:a9:cd:aa:9a:4c:2b:04:73:05:28:2b:f5:80:f5:bc:
         d1:64:19:e7:e3:86:83:43:b8:f7:2b:c1:65:42:20:67:63:3f:
         07:2f:a3:b5:82:c7:77:e9:01:05:4a:f9:50:b7:94:46:19:25:
         87:81:b1:95:bc:73:63:4a:04:51:6d:b8:b3:81:77:86:08:77:
         ef:72:d9:a3:93:d6:54:c8:ee:d4:89:d9:a8:d2:96:d9:93:bb:
         04:88:ab:50:b5:fa:cf:c6:48:70:6d:23:fb:14:d6:d8:5b:af:
         19:fb:81:5a:3f:cc:1c:25:c9:53:17:8e:f2:18:88:66:a9:8a:
         ce:50:86:99:15:b4:31:92:68:b6:76:33:7e:9a:7c:66:c7:32:
         e3:d5:09:0a:44:7d:a2:b2:86:a9:3f:57:71:b1:0d:6d:f6:60:
         0d:6e:a6:90:8b:59:a0:f3:3c:84:25:fe:d5:aa:97:48:0d:7b:
         4e:34:3d:01:ac:d4:a6:59:88:22:00:06:3d:8f:5d:e4:08:39:
         a1:d1:4c:ef:29:c2:f4:1f:61:a3:c2:25:ec:c3:77:66:c3:eb:
         1a:41:1c:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ch0gjC+46Mq2GemkqFq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMjYxYThkZjUzMjkyYzczMGUyYWUxZGZjZmM0ZmUzZmY3
NmIxZDAwHhcNMjYwMzI5MTAwMDU3WhcNMjYwMzMwMTAwMDU3WjAzMTEwLwYDVQQD
Eyg3ZjAxM2IxNmNiN2MzMDQ4Nzk2YTNlN2Y1NTk3YjU4NDc2ZjVjODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIGPF69gRKHh0rB81PKyZkP32xKu
UJWcqdRBy3oDGr/VUKqCvnwPwklBcmpIWO193ONm8tdhH+2eCdD7BjmayyxhCWUQ
j61q9GSFjMMNZFZy9GIjRA6S/yADub4HwFifWaRvDEDvg3hcighH/n3QD7fqzERc
4G5FSocBJjgaXsMswMai6ZeVMOy0lmGzRA/TG8Jn0RsW3zzDQ0gB03K7Fg0/PgXi
x3RlpX2LC5+e3DzfgwP4oKuzvI1A6t09JVkV6o9zqKiqrS4NwR+hYxbkMqIF/BIw
2fC0v4P5YyjxKr9N0Py2XC+c5LOf7fAOe1Ye2Z7bt+VpIJnkNltE/airhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8BOxbLfDBIeWo+f1WXtYR29cgIMB8GA1UdIwQY
MBaAFK4mGo31MpLHMOKuHfz8T+P/drHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmlZYWpmVXlrc2N3NHE0ZF9QeFA0Xzkyc2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xYTg0OWUtODYxYy00YzRkLWJjZjQt
NTY5NWQ4OWQ3YjM2LzEvcmlZYWpmVXlrc2N3NHE0ZF9QeFA0Xzkyc2RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xYTg0OWUtODYxYy00YzRkLWJjZjQtNTY5NWQ4OWQ3YjM2
LzEvcmlZYWpmVXlrc2N3NHE0ZF9QeFA0Xzkyc2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZruw5ZOO
E35E3ZjVe2f2DOrm6x8Pxouz3FlOJv22s2JP2CtvYtSPqc2qmkwrBHMFKCv1gPW8
0WQZ5+OGg0O49yvBZUIgZ2M/By+jtYLHd+kBBUr5ULeURhklh4GxlbxzY0oEUW24
s4F3hgh373LZo5PWVMju1InZqNKW2ZO7BIirULX6z8ZIcG0j+xTW2FuvGfuBWj/M
HCXJUxeO8hiIZqmKzlCGmRW0MZJotnYzfpp8Zscy49UJCkR9orKGqT9XcbENbfZg
DW6mkItZoPM8hCX+1aqXSA17TjQ9AazUplmIIgAGPY9d5Ag5odFM7ynC9B9ho8Il
7MN3ZsPrGkEc5Q==
-----END CERTIFICATE-----