Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
File:                     AIce9D_KCSFC2TVYXyGSZG9HTBw.mft (raw, json)
Hash identifier:          QwGWocpUfPe7AQI8zCKzeuDWj+VK7iBnR47CHDXBuBo=
Subject key identifier:   E6:52:4F:22:F5:FE:CD:AA:FC:1B:CA:20:C3:C2:84:7A:E2:4E:C4:A1
Authority key identifier: 00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C
Certificate issuer:       /CN=00871ef43fca092142d935585f2192646f474c1c
Certificate serial:       019D382E6A3606E6109892761DF825E0987F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
Manifest number:          0183
Signing time:             Sun 29 Mar 2026 06:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:59 +0000
Files and hashes:         1: AIce9D_KCSFC2TVYXyGSZG9HTBw.crl (hash: R1+Tw0ZsCPDF4XZLc9gBtshY60Ki67lnQa5iFfSzgEY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:6a:36:06:e6:10:98:92:76:1d:f8:25:e0:98:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00871ef43fca092142d935585f2192646f474c1c
        Validity
            Not Before: Mar 29 06:00:59 2026 GMT
            Not After : Mar 30 06:00:59 2026 GMT
        Subject: CN=e6524f22f5fecdaafc1bca20c3c2847ae24ec4a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:95:19:63:d1:ba:51:f3:6d:2a:52:7c:95:20:
                    18:70:12:1b:8e:20:23:82:a7:18:a8:5d:2c:e1:29:
                    67:e0:41:6b:3c:ef:84:f4:25:4a:26:1a:ee:77:d1:
                    79:cd:92:97:34:fd:aa:83:cc:a1:e6:2c:aa:fb:e5:
                    35:c2:d4:1b:9e:f8:74:f9:59:fe:4f:09:fd:fa:1a:
                    85:21:ad:7f:e8:a8:b1:04:53:88:70:28:ee:e9:82:
                    d0:b4:02:60:dc:56:24:d9:c0:cf:20:e2:13:31:71:
                    60:da:b2:8d:fe:78:2b:5b:65:f2:e4:16:42:01:30:
                    1b:66:1d:52:9b:ea:66:a9:d2:05:5c:2a:9a:a0:e8:
                    1c:4b:6d:d3:4e:e6:0b:19:33:6b:16:1d:18:04:6c:
                    ff:99:11:16:ff:f0:7a:59:33:af:a5:ce:b9:64:95:
                    10:44:90:e7:e9:e7:6b:43:a7:b7:51:fe:af:b3:a0:
                    68:fa:d0:73:78:46:54:5f:af:27:5f:7f:9d:b6:df:
                    ba:a7:14:ca:1e:38:95:02:08:39:bb:f1:55:97:e5:
                    6e:df:9f:04:e8:e2:21:3b:3f:b4:8b:11:05:02:7a:
                    e0:a0:af:2b:8f:06:d8:df:35:0c:a5:d8:bb:77:d3:
                    66:18:7c:cd:22:90:90:cb:1d:57:ce:c2:10:a1:4c:
                    09:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:52:4F:22:F5:FE:CD:AA:FC:1B:CA:20:C3:C2:84:7A:E2:4E:C4:A1
            X509v3 Authority Key Identifier:
                keyid:00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:9f:b0:53:dd:3e:30:f9:c4:f6:9c:b6:41:d2:aa:77:80:15:
         1d:22:f9:7e:80:2e:9f:93:9a:8a:09:89:09:6b:a3:b7:60:2f:
         f1:11:6a:82:f6:de:0d:5e:02:14:db:08:27:97:8c:34:4c:74:
         1b:15:d9:23:ff:10:7f:90:48:06:7b:0c:a7:45:b1:00:8b:5c:
         11:ba:5f:fc:58:43:83:c9:28:b9:72:da:88:f0:cc:ad:66:f1:
         1f:bc:01:64:54:83:30:86:c7:e0:00:ad:bb:c2:53:db:dc:23:
         3d:97:16:b6:e0:a0:04:96:c9:6f:e5:40:71:4b:a3:52:78:93:
         d4:bb:e3:41:99:18:cd:21:e3:dd:a6:77:c3:03:b1:5c:c2:28:
         74:08:88:c9:39:b8:81:49:8f:3b:4c:e1:52:d5:60:35:6c:cd:
         5c:b9:2b:bd:35:6d:20:4e:d4:db:3f:e6:5f:4c:d9:59:a3:f8:
         1f:e6:fd:c0:23:fb:d5:44:1d:fc:d6:84:0a:d0:f2:09:61:3b:
         80:1b:76:6c:f6:64:6e:db:fc:6f:4e:32:f5:a5:fb:44:89:1b:
         aa:c8:7e:0d:b6:0e:ab:f5:13:84:6c:f4:72:99:c9:e0:9b:4d:
         3e:af:68:32:52:fa:ed:e9:9d:17:20:55:90:97:93:67:da:ff:
         bd:d5:aa:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lmo2BuYQmJJ2Hfgl4Jh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwODcxZWY0M2ZjYTA5MjE0MmQ5MzU1ODVmMjE5MjY0NmY0
NzRjMWMwHhcNMjYwMzI5MDYwMDU5WhcNMjYwMzMwMDYwMDU5WjAzMTEwLwYDVQQD
EyhlNjUyNGYyMmY1ZmVjZGFhZmMxYmNhMjBjM2MyODQ3YWUyNGVjNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JUZY9G6UfNtKlJ8lSAYcBIbjiAj
gqcYqF0s4Sln4EFrPO+E9CVKJhrud9F5zZKXNP2qg8yh5iyq++U1wtQbnvh0+Vn+
Twn9+hqFIa1/6KixBFOIcCju6YLQtAJg3FYk2cDPIOITMXFg2rKN/ngrW2Xy5BZC
ATAbZh1Sm+pmqdIFXCqaoOgcS23TTuYLGTNrFh0YBGz/mREW//B6WTOvpc65ZJUQ
RJDn6edrQ6e3Uf6vs6Bo+tBzeEZUX68nX3+dtt+6pxTKHjiVAgg5u/FVl+Vu358E
6OIhOz+0ixEFAnrgoK8rjwbY3zUMpdi7d9NmGHzNIpCQyx1XzsIQoUwJNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOZSTyL1/s2q/BvKIMPChHriTsShMB8GA1UdIwQY
MBaAFACHHvQ/ygkhQtk1WF8hkmRvR0wcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUt
MGE5YzRiZGRjOGFjLzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUtMGE5YzRiZGRjOGFj
LzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApJ+wU90+
MPnE9py2QdKqd4AVHSL5foAun5OaigmJCWujt2Av8RFqgvbeDV4CFNsIJ5eMNEx0
GxXZI/8Qf5BIBnsMp0WxAItcEbpf/FhDg8kouXLaiPDMrWbxH7wBZFSDMIbH4ACt
u8JT29wjPZcWtuCgBJbJb+VAcUujUniT1LvjQZkYzSHj3aZ3wwOxXMIodAiIyTm4
gUmPO0zhUtVgNWzNXLkrvTVtIE7U2z/mX0zZWaP4H+b9wCP71UQd/NaECtDyCWE7
gBt2bPZkbtv8b04y9aX7RIkbqsh+DbYOq/UThGz0cpnJ4JtNPq9oMlL67emdFyBV
kJeTZ9r/vdWqVg==
-----END CERTIFICATE-----