Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
File:                     mtVmfEEoFBE5zKfFBH_BclC_Y68.mft (raw, json)
Hash identifier:          CByOvQp+DtuoXiSH0gkF3988TchhHSOK6RdIUfCJuqE=
Subject key identifier:   A5:92:2E:96:09:E0:BB:5D:6A:2F:3C:0C:83:26:26:90:CC:5D:A5:AB
Authority key identifier: 9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF
Certificate issuer:       /CN=9ad5667c4128141139cca7c5047fc17250bf63af
Certificate serial:       019D296145C703566511D6B836D491D0B0CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 09:02:13 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:13 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:13 +0000
Files and hashes:         1: mtVmfEEoFBE5zKfFBH_BclC_Y68.crl (hash: BndOJFnJ7PpbvgaMlDx3drB1I3I4AM//+1cOt3z+1To=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:45:c7:03:56:65:11:d6:b8:36:d4:91:d0:b0:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ad5667c4128141139cca7c5047fc17250bf63af
        Validity
            Not Before: Mar 26 09:02:13 2026 GMT
            Not After : Mar 27 09:02:13 2026 GMT
        Subject: CN=a5922e9609e0bb5d6a2f3c0c83262690cc5da5ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c1:4a:fa:2a:8f:db:bc:80:be:9a:9b:ef:67:
                    ef:9a:f7:1b:e5:af:a5:67:17:d6:e8:24:e4:34:51:
                    07:b7:f4:32:9b:6b:2f:78:a9:f7:75:81:64:0e:69:
                    4a:da:0d:bc:f7:89:4e:3e:10:9d:1e:c9:7f:61:2d:
                    56:f9:d6:5e:cb:81:7c:57:8d:0a:8b:8e:ea:88:98:
                    9e:14:ca:64:5f:cf:17:78:94:c5:33:7d:fb:3a:f1:
                    51:f7:92:71:aa:58:9f:1a:bd:75:d8:e5:85:41:7a:
                    cf:b0:31:03:8c:ce:f7:21:f6:66:60:01:be:6b:6b:
                    b0:fa:74:58:35:25:89:3e:78:5d:02:60:d7:88:b2:
                    d3:58:a5:1c:6e:13:84:25:28:75:43:b4:d5:a5:a0:
                    c2:7c:49:85:44:a8:b1:5c:be:1a:8c:ef:c0:20:c8:
                    56:ce:ac:5b:9b:02:9a:d9:8d:8e:33:f8:69:45:94:
                    da:4f:60:49:db:d4:bf:35:42:d5:31:d8:93:57:4e:
                    e7:35:72:8d:28:96:8a:c9:e4:c9:e6:1a:92:57:5a:
                    61:86:b7:37:2e:17:fc:40:43:dc:20:3c:f4:5c:aa:
                    8d:93:3d:a2:5d:8c:11:0f:2d:4c:51:94:1b:d4:10:
                    b9:af:04:ba:2a:5b:da:53:fd:00:9a:56:a8:e8:65:
                    e3:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:92:2E:96:09:E0:BB:5D:6A:2F:3C:0C:83:26:26:90:CC:5D:A5:AB
            X509v3 Authority Key Identifier:
                keyid:9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:8a:8d:f6:ad:ba:93:bf:de:57:53:64:23:bf:2c:b9:70:0e:
         65:5c:a3:c1:54:fa:1a:10:15:92:47:bc:e2:4e:79:2f:f2:56:
         ce:a9:98:25:14:12:a9:cf:dd:18:97:60:7f:03:01:f0:dc:6a:
         c8:ba:d5:7e:98:ea:83:92:0e:12:f5:ac:b5:17:fd:d1:2e:1a:
         fa:0e:51:c6:3c:a1:02:57:10:0b:27:f9:8f:e9:37:47:65:1f:
         70:ee:42:e6:3b:f0:44:df:be:5f:4c:f3:2d:bd:eb:c4:42:c7:
         d7:0b:d0:64:d8:88:89:3d:81:76:cc:ed:65:16:aa:9e:25:a7:
         f1:48:e2:0b:2b:e4:0f:ba:60:b6:cb:b4:2a:22:8a:16:97:e4:
         f3:e5:af:06:9b:10:6b:1e:23:58:ac:85:f1:1f:e1:07:4c:75:
         e3:b2:5a:7b:64:06:08:ef:b2:ec:3f:5c:17:d8:d3:a0:a7:c3:
         c2:24:ba:cb:1c:9f:f3:1f:ed:74:cd:c5:9f:13:af:de:2e:ca:
         15:e6:8b:14:76:2b:83:d4:e2:ce:85:19:00:91:86:4a:d3:18:
         eb:69:40:6f:6a:7f:e8:dc:48:5f:90:e6:b9:41:fb:ae:17:9a:
         b5:0d:73:7b:e4:5d:1d:35:6f:88:4f:4a:55:89:ba:a6:21:22:
         e1:53:db:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYUXHA1ZlEda4NtSR0LDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZDU2NjdjNDEyODE0MTEzOWNjYTdjNTA0N2ZjMTcyNTBi
ZjYzYWYwHhcNMjYwMzI2MDkwMjEzWhcNMjYwMzI3MDkwMjEzWjAzMTEwLwYDVQQD
EyhhNTkyMmU5NjA5ZTBiYjVkNmEyZjNjMGM4MzI2MjY5MGNjNWRhNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MFK+iqP27yAvpqb72fvmvcb5a+l
ZxfW6CTkNFEHt/Qym2sveKn3dYFkDmlK2g2894lOPhCdHsl/YS1W+dZey4F8V40K
i47qiJieFMpkX88XeJTFM337OvFR95JxqlifGr112OWFQXrPsDEDjM73IfZmYAG+
a2uw+nRYNSWJPnhdAmDXiLLTWKUcbhOEJSh1Q7TVpaDCfEmFRKixXL4ajO/AIMhW
zqxbmwKa2Y2OM/hpRZTaT2BJ29S/NULVMdiTV07nNXKNKJaKyeTJ5hqSV1phhrc3
Lhf8QEPcIDz0XKqNkz2iXYwRDy1MUZQb1BC5rwS6KlvaU/0Amlao6GXjlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWSLpYJ4Ltdai88DIMmJpDMXaWrMB8GA1UdIwQY
MBaAFJrVZnxBKBQROcynxQR/wXJQv2OvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2Qt
Njg3MjM1NTgzOGEyLzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2QtNjg3MjM1NTgzOGEy
LzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI4qN9q26
k7/eV1NkI78suXAOZVyjwVT6GhAVkke84k55L/JWzqmYJRQSqc/dGJdgfwMB8Nxq
yLrVfpjqg5IOEvWstRf90S4a+g5RxjyhAlcQCyf5j+k3R2UfcO5C5jvwRN++X0zz
Lb3rxELH1wvQZNiIiT2BdsztZRaqniWn8UjiCyvkD7pgtsu0KiKKFpfk8+WvBpsQ
ax4jWKyF8R/hB0x147Jae2QGCO+y7D9cF9jToKfDwiS6yxyf8x/tdM3FnxOv3i7K
FeaLFHYrg9TizoUZAJGGStMY62lAb2p/6NxIX5DmuUH7rheatQ1ze+RdHTVviE9K
VYm6piEi4VPbuA==
-----END CERTIFICATE-----