Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
File:                     goIekswnAHYZMDmOI4DCOqR1XxY.mft (raw, json)
Hash identifier:          eXm0Z1lxfy6hl2Md8/2AjSH3BFtOY/hvUuipc5FTl38=
Subject key identifier:   94:0C:1E:CD:19:B6:EF:2D:CB:9D:53:79:83:B7:0C:E5:14:43:29:17
Authority key identifier: 82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16
Certificate issuer:       /CN=82821e92cc2700761930398e2380c23aa4755f16
Certificate serial:       019D28F22D1892B9D171CC009B3E97DDA13F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
Manifest number:          093C
Signing time:             Thu 26 Mar 2026 07:00:53 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:53 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:53 +0000
Files and hashes:         1: goIekswnAHYZMDmOI4DCOqR1XxY.crl (hash: UfxLQrvitEPqIuoql3M7JNQETDUMAiCajEVF6KehjU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:2d:18:92:b9:d1:71:cc:00:9b:3e:97:dd:a1:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82821e92cc2700761930398e2380c23aa4755f16
        Validity
            Not Before: Mar 26 07:00:53 2026 GMT
            Not After : Mar 27 07:00:53 2026 GMT
        Subject: CN=940c1ecd19b6ef2dcb9d537983b70ce514432917
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:3c:09:71:83:ad:2c:9a:8e:f0:a5:c2:65:98:
                    94:f4:ca:79:a5:a7:4f:54:a2:83:8d:78:d4:e9:d9:
                    5e:00:64:3f:9b:78:e8:fa:d9:c2:22:9d:cb:37:06:
                    84:8a:c3:72:1b:d1:b3:66:1f:e5:ca:45:70:17:ac:
                    bb:61:d2:fe:2b:a9:0c:44:50:26:19:3e:e7:79:f5:
                    2b:2a:a3:37:25:fa:3c:35:60:34:99:e8:09:dd:dc:
                    57:26:1d:2b:c7:b3:b9:36:78:75:bc:28:4a:cf:2c:
                    c7:4c:c3:bd:e0:4c:5b:ce:98:d5:59:c3:7a:a2:11:
                    3f:6c:c9:7f:ef:75:09:be:a7:ce:55:82:0b:3f:d3:
                    c2:e1:79:06:9e:aa:b1:5a:c2:4e:45:18:b5:a1:c4:
                    c1:ab:ee:09:ec:03:cf:5f:8f:b1:e7:04:d7:af:3d:
                    ab:31:2e:b6:1c:6e:63:a8:90:ca:4b:ba:8f:80:0f:
                    95:ae:c7:9a:2f:07:b4:3e:c0:23:eb:fe:e9:eb:c3:
                    ac:8a:f0:3e:80:7e:54:40:5a:ad:f3:8b:d6:df:c3:
                    cd:58:11:a5:d1:3d:a2:40:ea:7d:81:a4:55:9e:0d:
                    e7:01:ee:67:39:13:3b:a5:ce:df:ca:4a:41:55:c5:
                    c2:48:a3:a0:07:19:95:ef:10:ee:7f:e4:0a:b3:3f:
                    4a:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:0C:1E:CD:19:B6:EF:2D:CB:9D:53:79:83:B7:0C:E5:14:43:29:17
            X509v3 Authority Key Identifier:
                keyid:82:82:1E:92:CC:27:00:76:19:30:39:8E:23:80:C2:3A:A4:75:5F:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goIekswnAHYZMDmOI4DCOqR1XxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1b3bc0-faed-48fb-b3f0-08b62b8efe71/1/goIekswnAHYZMDmOI4DCOqR1XxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:c7:6e:8a:c1:5a:14:42:a9:8d:0c:7e:c4:fa:05:a1:25:24:
         e7:50:c5:3d:ff:bc:e4:ae:c2:9b:cd:b1:58:2b:67:28:54:90:
         8a:a0:80:12:1d:e6:19:0a:f6:b7:af:4a:2b:7c:c8:f7:b2:cd:
         0a:a5:c7:22:a3:f6:83:07:14:c4:db:6a:3f:e3:a3:9e:d7:a6:
         ee:5a:7f:f1:2e:8f:b8:bb:cd:2f:ef:23:b9:c9:ad:2f:f0:3c:
         8e:4b:19:33:7e:e7:c2:99:1f:bb:9a:27:6d:5a:d3:d3:c9:db:
         d2:86:74:b8:fb:fb:aa:d3:c0:b3:14:1a:42:3d:25:ef:bf:5f:
         ab:da:14:98:dd:0a:27:1e:70:54:e3:ca:41:69:9e:8f:b9:6e:
         c7:39:cf:44:db:41:93:1d:ee:b1:7f:d6:b8:24:70:ff:23:1f:
         e6:71:c5:f9:bf:27:ed:33:4f:db:a8:bf:78:3d:6d:65:95:bf:
         51:79:03:b6:18:e2:86:64:50:30:8a:39:98:27:51:cd:49:fd:
         21:6f:cc:a3:17:e0:28:92:d0:b1:6c:88:19:ed:33:f7:15:cf:
         e9:69:e3:ad:c5:6b:fa:39:02:5f:ac:81:54:7f:38:d8:9d:d6:
         f6:97:24:c4:25:61:60:82:15:4b:ef:f1:ed:d9:31:13:af:95:
         3b:1f:dc:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8i0YkrnRccwAmz6X3aE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODIxZTkyY2MyNzAwNzYxOTMwMzk4ZTIzODBjMjNhYTQ3
NTVmMTYwHhcNMjYwMzI2MDcwMDUzWhcNMjYwMzI3MDcwMDUzWjAzMTEwLwYDVQQD
Eyg5NDBjMWVjZDE5YjZlZjJkY2I5ZDUzNzk4M2I3MGNlNTE0NDMyOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzwJcYOtLJqO8KXCZZiU9Mp5padP
VKKDjXjU6dleAGQ/m3jo+tnCIp3LNwaEisNyG9GzZh/lykVwF6y7YdL+K6kMRFAm
GT7nefUrKqM3Jfo8NWA0megJ3dxXJh0rx7O5Nnh1vChKzyzHTMO94ExbzpjVWcN6
ohE/bMl/73UJvqfOVYILP9PC4XkGnqqxWsJORRi1ocTBq+4J7APPX4+x5wTXrz2r
MS62HG5jqJDKS7qPgA+VrseaLwe0PsAj6/7p68OsivA+gH5UQFqt84vW38PNWBGl
0T2iQOp9gaRVng3nAe5nORM7pc7fykpBVcXCSKOgBxmV7xDuf+QKsz9KJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQMHs0Ztu8ty51TeYO3DOUUQykXMB8GA1UdIwQY
MBaAFIKCHpLMJwB2GTA5jiOAwjqkdV8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAt
MDhiNjJiOGVmZTcxLzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYjNiYzAtZmFlZC00OGZiLWIzZjAtMDhiNjJiOGVmZTcx
LzEvZ29JZWtzd25BSFlaTURtT0k0RENPcVIxWHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARsduisFa
FEKpjQx+xPoFoSUk51DFPf+85K7Cm82xWCtnKFSQiqCAEh3mGQr2t69KK3zI97LN
CqXHIqP2gwcUxNtqP+Ojntem7lp/8S6PuLvNL+8jucmtL/A8jksZM37nwpkfu5on
bVrT08nb0oZ0uPv7qtPAsxQaQj0l779fq9oUmN0KJx5wVOPKQWmej7luxznPRNtB
kx3usX/WuCRw/yMf5nHF+b8n7TNP26i/eD1tZZW/UXkDthjihmRQMIo5mCdRzUn9
IW/MoxfgKJLQsWyIGe0z9xXP6WnjrcVr+jkCX6yBVH842J3W9pckxCVhYIIVS+/x
7dkxE6+VOx/cXg==
-----END CERTIFICATE-----