Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          Jo6nf6nPsQMwZ4cgn8cp29E1AiYlP3sgzqIqn9EesUI=
Subject key identifier:   40:5A:79:22:B1:C8:28:B4:E5:7C:EF:6A:51:67:81:BB:D2:F5:54:DA
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       019D28F285924452A8CDD2A065025243018E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0CE9
Signing time:             Thu 26 Mar 2026 07:01:15 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:15 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:15 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: +EQEe1knTSLm9XQzZ2+zkS8ni5JzzFBNCZI+7j+L9RM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:85:92:44:52:a8:cd:d2:a0:65:02:52:43:01:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Mar 26 07:01:15 2026 GMT
            Not After : Mar 27 07:01:15 2026 GMT
        Subject: CN=405a7922b1c828b4e57cef6a516781bbd2f554da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:68:5a:16:39:cb:09:95:48:33:ee:43:12:de:
                    a2:69:8d:70:9b:07:1a:23:36:11:a6:c7:54:cd:6d:
                    7d:79:03:64:8e:cf:2f:06:84:59:0f:91:b7:26:bf:
                    6f:09:99:45:94:e1:37:4f:82:64:c6:1b:db:0f:b1:
                    ac:a2:a6:24:a8:95:99:6a:de:cd:6f:9c:8a:fc:4c:
                    76:33:98:76:83:2b:bd:5b:e3:65:33:8d:4d:af:74:
                    ea:e8:1a:17:85:a4:23:9a:ca:b7:70:eb:40:4a:c7:
                    79:2e:46:e4:46:48:14:34:cf:3e:bc:f1:e1:6c:ec:
                    f0:c2:16:b1:aa:6f:9a:35:9c:57:35:26:f2:4e:5c:
                    9c:56:59:f8:68:00:99:97:92:0b:44:64:0e:10:bd:
                    04:a1:f8:57:85:83:2c:6e:d3:6f:36:9e:a0:c0:0e:
                    f9:f5:60:9b:9d:32:51:d6:80:08:ba:cf:19:da:96:
                    46:81:9e:31:41:7b:d6:f6:76:f5:59:d9:b2:e2:21:
                    2f:30:57:83:9f:cb:2b:6d:fe:c2:a5:7a:3c:f6:bd:
                    07:bf:8f:f3:94:28:3b:01:9c:2a:1c:d8:e3:e6:b7:
                    37:95:2e:e4:9d:8d:8a:ab:93:a4:17:dc:8e:be:f0:
                    e9:a2:31:59:d0:88:cb:7c:3d:4c:20:3b:31:82:a8:
                    9d:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:5A:79:22:B1:C8:28:B4:E5:7C:EF:6A:51:67:81:BB:D2:F5:54:DA
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:d1:9f:78:e0:2e:50:c5:2e:29:e5:d7:15:17:aa:3b:b4:1e:
         71:ba:31:94:de:44:73:eb:fa:83:34:cc:6d:25:e6:6e:3c:66:
         12:24:2e:8b:14:70:be:8d:19:31:2c:a1:e0:27:fd:d8:06:6c:
         3e:a6:60:8c:5f:b1:2d:d4:75:1c:ce:89:87:3f:15:85:16:1b:
         0d:03:1a:af:a2:98:8c:e5:03:0f:f4:b3:cb:c1:dc:05:91:4c:
         4c:08:2e:b6:dc:04:67:26:be:4e:0d:56:b7:92:ac:97:6c:86:
         45:61:ae:78:a4:d2:6b:ab:4e:b2:6b:75:7f:5d:0b:93:9d:14:
         71:e8:61:d3:0a:a2:dd:73:a2:fa:17:b2:0d:7c:a2:d0:a6:24:
         ce:b3:83:c0:ba:96:66:a4:37:0c:f1:a3:9b:cd:76:8b:f5:0a:
         ac:5f:cd:44:3d:e5:47:70:f7:4b:24:35:50:19:bf:35:c9:18:
         f9:d8:5c:1c:88:39:63:09:33:b1:79:e0:be:42:c0:f2:8c:f8:
         2c:bd:44:b3:30:1e:a2:cc:c0:d3:9a:fa:6e:2f:6e:15:fa:0d:
         d8:7f:8c:52:54:91:87:09:9b:09:61:7e:a9:a5:02:60:cc:60:
         71:93:c8:00:52:4d:6e:02:e8:03:7c:24:2d:56:e2:7f:71:7b:
         5b:1c:da:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8oWSRFKozdKgZQJSQwGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjYwMzI2MDcwMTE1WhcNMjYwMzI3MDcwMTE1WjAzMTEwLwYDVQQD
Eyg0MDVhNzkyMmIxYzgyOGI0ZTU3Y2VmNmE1MTY3ODFiYmQyZjU1NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2haFjnLCZVIM+5DEt6iaY1wmwca
IzYRpsdUzW19eQNkjs8vBoRZD5G3Jr9vCZlFlOE3T4JkxhvbD7GsoqYkqJWZat7N
b5yK/Ex2M5h2gyu9W+NlM41Nr3Tq6BoXhaQjmsq3cOtASsd5LkbkRkgUNM8+vPHh
bOzwwhaxqm+aNZxXNSbyTlycVln4aACZl5ILRGQOEL0EofhXhYMsbtNvNp6gwA75
9WCbnTJR1oAIus8Z2pZGgZ4xQXvW9nb1Wdmy4iEvMFeDn8srbf7CpXo89r0Hv4/z
lCg7AZwqHNjj5rc3lS7knY2Kq5OkF9yOvvDpojFZ0IjLfD1MIDsxgqidDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBaeSKxyCi05XzvalFngbvS9VTaMB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJNGfeOAu
UMUuKeXXFReqO7QecboxlN5Ec+v6gzTMbSXmbjxmEiQuixRwvo0ZMSyh4Cf92AZs
PqZgjF+xLdR1HM6Jhz8VhRYbDQMar6KYjOUDD/Szy8HcBZFMTAguttwEZya+Tg1W
t5Ksl2yGRWGueKTSa6tOsmt1f10Lk50Ucehh0wqi3XOi+heyDXyi0KYkzrODwLqW
ZqQ3DPGjm812i/UKrF/NRD3lR3D3SyQ1UBm/NckY+dhcHIg5YwkzsXngvkLA8oz4
LL1EszAeoszA05r6bi9uFfoN2H+MUlSRhwmbCWF+qaUCYMxgcZPIAFJNbgLoA3wk
LVbif3F7WxzaAg==
-----END CERTIFICATE-----