Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.mft
File:                     if4_e4M8MGAut5hY5-r67VVPTFs.mft (raw, json)
Hash identifier:          7BSPzoBLeJ6e2vrWLKTMNxMHRPu1VNE/gjE4WmZwtrY=
Subject key identifier:   3F:C8:F7:0E:93:83:D5:7C:B9:32:2F:FB:C7:62:98:11:C1:DA:6C:31
Authority key identifier: 89:FE:3F:7B:83:3C:30:60:2E:B7:98:58:E7:EA:FA:ED:55:4F:4C:5B
Certificate issuer:       /CN=89fe3f7b833c30602eb79858e7eafaed554f4c5b
Certificate serial:       019D27728E2DE3DD1C83BE7EA4C979DA2C71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/if4_e4M8MGAut5hY5-r67VVPTFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.mft
Manifest number:          0AE2
Signing time:             Thu 26 Mar 2026 00:01:51 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:51 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:51 +0000
Files and hashes:         1: if4_e4M8MGAut5hY5-r67VVPTFs.crl (hash: VshjpRt8Qs7AKrelMjHwb5ezOpsSoCS372UPpZMxB/M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/if4_e4M8MGAut5hY5-r67VVPTFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:8e:2d:e3:dd:1c:83:be:7e:a4:c9:79:da:2c:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89fe3f7b833c30602eb79858e7eafaed554f4c5b
        Validity
            Not Before: Mar 26 00:01:51 2026 GMT
            Not After : Mar 27 00:01:51 2026 GMT
        Subject: CN=3fc8f70e9383d57cb9322ffbc7629811c1da6c31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:86:f4:c7:a9:5e:d5:a6:75:a6:5c:c3:44:e8:
                    6e:15:ef:8a:01:df:58:d8:f7:2d:cd:a1:e0:59:12:
                    e6:74:67:a6:be:8d:1c:52:bb:7e:ca:7a:f3:63:1c:
                    e8:d0:f1:36:7b:38:68:55:d3:0a:2c:10:f3:6c:13:
                    aa:8c:09:67:d7:a7:0c:c1:b1:70:52:4d:c7:2a:b0:
                    c9:c8:e0:96:76:f3:ac:a4:da:10:b7:c6:24:28:3e:
                    19:10:98:56:6b:54:8b:ab:0f:92:b8:11:f6:37:48:
                    64:d9:29:0e:74:b7:fa:03:74:91:ce:de:5a:e3:c0:
                    de:24:be:8b:1e:8c:7e:be:f7:b2:79:97:74:a7:f4:
                    22:e4:69:4a:21:18:e2:7a:c4:65:41:5d:88:33:95:
                    b6:34:74:1d:56:a1:6f:c4:e3:58:f4:3c:59:d6:da:
                    bd:e9:2c:b2:b7:00:0f:db:f0:54:4b:b3:80:53:77:
                    6f:85:8b:49:38:64:99:03:1e:95:b9:9d:15:75:43:
                    0c:bd:89:c4:e7:2f:60:c1:62:f7:2b:3b:bd:8e:33:
                    1b:c5:47:cc:e2:15:e5:23:19:b5:3b:93:8b:65:fc:
                    c9:7f:fe:e2:cc:0c:22:fd:e4:9b:f2:5c:5a:d9:d4:
                    98:a9:02:c2:7e:90:56:39:53:9c:c9:b7:b5:f7:77:
                    d5:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:C8:F7:0E:93:83:D5:7C:B9:32:2F:FB:C7:62:98:11:C1:DA:6C:31
            X509v3 Authority Key Identifier:
                keyid:89:FE:3F:7B:83:3C:30:60:2E:B7:98:58:E7:EA:FA:ED:55:4F:4C:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/if4_e4M8MGAut5hY5-r67VVPTFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:2b:33:75:aa:3f:c0:fa:31:99:89:f8:85:b2:0f:23:93:30:
         e9:cd:40:64:ca:19:2b:14:be:f7:5a:51:38:3c:21:48:fa:89:
         f6:ec:27:22:c5:20:9e:26:ca:e8:01:b2:67:c0:37:f4:4c:f0:
         eb:30:1a:f6:47:96:ac:ae:5f:f4:5a:61:29:8b:86:72:99:52:
         13:8b:54:20:43:3e:c3:7d:2f:b3:e7:b5:61:c4:bd:50:2d:84:
         f4:6f:98:11:a2:ed:90:bd:fa:a0:03:c7:03:d7:d2:61:68:2f:
         53:24:b5:77:4f:f9:87:f3:c2:26:ae:93:00:39:43:ed:d4:c3:
         e1:c6:55:cf:0a:04:9b:aa:b2:04:e7:92:c3:4b:74:4f:9d:4b:
         4d:3c:93:e6:a6:b7:07:88:f5:43:2f:f8:42:5d:f1:60:28:e5:
         f2:63:42:f5:ca:45:5d:47:55:6c:1c:81:e1:3b:d2:1d:cd:3d:
         ba:ec:24:db:70:44:9e:eb:64:51:a9:72:b1:29:03:cd:c2:48:
         26:b9:4b:56:1e:de:e7:8a:2b:3c:f1:ce:30:c3:d3:3a:cd:39:
         41:e6:64:e0:bd:75:4f:fd:1d:fb:fc:59:bf:c1:ce:66:e9:5b:
         70:42:2d:b5:2d:13:74:fe:9a:dc:34:84:07:d1:8d:52:84:31:
         73:8a:81:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nco4t490cg75+pMl52ixxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZmUzZjdiODMzYzMwNjAyZWI3OTg1OGU3ZWFmYWVkNTU0
ZjRjNWIwHhcNMjYwMzI2MDAwMTUxWhcNMjYwMzI3MDAwMTUxWjAzMTEwLwYDVQQD
EygzZmM4ZjcwZTkzODNkNTdjYjkzMjJmZmJjNzYyOTgxMWMxZGE2YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmob0x6le1aZ1plzDROhuFe+KAd9Y
2PctzaHgWRLmdGemvo0cUrt+ynrzYxzo0PE2ezhoVdMKLBDzbBOqjAln16cMwbFw
Uk3HKrDJyOCWdvOspNoQt8YkKD4ZEJhWa1SLqw+SuBH2N0hk2SkOdLf6A3SRzt5a
48DeJL6LHox+vveyeZd0p/Qi5GlKIRjiesRlQV2IM5W2NHQdVqFvxONY9DxZ1tq9
6SyytwAP2/BUS7OAU3dvhYtJOGSZAx6VuZ0VdUMMvYnE5y9gwWL3Kzu9jjMbxUfM
4hXlIxm1O5OLZfzJf/7izAwi/eSb8lxa2dSYqQLCfpBWOVOcybe193fVbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/I9w6Tg9V8uTIv+8dimBHB2mwxMB8GA1UdIwQY
MBaAFIn+P3uDPDBgLreYWOfq+u1VT0xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWY0X2U0TThNR0F1dDVoWTUtcjY3VlZQVEZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9iNjg5ZmQtYjEzZS00MzMyLTllYjct
NjVjYjYzYWZjZTVlLzEvaWY0X2U0TThNR0F1dDVoWTUtcjY3VlZQVEZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9iNjg5ZmQtYjEzZS00MzMyLTllYjctNjVjYjYzYWZjZTVl
LzEvaWY0X2U0TThNR0F1dDVoWTUtcjY3VlZQVEZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbSszdao/
wPoxmYn4hbIPI5Mw6c1AZMoZKxS+91pRODwhSPqJ9uwnIsUgnibK6AGyZ8A39Ezw
6zAa9keWrK5f9FphKYuGcplSE4tUIEM+w30vs+e1YcS9UC2E9G+YEaLtkL36oAPH
A9fSYWgvUyS1d0/5h/PCJq6TADlD7dTD4cZVzwoEm6qyBOeSw0t0T51LTTyT5qa3
B4j1Qy/4Ql3xYCjl8mNC9cpFXUdVbByB4TvSHc09uuwk23BEnutkUalysSkDzcJI
JrlLVh7e54orPPHOMMPTOs05QeZk4L11T/0d+/xZv8HOZulbcEIttS0TdP6a3DSE
B9GNUoQxc4qBOA==
-----END CERTIFICATE-----