Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft
File:                     PI0Z2SQBkcNql0ti35PCIUNtm90.mft (raw, json)
Hash identifier:          7IsLb5KLRGsLdAPPSeGOqhciu2peI8ak9NQsk+AoQ+Q=
Subject key identifier:   C0:93:6F:58:F6:A8:AB:96:23:1F:7E:6D:A5:02:16:02:7D:BF:C6:C7
Authority key identifier: 3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD
Certificate issuer:       /CN=3c8d19d9240191c36a974b62df93c221436d9bdd
Certificate serial:       019D27049ABA848800178DA1E2F1C2438173
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft
Manifest number:          0CC0
Signing time:             Wed 25 Mar 2026 22:01:46 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:46 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:46 +0000
Files and hashes:         1: PI0Z2SQBkcNql0ti35PCIUNtm90.crl (hash: dH9W6nLTCSEfCuZGg31AnhQLyPCTzlU5248oIvOOowU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:9a:ba:84:88:00:17:8d:a1:e2:f1:c2:43:81:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c8d19d9240191c36a974b62df93c221436d9bdd
        Validity
            Not Before: Mar 25 22:01:46 2026 GMT
            Not After : Mar 26 22:01:46 2026 GMT
        Subject: CN=c0936f58f6a8ab96231f7e6da50216027dbfc6c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:6a:2c:26:94:c7:55:0a:15:34:a3:41:f1:5d:
                    01:c4:0b:98:b5:1f:06:62:7c:36:0c:84:48:45:83:
                    12:d9:65:56:49:33:4e:2d:fc:09:f2:7f:d4:82:fc:
                    c5:c8:40:7b:44:0c:a0:c4:8b:7c:e8:ac:e2:92:89:
                    f3:fd:4c:8b:8f:a7:8f:b7:69:be:a8:81:17:d4:d0:
                    bb:0e:0d:59:25:cc:18:19:2d:ff:97:8e:12:8e:16:
                    9e:b1:1b:0a:9c:25:a2:93:f0:9d:7e:7c:f9:8e:02:
                    70:02:35:65:90:29:f0:0d:eb:8a:be:35:d1:b2:82:
                    e4:9d:56:1f:a4:e8:1a:ad:fa:8b:27:bb:17:fa:4d:
                    80:90:a5:dd:82:c3:80:c6:ec:fa:d6:5b:67:29:69:
                    70:a1:c4:e6:67:88:a4:53:43:5f:58:09:96:e4:4a:
                    0f:bb:b7:b5:31:45:3c:55:5e:2d:38:66:93:0f:0d:
                    6e:20:c1:a2:bd:a6:8b:b5:a8:c1:6e:5f:fa:df:34:
                    64:85:69:64:c2:10:5b:16:73:c9:19:1b:91:fd:57:
                    f0:97:1b:50:3a:13:08:1c:cd:43:23:c1:e0:4f:05:
                    09:19:34:c5:55:a6:6f:50:c9:97:24:cc:62:71:f2:
                    a2:e2:21:32:43:48:04:96:c8:ff:65:1f:81:e3:21:
                    17:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:93:6F:58:F6:A8:AB:96:23:1F:7E:6D:A5:02:16:02:7D:BF:C6:C7
            X509v3 Authority Key Identifier:
                keyid:3C:8D:19:D9:24:01:91:C3:6A:97:4B:62:DF:93:C2:21:43:6D:9B:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI0Z2SQBkcNql0ti35PCIUNtm90.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/800e39-f9b1-4f8d-9c10-10357b87cb23/1/PI0Z2SQBkcNql0ti35PCIUNtm90.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:cc:ba:8d:48:d5:42:d7:89:32:44:cb:a0:70:81:d3:93:b7:
         13:13:ae:bf:7a:8b:ad:b9:36:c5:ed:83:78:1f:d3:02:0f:d3:
         8e:22:11:93:36:00:7d:dd:d2:33:99:b8:41:96:35:08:17:47:
         1d:6e:5a:f7:42:dd:c0:f1:00:83:51:44:b9:a2:ea:07:04:3b:
         76:a8:02:f4:01:1f:20:9e:7e:83:61:e8:b5:ad:52:55:b6:52:
         86:e0:ed:21:04:a0:15:33:19:40:83:23:4c:30:4b:33:84:cd:
         fb:c8:d1:49:5b:29:55:86:7a:3f:83:7f:1e:f7:8b:36:e9:fd:
         a8:71:ea:e3:22:5c:10:db:86:0b:3a:84:4a:91:3d:82:bb:a1:
         0c:26:eb:81:55:cc:d7:6d:d5:c7:a3:b7:9d:97:b6:16:15:8b:
         09:5a:4d:9d:a3:ab:31:20:15:cf:37:93:16:fa:27:c2:b1:98:
         ec:af:fd:38:26:90:8e:e9:f1:6c:d0:64:14:3b:e5:74:59:96:
         21:4f:84:b6:f5:d9:cf:e0:81:a3:c3:73:d6:ca:5f:24:f8:28:
         35:b9:4f:2e:45:26:e1:c2:f2:79:cb:3f:89:d7:75:40:a6:c6:
         28:ac:1f:5a:63:33:03:f1:62:b5:70:1a:af:e0:f1:3f:38:1e:
         ed:6c:ce:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBJq6hIgAF42h4vHCQ4FzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOGQxOWQ5MjQwMTkxYzM2YTk3NGI2MmRmOTNjMjIxNDM2
ZDliZGQwHhcNMjYwMzI1MjIwMTQ2WhcNMjYwMzI2MjIwMTQ2WjAzMTEwLwYDVQQD
EyhjMDkzNmY1OGY2YThhYjk2MjMxZjdlNmRhNTAyMTYwMjdkYmZjNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimosJpTHVQoVNKNB8V0BxAuYtR8G
Ynw2DIRIRYMS2WVWSTNOLfwJ8n/UgvzFyEB7RAygxIt86Kzikonz/UyLj6ePt2m+
qIEX1NC7Dg1ZJcwYGS3/l44SjhaesRsKnCWik/Cdfnz5jgJwAjVlkCnwDeuKvjXR
soLknVYfpOgarfqLJ7sX+k2AkKXdgsOAxuz61ltnKWlwocTmZ4ikU0NfWAmW5EoP
u7e1MUU8VV4tOGaTDw1uIMGivaaLtajBbl/63zRkhWlkwhBbFnPJGRuR/VfwlxtQ
OhMIHM1DI8HgTwUJGTTFVaZvUMmXJMxicfKi4iEyQ0gElsj/ZR+B4yEXWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCTb1j2qKuWIx9+baUCFgJ9v8bHMB8GA1UdIwQY
MBaAFDyNGdkkAZHDapdLYt+TwiFDbZvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAt
MTAzNTdiODdjYjIzLzEvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84MDBlMzktZjliMS00ZjhkLTljMTAtMTAzNTdiODdjYjIz
LzEvUEkwWjJTUUJrY05xbDB0aTM1UENJVU50bTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANcy6jUjV
QteJMkTLoHCB05O3ExOuv3qLrbk2xe2DeB/TAg/TjiIRkzYAfd3SM5m4QZY1CBdH
HW5a90LdwPEAg1FEuaLqBwQ7dqgC9AEfIJ5+g2Hota1SVbZShuDtIQSgFTMZQIMj
TDBLM4TN+8jRSVspVYZ6P4N/HveLNun9qHHq4yJcENuGCzqESpE9gruhDCbrgVXM
123Vx6O3nZe2FhWLCVpNnaOrMSAVzzeTFvonwrGY7K/9OCaQjunxbNBkFDvldFmW
IU+EtvXZz+CBo8Nz1spfJPgoNblPLkUm4cLyecs/idd1QKbGKKwfWmMzA/FitXAa
r+DxPzge7WzOSw==
-----END CERTIFICATE-----