Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          dyv06RV6eKVkZaJr5Av2HAtjQjm1k9W6zmF0ZH8+pPo=
Subject key identifier:   50:1A:B4:F6:34:C9:C1:61:F0:1D:28:B8:85:AA:F2:AE:1A:98:50:E4
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       019D28F2D62290089C3A4E55F40B08950890
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0C95
Signing time:             Thu 26 Mar 2026 07:01:36 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:36 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:36 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: KjzoV0OC0XstmtjYaNOaNWXk7djSZDD6PahB2f8zS20=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:d6:22:90:08:9c:3a:4e:55:f4:0b:08:95:08:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Mar 26 07:01:36 2026 GMT
            Not After : Mar 27 07:01:36 2026 GMT
        Subject: CN=501ab4f634c9c161f01d28b885aaf2ae1a9850e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:f0:4a:43:2d:c2:64:69:29:9e:c0:13:ed:60:
                    11:21:20:5e:8d:8a:70:bb:36:a5:01:c7:5d:52:bb:
                    2a:2f:3b:f8:9c:9d:ff:b5:a2:83:0a:cc:ae:df:2e:
                    48:28:d9:df:ed:14:77:be:fa:c7:ea:f6:2e:a1:62:
                    05:10:32:ad:6a:6a:4e:ae:89:d0:4b:20:51:a5:b6:
                    7f:fa:7b:9b:6d:3e:32:dc:5c:e5:40:98:1e:ba:02:
                    54:77:fb:bf:0e:e0:2c:76:02:24:67:aa:f8:66:d5:
                    ad:c6:95:2b:fa:26:1e:5f:a0:b7:a1:6a:cc:81:de:
                    c1:b2:b0:f6:8b:49:34:ae:d5:5c:35:3c:e3:04:1c:
                    80:e5:7a:0c:ca:86:1c:5f:b8:a5:97:a9:8a:75:6f:
                    ba:bc:d5:11:28:35:d7:04:ae:27:43:7b:49:62:e3:
                    6e:3f:95:8b:49:cc:c9:23:59:74:2b:40:07:f2:41:
                    91:00:96:4a:72:83:7b:df:db:8d:57:ca:23:e0:58:
                    88:90:b1:36:83:a0:e3:a9:95:b2:f5:43:ff:1b:d1:
                    12:7d:28:3a:a2:b1:6e:82:46:64:c9:fe:87:b3:83:
                    69:27:93:a7:0d:7e:f3:60:4e:a8:5f:ec:13:f6:f4:
                    8e:1f:d4:71:e5:f1:77:d5:e4:f0:97:52:cf:97:1f:
                    38:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:1A:B4:F6:34:C9:C1:61:F0:1D:28:B8:85:AA:F2:AE:1A:98:50:E4
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:85:be:bb:a8:60:a6:4f:2e:24:f1:97:ca:f1:82:76:26:04:
         fb:46:54:26:af:20:5e:a1:d5:ba:15:7b:4f:ec:79:35:42:f5:
         8d:e8:f1:64:55:76:69:0c:27:3d:3d:3d:c1:a1:9f:cd:de:86:
         77:37:e4:ea:02:d3:34:e1:29:df:07:b9:de:2c:28:29:87:c4:
         03:b7:fe:fb:db:dd:9f:67:84:5b:62:8f:ca:8a:b2:34:81:bd:
         0c:7f:e9:eb:1a:38:61:24:54:cd:33:df:50:37:d4:81:8c:e6:
         5e:6e:79:00:5d:96:14:87:0c:f9:e9:0a:66:d9:0b:17:da:17:
         4d:69:1b:04:38:ad:63:72:21:f0:67:01:49:92:31:38:b8:18:
         0b:dc:1c:92:b2:74:2d:bb:c3:7c:82:87:61:48:17:0d:f7:8c:
         c2:d1:17:9b:92:8d:6c:10:29:13:f4:28:16:3f:35:5f:3c:ab:
         b4:1f:b7:71:55:22:60:0f:c6:89:5a:37:f1:96:15:cc:1d:3f:
         2c:59:b5:69:a8:2d:d3:2e:97:b1:4d:95:7b:15:7e:3a:23:a3:
         27:02:2e:eb:39:17:67:79:5f:b9:82:94:58:7b:d9:88:33:a4:
         c7:d5:61:e6:b8:88:a1:03:d2:7c:2d:6f:c3:a1:1b:cb:5d:79:
         6b:17:09:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8tYikAicOk5V9AsIlQiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjYwMzI2MDcwMTM2WhcNMjYwMzI3MDcwMTM2WjAzMTEwLwYDVQQD
Eyg1MDFhYjRmNjM0YzljMTYxZjAxZDI4Yjg4NWFhZjJhZTFhOTg1MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfBKQy3CZGkpnsAT7WARISBejYpw
uzalAcddUrsqLzv4nJ3/taKDCsyu3y5IKNnf7RR3vvrH6vYuoWIFEDKtampOronQ
SyBRpbZ/+nubbT4y3FzlQJgeugJUd/u/DuAsdgIkZ6r4ZtWtxpUr+iYeX6C3oWrM
gd7BsrD2i0k0rtVcNTzjBByA5XoMyoYcX7ill6mKdW+6vNURKDXXBK4nQ3tJYuNu
P5WLSczJI1l0K0AH8kGRAJZKcoN739uNV8oj4FiIkLE2g6DjqZWy9UP/G9ESfSg6
orFugkZkyf6Hs4NpJ5OnDX7zYE6oX+wT9vSOH9Rx5fF31eTwl1LPlx84mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFAatPY0ycFh8B0ouIWq8q4amFDkMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA4W+u6hg
pk8uJPGXyvGCdiYE+0ZUJq8gXqHVuhV7T+x5NUL1jejxZFV2aQwnPT09waGfzd6G
dzfk6gLTNOEp3we53iwoKYfEA7f++9vdn2eEW2KPyoqyNIG9DH/p6xo4YSRUzTPf
UDfUgYzmXm55AF2WFIcM+ekKZtkLF9oXTWkbBDitY3Ih8GcBSZIxOLgYC9wckrJ0
LbvDfIKHYUgXDfeMwtEXm5KNbBApE/QoFj81XzyrtB+3cVUiYA/GiVo38ZYVzB0/
LFm1aagt0y6XsU2VexV+OiOjJwIu6zkXZ3lfuYKUWHvZiDOkx9Vh5riIoQPSfC1v
w6Eby115axcJ4Q==
-----END CERTIFICATE-----