Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
File:                     PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json)
Hash identifier:          vEk5LJdy5LT73v3hkzkwSUtxYy4FLFRXD/OjxSDwYKo=
Subject key identifier:   A9:9F:C1:EC:17:3C:3A:E7:D2:55:B7:A7:4A:C4:58:E9:5A:13:35:0A
Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6
Certificate issuer:       /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
Certificate serial:       019D28F24AACBB2063222B1D9B4CB8329DAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
Manifest number:          060B
Signing time:             Thu 26 Mar 2026 07:01:00 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:00 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:00 +0000
Files and hashes:         1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: r5adjYOkjqUgx6KuE55GsgpXgx11AKAyLgoVpugzNLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:4a:ac:bb:20:63:22:2b:1d:9b:4c:b8:32:9d:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
        Validity
            Not Before: Mar 26 07:01:00 2026 GMT
            Not After : Mar 27 07:01:00 2026 GMT
        Subject: CN=a99fc1ec173c3ae7d255b7a74ac458e95a13350a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:ac:36:63:7d:54:69:c7:ae:2a:2a:27:ad:0a:
                    55:34:4f:b8:3c:a6:4e:61:d3:db:e1:8b:34:95:29:
                    97:61:58:83:c3:1b:e9:6c:60:b7:6d:81:1f:72:69:
                    f8:41:14:fe:68:42:1d:76:ef:5f:a4:bc:53:7b:f9:
                    bd:4a:bb:3f:5f:58:5a:c2:01:2b:0d:70:ff:7a:00:
                    dd:e6:75:4a:0a:f0:d6:a7:9b:8d:e1:c6:ab:37:72:
                    2f:0c:be:79:21:79:48:8c:08:33:6a:70:fe:9d:af:
                    98:bf:d1:00:ea:64:75:1b:74:2d:0e:1c:09:2d:de:
                    ed:ef:30:1f:d2:59:27:b9:f7:14:ef:29:43:8c:a3:
                    6e:e2:ab:20:be:b9:7c:3c:d5:a8:ee:9b:89:73:19:
                    ae:9d:55:82:fc:96:69:76:22:28:41:a1:e4:57:59:
                    e6:cc:ce:0b:b1:a7:ce:1d:e4:30:13:5d:90:2f:6c:
                    46:74:ba:5a:f1:f2:18:a3:97:a3:3d:47:63:28:ae:
                    6e:77:12:21:64:cf:3b:03:1a:63:45:88:7d:e0:98:
                    1b:e2:da:66:79:fd:e8:00:71:2e:54:9e:06:a4:48:
                    57:6c:53:7d:34:a9:db:80:a7:c8:47:38:f2:7c:8d:
                    dc:39:39:cb:77:c1:70:5b:83:45:5d:3d:80:d1:29:
                    b2:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:9F:C1:EC:17:3C:3A:E7:D2:55:B7:A7:4A:C4:58:E9:5A:13:35:0A
            X509v3 Authority Key Identifier:
                keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:82:64:a5:0c:c0:0b:19:c9:c5:03:48:cb:22:43:c3:b0:15:
         d6:51:eb:4c:84:33:e6:29:03:ff:1b:6c:92:4a:52:80:cb:63:
         54:0e:0d:47:84:21:34:7f:5a:6a:2e:d7:af:25:bb:39:39:6a:
         68:f8:30:da:c5:01:1f:fe:96:9b:97:d3:a6:ae:76:f5:70:03:
         eb:9a:50:dc:cd:70:7e:b3:d1:aa:43:8e:fb:d6:2a:49:5d:0d:
         f3:0d:24:c6:ca:cc:9c:ce:af:94:2a:94:ed:16:27:2b:4b:df:
         5d:ca:94:b0:5a:9f:8f:67:59:eb:ee:5a:7e:a6:aa:50:ac:ac:
         37:c7:09:fa:e2:bf:25:af:41:ae:72:df:e5:f5:91:ec:b2:cc:
         db:19:64:82:41:29:86:31:2e:c6:60:f8:2b:c1:cd:ff:bc:7e:
         98:41:29:ef:9e:53:ed:7a:e6:da:b7:79:a6:26:60:d0:ea:ef:
         45:86:9d:99:bd:ff:56:4f:0a:20:44:a9:74:29:7f:49:8d:42:
         70:3d:94:d5:5e:6f:e6:e7:93:f9:0c:c5:77:a8:4b:a0:ec:94:
         0a:18:cc:4f:2d:af:14:e9:27:e6:f0:f9:13:b0:a7:3e:2d:3e:
         0e:73:4c:07:18:35:41:d2:a2:0a:0e:f2:7e:9a:d6:4e:2b:db:
         04:27:35:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8kqsuyBjIisdm0y4Mp2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy
NWIzYTYwHhcNMjYwMzI2MDcwMTAwWhcNMjYwMzI3MDcwMTAwWjAzMTEwLwYDVQQD
EyhhOTlmYzFlYzE3M2MzYWU3ZDI1NWI3YTc0YWM0NThlOTVhMTMzNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aw2Y31UaceuKionrQpVNE+4PKZO
YdPb4Ys0lSmXYViDwxvpbGC3bYEfcmn4QRT+aEIddu9fpLxTe/m9Srs/X1hawgEr
DXD/egDd5nVKCvDWp5uN4carN3IvDL55IXlIjAgzanD+na+Yv9EA6mR1G3QtDhwJ
Ld7t7zAf0lknufcU7ylDjKNu4qsgvrl8PNWo7puJcxmunVWC/JZpdiIoQaHkV1nm
zM4LsafOHeQwE12QL2xGdLpa8fIYo5ejPUdjKK5udxIhZM87AxpjRYh94Jgb4tpm
ef3oAHEuVJ4GpEhXbFN9NKnbgKfIRzjyfI3cOTnLd8FwW4NFXT2A0Smy/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmfwewXPDrn0lW3p0rEWOlaEzUKMB8GA1UdIwQY
MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt
MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5
LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdoJkpQzA
CxnJxQNIyyJDw7AV1lHrTIQz5ikD/xtskkpSgMtjVA4NR4QhNH9aai7XryW7OTlq
aPgw2sUBH/6Wm5fTpq529XAD65pQ3M1wfrPRqkOO+9YqSV0N8w0kxsrMnM6vlCqU
7RYnK0vfXcqUsFqfj2dZ6+5afqaqUKysN8cJ+uK/Ja9BrnLf5fWR7LLM2xlkgkEp
hjEuxmD4K8HN/7x+mEEp755T7Xrm2rd5piZg0OrvRYadmb3/Vk8KIESpdCl/SY1C
cD2U1V5v5ueT+QzFd6hLoOyUChjMTy2vFOkn5vD5E7CnPi0+DnNMBxg1QdKiCg7y
fprWTivbBCc1Ow==
-----END CERTIFICATE-----