Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3195dc-2da5-448c-a8f3-6f5cf79f0064/1/ilqFDZoDAtO1zC3firM8qrfM5KY.mft
File:                     ilqFDZoDAtO1zC3firM8qrfM5KY.mft (raw, json)
Hash identifier:          Gtm58AinD/PG6Gw60h/4Nhm7a2MJsX3Iy0XLHBJzhGQ=
Subject key identifier:   67:3F:FC:57:47:25:92:EB:F6:08:CA:EC:88:8F:B4:90:2C:F0:CE:37
Authority key identifier: 8A:5A:85:0D:9A:03:02:D3:B5:CC:2D:DF:8A:B3:3C:AA:B7:CC:E4:A6
Certificate issuer:       /CN=8a5a850d9a0302d3b5cc2ddf8ab33caab7cce4a6
Certificate serial:       019D3307F40A5A28CB4DB44B8F51D8564A15
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ilqFDZoDAtO1zC3firM8qrfM5KY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/3195dc-2da5-448c-a8f3-6f5cf79f0064/1/ilqFDZoDAtO1zC3firM8qrfM5KY.mft
Manifest number:          0100
Signing time:             Sat 28 Mar 2026 06:00:52 +0000
Manifest this update:     Sat 28 Mar 2026 06:00:52 +0000
Manifest next update:     Sun 29 Mar 2026 06:00:52 +0000
Files and hashes:         1: ilqFDZoDAtO1zC3firM8qrfM5KY.crl (hash: jHvgpBevY+EPCB5ZNpuZwrWU2je2B6W+Rv/ZRPGeOGM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/3195dc-2da5-448c-a8f3-6f5cf79f0064/1/ilqFDZoDAtO1zC3firM8qrfM5KY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/3195dc-2da5-448c-a8f3-6f5cf79f0064/1/ilqFDZoDAtO1zC3firM8qrfM5KY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ilqFDZoDAtO1zC3firM8qrfM5KY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:07:f4:0a:5a:28:cb:4d:b4:4b:8f:51:d8:56:4a:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a5a850d9a0302d3b5cc2ddf8ab33caab7cce4a6
        Validity
            Not Before: Mar 28 06:00:52 2026 GMT
            Not After : Mar 29 06:00:52 2026 GMT
        Subject: CN=673ffc57472592ebf608caec888fb4902cf0ce37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c7:19:d7:6c:6f:de:0d:48:8d:da:8d:e7:59:
                    5d:c7:7b:30:3c:29:76:e8:1f:9a:58:91:b1:f4:21:
                    13:cb:65:69:64:22:3f:e6:d5:5e:95:cf:0e:95:ab:
                    00:0e:c0:94:ed:53:db:2f:57:b1:e8:ad:cf:b1:61:
                    fe:08:d1:bf:38:40:68:90:fb:8f:fe:34:dd:1d:a7:
                    22:1a:f8:01:f4:48:db:7d:fe:75:18:5b:ab:5d:88:
                    aa:df:2e:dd:5a:50:1a:af:f9:fd:46:e6:de:09:62:
                    59:b4:6f:8e:db:56:6d:85:01:80:8d:80:77:41:2d:
                    3b:43:48:c4:02:6a:4a:91:24:49:bb:83:f7:27:d6:
                    3e:44:03:ac:a2:a6:41:db:e0:72:a3:a3:a9:1e:24:
                    94:28:4d:81:3a:ed:73:77:de:87:e7:ea:06:b1:e7:
                    0d:42:9e:9a:b7:01:b1:6b:28:ee:da:5a:99:62:be:
                    09:e0:71:cb:8f:b9:18:5a:cb:82:9c:92:8d:3c:71:
                    26:0d:d5:80:1b:c0:3a:38:20:1d:df:93:b7:2c:f7:
                    d5:3f:a5:8f:09:2a:6b:a7:0f:11:5a:c7:8f:82:29:
                    c8:1d:d8:20:72:37:d1:23:e6:7f:71:33:98:10:1b:
                    8d:33:70:25:99:6a:d4:01:e7:71:78:8c:01:fb:f2:
                    c0:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:3F:FC:57:47:25:92:EB:F6:08:CA:EC:88:8F:B4:90:2C:F0:CE:37
            X509v3 Authority Key Identifier:
                keyid:8A:5A:85:0D:9A:03:02:D3:B5:CC:2D:DF:8A:B3:3C:AA:B7:CC:E4:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilqFDZoDAtO1zC3firM8qrfM5KY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3195dc-2da5-448c-a8f3-6f5cf79f0064/1/ilqFDZoDAtO1zC3firM8qrfM5KY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3195dc-2da5-448c-a8f3-6f5cf79f0064/1/ilqFDZoDAtO1zC3firM8qrfM5KY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:f0:f3:a0:15:ed:67:86:46:05:a8:d2:b6:00:96:46:de:af:
         18:ce:f2:4f:08:24:95:cd:06:98:4e:f4:dc:18:06:5f:6c:f5:
         c5:ac:8a:8f:1b:ea:05:c7:d4:86:a4:23:8c:42:f8:1d:52:84:
         cf:b7:3e:ec:90:b6:a2:26:c7:b8:03:41:4b:f8:f0:82:be:f9:
         1c:4c:52:f2:38:df:64:e7:bf:32:9a:3a:90:bd:35:45:ea:23:
         cb:f1:4a:1e:77:7f:62:1a:cf:2c:55:6b:78:bd:b5:7f:83:f0:
         5e:97:b4:49:d2:26:a3:ce:bc:02:d5:df:52:0a:bd:85:58:3d:
         1a:52:94:80:fb:ce:a9:21:1e:40:6b:78:11:57:58:3c:67:ff:
         46:c4:45:25:d8:6c:ae:c8:8b:e9:e1:cb:d1:82:76:13:c9:50:
         b9:6b:b4:18:a4:20:94:aa:75:6f:30:68:61:fa:de:bc:95:d3:
         6d:4b:fa:b1:4e:d0:f8:8d:17:4c:14:83:a3:2c:58:11:ea:32:
         14:65:55:ae:15:a0:35:b7:f0:4a:7a:1f:d3:2c:72:33:3d:59:
         37:a8:e7:9b:cd:1f:6e:02:93:40:6c:ab:25:ce:35:94:76:66:
         31:56:cf:5a:1e:1e:d7:bd:c3:d5:74:f6:27:d3:f2:4e:78:38:
         b7:46:39:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zB/QKWijLTbRLj1HYVkoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWE4NTBkOWEwMzAyZDNiNWNjMmRkZjhhYjMzY2FhYjdj
Y2U0YTYwHhcNMjYwMzI4MDYwMDUyWhcNMjYwMzI5MDYwMDUyWjAzMTEwLwYDVQQD
Eyg2NzNmZmM1NzQ3MjU5MmViZjYwOGNhZWM4ODhmYjQ5MDJjZjBjZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtccZ12xv3g1IjdqN51ldx3swPCl2
6B+aWJGx9CETy2VpZCI/5tVelc8OlasADsCU7VPbL1ex6K3PsWH+CNG/OEBokPuP
/jTdHaciGvgB9Ejbff51GFurXYiq3y7dWlAar/n9RubeCWJZtG+O21ZthQGAjYB3
QS07Q0jEAmpKkSRJu4P3J9Y+RAOsoqZB2+Byo6OpHiSUKE2BOu1zd96H5+oGsecN
Qp6atwGxayju2lqZYr4J4HHLj7kYWsuCnJKNPHEmDdWAG8A6OCAd35O3LPfVP6WP
CSprpw8RWsePginIHdggcjfRI+Z/cTOYEBuNM3AlmWrUAedxeIwB+/LAkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGc//FdHJZLr9gjK7IiPtJAs8M43MB8GA1UdIwQY
MBaAFIpahQ2aAwLTtcwt34qzPKq3zOSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxxRkRab0RBdE8xekMzZmlyTThxcmZNNUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zMTk1ZGMtMmRhNS00NDhjLWE4ZjMt
NmY1Y2Y3OWYwMDY0LzEvaWxxRkRab0RBdE8xekMzZmlyTThxcmZNNUtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zMTk1ZGMtMmRhNS00NDhjLWE4ZjMtNmY1Y2Y3OWYwMDY0
LzEvaWxxRkRab0RBdE8xekMzZmlyTThxcmZNNUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf/DzoBXt
Z4ZGBajStgCWRt6vGM7yTwgklc0GmE703BgGX2z1xayKjxvqBcfUhqQjjEL4HVKE
z7c+7JC2oibHuANBS/jwgr75HExS8jjfZOe/Mpo6kL01Reojy/FKHnd/YhrPLFVr
eL21f4PwXpe0SdImo868AtXfUgq9hVg9GlKUgPvOqSEeQGt4EVdYPGf/RsRFJdhs
rsiL6eHL0YJ2E8lQuWu0GKQglKp1bzBoYfrevJXTbUv6sU7Q+I0XTBSDoyxYEeoy
FGVVrhWgNbfwSnof0yxyMz1ZN6jnm80fbgKTQGyrJc41lHZmMVbPWh4e173D1XT2
J9PyTng4t0Y5zA==
-----END CERTIFICATE-----