Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
File:                     Iu8SfmGVSrmJNlydukuMBkzu2fA.mft (raw, json)
Hash identifier:          HjrOxaJ4tr4X0QgIo7ALD4grMqCY29jJZ/pjm2fDMyU=
Subject key identifier:   F7:B2:54:77:2D:17:02:9A:DA:CA:31:B9:E5:21:82:F2:36:62:A5:FE
Authority key identifier: 22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0
Certificate issuer:       /CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
Certificate serial:       019D265F43EA427299E14202733F068E1853
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
Manifest number:          06DD
Signing time:             Wed 25 Mar 2026 19:01:10 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:10 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:10 +0000
Files and hashes:         1: Iu8SfmGVSrmJNlydukuMBkzu2fA.crl (hash: YBi6g24Fbqr+OaHq5gFDNEU0nJUJ0o4lPbyzHl6o6mI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:43:ea:42:72:99:e1:42:02:73:3f:06:8e:18:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
        Validity
            Not Before: Mar 25 19:01:10 2026 GMT
            Not After : Mar 26 19:01:10 2026 GMT
        Subject: CN=f7b254772d17029adaca31b9e52182f23662a5fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:b6:99:c3:d1:91:75:16:56:c2:9a:10:d7:39:
                    0c:dd:30:b0:1b:ec:a2:31:1d:d6:b6:56:1b:a5:43:
                    01:87:c7:71:dd:be:58:94:b4:f2:bf:ba:5f:94:32:
                    2a:09:7a:d6:a8:f4:c1:8b:fb:e3:a4:e3:b5:2b:0d:
                    0a:cb:03:e3:1c:29:6c:79:a2:16:fa:db:8e:d2:10:
                    a9:33:9c:4a:02:fd:3f:0b:aa:db:45:8a:fb:27:5e:
                    3a:4e:17:9c:ed:3f:b1:1e:29:b9:6e:1d:29:5c:b9:
                    a9:62:3b:96:84:ea:cc:23:9d:f7:63:3e:fe:ea:84:
                    aa:b2:59:1c:83:de:ac:df:54:e0:70:dc:22:7d:be:
                    5c:74:11:33:e5:32:e4:9f:cd:91:c1:09:4f:e9:2d:
                    53:fb:75:07:29:1e:23:15:2c:51:5b:25:78:9e:69:
                    4c:6b:33:e1:c0:be:78:45:66:56:0e:f1:66:fc:6f:
                    7d:66:97:40:5b:e0:56:f4:fd:c9:dd:a3:4a:40:5e:
                    34:a3:66:1e:28:e3:4a:c2:8b:cf:00:20:2e:6c:ee:
                    67:33:9d:f4:6c:50:1e:da:53:df:b0:22:6c:84:58:
                    5d:ea:72:33:c0:ff:22:19:ef:ad:7f:ba:4e:a9:36:
                    f7:94:e2:77:fc:80:ef:43:b2:46:d3:73:cf:75:41:
                    52:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:B2:54:77:2D:17:02:9A:DA:CA:31:B9:E5:21:82:F2:36:62:A5:FE
            X509v3 Authority Key Identifier:
                keyid:22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:84:7b:a8:34:29:5b:e6:91:55:3e:8a:ec:34:ee:93:2e:b9:
         23:18:f5:a3:f6:49:a0:4b:a2:71:ea:3a:76:bf:40:14:e0:4b:
         06:6b:44:b9:5e:54:ad:f0:54:a2:1d:fb:b4:4f:9d:dc:47:9a:
         8e:ea:b2:37:ac:47:56:bd:16:5e:5f:c7:46:64:7f:ef:55:7a:
         40:04:32:37:2b:dc:e0:f9:a8:17:b5:d4:23:67:96:72:06:89:
         d8:b6:e4:38:94:fe:cd:da:54:08:7f:a5:1f:57:2d:5a:2f:04:
         2f:92:5f:af:be:e3:70:36:ca:bf:0a:00:bb:c9:33:eb:0a:7e:
         29:ff:2b:eb:a0:79:e9:70:ba:f5:7e:b0:13:60:bb:cb:8f:49:
         b2:cf:d2:30:df:22:a9:22:3a:cf:e4:31:e9:c8:d7:21:eb:b2:
         4f:a1:69:c3:85:9d:4a:f9:6a:91:0c:60:06:9f:d8:1a:aa:6c:
         70:09:f5:b2:9b:48:98:bd:a6:d8:28:f7:f6:51:18:af:09:95:
         2e:59:f4:0d:cd:68:39:d7:dc:78:3e:a9:66:08:f4:81:67:6a:
         4e:ed:87:04:a3:f6:58:06:88:e2:ac:73:cb:1c:90:87:b6:f7:
         c4:70:30:0e:1f:68:35:18:4a:a6:fb:7b:e4:e2:b4:0f:73:1a:
         cc:92:5d:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX0PqQnKZ4UICcz8GjhhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZWYxMjdlNjE5NTRhYjk4OTM2NWM5ZGJhNGI4YzA2NGNl
ZWQ5ZjAwHhcNMjYwMzI1MTkwMTEwWhcNMjYwMzI2MTkwMTEwWjAzMTEwLwYDVQQD
EyhmN2IyNTQ3NzJkMTcwMjlhZGFjYTMxYjllNTIxODJmMjM2NjJhNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyraZw9GRdRZWwpoQ1zkM3TCwG+yi
MR3WtlYbpUMBh8dx3b5YlLTyv7pflDIqCXrWqPTBi/vjpOO1Kw0KywPjHClseaIW
+tuO0hCpM5xKAv0/C6rbRYr7J146Thec7T+xHim5bh0pXLmpYjuWhOrMI533Yz7+
6oSqslkcg96s31TgcNwifb5cdBEz5TLkn82RwQlP6S1T+3UHKR4jFSxRWyV4nmlM
azPhwL54RWZWDvFm/G99ZpdAW+BW9P3J3aNKQF40o2YeKONKwovPACAubO5nM530
bFAe2lPfsCJshFhd6nIzwP8iGe+tf7pOqTb3lOJ3/IDvQ7JG03PPdUFSTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPeyVHctFwKa2soxueUhgvI2YqX+MB8GA1UdIwQY
MBaAFCLvEn5hlUq5iTZcnbpLjAZM7tnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEt
OGM2YWExMDY5NWIyLzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEtOGM2YWExMDY5NWIy
LzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcoR7qDQp
W+aRVT6K7DTuky65Ixj1o/ZJoEuiceo6dr9AFOBLBmtEuV5UrfBUoh37tE+d3Eea
juqyN6xHVr0WXl/HRmR/71V6QAQyNyvc4PmoF7XUI2eWcgaJ2LbkOJT+zdpUCH+l
H1ctWi8EL5Jfr77jcDbKvwoAu8kz6wp+Kf8r66B56XC69X6wE2C7y49Jss/SMN8i
qSI6z+Qx6cjXIeuyT6Fpw4WdSvlqkQxgBp/YGqpscAn1sptImL2m2Cj39lEYrwmV
Lln0Dc1oOdfceD6pZgj0gWdqTu2HBKP2WAaI4qxzyxyQh7b3xHAwDh9oNRhKpvt7
5OK0D3MazJJdiQ==
-----END CERTIFICATE-----