Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
File:                     9h0r7udUOkGpCKGgHs_AqHJqOuI.mft (raw, json)
Hash identifier:          OCv4Ny73HYC7jyVcCrlLhEV298/re95YSOuN/SSUbsQ=
Subject key identifier:   93:7E:76:A3:BE:22:1D:58:20:9D:D8:FD:B5:E4:10:A2:4B:05:C6:A1
Authority key identifier: F6:1D:2B:EE:E7:54:3A:41:A9:08:A1:A0:1E:CF:C0:A8:72:6A:3A:E2
Certificate issuer:       /CN=f61d2beee7543a41a908a1a01ecfc0a8726a3ae2
Certificate serial:       019D262837184B3D7E19FD55295B6F800FF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
Manifest number:          0D27
Signing time:             Wed 25 Mar 2026 18:01:02 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:02 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:02 +0000
Files and hashes:         1: 9h0r7udUOkGpCKGgHs_AqHJqOuI.crl (hash: KrHczafI7s4liirHJVIU2mEJnItxBmMRf66aP4058cA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:37:18:4b:3d:7e:19:fd:55:29:5b:6f:80:0f:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f61d2beee7543a41a908a1a01ecfc0a8726a3ae2
        Validity
            Not Before: Mar 25 18:01:02 2026 GMT
            Not After : Mar 26 18:01:02 2026 GMT
        Subject: CN=937e76a3be221d58209dd8fdb5e410a24b05c6a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:48:0d:f4:5c:53:e3:6e:dc:c9:85:6d:21:a2:
                    99:91:f9:f9:cc:a6:b6:0f:a9:89:bf:12:6a:b8:f9:
                    2c:12:d9:68:a9:51:4d:97:b2:94:ca:8f:5b:9d:52:
                    1c:e1:4f:23:c6:7e:f8:5f:0f:d1:d5:c9:a2:f4:1d:
                    e3:88:92:28:b8:51:a9:2b:cb:7b:54:be:95:7d:04:
                    a0:72:ad:09:e9:7e:a7:19:11:cd:37:ff:d4:f6:f7:
                    e7:06:6b:2b:fb:fe:85:b0:32:1f:bd:89:74:23:9c:
                    69:72:31:7a:89:7e:83:18:bd:fc:2e:57:71:5d:43:
                    c0:ef:fa:48:2c:7d:85:d4:80:75:14:13:2d:5b:8f:
                    b9:d4:f9:e5:63:99:32:0c:1b:a6:5b:2c:40:0a:12:
                    6f:54:8a:60:4c:a2:46:fe:cc:4e:0e:71:78:fd:b4:
                    e0:91:6e:a9:af:11:ab:3d:e1:e0:1d:dc:5a:a3:9f:
                    5e:24:cd:d1:f5:14:41:03:9c:7f:27:3d:a3:29:c8:
                    f4:9d:e9:e2:bb:8d:91:e4:63:1d:1e:af:b0:45:e2:
                    e9:b1:a5:48:b8:bb:0b:c4:d1:f2:63:d7:f4:de:7f:
                    dd:3f:c3:1e:aa:ec:dd:c3:08:96:df:f7:33:f1:87:
                    ed:1c:9c:10:af:03:52:5b:90:ef:23:04:62:10:3d:
                    cb:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:7E:76:A3:BE:22:1D:58:20:9D:D8:FD:B5:E4:10:A2:4B:05:C6:A1
            X509v3 Authority Key Identifier:
                keyid:F6:1D:2B:EE:E7:54:3A:41:A9:08:A1:A0:1E:CF:C0:A8:72:6A:3A:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9h0r7udUOkGpCKGgHs_AqHJqOuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/1edf10-d3df-40f5-b4a3-a731e9e1e533/1/9h0r7udUOkGpCKGgHs_AqHJqOuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:df:f9:10:f4:f3:b2:69:13:36:4d:f2:18:e2:d3:ec:c8:d4:
         15:ca:1f:18:bb:87:ab:a1:d6:a4:52:d1:84:08:5d:d2:1a:2f:
         26:f8:84:a8:b0:1e:13:1a:55:e4:27:09:3f:1f:52:91:ac:1d:
         a6:75:2e:0a:d0:1d:20:13:8f:1b:5c:a9:81:91:8e:33:44:f2:
         21:49:aa:f8:7a:2d:37:26:33:52:b5:73:cd:25:13:d0:e6:09:
         66:95:08:26:a8:b7:1f:eb:2e:99:5a:42:c0:91:90:29:f3:c9:
         bf:c7:69:eb:bc:eb:d2:b7:bd:40:2a:1f:f2:41:7e:49:56:c1:
         f0:30:79:fe:7b:b9:46:d7:9b:58:15:ea:0b:e1:b1:68:c6:2d:
         f5:f6:c1:23:4d:61:a3:6a:b3:94:61:e9:31:37:eb:39:50:fe:
         52:9a:12:67:29:86:3a:6f:25:87:e5:7f:18:75:65:4a:a5:42:
         8a:9b:3a:19:cf:e4:e5:2c:0a:87:25:87:a1:62:09:6f:48:98:
         33:fd:47:f9:5f:4a:d7:9e:ae:21:e5:d7:c4:dd:e5:20:85:e8:
         b5:ca:64:46:fd:5f:56:df:56:a5:91:31:3a:7e:1a:98:e5:fe:
         cd:a0:0d:bd:1d:1a:9e:42:85:5b:00:37:99:9b:3c:8a:59:2c:
         43:47:4d:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKDcYSz1+Gf1VKVtvgA/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MWQyYmVlZTc1NDNhNDFhOTA4YTFhMDFlY2ZjMGE4NzI2
YTNhZTIwHhcNMjYwMzI1MTgwMTAyWhcNMjYwMzI2MTgwMTAyWjAzMTEwLwYDVQQD
Eyg5MzdlNzZhM2JlMjIxZDU4MjA5ZGQ4ZmRiNWU0MTBhMjRiMDVjNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0gN9FxT427cyYVtIaKZkfn5zKa2
D6mJvxJquPksEtloqVFNl7KUyo9bnVIc4U8jxn74Xw/R1cmi9B3jiJIouFGpK8t7
VL6VfQSgcq0J6X6nGRHNN//U9vfnBmsr+/6FsDIfvYl0I5xpcjF6iX6DGL38Lldx
XUPA7/pILH2F1IB1FBMtW4+51PnlY5kyDBumWyxAChJvVIpgTKJG/sxODnF4/bTg
kW6prxGrPeHgHdxao59eJM3R9RRBA5x/Jz2jKcj0neniu42R5GMdHq+wReLpsaVI
uLsLxNHyY9f03n/dP8MequzdwwiW3/cz8YftHJwQrwNSW5DvIwRiED3LDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJN+dqO+Ih1YIJ3Y/bXkEKJLBcahMB8GA1UdIwQY
MBaAFPYdK+7nVDpBqQihoB7PwKhyajriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xZWRmMTAtZDNkZi00MGY1LWI0YTMt
YTczMWU5ZTFlNTMzLzEvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xZWRmMTAtZDNkZi00MGY1LWI0YTMtYTczMWU5ZTFlNTMz
LzEvOWgwcjd1ZFVPa0dwQ0tHZ0hzX0FxSEpxT3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAId/5EPTz
smkTNk3yGOLT7MjUFcofGLuHq6HWpFLRhAhd0hovJviEqLAeExpV5CcJPx9Skawd
pnUuCtAdIBOPG1ypgZGOM0TyIUmq+HotNyYzUrVzzSUT0OYJZpUIJqi3H+sumVpC
wJGQKfPJv8dp67zr0re9QCof8kF+SVbB8DB5/nu5RtebWBXqC+GxaMYt9fbBI01h
o2qzlGHpMTfrOVD+UpoSZymGOm8lh+V/GHVlSqVCips6Gc/k5SwKhyWHoWIJb0iY
M/1H+V9K156uIeXXxN3lIIXotcpkRv1fVt9WpZExOn4amOX+zaANvR0ankKFWwA3
mZs8ilksQ0dNOA==
-----END CERTIFICATE-----