Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          os/5unrCF/lEr2SPT8K6EZNnIzCtXapDqsWSLnTuDBE=
Subject key identifier:   41:1D:A1:23:42:10:C1:51:37:0D:D4:E2:C3:71:A4:4A:C2:15:6D:6B
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       019D281645CFE9A392DA6637D57725E06EFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          0818
Signing time:             Thu 26 Mar 2026 03:00:41 +0000
Manifest this update:     Thu 26 Mar 2026 03:00:41 +0000
Manifest next update:     Fri 27 Mar 2026 03:00:41 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: bCqk3nhkKOssVmrEuT0oVNBESlxh5pY1z80O3ekUu6M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:45:cf:e9:a3:92:da:66:37:d5:77:25:e0:6e:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Mar 26 03:00:41 2026 GMT
            Not After : Mar 27 03:00:41 2026 GMT
        Subject: CN=411da1234210c151370dd4e2c371a44ac2156d6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:33:96:28:cc:20:2b:a4:1c:23:23:ea:c0:b9:
                    29:1b:91:e2:7e:61:55:49:88:75:d2:3d:8f:45:da:
                    bd:a3:90:ae:79:42:b8:c9:2b:f6:70:09:ed:ef:32:
                    50:d1:15:0c:e9:7f:20:f2:aa:bf:1e:f6:8b:93:a0:
                    fd:e1:cd:40:48:ed:25:0b:4e:6c:36:37:2a:c2:43:
                    88:1b:de:b7:12:58:7d:c9:2b:dd:ac:44:5b:ac:6e:
                    02:f1:cc:9b:13:37:49:92:01:6d:15:cb:a5:50:89:
                    09:dc:6f:5c:cb:bc:33:c0:52:01:de:73:18:ad:a3:
                    72:71:86:3d:c3:03:ab:94:94:61:50:ec:e7:3a:5b:
                    ea:e9:ec:70:99:9c:67:b2:af:fd:00:dd:6b:ee:9d:
                    36:66:58:c1:c4:8a:59:18:4a:c3:67:ab:b5:28:01:
                    85:22:ba:d2:25:3d:81:ae:f2:24:b6:c7:12:55:a5:
                    7f:ae:e3:0c:7e:ad:06:c9:02:16:3e:42:9c:b3:c3:
                    ba:05:2a:e1:fe:0d:e0:47:63:8e:16:28:8d:4b:fb:
                    06:3d:5b:1a:7e:2d:af:d2:84:ed:7f:96:17:a4:12:
                    b7:5d:f2:02:3f:6a:e0:17:45:d1:33:ec:6c:84:23:
                    f6:57:75:f9:af:b5:d9:40:a2:a0:37:d0:9d:55:f6:
                    5d:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:1D:A1:23:42:10:C1:51:37:0D:D4:E2:C3:71:A4:4A:C2:15:6D:6B
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         de:5d:17:ab:15:6d:55:29:79:8b:ac:8c:ec:2e:2f:52:ed:cf:
         d4:0a:5e:34:ec:eb:a8:44:53:c4:fd:7a:45:b7:c4:02:97:ad:
         92:f5:b9:3c:9c:eb:df:f8:ef:d8:69:2d:1f:1e:5d:4f:1d:3a:
         d1:55:69:6c:d2:21:c4:75:06:8a:f6:26:49:8a:10:25:36:cd:
         2c:20:dc:c3:26:a0:e6:e6:10:d2:a0:fe:40:20:21:34:8e:d8:
         e0:8a:6a:8b:48:09:42:d6:d1:eb:31:75:40:d3:cc:82:4f:9f:
         50:30:ac:c9:80:66:cf:29:b7:35:f9:dc:64:f4:f7:05:f7:c7:
         14:5d:50:ea:d1:89:0e:75:5f:c7:90:72:e6:b5:c2:23:e4:dc:
         48:b7:b1:e6:7d:97:e2:7d:8e:57:75:13:6c:9f:9f:64:1a:b3:
         ca:82:ef:bf:65:39:bf:03:d3:ba:c8:c3:d4:c3:51:17:53:b9:
         6d:fb:59:28:c3:a0:10:b1:1d:79:76:d4:37:c8:1a:b8:de:5a:
         3e:cb:21:cf:24:a0:77:38:e0:16:1f:99:8e:f2:bb:63:77:91:
         eb:e1:46:4c:89:5c:8c:81:86:c1:14:b0:70:ac:0c:eb:46:67:
         a2:6f:5c:11:a2:48:ad:5f:e3:03:85:f0:3a:d0:ba:b0:46:b2:
         89:53:13:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFkXP6aOS2mY31Xcl4G77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjYwMzI2MDMwMDQxWhcNMjYwMzI3MDMwMDQxWjAzMTEwLwYDVQQD
Eyg0MTFkYTEyMzQyMTBjMTUxMzcwZGQ0ZTJjMzcxYTQ0YWMyMTU2ZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjOWKMwgK6QcIyPqwLkpG5HifmFV
SYh10j2PRdq9o5CueUK4ySv2cAnt7zJQ0RUM6X8g8qq/HvaLk6D94c1ASO0lC05s
NjcqwkOIG963Elh9ySvdrERbrG4C8cybEzdJkgFtFculUIkJ3G9cy7wzwFIB3nMY
raNycYY9wwOrlJRhUOznOlvq6exwmZxnsq/9AN1r7p02ZljBxIpZGErDZ6u1KAGF
IrrSJT2BrvIktscSVaV/ruMMfq0GyQIWPkKcs8O6BSrh/g3gR2OOFiiNS/sGPVsa
fi2v0oTtf5YXpBK3XfICP2rgF0XRM+xshCP2V3X5r7XZQKKgN9CdVfZdEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEEdoSNCEMFRNw3U4sNxpErCFW1rMB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA3l0XqxVt
VSl5i6yM7C4vUu3P1ApeNOzrqERTxP16RbfEApetkvW5PJzr3/jv2GktHx5dTx06
0VVpbNIhxHUGivYmSYoQJTbNLCDcwyag5uYQ0qD+QCAhNI7Y4Ipqi0gJQtbR6zF1
QNPMgk+fUDCsyYBmzym3NfncZPT3BffHFF1Q6tGJDnVfx5By5rXCI+TcSLex5n2X
4n2OV3UTbJ+fZBqzyoLvv2U5vwPTusjD1MNRF1O5bftZKMOgELEdeXbUN8gauN5a
PsshzySgdzjgFh+ZjvK7Y3eR6+FGTIlcjIGGwRSwcKwM60Znom9cEaJIrV/jA4Xw
OtC6sEayiVMTFA==
-----END CERTIFICATE-----