Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
File:                     v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft (raw, json)
Hash identifier:          xkldQP9wI8SdPDWlBS/fnoaLWrJmP89gFdq95xPdtqU=
Subject key identifier:   92:1D:ED:71:F9:FE:53:BB:F7:57:DB:BE:7F:78:D7:B7:F9:ED:52:39
Authority key identifier: BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36
Certificate issuer:       /CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
Certificate serial:       019D2704B55B3DD7D6408B3CBC56BB3F934F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
Manifest number:          0F25
Signing time:             Wed 25 Mar 2026 22:01:53 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:53 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:53 +0000
Files and hashes:         1: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl (hash: nM2+7E3Wa8kVbj5L9hN73QlERtq5TLA9i6Usr62IGqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:b5:5b:3d:d7:d6:40:8b:3c:bc:56:bb:3f:93:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
        Validity
            Not Before: Mar 25 22:01:53 2026 GMT
            Not After : Mar 26 22:01:53 2026 GMT
        Subject: CN=921ded71f9fe53bbf757dbbe7f78d7b7f9ed5239
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b9:1e:c5:10:13:31:cb:8e:83:f8:3c:0d:4a:
                    5d:25:ab:9e:e9:ac:64:01:98:9d:82:d0:5e:fe:49:
                    7f:8f:93:69:dc:4b:9f:76:78:16:a7:50:5c:a8:4e:
                    88:13:15:48:12:79:df:dc:aa:9f:3c:04:f5:7a:89:
                    23:8c:0c:cc:f2:aa:b5:68:25:19:77:55:63:b2:c7:
                    61:79:0b:b0:4c:7a:44:99:7f:35:c8:54:09:4b:71:
                    92:88:e6:b4:4c:b9:aa:17:fb:c6:db:72:e8:9e:62:
                    38:9f:d8:7d:84:f1:01:9e:c5:5a:a1:0e:ff:59:c3:
                    8e:47:88:44:3b:4f:d5:f5:5c:f6:60:a9:d4:31:70:
                    14:1e:8c:07:49:a0:6e:1c:0b:d9:4b:40:b7:e9:39:
                    66:38:de:ba:3f:e5:70:69:bf:f3:a5:ac:4f:73:c2:
                    85:4e:a6:ea:0d:5f:d0:42:38:cc:f8:22:86:5a:84:
                    76:03:10:ab:7d:dc:16:19:fe:a6:f5:97:d6:e0:9d:
                    f3:47:ed:21:d4:f8:ac:e6:8d:28:52:81:98:06:e1:
                    3f:d3:e0:1d:1e:1e:a7:4f:72:17:c8:2a:b3:93:a2:
                    20:d3:b1:2f:ae:df:1f:7c:8c:01:03:99:20:79:3f:
                    b8:0a:dd:3e:7a:b1:7e:d2:aa:e4:ce:67:a3:81:14:
                    d2:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:1D:ED:71:F9:FE:53:BB:F7:57:DB:BE:7F:78:D7:B7:F9:ED:52:39
            X509v3 Authority Key Identifier:
                keyid:BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:a8:75:b7:b5:4b:83:5e:1e:75:69:cb:8c:30:89:89:b8:83:
         27:f9:fe:e8:61:12:f0:86:6c:4a:66:a2:8f:41:da:41:65:5b:
         21:cd:dd:22:ea:7b:80:fb:e9:53:90:90:83:a6:be:66:5b:06:
         0e:b6:0f:21:8a:64:4e:c3:22:d9:04:a0:09:ed:c6:e8:1a:c4:
         dc:d4:a8:cc:54:a7:7a:11:54:0e:eb:f3:1e:2c:d5:d0:4d:20:
         94:17:1e:f8:6e:3d:82:97:ef:4c:d1:9e:1f:da:a2:d0:ae:a1:
         57:05:1f:2f:32:b0:b4:24:ac:2a:fe:5d:08:75:e5:45:44:dc:
         61:7c:bf:a8:5b:b4:b2:8e:2d:c4:df:66:31:45:77:03:fb:c8:
         7d:a6:03:1c:ce:19:bb:e3:25:11:f4:29:c6:16:40:58:1f:cd:
         29:8e:98:4a:01:45:8a:4f:16:63:90:e7:41:99:b9:e0:73:cc:
         7b:6e:97:96:e9:42:41:58:6e:bc:dc:7e:b7:c1:5a:04:cc:0e:
         93:8c:8e:c4:f9:c5:3e:18:12:c9:8f:55:36:a2:76:98:b9:7f:
         61:7b:31:54:db:c7:81:e3:eb:2e:85:7e:d6:6f:d0:f1:8a:f7:
         ca:58:b2:c8:d5:f4:7c:cb:85:27:90:a0:8d:a8:b4:54:10:a1:
         3a:37:9b:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBLVbPdfWQIs8vFa7P5NPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDI0MDlhMWY4YzFjZWU1OTc0ZGI4YTQyZTFlYjY3MmVl
ODM0MzYwHhcNMjYwMzI1MjIwMTUzWhcNMjYwMzI2MjIwMTUzWjAzMTEwLwYDVQQD
Eyg5MjFkZWQ3MWY5ZmU1M2JiZjc1N2RiYmU3Zjc4ZDdiN2Y5ZWQ1MjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbkexRATMcuOg/g8DUpdJaue6axk
AZidgtBe/kl/j5Np3EufdngWp1BcqE6IExVIEnnf3KqfPAT1eokjjAzM8qq1aCUZ
d1VjssdheQuwTHpEmX81yFQJS3GSiOa0TLmqF/vG23LonmI4n9h9hPEBnsVaoQ7/
WcOOR4hEO0/V9Vz2YKnUMXAUHowHSaBuHAvZS0C36TlmON66P+Vwab/zpaxPc8KF
TqbqDV/QQjjM+CKGWoR2AxCrfdwWGf6m9ZfW4J3zR+0h1Pis5o0oUoGYBuE/0+Ad
Hh6nT3IXyCqzk6Ig07Evrt8ffIwBA5kgeT+4Ct0+erF+0qrkzmejgRTStwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJId7XH5/lO791fbvn9417f57VI5MB8GA1UdIwQY
MBaAFL9CQJofjBzuWXTbikLh62cu6DQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDIt
YTUxZjQ2YmI3NDY0LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDItYTUxZjQ2YmI3NDY0
LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj6h1t7VL
g14edWnLjDCJibiDJ/n+6GES8IZsSmaij0HaQWVbIc3dIup7gPvpU5CQg6a+ZlsG
DrYPIYpkTsMi2QSgCe3G6BrE3NSozFSnehFUDuvzHizV0E0glBce+G49gpfvTNGe
H9qi0K6hVwUfLzKwtCSsKv5dCHXlRUTcYXy/qFu0so4txN9mMUV3A/vIfaYDHM4Z
u+MlEfQpxhZAWB/NKY6YSgFFik8WY5DnQZm54HPMe26XlulCQVhuvNx+t8FaBMwO
k4yOxPnFPhgSyY9VNqJ2mLl/YXsxVNvHgePrLoV+1m/Q8Yr3yliyyNX0fMuFJ5Cg
jai0VBChOjebQA==
-----END CERTIFICATE-----