Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          6jjNj2n0fLwzGwfNRYaRR3rwgWl3lpFW/A2DjpQukt4=
Subject key identifier:   A4:C3:F7:EE:D8:98:BA:5D:98:AE:B4:71:FE:32:B2:E2:2D:43:A2:7F
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       019D2961A32B396B86CBFF5EE12FEADE39A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          09D9
Signing time:             Thu 26 Mar 2026 09:02:37 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:37 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:37 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: zud+sr6xnF/9P9rA2vnDH03apEDjKxc3NTf9YLlk7Fo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:a3:2b:39:6b:86:cb:ff:5e:e1:2f:ea:de:39:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Mar 26 09:02:37 2026 GMT
            Not After : Mar 27 09:02:37 2026 GMT
        Subject: CN=a4c3f7eed898ba5d98aeb471fe32b2e22d43a27f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:51:db:48:4c:8f:2a:17:e6:2d:b4:bc:1a:7e:
                    97:ba:0d:ca:65:6f:1f:24:3a:bb:4a:5d:01:10:c4:
                    fc:4f:02:a6:d5:ec:81:92:e4:0b:9e:46:c8:13:bc:
                    1c:15:d9:53:59:ca:c2:cb:3f:d2:c2:7e:aa:e0:fe:
                    2a:5c:1b:a6:36:c7:e0:f1:cb:4a:22:8a:4b:33:7d:
                    33:1a:61:e0:2d:8f:0d:81:07:f2:8a:01:71:de:ab:
                    e6:90:ae:ae:c9:8b:2a:c5:c8:b8:6e:55:4f:ba:c0:
                    c8:5e:be:88:a8:0b:f2:6d:86:23:7d:86:a2:34:73:
                    92:9e:18:a4:28:95:86:e8:69:5c:56:0b:4a:97:7e:
                    2f:3d:67:9c:5f:6d:ad:fc:e6:65:39:f0:e6:5a:45:
                    d0:26:97:34:0f:ac:11:b7:af:29:66:dc:d9:dd:76:
                    8b:40:fa:a6:de:7e:94:48:34:74:3f:bd:3f:eb:15:
                    34:c6:43:33:e0:fe:69:2b:b4:34:ef:d9:95:92:30:
                    f9:6a:5b:7a:47:38:b1:37:59:9f:ce:c8:b2:cd:6a:
                    a8:84:d2:f6:ba:bb:91:8d:96:43:42:01:9c:07:7a:
                    da:a7:bc:63:a8:c6:c2:fa:7a:b4:b4:25:61:2a:04:
                    e8:91:2e:76:8d:2b:3b:60:2c:ec:19:f7:68:57:0a:
                    46:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:C3:F7:EE:D8:98:BA:5D:98:AE:B4:71:FE:32:B2:E2:2D:43:A2:7F
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:07:7a:57:b5:44:63:8e:1c:75:c1:b3:49:03:87:8a:5a:d3:
         5a:75:fa:b7:30:83:82:ec:5d:31:0c:b0:90:58:cb:12:4b:a3:
         b4:d2:5f:52:64:00:ec:dd:2e:a1:76:5a:a2:56:97:a2:a3:dc:
         ee:0e:b3:d2:6f:e9:ad:e9:e5:e2:d4:16:bb:e7:07:28:82:79:
         80:c0:c8:99:0d:9b:9e:36:64:8b:66:ca:f8:b2:c8:4e:e3:81:
         14:80:1e:ec:5b:1a:e7:32:69:5d:2a:c8:c4:c4:f6:67:aa:49:
         c6:a2:a2:00:20:0a:08:e6:c8:ad:af:50:1a:a3:d9:66:95:b1:
         32:af:b9:f1:ee:b8:d8:4e:60:59:a6:f3:39:e5:78:69:75:81:
         08:6d:3b:a2:8a:fc:3b:38:6e:b8:d5:7c:a4:03:ac:12:58:9b:
         ea:30:67:9d:d1:fd:98:c4:36:8e:7f:4f:9d:2a:68:ba:19:64:
         94:d1:6d:e5:15:3e:7c:2f:96:c0:43:83:26:d6:e0:06:9e:79:
         6a:6f:dd:7e:60:df:fb:79:c8:6e:3c:23:72:15:3a:05:72:08:
         9b:07:48:a8:27:33:c9:68:3b:ea:a7:c4:c5:c5:04:c6:3d:0a:
         bc:df:bb:05:0d:82:2f:74:7d:c8:c8:2b:7f:33:13:9c:bd:25:
         5b:f7:be:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYaMrOWuGy/9e4S/q3jmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjYwMzI2MDkwMjM3WhcNMjYwMzI3MDkwMjM3WjAzMTEwLwYDVQQD
EyhhNGMzZjdlZWQ4OThiYTVkOThhZWI0NzFmZTMyYjJlMjJkNDNhMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulHbSEyPKhfmLbS8Gn6Xug3KZW8f
JDq7Sl0BEMT8TwKm1eyBkuQLnkbIE7wcFdlTWcrCyz/Swn6q4P4qXBumNsfg8ctK
IopLM30zGmHgLY8NgQfyigFx3qvmkK6uyYsqxci4blVPusDIXr6IqAvybYYjfYai
NHOSnhikKJWG6GlcVgtKl34vPWecX22t/OZlOfDmWkXQJpc0D6wRt68pZtzZ3XaL
QPqm3n6USDR0P70/6xU0xkMz4P5pK7Q079mVkjD5alt6RzixN1mfzsiyzWqohNL2
uruRjZZDQgGcB3rap7xjqMbC+nq0tCVhKgTokS52jSs7YCzsGfdoVwpGHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTD9+7YmLpdmK60cf4ysuItQ6J/MB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgAd6V7VE
Y44cdcGzSQOHilrTWnX6tzCDguxdMQywkFjLEkujtNJfUmQA7N0uoXZaolaXoqPc
7g6z0m/prenl4tQWu+cHKIJ5gMDImQ2bnjZki2bK+LLITuOBFIAe7Fsa5zJpXSrI
xMT2Z6pJxqKiACAKCObIra9QGqPZZpWxMq+58e642E5gWabzOeV4aXWBCG07oor8
OzhuuNV8pAOsElib6jBnndH9mMQ2jn9PnSpouhlklNFt5RU+fC+WwEODJtbgBp55
am/dfmDf+3nIbjwjchU6BXIImwdIqCczyWg76qfExcUExj0KvN+7BQ2CL3R9yMgr
fzMTnL0lW/e++Q==
-----END CERTIFICATE-----