Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.mft
File:                     iAhHmt0p6po2NI6J5dIhVSygh8g.mft (raw, json)
Hash identifier:          aV3j1+Z9ql0LGMOvAhzPWqIdULlY3zMMXsfmvgQgT3s=
Subject key identifier:   C8:3E:0A:DD:2F:96:BB:49:24:62:3A:2D:7F:6A:1A:F9:28:12:03:3A
Authority key identifier: 88:08:47:9A:DD:29:EA:9A:36:34:8E:89:E5:D2:21:55:2C:A0:87:C8
Certificate issuer:       /CN=8808479add29ea9a36348e89e5d221552ca087c8
Certificate serial:       019D265FFC7E64095428A17A9DCB10041216
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iAhHmt0p6po2NI6J5dIhVSygh8g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.mft
Manifest number:          BA
Signing time:             Wed 25 Mar 2026 19:01:57 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:57 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:57 +0000
Files and hashes:         1: iAhHmt0p6po2NI6J5dIhVSygh8g.crl (hash: GuT0vYNXxTIJHMzW+bSCAIEcBpqPbFyK02/joehmjPc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iAhHmt0p6po2NI6J5dIhVSygh8g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:fc:7e:64:09:54:28:a1:7a:9d:cb:10:04:12:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8808479add29ea9a36348e89e5d221552ca087c8
        Validity
            Not Before: Mar 25 19:01:57 2026 GMT
            Not After : Mar 26 19:01:57 2026 GMT
        Subject: CN=c83e0add2f96bb4924623a2d7f6a1af92812033a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4d:17:d1:4a:f7:fa:a0:fa:ad:1a:6c:ef:f5:
                    0e:ee:6b:f8:91:15:2a:33:84:85:a0:13:17:a9:9f:
                    bf:c2:8d:27:e4:69:a8:5e:5d:3d:b9:20:65:24:63:
                    42:98:2d:61:90:d8:52:54:8d:cc:25:82:d4:7a:20:
                    4f:e5:98:9a:82:ce:0c:43:9a:63:db:9f:a6:b7:67:
                    ca:d5:82:81:1c:a3:76:b9:fe:07:77:31:bb:8a:41:
                    73:c8:0a:cb:48:4e:e8:55:3e:16:32:cc:e1:13:20:
                    0d:f7:ea:8d:e1:c2:06:38:5d:f9:a1:a9:b3:24:f0:
                    c1:d9:b7:56:6c:20:53:19:f4:cc:a8:0b:46:14:94:
                    84:fd:4b:9f:e6:31:d9:53:96:2d:62:b5:a6:b2:50:
                    4f:ff:1f:89:ff:9c:86:43:39:fd:7f:e8:18:98:7e:
                    b3:65:d1:8d:c9:f2:67:91:9e:78:49:03:25:9a:36:
                    0e:43:2d:cf:2d:a7:c0:5c:fc:d6:81:d0:63:5a:b3:
                    1b:82:d3:8e:ee:7e:9e:fe:5b:46:dd:94:0f:02:0e:
                    8b:a3:01:18:55:45:1d:ca:55:11:c2:63:9e:43:4a:
                    d0:2f:e9:c5:fe:67:1e:04:65:54:24:88:7d:25:c0:
                    49:bb:8f:36:0b:2d:c6:bd:a0:f4:24:ab:32:de:80:
                    f7:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:3E:0A:DD:2F:96:BB:49:24:62:3A:2D:7F:6A:1A:F9:28:12:03:3A
            X509v3 Authority Key Identifier:
                keyid:88:08:47:9A:DD:29:EA:9A:36:34:8E:89:E5:D2:21:55:2C:A0:87:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iAhHmt0p6po2NI6J5dIhVSygh8g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:a5:81:54:2c:ce:35:56:43:ec:f4:37:02:cf:61:2d:69:14:
         14:83:e0:42:4a:fc:e5:d9:d1:34:8a:51:85:da:21:13:bb:8e:
         ab:58:3f:e4:c9:0d:78:73:5d:08:3b:b4:35:8d:bf:21:80:d3:
         14:06:a9:54:32:0f:eb:95:3f:4c:6e:3c:d1:8d:a1:2a:28:52:
         90:fc:d4:87:7a:a8:a8:1f:98:56:d5:73:a1:d5:e1:db:76:3c:
         3f:20:e4:1e:61:27:4b:7b:8b:30:62:e8:68:f2:25:42:6c:35:
         b2:58:b6:fd:40:43:30:2b:e0:f3:ed:03:e5:73:4b:a2:54:4d:
         9c:09:9e:8e:d4:eb:fc:11:00:0d:a1:f8:98:6e:dd:07:df:4b:
         88:0e:0c:7e:56:0e:65:50:90:47:f0:10:6e:3b:d9:2c:06:df:
         d8:55:7a:95:d4:a6:ba:cd:66:84:c9:06:bc:a7:fb:30:37:1d:
         3a:05:91:86:27:99:f6:95:b7:0b:d1:3e:f3:df:11:21:5a:1d:
         2e:7d:bc:13:92:e8:71:2b:00:4e:8e:c1:3c:2e:47:4a:15:fa:
         87:3e:71:5f:7a:98:f5:93:49:67:64:6b:a2:6f:82:42:0d:51:
         1f:5f:dc:25:db:92:4c:f7:1f:3b:9e:be:0e:02:d4:34:f4:06:
         c7:23:19:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX/x+ZAlUKKF6ncsQBBIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MDg0NzlhZGQyOWVhOWEzNjM0OGU4OWU1ZDIyMTU1MmNh
MDg3YzgwHhcNMjYwMzI1MTkwMTU3WhcNMjYwMzI2MTkwMTU3WjAzMTEwLwYDVQQD
EyhjODNlMGFkZDJmOTZiYjQ5MjQ2MjNhMmQ3ZjZhMWFmOTI4MTIwMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU0X0Ur3+qD6rRps7/UO7mv4kRUq
M4SFoBMXqZ+/wo0n5GmoXl09uSBlJGNCmC1hkNhSVI3MJYLUeiBP5Ziags4MQ5pj
25+mt2fK1YKBHKN2uf4HdzG7ikFzyArLSE7oVT4WMszhEyAN9+qN4cIGOF35oamz
JPDB2bdWbCBTGfTMqAtGFJSE/Uuf5jHZU5YtYrWmslBP/x+J/5yGQzn9f+gYmH6z
ZdGNyfJnkZ54SQMlmjYOQy3PLafAXPzWgdBjWrMbgtOO7n6e/ltG3ZQPAg6LowEY
VUUdylURwmOeQ0rQL+nF/mceBGVUJIh9JcBJu482Cy3GvaD0JKsy3oD3iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMg+Ct0vlrtJJGI6LX9qGvkoEgM6MB8GA1UdIwQY
MBaAFIgIR5rdKeqaNjSOieXSIVUsoIfIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUFoSG10MHA2cG8yTkk2SjVkSWhWU3lnaDhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jOGE0ZjUtZGUzMi00OTlmLTgxODgt
MDJiNzE1Y2UwMDQ4LzEvaUFoSG10MHA2cG8yTkk2SjVkSWhWU3lnaDhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jOGE0ZjUtZGUzMi00OTlmLTgxODgtMDJiNzE1Y2UwMDQ4
LzEvaUFoSG10MHA2cG8yTkk2SjVkSWhWU3lnaDhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV6WBVCzO
NVZD7PQ3As9hLWkUFIPgQkr85dnRNIpRhdohE7uOq1g/5MkNeHNdCDu0NY2/IYDT
FAapVDIP65U/TG480Y2hKihSkPzUh3qoqB+YVtVzodXh23Y8PyDkHmEnS3uLMGLo
aPIlQmw1sli2/UBDMCvg8+0D5XNLolRNnAmejtTr/BEADaH4mG7dB99LiA4MflYO
ZVCQR/AQbjvZLAbf2FV6ldSmus1mhMkGvKf7MDcdOgWRhieZ9pW3C9E+898RIVod
Ln28E5LocSsATo7BPC5HShX6hz5xX3qY9ZNJZ2Rrom+CQg1RH1/cJduSTPcfO56+
DgLUNPQGxyMZ8w==
-----END CERTIFICATE-----