Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          hx+r3UinfxFYTr8JJOSu/JqjyT/4ny8o3RS2hOJ/0ho=
Subject key identifier:   7F:96:B8:26:54:51:1B:73:AC:3F:06:FC:54:E6:45:E3:3C:D5:B4:23
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       019D2703E37F157D5A9CDB375E509CEA8531
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0E10
Signing time:             Wed 25 Mar 2026 22:00:59 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:59 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:59 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: hIcAE6v1oI1fAjjEjQ1Jt61zgGEyCTz8nhp7t2mz6DM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:e3:7f:15:7d:5a:9c:db:37:5e:50:9c:ea:85:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: Mar 25 22:00:59 2026 GMT
            Not After : Mar 26 22:00:59 2026 GMT
        Subject: CN=7f96b82654511b73ac3f06fc54e645e33cd5b423
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:9e:bf:82:80:78:d3:ca:76:7c:04:58:4e:19:
                    6d:c7:50:16:e9:80:ad:1c:84:f9:55:f8:c6:fd:e8:
                    6f:d7:f1:ad:f6:60:68:94:c1:42:bb:db:54:b5:05:
                    9b:44:a1:d2:a0:c3:99:d9:20:fe:9d:c0:67:61:f9:
                    47:11:bc:2b:31:2e:f9:69:03:69:67:8b:99:a9:26:
                    9d:01:8b:e8:8f:0c:86:e2:1a:0e:fe:e0:33:76:79:
                    01:35:32:1b:af:57:c9:95:59:41:a0:af:95:5a:9a:
                    a0:5c:27:cf:26:15:a9:f3:41:99:2e:9d:fd:60:47:
                    fd:69:7f:bd:48:a3:2d:0e:6f:80:6d:1a:cf:be:7d:
                    f0:cc:47:2e:ca:75:53:c9:b5:92:49:de:59:60:6d:
                    47:3b:70:32:6a:9a:4f:cf:90:9c:3c:35:2c:9c:7f:
                    e1:11:57:09:fe:3d:b3:85:86:c2:5d:b0:99:57:b4:
                    83:ad:8b:c6:55:97:e2:33:ae:8b:17:3f:96:88:c6:
                    7d:18:64:23:70:0e:86:46:a4:e6:93:65:3d:aa:28:
                    c2:01:ba:48:20:79:b2:1d:6c:da:59:b8:20:0b:2b:
                    96:51:18:7b:78:4c:a9:d7:97:5d:dc:29:e3:e1:f9:
                    e3:5e:20:d3:09:b0:60:4f:e6:6f:fe:05:85:65:3d:
                    e9:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:96:B8:26:54:51:1B:73:AC:3F:06:FC:54:E6:45:E3:3C:D5:B4:23
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:2c:47:95:fd:62:ed:00:b9:ad:c3:0b:d5:8a:03:7d:3c:3f:
         67:69:59:1a:0e:70:97:7f:a6:a7:b0:d3:8d:77:9f:cd:49:1d:
         71:c8:47:0f:43:af:ef:77:05:cc:0d:e6:f4:80:8e:86:94:09:
         6a:a9:78:80:b4:b3:09:58:73:0e:a6:88:df:94:a4:76:fa:e7:
         66:8e:56:33:ec:40:38:6e:42:5c:b0:f4:1e:ec:79:ed:5c:58:
         75:7e:52:d7:e6:dd:ac:db:06:e8:34:27:5a:2d:b2:ec:3b:6c:
         6d:ea:48:88:43:cc:95:96:6f:88:40:62:68:bd:3c:2a:6d:a1:
         97:6e:3f:97:09:32:2a:36:1b:7a:20:51:de:04:52:1b:b3:29:
         e6:d8:45:69:48:5f:53:07:76:46:dd:95:91:14:29:b4:9b:fc:
         d6:5e:6d:2e:b4:1e:81:ec:79:91:ab:ad:f6:77:a1:86:d8:fb:
         09:55:ee:a9:43:cc:db:1e:8a:71:36:03:56:ac:49:3d:88:c9:
         42:99:0f:5c:a9:2d:cf:01:59:4f:7d:0d:17:78:cc:c1:ab:61:
         d7:62:07:43:ce:b8:f5:a0:20:bc:46:66:fd:ee:2b:f8:68:86:
         e2:43:39:df:22:10:af:b2:2a:c5:f9:c9:4d:f4:6e:f9:89:b3:
         3d:a9:4a:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA+N/FX1anNs3XlCc6oUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjYwMzI1MjIwMDU5WhcNMjYwMzI2MjIwMDU5WjAzMTEwLwYDVQQD
Eyg3Zjk2YjgyNjU0NTExYjczYWMzZjA2ZmM1NGU2NDVlMzNjZDViNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp6/goB408p2fARYThltx1AW6YCt
HIT5VfjG/ehv1/Gt9mBolMFCu9tUtQWbRKHSoMOZ2SD+ncBnYflHEbwrMS75aQNp
Z4uZqSadAYvojwyG4hoO/uAzdnkBNTIbr1fJlVlBoK+VWpqgXCfPJhWp80GZLp39
YEf9aX+9SKMtDm+AbRrPvn3wzEcuynVTybWSSd5ZYG1HO3AyappPz5CcPDUsnH/h
EVcJ/j2zhYbCXbCZV7SDrYvGVZfiM66LFz+WiMZ9GGQjcA6GRqTmk2U9qijCAbpI
IHmyHWzaWbggCyuWURh7eEyp15dd3Cnj4fnjXiDTCbBgT+Zv/gWFZT3p4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+WuCZUURtzrD8G/FTmReM81bQjMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhSxHlf1i
7QC5rcML1YoDfTw/Z2lZGg5wl3+mp7DTjXefzUkdcchHD0Ov73cFzA3m9ICOhpQJ
aql4gLSzCVhzDqaI35SkdvrnZo5WM+xAOG5CXLD0Hux57VxYdX5S1+bdrNsG6DQn
Wi2y7DtsbepIiEPMlZZviEBiaL08Km2hl24/lwkyKjYbeiBR3gRSG7Mp5thFaUhf
Uwd2Rt2VkRQptJv81l5tLrQegex5kaut9nehhtj7CVXuqUPM2x6KcTYDVqxJPYjJ
QpkPXKktzwFZT30NF3jMwath12IHQ8649aAgvEZm/e4r+GiG4kM53yIQr7IqxfnJ
TfRu+YmzPalKUQ==
-----END CERTIFICATE-----