Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
File:                     1MiI65YKABkAwnleiq-iaPYC2EI.mft (raw, json)
Hash identifier:          0dk8rxV/uAaPOeLNI94u5+Ges4BAYE22YwJv95iT6HA=
Subject key identifier:   1D:45:F5:DA:5A:BE:71:E2:7C:75:D3:4E:C9:F5:9A:1E:19:E6:10:A1
Authority key identifier: D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42
Certificate issuer:       /CN=d4c888eb960a001900c2795e8aafa268f602d842
Certificate serial:       019D2703C49DCAA7DDF84C892EBC0A18E6B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
Manifest number:          0D92
Signing time:             Wed 25 Mar 2026 22:00:51 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:51 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:51 +0000
Files and hashes:         1: 1MiI65YKABkAwnleiq-iaPYC2EI.crl (hash: SxQlJHhqJp+AEyN9w2dB7cy0MVp62s+kTL2i+wJ6m+o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:c4:9d:ca:a7:dd:f8:4c:89:2e:bc:0a:18:e6:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4c888eb960a001900c2795e8aafa268f602d842
        Validity
            Not Before: Mar 25 22:00:51 2026 GMT
            Not After : Mar 26 22:00:51 2026 GMT
        Subject: CN=1d45f5da5abe71e27c75d34ec9f59a1e19e610a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a5:68:2b:40:d8:5c:eb:a2:27:76:8f:e3:fd:
                    3e:5a:33:2a:f0:66:0c:06:3c:27:37:c3:2d:c1:78:
                    62:f2:b1:5a:d4:0e:b5:fb:2a:00:aa:f9:94:5c:4d:
                    41:24:a8:4b:48:c3:37:24:55:67:98:f5:51:2f:d0:
                    07:d4:ce:68:0d:e1:82:a3:51:d0:63:bc:da:ad:d9:
                    e5:9d:89:73:96:d1:c7:d6:03:4c:4f:f4:61:36:1b:
                    8f:ad:28:45:23:aa:90:f0:0a:f0:2d:02:0c:59:e8:
                    cb:54:f0:4e:4f:4e:5e:24:84:ff:1b:a2:21:21:c1:
                    e7:57:55:60:20:ad:07:62:a4:0c:ce:dc:64:22:18:
                    12:ca:a3:0d:cf:26:5b:52:4e:81:d9:d3:35:62:1a:
                    80:c5:17:db:90:74:5f:60:37:73:a9:0c:54:21:cb:
                    78:25:d6:45:48:36:87:7a:12:7a:8e:6f:de:b8:f8:
                    67:04:bd:7b:43:f9:fe:ac:02:b7:89:9f:10:0c:ae:
                    7c:bd:de:aa:9d:d5:57:ee:58:db:27:81:85:b0:ee:
                    04:86:c4:7d:db:11:5c:bc:de:da:7b:65:64:ac:6e:
                    45:0b:2c:18:12:61:40:19:ca:9f:93:16:0a:ac:bf:
                    94:60:5a:93:ad:4a:cd:f6:1e:ac:a4:7a:2e:5d:20:
                    b6:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:45:F5:DA:5A:BE:71:E2:7C:75:D3:4E:C9:F5:9A:1E:19:E6:10:A1
            X509v3 Authority Key Identifier:
                keyid:D4:C8:88:EB:96:0A:00:19:00:C2:79:5E:8A:AF:A2:68:F6:02:D8:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MiI65YKABkAwnleiq-iaPYC2EI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2d734f-aa8c-4735-ac71-15d7691f4a2a/1/1MiI65YKABkAwnleiq-iaPYC2EI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         f4:65:6b:87:89:e2:a3:d7:b6:17:1f:cf:3a:30:fd:60:b1:cf:
         a1:27:f7:e2:a8:01:d7:c6:59:2d:98:c4:f6:b9:fb:58:eb:94:
         0e:a8:51:05:fa:42:7c:9e:3a:5d:d5:80:d2:8f:e9:09:90:43:
         29:07:b5:24:6f:15:a7:4d:f0:8a:63:35:1f:03:b2:59:54:0c:
         98:24:f1:1c:cb:c3:6d:6f:4a:77:5b:3f:0e:b6:81:47:9d:7b:
         f3:f0:ce:bf:95:da:9c:d6:86:d6:af:93:9f:17:c1:09:0c:e0:
         84:ba:12:81:11:a9:39:ec:73:0b:19:a7:a8:50:e6:e6:a6:20:
         e8:db:a8:ac:2b:c1:1b:93:ca:08:63:0a:4a:ac:da:56:9d:ba:
         7a:c5:82:85:fa:31:21:c3:e3:1e:fb:7a:74:ea:68:b2:33:87:
         c7:81:1c:30:df:8d:e6:8d:f7:df:ed:ee:90:44:15:4d:17:c0:
         c3:68:a4:1b:62:f9:c2:37:b7:5b:7a:d4:ab:6b:65:4d:e3:34:
         14:b4:8d:42:04:dc:17:5f:f9:fa:56:b8:26:03:7a:1a:19:52:
         ca:54:90:2d:c6:f3:58:02:87:1f:36:4d:31:bb:3e:25:dc:a3:
         ce:bf:3a:c1:d2:fb:2f:4e:a1:c7:07:d6:45:37:1e:bf:9e:aa:
         ef:7c:b1:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA8Sdyqfd+EyJLrwKGOa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yzg4OGViOTYwYTAwMTkwMGMyNzk1ZThhYWZhMjY4ZjYw
MmQ4NDIwHhcNMjYwMzI1MjIwMDUxWhcNMjYwMzI2MjIwMDUxWjAzMTEwLwYDVQQD
EygxZDQ1ZjVkYTVhYmU3MWUyN2M3NWQzNGVjOWY1OWExZTE5ZTYxMGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6VoK0DYXOuiJ3aP4/0+WjMq8GYM
BjwnN8MtwXhi8rFa1A61+yoAqvmUXE1BJKhLSMM3JFVnmPVRL9AH1M5oDeGCo1HQ
Y7zardnlnYlzltHH1gNMT/RhNhuPrShFI6qQ8ArwLQIMWejLVPBOT05eJIT/G6Ih
IcHnV1VgIK0HYqQMztxkIhgSyqMNzyZbUk6B2dM1YhqAxRfbkHRfYDdzqQxUIct4
JdZFSDaHehJ6jm/euPhnBL17Q/n+rAK3iZ8QDK58vd6qndVX7ljbJ4GFsO4EhsR9
2xFcvN7ae2VkrG5FCywYEmFAGcqfkxYKrL+UYFqTrUrN9h6spHouXSC2ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB1F9dpavnHifHXTTsn1mh4Z5hChMB8GA1UdIwQY
MBaAFNTIiOuWCgAZAMJ5Xoqvomj2AthCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEt
MTVkNzY5MWY0YTJhLzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yZDczNGYtYWE4Yy00NzM1LWFjNzEtMTVkNzY5MWY0YTJh
LzEvMU1pSTY1WUtBQmtBd25sZWlxLWlhUFlDMkVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA9GVrh4ni
o9e2Fx/POjD9YLHPoSf34qgB18ZZLZjE9rn7WOuUDqhRBfpCfJ46XdWA0o/pCZBD
KQe1JG8Vp03wimM1HwOyWVQMmCTxHMvDbW9Kd1s/DraBR5178/DOv5XanNaG1q+T
nxfBCQzghLoSgRGpOexzCxmnqFDm5qYg6NuorCvBG5PKCGMKSqzaVp26esWChfox
IcPjHvt6dOposjOHx4EcMN+N5o333+3ukEQVTRfAw2ikG2L5wje3W3rUq2tlTeM0
FLSNQgTcF1/5+la4JgN6GhlSylSQLcbzWAKHHzZNMbs+Jdyjzr86wdL7L06hxwfW
RTcev56q73yxgQ==
-----END CERTIFICATE-----