Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          dBOEVEtnhHcmcxLJHi4jU5hS556N7NS164CXJ5iSjRI=
Subject key identifier:   99:5A:E0:0D:97:64:68:F7:A3:68:56:9A:35:63:D5:74:63:08:A6:4C
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       019D27721F0F85171A5C5DDF6AD1C6F3824C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 00:01:23 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:23 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:23 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: WcZU13l6CAGEeRUpKHVYidLiHd0pKF0/5/f4QwXOeT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:1f:0f:85:17:1a:5c:5d:df:6a:d1:c6:f3:82:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Mar 26 00:01:23 2026 GMT
            Not After : Mar 27 00:01:23 2026 GMT
        Subject: CN=995ae00d976468f7a368569a3563d5746308a64c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:86:0f:7a:12:73:c5:d2:34:77:59:12:5e:a9:
                    a7:4c:a8:1f:76:bb:df:8c:10:7c:93:bb:20:74:c6:
                    fe:99:86:26:79:d6:b3:49:08:16:b7:7d:b5:4d:c8:
                    22:7e:f0:56:7d:6b:e1:8c:ba:2a:e1:60:b3:57:4b:
                    ca:37:ad:a4:03:b6:99:2b:05:1d:0a:c6:35:63:61:
                    c9:b5:54:4d:15:04:e6:5d:2a:60:85:7b:0c:24:00:
                    47:35:a4:4a:01:bf:f0:5d:ba:75:a4:03:77:b4:85:
                    ce:98:9f:65:fe:7f:49:f8:46:2e:d7:58:1e:89:d7:
                    99:ac:fb:70:81:47:74:60:0c:18:cb:d9:b4:7c:81:
                    3d:7e:f9:40:18:9a:cc:4a:65:5b:ca:67:26:a4:ff:
                    b6:2a:35:b2:47:66:ca:e5:55:8f:03:f7:bd:04:3d:
                    ce:01:e5:f8:be:85:53:cb:b8:fd:b4:fa:86:f4:3a:
                    96:ce:a2:34:d1:de:33:d2:40:6e:2a:cc:3d:6e:7c:
                    af:9f:b5:19:a7:87:ad:51:1e:84:6f:31:1b:1e:ff:
                    42:2e:36:f7:81:f9:d1:46:6d:ed:10:34:de:31:f0:
                    ac:76:35:08:c1:b0:ab:d3:9c:ef:71:2d:c6:72:0c:
                    be:31:f2:5f:90:f2:cb:50:2c:83:37:e9:05:87:e5:
                    7e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:5A:E0:0D:97:64:68:F7:A3:68:56:9A:35:63:D5:74:63:08:A6:4C
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:0c:fb:12:bb:0c:75:39:71:df:5c:7a:84:7e:4d:ea:cb:35:
         96:97:75:70:d7:e8:04:b0:11:23:9e:30:21:60:ca:d9:6e:4d:
         6c:4d:4b:7b:97:50:4d:80:06:3c:8d:32:ec:ab:b7:c6:4a:ef:
         b0:a9:46:ac:87:da:08:c7:8f:26:2b:c8:99:ab:7f:0c:28:67:
         85:69:68:91:e6:00:de:89:4a:1c:0d:21:13:37:2f:b5:ad:4c:
         70:2a:e7:75:c4:b2:0f:3e:32:8b:8b:a7:20:8e:20:0d:ff:40:
         76:c9:3f:16:8d:5a:fe:28:a8:15:de:22:df:08:c5:e3:ed:e7:
         03:11:25:c8:ca:bc:36:26:34:5f:8a:ca:cd:8d:b6:5e:2e:9d:
         c3:05:cf:c8:57:a8:cf:39:3d:0b:92:57:c3:61:b0:b5:fb:0e:
         37:e5:e5:1c:35:89:8b:4f:05:bc:e1:46:9a:87:fb:a3:08:c9:
         cd:95:e3:f6:c7:9d:63:3d:94:39:9f:24:57:90:d8:d2:4e:a5:
         c6:2e:92:e7:4e:62:3b:89:4e:ed:d3:5e:7d:66:1c:e5:d2:ab:
         cb:05:60:a6:53:13:0a:4b:76:08:3b:10:b3:1c:62:bb:8f:1f:
         2a:f9:c8:83:8f:71:8f:1d:98:3d:66:4c:3c:b7:fd:51:48:a0:
         b4:79:8a:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nch8PhRcaXF3fatHG84JMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjYwMzI2MDAwMTIzWhcNMjYwMzI3MDAwMTIzWjAzMTEwLwYDVQQD
Eyg5OTVhZTAwZDk3NjQ2OGY3YTM2ODU2OWEzNTYzZDU3NDYzMDhhNjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YYPehJzxdI0d1kSXqmnTKgfdrvf
jBB8k7sgdMb+mYYmedazSQgWt321TcgifvBWfWvhjLoq4WCzV0vKN62kA7aZKwUd
CsY1Y2HJtVRNFQTmXSpghXsMJABHNaRKAb/wXbp1pAN3tIXOmJ9l/n9J+EYu11ge
ideZrPtwgUd0YAwYy9m0fIE9fvlAGJrMSmVbymcmpP+2KjWyR2bK5VWPA/e9BD3O
AeX4voVTy7j9tPqG9DqWzqI00d4z0kBuKsw9bnyvn7UZp4etUR6EbzEbHv9CLjb3
gfnRRm3tEDTeMfCsdjUIwbCr05zvcS3Gcgy+MfJfkPLLUCyDN+kFh+V+CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJla4A2XZGj3o2hWmjVj1XRjCKZMMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAegz7ErsM
dTlx31x6hH5N6ss1lpd1cNfoBLARI54wIWDK2W5NbE1Le5dQTYAGPI0y7Ku3xkrv
sKlGrIfaCMePJivImat/DChnhWlokeYA3olKHA0hEzcvta1McCrndcSyDz4yi4un
II4gDf9Adsk/Fo1a/iioFd4i3wjF4+3nAxElyMq8NiY0X4rKzY22Xi6dwwXPyFeo
zzk9C5JXw2GwtfsON+XlHDWJi08FvOFGmof7owjJzZXj9sedYz2UOZ8kV5DY0k6l
xi6S505iO4lO7dNefWYc5dKrywVgplMTCkt2CDsQsxxiu48fKvnIg49xjx2YPWZM
PLf9UUigtHmK5g==
-----END CERTIFICATE-----