Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
File:                     71j4Vyvdd9mBQRGA4u-aioAsdqw.mft (raw, json)
Hash identifier:          0b8w796zhSYObN4OHYPBvFMBcK79+dVtjRSk7MWwGBY=
Subject key identifier:   34:D0:71:9A:1F:4D:08:1D:6A:52:44:B1:9F:0A:9D:24:EB:1F:27:39
Authority key identifier: EF:58:F8:57:2B:DD:77:D9:81:41:11:80:E2:EF:9A:8A:80:2C:76:AC
Certificate issuer:       /CN=ef58f8572bdd77d981411180e2ef9a8a802c76ac
Certificate serial:       019D284DA6C402E1E893ABDE1DDA3DA5340F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
Manifest number:          0402
Signing time:             Thu 26 Mar 2026 04:01:10 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:10 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:10 +0000
Files and hashes:         1: 71j4Vyvdd9mBQRGA4u-aioAsdqw.crl (hash: +b9EywTjcEpcNC+WV3GvBHhzSJaGwILhsOtfpfvrcMw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:a6:c4:02:e1:e8:93:ab:de:1d:da:3d:a5:34:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef58f8572bdd77d981411180e2ef9a8a802c76ac
        Validity
            Not Before: Mar 26 04:01:10 2026 GMT
            Not After : Mar 27 04:01:10 2026 GMT
        Subject: CN=34d0719a1f4d081d6a5244b19f0a9d24eb1f2739
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:db:d6:36:a5:df:e8:71:b4:49:19:50:a7:31:
                    21:52:f5:ef:84:27:78:e9:11:ae:22:2e:c0:98:7f:
                    bf:19:51:5e:76:07:7e:9d:99:f2:63:71:1b:a4:0b:
                    aa:47:af:b3:53:de:46:6a:fb:f5:fa:2d:50:c6:bb:
                    36:2b:9b:61:a2:4b:60:26:8c:c6:1e:2e:03:c6:ea:
                    83:a4:a5:55:0f:e8:d2:11:5b:15:ab:a5:6f:bd:66:
                    af:d9:f7:63:aa:f2:2c:af:26:8a:d6:cd:fb:80:35:
                    3d:36:3a:46:76:e6:8a:ee:eb:f7:c8:71:db:ea:d7:
                    d4:a4:cc:5c:8c:e4:e2:72:49:15:9e:2a:bf:20:b7:
                    e2:ea:32:7a:c9:9f:d8:04:7c:0c:b5:aa:8b:df:47:
                    4d:9e:f7:25:87:65:be:60:ac:8c:f6:8d:30:4d:b9:
                    d0:8a:3c:a0:be:eb:eb:33:35:57:8a:6c:2d:66:f5:
                    a9:dc:c1:8c:71:5e:a9:a4:ae:ad:e5:c0:1e:7e:f9:
                    2e:61:ab:5d:68:c7:04:e8:f2:29:30:b4:a5:e5:d4:
                    e0:f6:59:2b:ad:b6:df:0e:d7:be:e3:42:ea:6a:84:
                    aa:09:2a:a2:98:d8:cf:ba:74:05:11:36:22:8c:a7:
                    a7:4c:5b:8d:3a:58:e2:b2:ba:ed:95:26:be:5d:8c:
                    d2:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:D0:71:9A:1F:4D:08:1D:6A:52:44:B1:9F:0A:9D:24:EB:1F:27:39
            X509v3 Authority Key Identifier:
                keyid:EF:58:F8:57:2B:DD:77:D9:81:41:11:80:E2:EF:9A:8A:80:2C:76:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71j4Vyvdd9mBQRGA4u-aioAsdqw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/9b7108-e12f-4f8a-a5e0-38e805ff4c73/1/71j4Vyvdd9mBQRGA4u-aioAsdqw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:d1:aa:20:dd:ce:68:50:6c:9b:fb:97:8b:24:89:0a:54:a0:
         4f:58:a8:6a:f1:0f:ed:cb:d8:0c:c3:56:f7:7b:f5:09:22:35:
         4d:e7:eb:31:96:14:0c:b9:87:ab:55:c0:05:08:4f:82:6c:70:
         5f:e8:d4:73:5e:29:f8:37:5a:d9:65:93:50:57:36:db:d3:31:
         2e:1a:90:5b:20:52:d2:84:20:16:c8:09:46:1b:0a:bc:9f:db:
         ca:23:e3:c2:98:78:06:2c:ea:0c:fa:d7:c5:53:68:94:3d:21:
         b2:f6:c8:34:99:c8:21:83:3b:09:f2:15:90:7b:31:bc:3f:ec:
         9c:18:42:3f:24:c2:00:9e:9e:e7:34:46:53:72:9b:b6:34:a2:
         d0:80:e6:f1:7a:f8:93:e4:7e:a3:17:0e:c7:5c:5c:58:90:fb:
         df:f4:8b:d2:c6:ae:94:20:12:c9:f2:44:2d:d9:5e:bd:1a:9a:
         24:10:29:ac:0f:cf:de:0b:bd:d6:90:eb:b0:21:90:bd:e1:15:
         c2:07:df:32:e8:8c:22:81:bb:8d:52:0b:4d:65:52:7c:54:1d:
         f5:90:37:9b:fb:cf:47:99:03:07:b5:66:1c:09:f2:e0:50:69:
         46:a3:d6:2e:e3:32:96:38:bb:a6:ae:d3:17:e0:ef:d6:3d:4c:
         ea:c2:69:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTabEAuHok6veHdo9pTQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNThmODU3MmJkZDc3ZDk4MTQxMTE4MGUyZWY5YThhODAy
Yzc2YWMwHhcNMjYwMzI2MDQwMTEwWhcNMjYwMzI3MDQwMTEwWjAzMTEwLwYDVQQD
EygzNGQwNzE5YTFmNGQwODFkNmE1MjQ0YjE5ZjBhOWQyNGViMWYyNzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdvWNqXf6HG0SRlQpzEhUvXvhCd4
6RGuIi7AmH+/GVFedgd+nZnyY3EbpAuqR6+zU95Gavv1+i1Qxrs2K5thoktgJozG
Hi4DxuqDpKVVD+jSEVsVq6VvvWav2fdjqvIsryaK1s37gDU9NjpGduaK7uv3yHHb
6tfUpMxcjOTickkVniq/ILfi6jJ6yZ/YBHwMtaqL30dNnvclh2W+YKyM9o0wTbnQ
ijygvuvrMzVXimwtZvWp3MGMcV6ppK6t5cAefvkuYatdaMcE6PIpMLSl5dTg9lkr
rbbfDte+40LqaoSqCSqimNjPunQFETYijKenTFuNOljisrrtlSa+XYzS2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDTQcZofTQgdalJEsZ8KnSTrHyc5MB8GA1UdIwQY
MBaAFO9Y+Fcr3XfZgUERgOLvmoqALHasMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni85YjcxMDgtZTEyZi00ZjhhLWE1ZTAt
MzhlODA1ZmY0YzczLzEvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni85YjcxMDgtZTEyZi00ZjhhLWE1ZTAtMzhlODA1ZmY0Yzcz
LzEvNzFqNFZ5dmRkOW1CUVJHQTR1LWFpb0FzZHF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcNGqIN3O
aFBsm/uXiySJClSgT1ioavEP7cvYDMNW93v1CSI1TefrMZYUDLmHq1XABQhPgmxw
X+jUc14p+Dda2WWTUFc229MxLhqQWyBS0oQgFsgJRhsKvJ/byiPjwph4BizqDPrX
xVNolD0hsvbINJnIIYM7CfIVkHsxvD/snBhCPyTCAJ6e5zRGU3KbtjSi0IDm8Xr4
k+R+oxcOx1xcWJD73/SL0saulCASyfJELdlevRqaJBAprA/P3gu91pDrsCGQveEV
wgffMuiMIoG7jVILTWVSfFQd9ZA3m/vPR5kDB7VmHAny4FBpRqPWLuMylji7pq7T
F+Dv1j1M6sJpRg==
-----END CERTIFICATE-----