Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
File:                     IIP4tbYgnefJQAjzM3vjQ2866-Y.mft (raw, json)
Hash identifier:          S7YTg3sHfUjU085EqgjA+zJOHZFbnXnAYi0U609IzN8=
Subject key identifier:   CC:B7:3F:68:29:51:47:C6:A9:ED:FB:11:B9:EC:33:D5:16:95:09:A8
Authority key identifier: 20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6
Certificate issuer:       /CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
Certificate serial:       019D2A0457D787E678A4C73D749385781EF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
Manifest number:          08DC
Signing time:             Thu 26 Mar 2026 12:00:20 +0000
Manifest this update:     Thu 26 Mar 2026 12:00:20 +0000
Manifest next update:     Fri 27 Mar 2026 12:00:20 +0000
Files and hashes:         1: IIP4tbYgnefJQAjzM3vjQ2866-Y.crl (hash: OkfToE+a/ggT6dhtClIYxhpzjUALyXmeT+zYRtru2II=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:04:57:d7:87:e6:78:a4:c7:3d:74:93:85:78:1e:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2083f8b5b6209de7c94008f3337be3436f3aebe6
        Validity
            Not Before: Mar 26 12:00:20 2026 GMT
            Not After : Mar 27 12:00:20 2026 GMT
        Subject: CN=ccb73f68295147c6a9edfb11b9ec33d5169509a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ca:e5:81:84:a0:57:d0:17:57:f1:2e:39:e1:
                    34:db:ee:3e:ce:73:d4:f5:6e:a7:2d:80:60:be:bb:
                    aa:c8:b6:fd:c6:05:2c:6d:3c:cc:a1:b6:e0:78:1e:
                    a6:59:70:10:30:2e:42:ab:be:2b:ce:3f:c6:37:4a:
                    83:d1:70:bd:2c:63:f5:53:d4:20:90:e6:61:28:b6:
                    c5:e1:13:46:56:2c:11:9c:d0:94:ad:dd:0e:02:9c:
                    65:34:12:3c:64:47:fe:a7:59:35:f8:67:66:27:f2:
                    51:71:52:52:3a:3c:c9:18:71:02:22:76:8b:0b:2b:
                    7b:10:48:d6:51:53:fe:03:08:17:13:cc:46:5c:1d:
                    2c:e7:cc:03:8c:6a:65:c5:59:92:f9:74:9f:f9:f2:
                    08:d4:b7:51:6d:9c:d1:3a:98:1b:b9:d2:05:12:07:
                    0c:ee:27:87:88:bf:2c:b4:05:ac:cf:5f:d4:e1:f8:
                    b2:87:a6:82:e0:ad:0b:d4:38:4b:3e:8e:96:51:c8:
                    ce:4c:e7:4c:f4:87:7d:6c:c0:44:2b:45:49:2a:34:
                    64:ac:9c:6b:70:76:09:a3:29:e0:c5:aa:03:0e:5f:
                    81:87:f9:e6:7d:89:7d:5e:ea:c9:fb:82:eb:fa:93:
                    06:2b:95:ca:22:ba:db:10:40:33:c3:5a:24:9f:d2:
                    1b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:B7:3F:68:29:51:47:C6:A9:ED:FB:11:B9:EC:33:D5:16:95:09:A8
            X509v3 Authority Key Identifier:
                keyid:20:83:F8:B5:B6:20:9D:E7:C9:40:08:F3:33:7B:E3:43:6F:3A:EB:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IIP4tbYgnefJQAjzM3vjQ2866-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c025e5-399a-4ce8-b5f0-acbef018d03a/1/IIP4tbYgnefJQAjzM3vjQ2866-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:90:d8:d3:56:b7:11:e6:88:d6:70:e0:12:95:9f:3c:c2:f4:
         55:da:61:eb:0f:55:3b:aa:46:2b:13:54:93:3f:7d:fd:9d:9c:
         c1:a3:a3:c2:ec:44:3c:62:8c:82:26:56:a5:3f:f2:51:1d:3d:
         29:41:8b:f9:80:95:d2:d8:5b:7f:04:40:51:2e:ab:85:11:a8:
         6b:24:54:21:76:35:92:93:be:d2:ea:f3:b8:73:19:81:ea:9c:
         22:7e:e5:e6:f1:ac:25:f8:66:2a:f0:9d:9b:5e:86:2b:69:6e:
         f6:fb:de:74:4b:3b:3f:3f:e9:9c:0a:23:44:0d:4c:39:16:de:
         50:2f:7d:38:f9:c1:c9:3d:79:86:a0:e9:db:f2:b3:81:1b:d5:
         54:a9:aa:7c:8b:b6:bb:d3:9d:42:09:6c:8d:97:00:b1:a8:8f:
         7e:e7:20:ca:9b:a5:38:a0:9d:47:27:2c:cf:ea:3a:da:da:bc:
         fb:4c:4a:89:ea:7a:de:80:66:66:72:de:80:77:31:71:80:cb:
         81:40:f2:09:ab:e1:68:30:d8:38:62:2a:8b:7b:ca:40:0d:08:
         a1:14:05:7f:aa:8b:29:3c:c0:6b:71:d9:bd:de:0e:44:5c:cf:
         c9:ea:2c:06:9d:07:3a:8f:ff:45:51:ad:14:5e:9a:48:fc:fb:
         95:8c:66:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBFfXh+Z4pMc9dJOFeB73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwODNmOGI1YjYyMDlkZTdjOTQwMDhmMzMzN2JlMzQzNmYz
YWViZTYwHhcNMjYwMzI2MTIwMDIwWhcNMjYwMzI3MTIwMDIwWjAzMTEwLwYDVQQD
EyhjY2I3M2Y2ODI5NTE0N2M2YTllZGZiMTFiOWVjMzNkNTE2OTUwOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8rlgYSgV9AXV/EuOeE02+4+znPU
9W6nLYBgvruqyLb9xgUsbTzMobbgeB6mWXAQMC5Cq74rzj/GN0qD0XC9LGP1U9Qg
kOZhKLbF4RNGViwRnNCUrd0OApxlNBI8ZEf+p1k1+GdmJ/JRcVJSOjzJGHECInaL
Cyt7EEjWUVP+AwgXE8xGXB0s58wDjGplxVmS+XSf+fII1LdRbZzROpgbudIFEgcM
7ieHiL8stAWsz1/U4fiyh6aC4K0L1DhLPo6WUcjOTOdM9Id9bMBEK0VJKjRkrJxr
cHYJoyngxaoDDl+Bh/nmfYl9XurJ+4Lr+pMGK5XKIrrbEEAzw1okn9IbCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMy3P2gpUUfGqe37EbnsM9UWlQmoMB8GA1UdIwQY
MBaAFCCD+LW2IJ3nyUAI8zN740NvOuvmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAt
YWNiZWYwMThkMDNhLzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jMDI1ZTUtMzk5YS00Y2U4LWI1ZjAtYWNiZWYwMThkMDNh
LzEvSUlQNHRiWWduZWZKUUFqek0zdmpRMjg2Ni1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc5DY01a3
EeaI1nDgEpWfPML0Vdph6w9VO6pGKxNUkz99/Z2cwaOjwuxEPGKMgiZWpT/yUR09
KUGL+YCV0thbfwRAUS6rhRGoayRUIXY1kpO+0urzuHMZgeqcIn7l5vGsJfhmKvCd
m16GK2lu9vvedEs7Pz/pnAojRA1MORbeUC99OPnByT15hqDp2/KzgRvVVKmqfIu2
u9OdQglsjZcAsaiPfucgypulOKCdRycsz+o62tq8+0xKiep63oBmZnLegHcxcYDL
gUDyCavhaDDYOGIqi3vKQA0IoRQFf6qLKTzAa3HZvd4ORFzPyeosBp0HOo//RVGt
FF6aSPz7lYxmvQ==
-----END CERTIFICATE-----