Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
File:                     9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft (raw, json)
Hash identifier:          qPXqo88G9h1iPYjsj+UzRIAXcMIsU9jV5nvDoph3zhE=
Subject key identifier:   89:7C:90:5F:46:94:9A:2C:77:74:0E:77:9E:A8:23:F2:B8:B4:86:B2
Authority key identifier: F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F
Certificate issuer:       /CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
Certificate serial:       019D2704C9FB92B16D4E8CDE9CD36D26DF4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
Manifest number:          0C92
Signing time:             Wed 25 Mar 2026 22:01:58 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:58 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:58 +0000
Files and hashes:         1: 9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl (hash: O8pml2nV6n3yqQh0qEORuB3JHG0hvLFeJsn8aH52284=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:c9:fb:92:b1:6d:4e:8c:de:9c:d3:6d:26:df:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
        Validity
            Not Before: Mar 25 22:01:58 2026 GMT
            Not After : Mar 26 22:01:58 2026 GMT
        Subject: CN=897c905f46949a2c77740e779ea823f2b8b486b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:35:a4:32:bc:35:16:1a:1b:62:2e:eb:cb:b1:
                    3a:3c:28:43:69:9f:9b:09:e6:9a:fb:4e:81:1f:ac:
                    2c:e4:85:26:7c:53:06:34:2a:f1:30:ee:31:86:84:
                    37:7e:42:88:ae:99:ab:47:c5:bb:66:fd:de:78:68:
                    5e:39:03:77:df:ee:21:22:0f:69:9d:b9:0f:e9:ba:
                    58:b7:64:c7:12:63:55:48:d4:36:1e:20:b1:3e:e2:
                    fe:66:0b:9a:1b:e7:87:c4:b1:17:fa:dd:ac:b3:3c:
                    79:f5:fa:17:cb:f8:5f:8f:30:f6:20:93:42:b6:7c:
                    10:f6:de:48:eb:5f:2b:f9:24:5d:17:1c:3f:47:64:
                    4f:47:56:61:37:10:5f:86:1a:09:a2:f1:59:df:54:
                    4b:bf:71:d0:4d:73:85:8c:be:32:8e:cd:09:2b:15:
                    0b:85:75:46:87:37:02:79:87:f9:12:e5:c9:03:d7:
                    81:e0:64:ec:cd:dc:0f:86:5e:a0:33:53:c6:98:91:
                    7e:3f:68:6d:f0:0f:d2:55:ed:7d:5a:bf:47:4f:8b:
                    5a:12:93:32:8b:e0:7c:83:9a:42:be:cc:dd:71:0a:
                    d1:c7:ca:8b:ac:9e:1e:8e:16:64:01:47:0f:0a:e5:
                    31:53:39:48:11:fd:a2:8a:88:58:c0:a0:88:42:f1:
                    a0:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:7C:90:5F:46:94:9A:2C:77:74:0E:77:9E:A8:23:F2:B8:B4:86:B2
            X509v3 Authority Key Identifier:
                keyid:F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:be:0c:3b:0c:0d:4c:4f:25:58:f2:3e:b1:37:8a:a9:e3:85:
         d9:40:03:52:53:3e:33:8b:d4:47:f8:17:9d:c0:59:0a:78:12:
         3b:95:bb:43:4a:18:f9:58:2e:62:80:2d:4b:18:74:dc:53:60:
         35:3f:37:61:c6:28:b6:71:ea:40:6a:61:b0:15:01:12:8a:18:
         8a:e8:48:7f:b8:d4:d7:3e:e4:24:8c:50:17:bf:10:f0:44:9d:
         87:fa:06:f6:43:cb:de:d7:ac:c9:65:26:22:e1:8d:30:a3:be:
         44:1f:b3:8c:c7:ad:99:34:72:cc:5e:c8:38:a2:de:1e:60:98:
         13:63:cf:df:cf:88:0a:e4:65:9c:08:7f:0a:61:eb:93:50:78:
         e5:a6:b3:d8:ea:c7:42:f5:9c:9b:eb:b1:e0:e2:8f:12:4d:3d:
         cc:20:ce:91:0b:c7:f3:8e:6e:7e:fb:68:39:e1:eb:90:e7:a9:
         6c:30:01:e9:30:0f:3c:7d:6f:68:15:2d:45:7e:e8:6e:b0:36:
         04:6a:17:64:83:df:63:6f:bd:b2:ce:06:95:64:40:06:b9:3d:
         bc:7c:28:cf:9f:75:b2:a3:de:22:bf:1a:a4:8f:7c:bf:42:72:
         b1:ce:57:b8:12:e7:7d:66:11:1b:40:6a:9a:2b:6e:ef:61:15:
         f0:8c:ea:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBMn7krFtTozenNNtJt9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWQ1ZTVkYmJhMWVhYjZkMzk1OGU1OTQxODI5YzlkYTFi
MmM2N2YwHhcNMjYwMzI1MjIwMTU4WhcNMjYwMzI2MjIwMTU4WjAzMTEwLwYDVQQD
Eyg4OTdjOTA1ZjQ2OTQ5YTJjNzc3NDBlNzc5ZWE4MjNmMmI4YjQ4NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTWkMrw1FhobYi7ry7E6PChDaZ+b
Ceaa+06BH6ws5IUmfFMGNCrxMO4xhoQ3fkKIrpmrR8W7Zv3eeGheOQN33+4hIg9p
nbkP6bpYt2THEmNVSNQ2HiCxPuL+ZguaG+eHxLEX+t2sszx59foXy/hfjzD2IJNC
tnwQ9t5I618r+SRdFxw/R2RPR1ZhNxBfhhoJovFZ31RLv3HQTXOFjL4yjs0JKxUL
hXVGhzcCeYf5EuXJA9eB4GTszdwPhl6gM1PGmJF+P2ht8A/SVe19Wr9HT4taEpMy
i+B8g5pCvszdcQrRx8qLrJ4ejhZkAUcPCuUxUzlIEf2iiohYwKCIQvGgIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIl8kF9GlJosd3QOd56oI/K4tIayMB8GA1UdIwQY
MBaAFPTtXl27oeq205WOWUGCnJ2hssZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQt
ZGIxYTZiYmNiYjcyLzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQtZGIxYTZiYmNiYjcy
LzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdr4MOwwN
TE8lWPI+sTeKqeOF2UADUlM+M4vUR/gXncBZCngSO5W7Q0oY+VguYoAtSxh03FNg
NT83YcYotnHqQGphsBUBEooYiuhIf7jU1z7kJIxQF78Q8ESdh/oG9kPL3tesyWUm
IuGNMKO+RB+zjMetmTRyzF7IOKLeHmCYE2PP38+ICuRlnAh/CmHrk1B45aaz2OrH
QvWcm+ux4OKPEk09zCDOkQvH845ufvtoOeHrkOepbDAB6TAPPH1vaBUtRX7obrA2
BGoXZIPfY2+9ss4GlWRABrk9vHwoz591sqPeIr8apI98v0Jysc5XuBLnfWYRG0Bq
mitu72EV8IzqdA==
-----END CERTIFICATE-----