Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          OfnldWBfeoG8Egun/V1GzewtgsJFUxSfX+JkM0kxlO0=
Subject key identifier:   F9:A0:4B:5A:2F:45:07:A9:15:A6:C1:D8:C1:58:26:E3:A3:B9:CD:2E
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       019D2704E1B8EF41C3E4D2725E2452E3EA81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:02:04 +0000
Manifest this update:     Wed 25 Mar 2026 22:02:04 +0000
Manifest next update:     Thu 26 Mar 2026 22:02:04 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: Dzghb6QvfO2fBoBTK+g+4hCSygNVUiyZ/XuUCIBB6QE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:e1:b8:ef:41:c3:e4:d2:72:5e:24:52:e3:ea:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Mar 25 22:02:04 2026 GMT
            Not After : Mar 26 22:02:04 2026 GMT
        Subject: CN=f9a04b5a2f4507a915a6c1d8c15826e3a3b9cd2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:28:05:38:74:6c:33:a7:a0:1e:5c:aa:0b:55:
                    b2:56:53:ac:15:6c:0f:68:76:f5:0b:e4:02:4b:90:
                    c3:50:32:59:b4:e8:4f:a7:9d:4f:65:55:05:63:ed:
                    86:e5:7a:3c:2e:13:15:7f:ea:cf:dd:94:28:e0:cb:
                    9a:75:81:b6:33:c6:23:9e:72:94:5f:66:55:7e:ef:
                    4e:18:50:3e:40:a3:82:a8:6b:26:92:33:98:45:6c:
                    00:e6:5c:99:96:5f:5f:c3:83:36:10:ed:a9:75:ab:
                    fa:db:6f:e1:ae:65:b3:a6:56:f5:2d:49:3e:ef:17:
                    79:51:bb:20:db:1d:8c:8b:f7:60:43:da:42:82:99:
                    c3:ec:0e:9c:b7:a2:f1:3e:70:4c:5f:ac:ff:0b:8c:
                    0e:a2:f2:b9:2c:87:68:84:1f:a8:7f:af:48:18:77:
                    1f:20:89:d9:84:00:d1:3a:32:24:c4:d0:0b:88:73:
                    03:c0:eb:58:5a:bd:3f:59:da:97:31:f1:17:4c:23:
                    88:d8:95:04:21:c2:6c:f1:3b:03:3d:20:57:0f:4a:
                    38:f1:5b:c2:0c:ca:15:7e:40:d0:56:cf:70:e0:bb:
                    ed:df:86:78:2b:0e:75:7e:37:55:5f:c0:81:5f:06:
                    c4:f5:0b:b9:a7:bb:82:e1:07:a1:d1:d7:15:76:30:
                    72:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:A0:4B:5A:2F:45:07:A9:15:A6:C1:D8:C1:58:26:E3:A3:B9:CD:2E
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:b6:b1:8b:ae:84:a0:43:da:3c:7d:5e:8f:1b:26:b2:1d:df:
         54:aa:34:fd:87:4d:f7:b0:52:63:c2:2e:11:fe:1d:43:b0:da:
         95:44:ac:0d:95:90:7e:65:78:c1:69:be:4b:09:20:69:ed:8a:
         53:c0:b4:bc:e0:15:00:a3:80:41:f6:40:04:c4:6b:6c:4f:68:
         dd:cf:ce:dc:0a:27:b8:9e:ed:0a:80:94:f3:ac:89:da:29:87:
         bd:89:14:3f:59:dc:f2:54:90:3b:c1:7e:88:07:c9:32:0d:92:
         30:7d:74:9b:61:53:40:30:08:2c:f3:a4:ec:65:d3:41:2b:8a:
         67:b1:e2:07:13:3f:ae:58:df:7d:27:d2:86:67:d3:59:95:31:
         15:fe:03:69:c8:78:5f:d0:b0:c5:f1:e2:d4:19:a8:0b:9a:c7:
         31:f6:69:f4:dd:6f:93:0c:a7:92:4b:e0:dd:c2:c3:8e:ce:72:
         2f:4c:2f:25:54:22:bf:7a:ec:c3:c0:ba:6f:89:b5:c4:ec:6a:
         23:ad:9e:13:2d:a5:7e:20:56:28:0a:44:59:08:96:00:8b:16:
         c1:1b:57:aa:bf:9c:10:e3:59:e0:9e:60:b6:9a:da:80:f2:d7:
         1b:a2:ad:11:e3:6b:c8:24:d5:dd:81:88:81:1d:27:a5:13:c5:
         36:59:b9:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBOG470HD5NJyXiRS4+qBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjYwMzI1MjIwMjA0WhcNMjYwMzI2MjIwMjA0WjAzMTEwLwYDVQQD
EyhmOWEwNGI1YTJmNDUwN2E5MTVhNmMxZDhjMTU4MjZlM2EzYjljZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSgFOHRsM6egHlyqC1WyVlOsFWwP
aHb1C+QCS5DDUDJZtOhPp51PZVUFY+2G5Xo8LhMVf+rP3ZQo4MuadYG2M8YjnnKU
X2ZVfu9OGFA+QKOCqGsmkjOYRWwA5lyZll9fw4M2EO2pdav622/hrmWzplb1LUk+
7xd5Ubsg2x2Mi/dgQ9pCgpnD7A6ct6LxPnBMX6z/C4wOovK5LIdohB+of69IGHcf
IInZhADROjIkxNALiHMDwOtYWr0/WdqXMfEXTCOI2JUEIcJs8TsDPSBXD0o48VvC
DMoVfkDQVs9w4Lvt34Z4Kw51fjdVX8CBXwbE9Qu5p7uC4Qeh0dcVdjBy9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmgS1ovRQepFabB2MFYJuOjuc0uMB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAALaxi66E
oEPaPH1ejxsmsh3fVKo0/YdN97BSY8IuEf4dQ7DalUSsDZWQfmV4wWm+Swkgae2K
U8C0vOAVAKOAQfZABMRrbE9o3c/O3AonuJ7tCoCU86yJ2imHvYkUP1nc8lSQO8F+
iAfJMg2SMH10m2FTQDAILPOk7GXTQSuKZ7HiBxM/rljffSfShmfTWZUxFf4Dach4
X9CwxfHi1BmoC5rHMfZp9N1vkwynkkvg3cLDjs5yL0wvJVQiv3rsw8C6b4m1xOxq
I62eEy2lfiBWKApEWQiWAIsWwRtXqr+cEONZ4J5gtpragPLXG6KtEeNryCTV3YGI
gR0npRPFNlm5fg==
-----END CERTIFICATE-----