Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          WzrOLJzfzWgORYFBGZzx3j6EFp+yVRdg3yo0FHFCvUg=
Subject key identifier:   F6:82:7C:0C:FC:68:76:CE:88:76:D1:D6:3D:1F:C9:C7:DA:8E:6F:CA
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       019D2703995A1F59F7CE747218415620E5A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0F28
Signing time:             Wed 25 Mar 2026 22:00:40 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:40 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:40 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: bKamhkI/nDpZ8vnvNnmeW5iWS+Z4BUQUGP0Swo+fVW0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:99:5a:1f:59:f7:ce:74:72:18:41:56:20:e5:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: Mar 25 22:00:40 2026 GMT
            Not After : Mar 26 22:00:40 2026 GMT
        Subject: CN=f6827c0cfc6876ce8876d1d63d1fc9c7da8e6fca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:ee:2c:a3:18:93:dd:5f:e7:ca:09:db:e1:e7:
                    22:10:ba:b0:73:2f:98:6d:c7:1c:c1:54:53:c4:38:
                    49:8b:71:12:21:a0:88:ab:36:a2:ad:11:d6:d9:d6:
                    55:90:9c:c4:af:9a:4c:c0:e0:9c:9a:f5:a1:28:9c:
                    7f:12:13:25:74:f7:4d:dc:00:b0:0d:64:9b:b5:1d:
                    6b:e2:8b:86:5d:44:b3:cc:1d:4a:38:1f:2e:8c:85:
                    e3:11:22:ad:ea:c9:33:0e:75:43:3d:42:77:35:eb:
                    a4:69:00:b2:4a:5b:e7:3b:e9:a7:57:7b:8f:45:8e:
                    a2:aa:8a:83:96:a6:e5:62:aa:48:ee:3b:cc:3c:2c:
                    99:05:98:d7:9f:70:7a:f7:8d:ce:3c:49:09:53:11:
                    09:02:2f:1f:99:40:00:f4:92:5a:c7:df:92:7f:42:
                    19:a0:26:6b:9b:c6:a7:4e:b6:b2:75:04:0a:d6:a6:
                    d9:de:4a:96:2a:fb:9e:f3:a3:84:28:19:ec:0d:e0:
                    79:1c:0a:85:2e:b5:72:ed:d9:f3:23:fd:12:3f:c9:
                    88:fb:52:56:a5:e7:5b:39:6a:25:6b:81:39:cc:93:
                    94:02:84:7f:d5:e9:bb:02:35:e3:e9:40:e0:c1:eb:
                    79:6e:ac:c9:8d:30:c5:5c:21:7d:ab:3a:8a:7c:8b:
                    1f:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:82:7C:0C:FC:68:76:CE:88:76:D1:D6:3D:1F:C9:C7:DA:8E:6F:CA
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:d6:00:21:86:e0:94:01:ee:69:fd:08:12:a0:86:0e:f8:f4:
         66:bb:97:c6:0e:26:e4:f2:b3:ad:1b:68:1f:66:ac:7c:38:bc:
         60:49:00:9d:67:f4:83:3c:99:9f:5b:cf:26:74:93:b3:ee:67:
         f4:17:1f:45:8b:9c:f8:fa:e6:9c:b0:fa:a1:0a:d7:70:91:37:
         15:b0:19:c0:06:a9:dd:69:5d:c3:66:6a:13:38:fd:0c:3a:dc:
         84:53:64:2d:73:a5:af:a7:98:d6:9e:de:47:12:bb:2d:a6:ce:
         32:fa:b1:4b:d6:f2:6d:6f:0a:b1:15:d3:01:76:91:41:50:70:
         0e:12:3c:4f:a3:e2:6e:65:ef:92:89:bd:2f:8a:62:c9:d9:8c:
         05:7b:49:24:07:ed:06:bf:38:54:4f:30:9f:e1:1f:4a:4e:60:
         6d:2e:db:f7:70:e9:a5:46:40:6e:e2:88:fb:55:1f:87:11:8e:
         c8:d3:65:ac:8c:a8:c7:53:88:9b:fb:53:83:a2:cf:17:eb:f3:
         da:d5:67:44:16:e4:53:1b:48:d6:41:ee:fa:ea:11:2f:68:e3:
         82:d0:02:0d:8e:5d:9a:67:d0:bd:ee:6d:d7:16:93:ee:b2:9b:
         3c:92:ca:c3:b4:13:15:4c:07:50:d4:89:b1:94:0f:c0:b1:ad:
         c1:18:ce:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA5laH1n3znRyGEFWIOWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjYwMzI1MjIwMDQwWhcNMjYwMzI2MjIwMDQwWjAzMTEwLwYDVQQD
EyhmNjgyN2MwY2ZjNjg3NmNlODg3NmQxZDYzZDFmYzljN2RhOGU2ZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+4soxiT3V/nygnb4eciELqwcy+Y
bcccwVRTxDhJi3ESIaCIqzairRHW2dZVkJzEr5pMwOCcmvWhKJx/EhMldPdN3ACw
DWSbtR1r4ouGXUSzzB1KOB8ujIXjESKt6skzDnVDPUJ3NeukaQCySlvnO+mnV3uP
RY6iqoqDlqblYqpI7jvMPCyZBZjXn3B6943OPEkJUxEJAi8fmUAA9JJax9+Sf0IZ
oCZrm8anTraydQQK1qbZ3kqWKvue86OEKBnsDeB5HAqFLrVy7dnzI/0SP8mI+1JW
pedbOWola4E5zJOUAoR/1em7AjXj6UDgwet5bqzJjTDFXCF9qzqKfIsfgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPaCfAz8aHbOiHbR1j0fycfajm/KMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW9YAIYbg
lAHuaf0IEqCGDvj0ZruXxg4m5PKzrRtoH2asfDi8YEkAnWf0gzyZn1vPJnSTs+5n
9BcfRYuc+PrmnLD6oQrXcJE3FbAZwAap3Wldw2ZqEzj9DDrchFNkLXOlr6eY1p7e
RxK7LabOMvqxS9bybW8KsRXTAXaRQVBwDhI8T6PibmXvkom9L4piydmMBXtJJAft
Br84VE8wn+EfSk5gbS7b93DppUZAbuKI+1UfhxGOyNNlrIyox1OIm/tTg6LPF+vz
2tVnRBbkUxtI1kHu+uoRL2jjgtACDY5dmmfQve5t1xaT7rKbPJLKw7QTFUwHUNSJ
sZQPwLGtwRjO+g==
-----END CERTIFICATE-----