Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8f58a7-5bcf-4371-8285-3f7cdaeb86a0/1/pOopq0HGXysU-RHRaY4HMMtJ_pI.mft
File:                     pOopq0HGXysU-RHRaY4HMMtJ_pI.mft (raw, json)
Hash identifier:          UmlgT3onhbQHFY/1u1EAJfLr4lfWDfzfp+i2V2puKts=
Subject key identifier:   7F:12:93:FB:CA:11:DA:51:44:2B:82:C5:F9:18:0F:45:6C:8B:0E:5E
Authority key identifier: A4:EA:29:AB:41:C6:5F:2B:14:F9:11:D1:69:8E:07:30:CB:49:FE:92
Certificate issuer:       /CN=a4ea29ab41c65f2b14f911d1698e0730cb49fe92
Certificate serial:       019D33AC89653D0C580BF89EF9680F8ED777
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pOopq0HGXysU-RHRaY4HMMtJ_pI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/8f58a7-5bcf-4371-8285-3f7cdaeb86a0/1/pOopq0HGXysU-RHRaY4HMMtJ_pI.mft
Manifest number:          09
Signing time:             Sat 28 Mar 2026 09:00:38 +0000
Manifest this update:     Sat 28 Mar 2026 09:00:38 +0000
Manifest next update:     Sun 29 Mar 2026 09:00:38 +0000
Files and hashes:         1: pOopq0HGXysU-RHRaY4HMMtJ_pI.crl (hash: Qss+JRse9aPfFldC4usicPHzLFaCLwwGACmhZklFO2M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/8f58a7-5bcf-4371-8285-3f7cdaeb86a0/1/pOopq0HGXysU-RHRaY4HMMtJ_pI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/8f58a7-5bcf-4371-8285-3f7cdaeb86a0/1/pOopq0HGXysU-RHRaY4HMMtJ_pI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pOopq0HGXysU-RHRaY4HMMtJ_pI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:ac:89:65:3d:0c:58:0b:f8:9e:f9:68:0f:8e:d7:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4ea29ab41c65f2b14f911d1698e0730cb49fe92
        Validity
            Not Before: Mar 28 09:00:38 2026 GMT
            Not After : Mar 29 09:00:38 2026 GMT
        Subject: CN=7f1293fbca11da51442b82c5f9180f456c8b0e5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:a9:71:66:42:90:23:a4:21:43:40:53:a4:d8:
                    2d:3a:30:20:5e:cb:3d:b7:2c:8a:ba:5d:8f:f3:e4:
                    ee:4e:18:ca:7a:1d:65:bc:46:8c:f6:b6:73:8f:a7:
                    97:6e:29:61:6d:53:87:4a:41:be:d8:a4:60:b0:97:
                    e2:65:83:b2:c4:66:e4:82:40:0a:3c:de:d4:57:2a:
                    b1:73:e1:c0:14:af:9e:3f:d8:8e:bd:a6:2e:0d:71:
                    42:f0:d7:3b:40:35:73:d1:9d:2a:da:72:59:a7:11:
                    5a:9a:21:fb:43:ce:91:2f:4a:68:99:3f:a6:ff:3a:
                    3e:d1:a3:cc:5c:15:03:d0:5d:fe:b4:0c:02:29:12:
                    58:3c:18:4f:f8:23:81:7d:94:9c:50:95:f6:00:78:
                    0e:06:27:cf:0a:62:a8:2c:53:1a:79:e6:e1:7a:fc:
                    8f:ff:50:15:04:84:2a:20:3e:40:cf:66:00:07:e7:
                    17:7f:36:98:9a:fa:6f:f8:54:d7:e0:22:35:72:9f:
                    3d:09:9b:c4:4c:74:a9:d0:a9:bd:ab:12:d3:a5:a3:
                    fe:85:21:a6:23:0a:ad:0f:e8:b4:86:a9:cb:20:5f:
                    c1:fd:33:69:9b:3b:d7:7a:7b:8a:5d:a5:f7:66:87:
                    5b:26:c4:0a:32:be:f8:13:82:2a:88:c0:d7:67:66:
                    3d:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:12:93:FB:CA:11:DA:51:44:2B:82:C5:F9:18:0F:45:6C:8B:0E:5E
            X509v3 Authority Key Identifier:
                keyid:A4:EA:29:AB:41:C6:5F:2B:14:F9:11:D1:69:8E:07:30:CB:49:FE:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOopq0HGXysU-RHRaY4HMMtJ_pI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8f58a7-5bcf-4371-8285-3f7cdaeb86a0/1/pOopq0HGXysU-RHRaY4HMMtJ_pI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8f58a7-5bcf-4371-8285-3f7cdaeb86a0/1/pOopq0HGXysU-RHRaY4HMMtJ_pI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:d1:5f:ab:a6:04:3e:db:ad:88:7b:fd:64:5a:fa:cd:13:14:
         37:56:ee:93:72:43:f8:4b:cc:aa:88:c2:f0:97:55:74:35:54:
         a2:ce:ad:53:0b:b9:8a:90:f7:36:be:00:3a:68:dc:2c:4b:d5:
         b3:aa:55:4e:2f:99:2c:d1:c0:0c:eb:af:2b:7b:bc:7b:21:bc:
         7d:26:c9:a1:9f:75:63:4a:61:c9:b0:9c:a5:e2:fa:78:96:97:
         2b:e8:30:f0:d2:f9:fd:5c:39:c5:48:8d:3d:c4:80:fd:3c:c5:
         1f:44:0c:fd:1c:ad:00:83:e1:ab:47:bb:52:60:68:72:d8:a6:
         0b:33:5a:a8:9a:68:e8:92:60:e7:b1:bf:04:16:33:92:1f:b4:
         cc:15:f5:04:ad:32:bd:e3:bc:e8:80:65:f0:1b:89:f5:ae:d2:
         fc:5e:ab:64:be:cf:1e:9c:7b:81:4a:0f:7a:77:63:47:43:0f:
         24:92:06:7c:de:69:35:51:6d:f9:02:c1:22:17:b4:ea:13:cd:
         cf:ef:e2:33:44:bf:8f:8c:14:67:d2:04:77:56:a0:91:31:be:
         c5:71:ac:51:60:cb:af:9f:b1:4a:8a:60:55:a3:16:c0:02:6e:
         18:c8:13:a0:b2:1e:ec:c8:87:eb:d3:13:fb:59:3b:fb:bc:8a:
         38:07:2c:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zrIllPQxYC/ie+WgPjtd3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZWEyOWFiNDFjNjVmMmIxNGY5MTFkMTY5OGUwNzMwY2I0
OWZlOTIwHhcNMjYwMzI4MDkwMDM4WhcNMjYwMzI5MDkwMDM4WjAzMTEwLwYDVQQD
Eyg3ZjEyOTNmYmNhMTFkYTUxNDQyYjgyYzVmOTE4MGY0NTZjOGIwZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqlxZkKQI6QhQ0BTpNgtOjAgXss9
tyyKul2P8+TuThjKeh1lvEaM9rZzj6eXbilhbVOHSkG+2KRgsJfiZYOyxGbkgkAK
PN7UVyqxc+HAFK+eP9iOvaYuDXFC8Nc7QDVz0Z0q2nJZpxFamiH7Q86RL0pomT+m
/zo+0aPMXBUD0F3+tAwCKRJYPBhP+COBfZScUJX2AHgOBifPCmKoLFMaeebhevyP
/1AVBIQqID5Az2YAB+cXfzaYmvpv+FTX4CI1cp89CZvETHSp0Km9qxLTpaP+hSGm
IwqtD+i0hqnLIF/B/TNpmzvXenuKXaX3ZodbJsQKMr74E4IqiMDXZ2Y95wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8Sk/vKEdpRRCuCxfkYD0Vsiw5eMB8GA1UdIwQY
MBaAFKTqKatBxl8rFPkR0WmOBzDLSf6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9vcHEwSEdYeXNVLVJIUmFZNEhNTXRKX3BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84ZjU4YTctNWJjZi00MzcxLTgyODUt
M2Y3Y2RhZWI4NmEwLzEvcE9vcHEwSEdYeXNVLVJIUmFZNEhNTXRKX3BJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84ZjU4YTctNWJjZi00MzcxLTgyODUtM2Y3Y2RhZWI4NmEw
LzEvcE9vcHEwSEdYeXNVLVJIUmFZNEhNTXRKX3BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHNFfq6YE
PtutiHv9ZFr6zRMUN1buk3JD+EvMqojC8JdVdDVUos6tUwu5ipD3Nr4AOmjcLEvV
s6pVTi+ZLNHADOuvK3u8eyG8fSbJoZ91Y0phybCcpeL6eJaXK+gw8NL5/Vw5xUiN
PcSA/TzFH0QM/RytAIPhq0e7UmBoctimCzNaqJpo6JJg57G/BBYzkh+0zBX1BK0y
veO86IBl8BuJ9a7S/F6rZL7PHpx7gUoPendjR0MPJJIGfN5pNVFt+QLBIhe06hPN
z+/iM0S/j4wUZ9IEd1agkTG+xXGsUWDLr5+xSopgVaMWwAJuGMgToLIe7MiH69MT
+1k7+7yKOAcsDA==
-----END CERTIFICATE-----