Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft
File:                     PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft (raw, json)
Hash identifier:          FR8+/UMlr10SXp2X5zB84edHtzsfhxE4RveQxXPMzd4=
Subject key identifier:   67:7B:BC:6C:1A:E2:D9:28:28:39:A4:5A:D1:21:30:3C:C7:25:86:AC
Authority key identifier: 3F:23:AB:73:05:30:47:92:DC:2C:E8:17:80:B5:DB:88:9D:8F:7F:3A
Certificate issuer:       /CN=3f23ab7305304792dc2ce81780b5db889d8f7f3a
Certificate serial:       019D25BA974D791591BD8386CDE98890A81C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 16:01:18 +0000
Manifest this update:     Wed 25 Mar 2026 16:01:18 +0000
Manifest next update:     Thu 26 Mar 2026 16:01:18 +0000
Files and hashes:         1: PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl (hash: 8MkEbGI+mhXQNt9x5DwoXwfMKWhe3P9NdCyaHZH6OYk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:97:4d:79:15:91:bd:83:86:cd:e9:88:90:a8:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f23ab7305304792dc2ce81780b5db889d8f7f3a
        Validity
            Not Before: Mar 25 16:01:18 2026 GMT
            Not After : Mar 26 16:01:18 2026 GMT
        Subject: CN=677bbc6c1ae2d9282839a45ad121303cc72586ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:bd:14:aa:5e:b2:9e:d9:42:a8:e5:bd:54:3b:
                    0f:99:78:86:af:ab:05:e0:3b:9d:a0:24:5a:36:86:
                    94:b6:41:0c:91:3f:89:01:d8:9e:37:51:43:00:13:
                    93:1f:01:01:5c:a8:41:d3:95:4e:7f:01:fc:04:3e:
                    f9:15:12:76:84:e0:56:4d:14:d2:03:e1:e6:b2:41:
                    e1:69:6a:0c:51:12:08:58:0c:2b:76:23:c7:4e:b8:
                    5e:2b:60:78:38:67:a7:b4:4c:cc:74:97:83:bb:cd:
                    c1:f0:0d:81:29:4c:67:7b:dd:0e:f1:fa:73:be:0e:
                    4f:12:ca:34:d2:32:0c:fe:6e:91:03:d7:9e:4a:18:
                    5e:69:5d:74:27:ce:f3:ac:65:08:62:1a:a3:5e:5e:
                    e8:8b:85:5c:46:60:18:41:e9:0f:da:8e:d9:c8:8f:
                    69:ab:d2:e6:2b:82:cf:93:f0:82:b4:0a:c5:ef:b0:
                    dd:3e:0f:7a:34:88:bc:62:af:75:52:43:af:af:6d:
                    51:cb:8a:87:60:c6:47:39:66:e0:1a:be:25:ce:14:
                    7e:af:fd:e6:12:e3:91:54:10:ab:8e:e3:dc:45:22:
                    19:28:ed:a5:75:a1:2a:84:a5:79:40:6a:74:95:ec:
                    f7:3c:d3:4d:d5:8d:10:22:cb:a6:23:d2:ef:5b:6a:
                    3a:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:7B:BC:6C:1A:E2:D9:28:28:39:A4:5A:D1:21:30:3C:C7:25:86:AC
            X509v3 Authority Key Identifier:
                keyid:3F:23:AB:73:05:30:47:92:DC:2C:E8:17:80:B5:DB:88:9D:8F:7F:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f7db9d-fcd9-4f21-91c2-60033d5b03bb/1/PyOrcwUwR5LcLOgXgLXbiJ2Pfzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:40:26:ef:77:cc:72:26:67:d1:9b:46:71:c3:83:f6:cc:d4:
         3c:69:b5:72:fd:0d:98:9b:81:c5:51:53:2b:56:ff:ea:0a:b8:
         d5:a5:22:3c:91:2d:16:29:f2:c8:b1:48:e9:1e:38:9f:e4:8f:
         7e:1c:6b:5a:bd:bc:e2:f5:cd:97:34:e4:ac:44:48:fd:f6:c2:
         a2:91:cd:3c:03:db:59:64:67:b9:35:b7:18:b6:e1:1f:2c:99:
         b3:d4:cd:a2:b1:1d:12:1a:50:40:52:2b:af:39:bd:d4:2e:42:
         04:69:fe:09:17:7b:80:3d:5a:d3:96:f4:c5:f3:c9:c4:9e:30:
         a7:d6:a4:97:cc:50:f6:0f:97:0c:68:28:44:03:b2:70:78:c6:
         0d:e1:c5:00:43:85:69:8c:d9:84:d2:0e:c7:b2:fd:e5:67:e9:
         03:53:ba:e1:0d:89:5e:13:51:d6:51:7d:6a:97:7d:af:70:04:
         bb:05:bd:c5:da:65:95:1e:01:5d:ec:cc:5f:2d:b0:ea:af:5d:
         1a:85:eb:76:e1:ca:b2:97:02:c3:6e:04:32:b6:f9:e1:0d:39:
         03:69:c2:85:f7:c6:d9:d4:43:6f:68:a9:f3:fa:92:67:64:06:
         8f:54:27:c9:53:3c:e2:9d:57:84:1f:21:53:38:ba:b6:11:d6:
         a0:a2:9c:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lupdNeRWRvYOGzemIkKgcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjNhYjczMDUzMDQ3OTJkYzJjZTgxNzgwYjVkYjg4OWQ4
ZjdmM2EwHhcNMjYwMzI1MTYwMTE4WhcNMjYwMzI2MTYwMTE4WjAzMTEwLwYDVQQD
Eyg2NzdiYmM2YzFhZTJkOTI4MjgzOWE0NWFkMTIxMzAzY2M3MjU4NmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL0Uql6yntlCqOW9VDsPmXiGr6sF
4DudoCRaNoaUtkEMkT+JAdieN1FDABOTHwEBXKhB05VOfwH8BD75FRJ2hOBWTRTS
A+HmskHhaWoMURIIWAwrdiPHTrheK2B4OGentEzMdJeDu83B8A2BKUxne90O8fpz
vg5PEso00jIM/m6RA9eeShheaV10J87zrGUIYhqjXl7oi4VcRmAYQekP2o7ZyI9p
q9LmK4LPk/CCtArF77DdPg96NIi8Yq91UkOvr21Ry4qHYMZHOWbgGr4lzhR+r/3m
EuORVBCrjuPcRSIZKO2ldaEqhKV5QGp0lez3PNNN1Y0QIsumI9LvW2o6RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGd7vGwa4tkoKDmkWtEhMDzHJYasMB8GA1UdIwQY
MBaAFD8jq3MFMEeS3CzoF4C124idj386MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mN2RiOWQtZmNkOS00ZjIxLTkxYzIt
NjAwMzNkNWIwM2JiLzEvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mN2RiOWQtZmNkOS00ZjIxLTkxYzItNjAwMzNkNWIwM2Ji
LzEvUHlPcmN3VXdSNUxjTE9nWGdMWGJpSjJQZnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsUAm73fM
ciZn0ZtGccOD9szUPGm1cv0NmJuBxVFTK1b/6gq41aUiPJEtFinyyLFI6R44n+SP
fhxrWr284vXNlzTkrERI/fbCopHNPAPbWWRnuTW3GLbhHyyZs9TNorEdEhpQQFIr
rzm91C5CBGn+CRd7gD1a05b0xfPJxJ4wp9akl8xQ9g+XDGgoRAOycHjGDeHFAEOF
aYzZhNIOx7L95WfpA1O64Q2JXhNR1lF9apd9r3AEuwW9xdpllR4BXezMXy2w6q9d
GoXrduHKspcCw24EMrb54Q05A2nChffG2dRDb2ip8/qSZ2QGj1QnyVM84p1XhB8h
Uzi6thHWoKKcdg==
-----END CERTIFICATE-----