Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.mft
File:                     cVYaucXzkpItp8rhgMMwc2XwI4Y.mft (raw, json)
Hash identifier:          DJ3Mc/j3A4qPU9kt8LpECp4BhF74CrZicy7RyJlb3rQ=
Subject key identifier:   2F:A9:6F:5C:AD:3D:9D:FA:33:51:FD:8F:EA:38:B8:D9:9B:06:97:8A
Authority key identifier: 71:56:1A:B9:C5:F3:92:92:2D:A7:CA:E1:80:C3:30:73:65:F0:23:86
Certificate issuer:       /CN=71561ab9c5f392922da7cae180c3307365f02386
Certificate serial:       019D2703CDCE579F453F7C076104DE52A85F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cVYaucXzkpItp8rhgMMwc2XwI4Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.mft
Manifest number:          11B7
Signing time:             Wed 25 Mar 2026 22:00:53 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:53 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:53 +0000
Files and hashes:         1: cVYaucXzkpItp8rhgMMwc2XwI4Y.crl (hash: i/aPyYfS1t2ZpGepTlfjigtl0OPZses3eH/6hwWl+E4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cVYaucXzkpItp8rhgMMwc2XwI4Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:cd:ce:57:9f:45:3f:7c:07:61:04:de:52:a8:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71561ab9c5f392922da7cae180c3307365f02386
        Validity
            Not Before: Mar 25 22:00:53 2026 GMT
            Not After : Mar 26 22:00:53 2026 GMT
        Subject: CN=2fa96f5cad3d9dfa3351fd8fea38b8d99b06978a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:40:e0:b6:b5:66:e5:68:d8:28:57:88:63:d5:
                    a6:0f:d5:e6:98:b6:b0:7d:d5:fb:d5:08:f1:19:5a:
                    7d:22:5c:68:31:61:5e:4e:df:d0:73:1f:df:06:69:
                    e8:90:d8:70:60:97:a9:a8:51:e5:fc:75:28:f4:0b:
                    4e:46:2f:4c:bd:30:02:f5:5a:f9:a8:40:f6:0e:28:
                    1d:14:ab:dd:78:81:11:ec:f6:5d:4e:31:ca:b6:7f:
                    33:5a:55:44:a3:0c:a9:6a:cd:d5:fc:ec:35:a0:fa:
                    3c:d4:be:d1:67:98:f1:83:cc:44:d8:3d:c2:53:b3:
                    9b:ce:be:56:58:1e:22:f9:35:af:e9:a2:c6:cc:e4:
                    07:bb:be:1b:f7:df:b2:f2:4a:69:c1:eb:7d:74:4d:
                    47:ff:95:b7:a6:d8:bd:98:a0:5a:0d:63:7d:3f:6f:
                    96:36:5f:cf:13:3d:52:45:97:82:c2:6b:8c:ae:18:
                    61:d5:44:93:b2:b0:a9:43:d7:52:ef:81:31:61:b6:
                    95:ea:0b:8e:77:72:f2:85:4d:2d:0e:e9:a5:25:58:
                    4c:76:fe:d7:1a:91:bf:d1:49:1a:54:c5:4f:bc:60:
                    2d:ca:55:6e:58:81:c1:4d:86:18:52:50:46:00:d7:
                    0b:d6:97:f7:0e:6e:92:4f:53:1e:d0:0a:71:14:39:
                    59:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:A9:6F:5C:AD:3D:9D:FA:33:51:FD:8F:EA:38:B8:D9:9B:06:97:8A
            X509v3 Authority Key Identifier:
                keyid:71:56:1A:B9:C5:F3:92:92:2D:A7:CA:E1:80:C3:30:73:65:F0:23:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cVYaucXzkpItp8rhgMMwc2XwI4Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2135e3-593f-4cdb-af55-c6f4ee872364/1/cVYaucXzkpItp8rhgMMwc2XwI4Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:a4:04:ba:7b:9f:f9:11:26:67:a8:7d:dc:05:ab:cb:fb:3c:
         94:47:b6:25:81:0d:44:b4:b7:32:f0:10:42:62:a2:c7:70:27:
         68:e8:65:c1:82:c8:19:02:a2:56:dc:2c:0d:82:c0:fa:d0:f1:
         e4:7d:2d:7f:dd:30:46:39:67:72:f4:cf:45:55:e3:ae:1c:02:
         5a:59:c7:3d:e7:0f:72:8f:03:07:a0:a6:49:a9:dc:1c:6c:57:
         f1:af:db:c1:d5:80:14:74:68:8c:9c:88:e3:dc:cc:6a:8a:0b:
         a4:3d:66:32:b7:c4:14:9f:65:d5:ce:23:98:58:2c:67:52:75:
         a8:bb:51:55:b6:df:86:ee:10:70:6d:86:06:24:87:3d:90:76:
         3c:90:df:c4:b6:30:32:1e:29:58:b2:cb:ad:7c:98:4c:f0:fd:
         8b:2b:0f:6d:b4:85:fe:bd:39:5c:77:20:f7:96:c8:b4:42:bd:
         55:24:96:3f:ce:8b:1d:8c:d0:7e:ab:72:3f:02:5c:d2:73:18:
         8b:e1:85:33:21:31:ee:be:41:90:bf:ce:2c:af:a7:5a:0c:1a:
         86:ea:83:72:6d:7c:00:27:ee:b4:a3:82:99:ee:22:71:83:ea:
         f4:c9:30:0a:b1:d1:ab:d2:f8:e8:13:62:1e:8e:e0:eb:01:c9:
         a4:7d:9d:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA83OV59FP3wHYQTeUqhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNTYxYWI5YzVmMzkyOTIyZGE3Y2FlMTgwYzMzMDczNjVm
MDIzODYwHhcNMjYwMzI1MjIwMDUzWhcNMjYwMzI2MjIwMDUzWjAzMTEwLwYDVQQD
EygyZmE5NmY1Y2FkM2Q5ZGZhMzM1MWZkOGZlYTM4YjhkOTliMDY5NzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0DgtrVm5WjYKFeIY9WmD9XmmLaw
fdX71QjxGVp9IlxoMWFeTt/Qcx/fBmnokNhwYJepqFHl/HUo9AtORi9MvTAC9Vr5
qED2DigdFKvdeIER7PZdTjHKtn8zWlVEowypas3V/Ow1oPo81L7RZ5jxg8xE2D3C
U7Obzr5WWB4i+TWv6aLGzOQHu74b99+y8kppwet9dE1H/5W3pti9mKBaDWN9P2+W
Nl/PEz1SRZeCwmuMrhhh1USTsrCpQ9dS74ExYbaV6guOd3LyhU0tDumlJVhMdv7X
GpG/0UkaVMVPvGAtylVuWIHBTYYYUlBGANcL1pf3Dm6ST1Me0ApxFDlZnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+pb1ytPZ36M1H9j+o4uNmbBpeKMB8GA1UdIwQY
MBaAFHFWGrnF85KSLafK4YDDMHNl8COGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1ZZYXVjWHprcEl0cDhyaGdNTXdjMlh3STRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMTM1ZTMtNTkzZi00Y2RiLWFmNTUt
YzZmNGVlODcyMzY0LzEvY1ZZYXVjWHprcEl0cDhyaGdNTXdjMlh3STRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMTM1ZTMtNTkzZi00Y2RiLWFmNTUtYzZmNGVlODcyMzY0
LzEvY1ZZYXVjWHprcEl0cDhyaGdNTXdjMlh3STRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGqQEunuf
+REmZ6h93AWry/s8lEe2JYENRLS3MvAQQmKix3AnaOhlwYLIGQKiVtwsDYLA+tDx
5H0tf90wRjlncvTPRVXjrhwCWlnHPecPco8DB6CmSancHGxX8a/bwdWAFHRojJyI
49zMaooLpD1mMrfEFJ9l1c4jmFgsZ1J1qLtRVbbfhu4QcG2GBiSHPZB2PJDfxLYw
Mh4pWLLLrXyYTPD9iysPbbSF/r05XHcg95bItEK9VSSWP86LHYzQfqtyPwJc0nMY
i+GFMyEx7r5BkL/OLK+nWgwahuqDcm18ACfutKOCme4icYPq9MkwCrHRq9L46BNi
Ho7g6wHJpH2dRA==
-----END CERTIFICATE-----