Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
File:                     PO7GxHlRspnHCAZYPXkdUM2BbF8.mft (raw, json)
Hash identifier:          QQ+XyP/JDYSEvAKZ2bLfSgww266MtFZ+QN1GHuLu3As=
Subject key identifier:   1B:46:6D:58:2F:07:50:61:38:20:BE:C7:8A:EC:3E:DE:79:51:36:EE
Authority key identifier: 3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F
Certificate issuer:       /CN=3ceec6c47951b299c70806583d791d50cd816c5f
Certificate serial:       019D28BBDF13465C55A1C1635CE91A4C1F23
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
Manifest number:          04D6
Signing time:             Thu 26 Mar 2026 06:01:34 +0000
Manifest this update:     Thu 26 Mar 2026 06:01:34 +0000
Manifest next update:     Fri 27 Mar 2026 06:01:34 +0000
Files and hashes:         1: PO7GxHlRspnHCAZYPXkdUM2BbF8.crl (hash: 8zJNYbsAKRe+do+hMEWYctxBRvpuYf5FxO8UqN0vYrQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 06:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:df:13:46:5c:55:a1:c1:63:5c:e9:1a:4c:1f:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ceec6c47951b299c70806583d791d50cd816c5f
        Validity
            Not Before: Mar 26 06:01:34 2026 GMT
            Not After : Mar 27 06:01:34 2026 GMT
        Subject: CN=1b466d582f0750613820bec78aec3ede795136ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:af:df:f1:b5:20:63:75:9d:a6:df:50:69:e9:
                    49:d2:6c:2c:8a:6e:e6:ff:a1:05:17:3d:10:ff:39:
                    82:9d:9e:cd:f6:aa:f8:8b:34:5d:f7:5c:26:99:bd:
                    e1:8b:26:ac:2b:b2:13:3b:43:45:9f:b6:79:bc:ca:
                    cb:8a:d3:f2:4a:67:09:9e:fe:9e:53:3d:ec:2d:a9:
                    a1:e4:bf:d6:69:80:cc:f6:5d:74:05:60:89:2d:a1:
                    24:8e:15:64:41:f5:68:0f:82:6f:6a:6f:a7:db:ec:
                    e5:27:f3:bd:e4:1a:a4:28:0d:c2:2f:a8:38:a4:a4:
                    cc:c6:0a:cb:6a:19:e2:db:c9:9d:86:b7:17:84:37:
                    63:61:ea:55:89:0d:93:e0:46:17:d1:35:c3:1b:4f:
                    57:cc:08:9d:c2:72:e2:46:3e:28:a7:78:93:de:6b:
                    f0:03:17:c3:72:9a:1d:9c:5f:ee:b0:86:d5:45:5f:
                    9d:ee:61:ad:97:e4:c6:24:41:0e:d7:95:4e:64:64:
                    c2:23:24:cc:7c:bb:3f:af:17:5c:16:86:af:38:d4:
                    a8:18:75:0e:19:cf:b2:2e:df:d1:ac:15:49:40:2b:
                    09:d2:64:8f:ae:05:48:e4:c6:47:bc:c4:8c:86:b0:
                    de:7f:95:ac:b6:4c:42:b5:73:7a:c3:c3:c5:d6:a9:
                    06:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:46:6D:58:2F:07:50:61:38:20:BE:C7:8A:EC:3E:DE:79:51:36:EE
            X509v3 Authority Key Identifier:
                keyid:3C:EE:C6:C4:79:51:B2:99:C7:08:06:58:3D:79:1D:50:CD:81:6C:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PO7GxHlRspnHCAZYPXkdUM2BbF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b330c7-fdac-400a-967b-a72ead295325/1/PO7GxHlRspnHCAZYPXkdUM2BbF8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:1c:76:fe:e9:27:28:71:98:ca:7f:f4:d2:da:65:23:a7:a3:
         c4:2e:39:e9:d4:8d:a5:74:66:c2:ea:49:df:f1:04:32:71:68:
         44:69:57:49:d3:b1:e2:d0:22:de:df:6a:9f:7e:40:a4:28:8b:
         3d:88:cb:98:da:cf:54:7f:74:57:25:77:44:23:bc:aa:d8:2e:
         ca:75:60:5a:7a:bd:96:1e:ea:6f:ab:2d:4b:4e:e5:8a:0a:39:
         4f:15:6f:5b:f5:38:c6:ab:28:79:96:0d:8e:b5:46:67:de:16:
         a4:c4:3e:1a:b4:3e:8d:04:2d:83:69:e2:a5:18:4c:be:c3:33:
         8e:80:81:61:28:0b:b0:a9:97:ef:71:77:b8:ac:3d:0c:c4:dd:
         63:2a:46:4c:3f:86:4e:f3:79:69:44:6c:1f:2a:db:9d:8e:84:
         7b:52:7e:78:60:65:93:b8:a7:51:2a:1e:15:b8:5c:48:e6:4e:
         ce:59:eb:e2:4a:c5:45:a0:ea:bd:01:21:1b:0d:e8:17:b3:aa:
         90:63:46:6a:6c:c4:01:72:51:9b:fa:f6:32:e5:3a:62:23:ba:
         8a:1f:0b:43:c9:c3:1e:d7:9c:77:0f:e0:9c:4c:f5:cf:77:fe:
         e1:bf:65:01:91:d5:bf:05:9e:92:a6:01:4e:98:5a:fa:f3:59:
         e5:5d:b4:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou98TRlxVocFjXOkaTB8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWVjNmM0Nzk1MWIyOTljNzA4MDY1ODNkNzkxZDUwY2Q4
MTZjNWYwHhcNMjYwMzI2MDYwMTM0WhcNMjYwMzI3MDYwMTM0WjAzMTEwLwYDVQQD
EygxYjQ2NmQ1ODJmMDc1MDYxMzgyMGJlYzc4YWVjM2VkZTc5NTEzNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26/f8bUgY3Wdpt9QaelJ0mwsim7m
/6EFFz0Q/zmCnZ7N9qr4izRd91wmmb3hiyasK7ITO0NFn7Z5vMrLitPySmcJnv6e
Uz3sLamh5L/WaYDM9l10BWCJLaEkjhVkQfVoD4Jvam+n2+zlJ/O95BqkKA3CL6g4
pKTMxgrLahni28mdhrcXhDdjYepViQ2T4EYX0TXDG09XzAidwnLiRj4op3iT3mvw
AxfDcpodnF/usIbVRV+d7mGtl+TGJEEO15VOZGTCIyTMfLs/rxdcFoavONSoGHUO
Gc+yLt/RrBVJQCsJ0mSPrgVI5MZHvMSMhrDef5WstkxCtXN6w8PF1qkGtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtGbVgvB1BhOCC+x4rsPt55UTbuMB8GA1UdIwQY
MBaAFDzuxsR5UbKZxwgGWD15HVDNgWxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2It
YTcyZWFkMjk1MzI1LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iMzMwYzctZmRhYy00MDBhLTk2N2ItYTcyZWFkMjk1MzI1
LzEvUE83R3hIbFJzcG5IQ0FaWVBYa2RVTTJCYkY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABBx2/ukn
KHGYyn/00tplI6ejxC456dSNpXRmwupJ3/EEMnFoRGlXSdOx4tAi3t9qn35ApCiL
PYjLmNrPVH90VyV3RCO8qtguynVgWnq9lh7qb6stS07ligo5TxVvW/U4xqsoeZYN
jrVGZ94WpMQ+GrQ+jQQtg2nipRhMvsMzjoCBYSgLsKmX73F3uKw9DMTdYypGTD+G
TvN5aURsHyrbnY6Ee1J+eGBlk7inUSoeFbhcSOZOzlnr4krFRaDqvQEhGw3oF7Oq
kGNGamzEAXJRm/r2MuU6YiO6ih8LQ8nDHtecdw/gnEz1z3f+4b9lAZHVvwWekqYB
Tpha+vNZ5V20hQ==
-----END CERTIFICATE-----