Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
File:                     iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft (raw, json)
Hash identifier:          +LF/UT0SoT+1hozAEfYfYMp2Nov2zpKuEZE0pz8cNeE=
Subject key identifier:   A5:50:DE:8A:01:2A:AD:ED:48:AE:D8:F5:92:B9:6D:A8:39:70:F4:F3
Authority key identifier: 89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6
Certificate issuer:       /CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
Certificate serial:       019D2A04CCB9F27E102A063719E64C82F419
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
Manifest number:          085F
Signing time:             Thu 26 Mar 2026 12:00:50 +0000
Manifest this update:     Thu 26 Mar 2026 12:00:50 +0000
Manifest next update:     Fri 27 Mar 2026 12:00:50 +0000
Files and hashes:         1: iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl (hash: 41r3RraNysPu+rJVRKsiRm/sbo3sjvn8jfIbTRdfMdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:04:cc:b9:f2:7e:10:2a:06:37:19:e6:4c:82:f4:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=890f3fab2349c01b1ac8fd0b921c60318ce184d6
        Validity
            Not Before: Mar 26 12:00:50 2026 GMT
            Not After : Mar 27 12:00:50 2026 GMT
        Subject: CN=a550de8a012aaded48aed8f592b96da83970f4f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:34:34:d2:f2:82:e6:a5:ee:46:4e:35:b1:45:
                    32:7d:3a:30:1a:6e:48:e8:3d:66:3d:c6:46:5e:53:
                    93:ee:0b:c2:28:bf:45:76:c1:5d:c8:83:1c:2b:20:
                    88:20:97:56:e5:01:b3:3b:2c:a6:91:f6:28:16:4c:
                    eb:7c:43:ef:fd:ba:3d:fc:57:e5:fc:b6:31:14:c1:
                    31:bd:e2:5b:92:e0:70:af:a5:7e:cc:db:d7:2c:d8:
                    3f:cf:b4:5b:98:f2:46:2c:1b:f7:c3:16:83:76:60:
                    cd:16:3e:bf:dc:fe:e7:06:16:6e:dc:3a:fe:19:cc:
                    93:78:df:97:62:58:e8:89:98:20:93:f5:de:58:8e:
                    1d:28:57:5f:e5:8e:5f:6b:4b:a6:ce:d7:1d:bc:e8:
                    71:3d:a7:1c:22:50:41:4f:4d:a2:ef:9e:51:c0:35:
                    b4:5f:28:84:69:07:de:f6:78:54:f7:5a:92:87:41:
                    d7:24:e1:7d:4e:12:12:69:b5:75:1f:06:ca:81:7f:
                    f0:52:02:38:26:1f:b5:12:c0:e3:03:52:c3:e8:89:
                    22:cf:d6:0d:c3:4b:6c:6c:6c:d2:ea:20:1c:03:e1:
                    cd:cc:c4:e2:4d:b2:69:4a:66:c9:f5:b9:c5:09:c8:
                    f0:6d:7c:e8:ee:42:1c:af:ab:26:3e:31:66:dd:7d:
                    17:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:50:DE:8A:01:2A:AD:ED:48:AE:D8:F5:92:B9:6D:A8:39:70:F4:F3
            X509v3 Authority Key Identifier:
                keyid:89:0F:3F:AB:23:49:C0:1B:1A:C8:FD:0B:92:1C:60:31:8C:E1:84:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQ8_qyNJwBsayP0LkhxgMYzhhNY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/1ce3e3-c859-4b71-b6d2-9359d8de2975/1/iQ8_qyNJwBsayP0LkhxgMYzhhNY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:71:90:c6:0b:5d:37:69:b2:97:64:0b:9a:78:8d:23:28:fd:
         9d:17:f5:e8:35:8f:f7:0a:a5:24:08:6b:ed:95:a7:fc:7b:0b:
         d2:2f:8b:c4:7f:9d:57:b6:0c:bf:64:fc:ad:ae:5b:44:cd:3f:
         fa:fa:a9:bc:ed:4c:c3:e5:66:ce:28:b6:c1:7a:d6:f5:34:71:
         7f:3f:60:b9:23:f0:eb:6f:32:27:ae:cb:2f:32:64:34:ab:98:
         b3:3d:0d:f7:d8:bf:ed:1a:d6:fd:3a:bb:e7:6f:f7:25:b5:6f:
         a9:89:52:2c:13:ba:c7:cd:c1:bf:5e:91:89:52:40:20:cf:4d:
         24:f9:e1:68:79:90:3f:be:33:97:24:29:5d:79:b4:12:44:b7:
         bb:17:85:92:62:af:bb:43:57:5b:b1:11:db:e4:09:1d:f5:55:
         b1:50:c7:89:34:ea:64:41:5a:df:d5:4f:24:90:6e:eb:ba:73:
         f0:98:54:9c:93:97:e5:14:f3:04:2f:56:7c:f5:71:48:03:03:
         99:af:b1:db:d7:03:1f:fd:43:89:ac:3a:3b:71:2a:cb:8a:44:
         6c:e9:f3:7f:f9:7d:a2:b1:c5:cc:6c:59:ac:6d:5f:3d:bc:82:
         11:92:42:57:6c:49:b3:4d:50:8c:c6:18:e8:d8:43:14:de:c2:
         bc:53:47:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qBMy58n4QKgY3GeZMgvQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MGYzZmFiMjM0OWMwMWIxYWM4ZmQwYjkyMWM2MDMxOGNl
MTg0ZDYwHhcNMjYwMzI2MTIwMDUwWhcNMjYwMzI3MTIwMDUwWjAzMTEwLwYDVQQD
EyhhNTUwZGU4YTAxMmFhZGVkNDhhZWQ4ZjU5MmI5NmRhODM5NzBmNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zQ00vKC5qXuRk41sUUyfTowGm5I
6D1mPcZGXlOT7gvCKL9FdsFdyIMcKyCIIJdW5QGzOyymkfYoFkzrfEPv/bo9/Ffl
/LYxFMExveJbkuBwr6V+zNvXLNg/z7RbmPJGLBv3wxaDdmDNFj6/3P7nBhZu3Dr+
GcyTeN+XYljoiZggk/XeWI4dKFdf5Y5fa0umztcdvOhxPaccIlBBT02i755RwDW0
XyiEaQfe9nhU91qSh0HXJOF9ThISabV1HwbKgX/wUgI4Jh+1EsDjA1LD6Ikiz9YN
w0tsbGzS6iAcA+HNzMTiTbJpSmbJ9bnFCcjwbXzo7kIcr6smPjFm3X0XPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVQ3ooBKq3tSK7Y9ZK5bag5cPTzMB8GA1UdIwQY
MBaAFIkPP6sjScAbGsj9C5IcYDGM4YTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDIt
OTM1OWQ4ZGUyOTc1LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8xY2UzZTMtYzg1OS00YjcxLWI2ZDItOTM1OWQ4ZGUyOTc1
LzEvaVE4X3F5Tkp3QnNheVAwTGtoeGdNWXpoaE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp3GQxgtd
N2myl2QLmniNIyj9nRf16DWP9wqlJAhr7ZWn/HsL0i+LxH+dV7YMv2T8ra5bRM0/
+vqpvO1Mw+Vmzii2wXrW9TRxfz9guSPw628yJ67LLzJkNKuYsz0N99i/7RrW/Tq7
52/3JbVvqYlSLBO6x83Bv16RiVJAIM9NJPnhaHmQP74zlyQpXXm0EkS3uxeFkmKv
u0NXW7ER2+QJHfVVsVDHiTTqZEFa39VPJJBu67pz8JhUnJOX5RTzBC9WfPVxSAMD
ma+x29cDH/1Diaw6O3Eqy4pEbOnzf/l9orHFzGxZrG1fPbyCEZJCV2xJs01QjMYY
6NhDFN7CvFNHHA==
-----END CERTIFICATE-----