Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
File:                     4iUB2aQBcJg48z0a4nm85xALPM8.mft (raw, json)
Hash identifier:          ysn3BOOenZ8Z8Aaw+/Qd9v3zLZxsTBv/Onjs+rlrMLo=
Subject key identifier:   75:C5:1B:F2:56:77:D8:BB:56:A8:AC:E0:0F:E4:1A:F6:C1:86:09:9A
Authority key identifier: E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF
Certificate issuer:       /CN=e22501d9a401709838f33d1ae279bce7100b3ccf
Certificate serial:       019D28F26DD95EE03EE143249EE759F57629
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
Manifest number:          12FE
Signing time:             Thu 26 Mar 2026 07:01:09 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:09 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:09 +0000
Files and hashes:         1: 4iUB2aQBcJg48z0a4nm85xALPM8.crl (hash: yDQq1GlhGjEol141EmVpWw+IhZoJ70aLyEso56vxqd8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:6d:d9:5e:e0:3e:e1:43:24:9e:e7:59:f5:76:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e22501d9a401709838f33d1ae279bce7100b3ccf
        Validity
            Not Before: Mar 26 07:01:09 2026 GMT
            Not After : Mar 27 07:01:09 2026 GMT
        Subject: CN=75c51bf25677d8bb56a8ace00fe41af6c186099a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e2:e2:dc:75:6f:dd:f3:af:c4:af:5a:bd:ec:
                    20:b1:13:7a:14:8f:1a:49:9f:e3:ec:fd:ed:24:56:
                    65:c2:b1:13:9b:63:4e:0b:b8:7f:eb:00:c5:e6:16:
                    e5:d3:df:00:19:74:cd:74:d4:a0:22:db:6b:1b:9f:
                    1a:8e:5c:f1:9c:49:81:37:70:c3:e6:2a:ae:8b:72:
                    b2:8d:28:ce:f6:e1:68:8c:14:1e:75:a4:31:32:d7:
                    71:90:bd:59:de:30:d4:46:6e:82:b1:94:42:10:cb:
                    94:b4:6b:79:87:67:b4:2f:c1:f4:54:9e:ea:ca:0d:
                    ba:e8:06:db:f8:42:ae:4a:ad:28:7d:9a:d4:eb:ed:
                    04:58:c4:8a:4a:6b:94:ca:b7:98:1e:49:91:ab:b2:
                    04:99:26:52:41:8c:dc:61:b2:aa:36:1d:37:77:4f:
                    04:90:e0:c8:70:36:50:31:75:0b:06:fe:78:4e:d6:
                    bf:ff:57:41:d1:0f:4b:ab:07:52:83:e5:8a:6d:ea:
                    26:51:bc:56:21:cc:a5:95:07:e7:df:b4:ee:dc:63:
                    53:3d:c9:a3:81:b8:34:f4:0d:84:5b:41:52:d3:63:
                    ae:25:25:be:24:e1:59:9d:b5:7f:d8:60:09:f9:d2:
                    7a:ba:fc:cd:ea:f2:57:98:50:25:ef:a1:ee:23:c2:
                    71:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:C5:1B:F2:56:77:D8:BB:56:A8:AC:E0:0F:E4:1A:F6:C1:86:09:9A
            X509v3 Authority Key Identifier:
                keyid:E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:33:44:ca:2f:94:c7:ac:b5:9f:f9:bd:bd:29:68:50:95:c2:
         2d:0c:2f:00:44:b9:49:8a:9e:d9:78:bd:01:9b:17:1a:74:de:
         00:95:f4:a8:f9:94:2a:a8:71:8e:35:85:06:b4:65:97:05:5e:
         8a:a2:66:4a:63:43:53:32:00:10:f1:fd:2a:cc:5d:6e:ee:5e:
         12:16:b8:63:0b:d9:c6:24:22:88:d7:c1:a1:65:77:2f:6e:a3:
         dc:7f:ac:92:37:e6:fb:3d:61:78:6b:29:fe:1f:5e:15:9b:75:
         e0:4c:37:2c:08:89:08:ad:2e:4a:80:fb:ad:cc:a6:4f:05:f0:
         d4:93:06:6b:2d:bf:0c:90:85:51:d2:22:08:c1:68:32:07:1d:
         f0:74:6c:5c:d3:57:bb:4b:52:7d:7d:24:29:6d:da:29:7e:e5:
         74:64:f2:d6:d3:a5:d7:c8:03:d1:1a:35:9a:d3:24:16:9f:2a:
         09:ca:1f:1e:f9:1a:0d:a3:d5:d8:aa:f1:4f:fb:7c:4d:59:b0:
         17:4a:87:fe:4c:28:8f:fc:94:02:08:6d:62:bb:65:e7:05:ec:
         42:e1:4f:9e:cb:9e:86:30:d8:e0:83:09:19:1d:7d:52:d5:4e:
         26:46:44:be:eb:a6:6a:34:b5:2f:1a:fd:6a:8d:b5:09:21:26:
         2a:fb:e0:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8m3ZXuA+4UMknudZ9XYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjUwMWQ5YTQwMTcwOTgzOGYzM2QxYWUyNzliY2U3MTAw
YjNjY2YwHhcNMjYwMzI2MDcwMTA5WhcNMjYwMzI3MDcwMTA5WjAzMTEwLwYDVQQD
Eyg3NWM1MWJmMjU2NzdkOGJiNTZhOGFjZTAwZmU0MWFmNmMxODYwOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+Li3HVv3fOvxK9avewgsRN6FI8a
SZ/j7P3tJFZlwrETm2NOC7h/6wDF5hbl098AGXTNdNSgIttrG58ajlzxnEmBN3DD
5iqui3KyjSjO9uFojBQedaQxMtdxkL1Z3jDURm6CsZRCEMuUtGt5h2e0L8H0VJ7q
yg266Abb+EKuSq0ofZrU6+0EWMSKSmuUyreYHkmRq7IEmSZSQYzcYbKqNh03d08E
kODIcDZQMXULBv54Tta//1dB0Q9LqwdSg+WKbeomUbxWIcyllQfn37Tu3GNTPcmj
gbg09A2EW0FS02OuJSW+JOFZnbV/2GAJ+dJ6uvzN6vJXmFAl76HuI8JxsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXFG/JWd9i7Vqis4A/kGvbBhgmaMB8GA1UdIwQY
MBaAFOIlAdmkAXCYOPM9GuJ5vOcQCzzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3Njgt
Zjk4MTFlZTNmYTg3LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3NjgtZjk4MTFlZTNmYTg3
LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhDNEyi+U
x6y1n/m9vSloUJXCLQwvAES5SYqe2Xi9AZsXGnTeAJX0qPmUKqhxjjWFBrRllwVe
iqJmSmNDUzIAEPH9Ksxdbu5eEha4YwvZxiQiiNfBoWV3L26j3H+skjfm+z1heGsp
/h9eFZt14Ew3LAiJCK0uSoD7rcymTwXw1JMGay2/DJCFUdIiCMFoMgcd8HRsXNNX
u0tSfX0kKW3aKX7ldGTy1tOl18gD0Ro1mtMkFp8qCcofHvkaDaPV2KrxT/t8TVmw
F0qH/kwoj/yUAghtYrtl5wXsQuFPnsuehjDY4IMJGR19UtVOJkZEvuumajS1Lxr9
ao21CSEmKvvgyQ==
-----END CERTIFICATE-----