Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
File:                     ci0p5qil5cpi3rc-r_OrE95VBq0.mft (raw, json)
Hash identifier:          i0/RPLAAlY+IlclStlMX74QAzmslyGZL+n0e9umXpUE=
Subject key identifier:   A3:19:10:72:88:26:53:F0:F5:BD:A2:D4:A8:A8:9E:D6:0D:09:34:9E
Authority key identifier: 72:2D:29:E6:A8:A5:E5:CA:62:DE:B7:3E:AF:F3:AB:13:DE:55:06:AD
Certificate issuer:       /CN=722d29e6a8a5e5ca62deb73eaff3ab13de5506ad
Certificate serial:       019D265F497578F2B969DB9D3AC37A1C0B5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ci0p5qil5cpi3rc-r_OrE95VBq0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
Manifest number:          038C
Signing time:             Wed 25 Mar 2026 19:01:12 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:12 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:12 +0000
Files and hashes:         1: ci0p5qil5cpi3rc-r_OrE95VBq0.crl (hash: J16vP1tWbRs2AsYeD9XrA10/8AaySBWoFfjsIjDPprc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ci0p5qil5cpi3rc-r_OrE95VBq0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:49:75:78:f2:b9:69:db:9d:3a:c3:7a:1c:0b:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722d29e6a8a5e5ca62deb73eaff3ab13de5506ad
        Validity
            Not Before: Mar 25 19:01:12 2026 GMT
            Not After : Mar 26 19:01:12 2026 GMT
        Subject: CN=a3191072882653f0f5bda2d4a8a89ed60d09349e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:43:7c:fd:bf:bc:b6:e1:83:6d:5a:e2:fc:e1:
                    5b:c2:c9:28:8b:42:8d:1a:d9:85:7c:41:50:67:74:
                    b6:40:fa:14:f8:3a:8f:45:0d:dc:be:e6:8d:5c:14:
                    a0:97:70:6d:52:f9:95:85:15:21:bf:2e:02:18:ff:
                    ee:cf:44:60:38:a1:7f:ee:28:8a:4b:26:03:98:63:
                    20:0d:4c:82:98:37:58:fd:7d:e5:5b:4a:89:5c:1f:
                    1b:d3:8e:2b:ef:44:14:b2:a2:3c:d4:47:a5:eb:7f:
                    85:1a:6d:a3:d2:6f:56:52:23:31:4b:f5:80:b9:9b:
                    7c:93:30:75:98:f4:cd:e6:e3:f2:ab:d9:6f:4e:5e:
                    04:ed:bb:8b:8c:59:71:df:3a:68:88:f3:e8:ad:32:
                    30:73:28:6f:68:44:2d:af:f7:e9:0e:da:f8:63:03:
                    50:ce:93:29:53:3c:21:f7:0a:17:05:8d:37:14:64:
                    8f:4e:8b:0b:be:b6:85:2b:cd:ae:0b:96:56:ee:e4:
                    ce:f6:fd:c0:13:d3:87:3f:65:50:5f:2e:68:1a:65:
                    72:71:35:d2:a5:4f:00:64:16:d1:34:25:4c:2e:2c:
                    f8:8c:e9:a4:20:4d:a2:e2:36:08:53:aa:86:7c:da:
                    29:17:69:7b:2a:c4:d1:8d:59:49:12:87:9c:98:80:
                    30:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:19:10:72:88:26:53:F0:F5:BD:A2:D4:A8:A8:9E:D6:0D:09:34:9E
            X509v3 Authority Key Identifier:
                keyid:72:2D:29:E6:A8:A5:E5:CA:62:DE:B7:3E:AF:F3:AB:13:DE:55:06:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ci0p5qil5cpi3rc-r_OrE95VBq0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/106e0f-ad80-47c3-bd4f-5547900b8d59/1/ci0p5qil5cpi3rc-r_OrE95VBq0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:dd:fa:c8:2e:97:71:8d:34:e7:a0:2a:27:75:76:c4:ec:7d:
         7b:c8:5c:fa:d1:e5:ec:47:95:3d:1e:41:00:e5:74:6d:8c:68:
         19:e5:04:e4:be:39:df:18:23:f8:b7:ae:e5:24:36:d3:ae:5b:
         29:88:a4:ae:31:7f:aa:fc:a2:01:2a:47:8d:79:ff:34:0f:f4:
         14:bb:d1:08:ec:8e:ff:a9:e5:93:2e:ce:3f:16:3f:22:a1:d5:
         ce:fb:a4:b5:e8:6d:1c:8d:e5:5f:bd:e1:3b:b9:84:02:88:e6:
         e8:1f:2b:22:df:f6:c4:e6:dc:8a:33:84:4a:0e:c8:14:79:8f:
         c5:0b:cd:2c:a0:ae:c3:d5:ef:27:e2:0c:b3:ee:95:26:90:7d:
         c5:9b:88:89:de:70:02:7d:c3:3e:ce:ae:dc:ec:66:e9:47:37:
         c3:e8:41:1c:20:f9:58:e2:90:6a:bc:b9:67:80:bc:b1:8e:66:
         fd:bf:44:cb:86:67:c1:d2:b3:d6:00:50:42:ff:28:bf:d5:0d:
         41:57:22:ef:e6:9c:35:81:61:6b:e4:c4:16:41:af:9c:31:92:
         70:38:d4:a2:6b:84:93:96:ac:4f:42:1a:dc:85:b6:15:e0:d6:
         28:d0:92:a5:15:7c:53:d3:93:93:fc:cb:99:3c:09:c7:8c:3a:
         fa:d3:80:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX0l1ePK5adudOsN6HAtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmQyOWU2YThhNWU1Y2E2MmRlYjczZWFmZjNhYjEzZGU1
NTA2YWQwHhcNMjYwMzI1MTkwMTEyWhcNMjYwMzI2MTkwMTEyWjAzMTEwLwYDVQQD
EyhhMzE5MTA3Mjg4MjY1M2YwZjViZGEyZDRhOGE4OWVkNjBkMDkzNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0N8/b+8tuGDbVri/OFbwskoi0KN
GtmFfEFQZ3S2QPoU+DqPRQ3cvuaNXBSgl3BtUvmVhRUhvy4CGP/uz0RgOKF/7iiK
SyYDmGMgDUyCmDdY/X3lW0qJXB8b044r70QUsqI81Eel63+FGm2j0m9WUiMxS/WA
uZt8kzB1mPTN5uPyq9lvTl4E7buLjFlx3zpoiPPorTIwcyhvaEQtr/fpDtr4YwNQ
zpMpUzwh9woXBY03FGSPTosLvraFK82uC5ZW7uTO9v3AE9OHP2VQXy5oGmVycTXS
pU8AZBbRNCVMLiz4jOmkIE2i4jYIU6qGfNopF2l7KsTRjVlJEoecmIAwlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMZEHKIJlPw9b2i1KiontYNCTSeMB8GA1UdIwQY
MBaAFHItKeaopeXKYt63Pq/zqxPeVQatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2kwcDVxaWw1Y3BpM3JjLXJfT3JFOTVWQnEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8xMDZlMGYtYWQ4MC00N2MzLWJkNGYt
NTU0NzkwMGI4ZDU5LzEvY2kwcDVxaWw1Y3BpM3JjLXJfT3JFOTVWQnEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8xMDZlMGYtYWQ4MC00N2MzLWJkNGYtNTU0NzkwMGI4ZDU5
LzEvY2kwcDVxaWw1Y3BpM3JjLXJfT3JFOTVWQnEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmN36yC6X
cY0056AqJ3V2xOx9e8hc+tHl7EeVPR5BAOV0bYxoGeUE5L453xgj+Leu5SQ2065b
KYikrjF/qvyiASpHjXn/NA/0FLvRCOyO/6nlky7OPxY/IqHVzvuktehtHI3lX73h
O7mEAojm6B8rIt/2xObcijOESg7IFHmPxQvNLKCuw9XvJ+IMs+6VJpB9xZuIid5w
An3DPs6u3Oxm6Uc3w+hBHCD5WOKQary5Z4C8sY5m/b9Ey4ZnwdKz1gBQQv8ov9UN
QVci7+acNYFha+TEFkGvnDGScDjUomuEk5asT0Ia3IW2FeDWKNCSpRV8U9OTk/zL
mTwJx4w6+tOAbg==
-----END CERTIFICATE-----