Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
File:                     eY97H9gCs9xqvXpc2nhqYxHh1j0.mft (raw, json)
Hash identifier:          5r6YtnrNXmiZ3NevZCBKEmiORlmHkifFYUwLXKxCmY8=
Subject key identifier:   1F:31:41:13:CC:A9:B0:0A:D9:F7:A0:59:7D:B4:8E:F3:D1:8D:0D:5F
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Certificate issuer:       /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial:       019D29CED3FD8037ABACFCBAA114BBE32FDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
Manifest number:          10CD
Signing time:             Thu 26 Mar 2026 11:01:53 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:53 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:53 +0000
Files and hashes:         1: eY97H9gCs9xqvXpc2nhqYxHh1j0.crl (hash: 2RkjbS2ob+vaTHn9bmflzvOtF4FEGK4zlHd4i+2Upsg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:d3:fd:80:37:ab:ac:fc:ba:a1:14:bb:e3:2f:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
        Validity
            Not Before: Mar 26 11:01:53 2026 GMT
            Not After : Mar 27 11:01:53 2026 GMT
        Subject: CN=1f314113cca9b00ad9f7a0597db48ef3d18d0d5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b1:3f:2d:c8:0b:29:c8:f1:3c:2b:d8:04:3f:
                    3c:d1:50:d7:14:af:16:d8:f5:a3:a2:4b:e2:3c:98:
                    e3:9d:59:02:40:ee:99:03:60:42:1f:9e:b2:0c:5d:
                    5e:be:3a:66:ec:16:01:7b:7e:f1:3c:58:b0:23:e3:
                    08:42:a3:65:0c:91:81:c0:a5:88:e8:0d:98:f3:ae:
                    1e:9a:3e:d8:51:ee:85:fc:1b:30:60:df:b5:ea:62:
                    d0:48:a1:64:40:91:99:60:6e:58:59:68:03:10:44:
                    bb:c9:cd:73:32:49:3a:d5:a8:74:28:54:68:25:3a:
                    4c:e4:8b:9d:4a:84:79:8b:26:7b:d8:fc:52:50:f0:
                    19:38:f9:3f:2e:4f:c4:d9:e1:0d:08:3d:50:a2:ab:
                    b0:9e:47:96:41:63:b3:68:8c:3c:c4:2d:73:80:c3:
                    0e:3e:7b:bd:7c:f9:fa:65:87:df:72:8c:70:df:88:
                    11:5e:dc:f3:a2:5e:70:47:86:4a:16:13:8c:91:95:
                    e9:76:40:89:36:a2:3a:c2:9c:6a:cc:b1:20:1e:50:
                    0f:56:dc:79:e8:e9:33:3e:5f:e0:06:88:1f:fa:d3:
                    4d:c1:42:52:32:20:b4:a7:55:e6:81:95:0c:97:cb:
                    c8:d3:3f:b8:b0:03:a1:9a:fa:19:12:45:5e:b2:44:
                    4e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:31:41:13:CC:A9:B0:0A:D9:F7:A0:59:7D:B4:8E:F3:D1:8D:0D:5F
            X509v3 Authority Key Identifier:
                keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d8:00:5f:00:e7:46:ec:f5:90:cd:d3:78:66:ea:18:17:58:25:
         4e:fc:92:ae:ad:df:7e:51:88:22:ca:73:ad:7a:bc:75:ea:e1:
         5f:52:8b:28:99:65:d4:f8:a0:18:08:e8:7c:20:20:b8:de:79:
         69:76:99:6c:d7:08:c8:79:57:be:ef:c3:71:bf:d8:40:12:a0:
         46:4a:3a:0c:85:b8:39:72:68:f7:57:22:66:05:8c:d2:10:e7:
         00:a7:1e:28:0f:db:b7:bb:c9:2f:ca:b0:d4:0a:f3:1e:c0:88:
         f2:87:40:6b:f8:ff:8c:11:fd:b4:57:85:22:b9:27:ad:1e:1f:
         df:12:e0:7e:81:40:68:2b:53:9a:09:32:c4:de:d4:70:e7:31:
         9e:e6:16:b6:c3:a3:e2:9b:c8:d4:b7:c4:c7:7b:95:2d:f4:16:
         fe:8e:69:9a:8c:51:42:22:72:52:b4:64:b2:b4:e1:8e:7a:c9:
         f7:59:93:ff:33:11:41:b8:f7:e7:32:10:e3:93:c2:8e:29:7d:
         18:45:96:ef:26:35:2e:1e:77:bf:2b:e4:8a:a4:51:7a:9e:2e:
         cb:81:f0:86:04:82:2a:c7:4a:32:78:de:c6:d6:d6:df:40:95:
         c9:3b:d7:96:56:66:6f:7f:6e:1a:f7:bc:47:ba:32:87:78:29:
         90:e4:9e:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pztP9gDerrPy6oRS74y/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjYwMzI2MTEwMTUzWhcNMjYwMzI3MTEwMTUzWjAzMTEwLwYDVQQD
EygxZjMxNDExM2NjYTliMDBhZDlmN2EwNTk3ZGI0OGVmM2QxOGQwZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7E/LcgLKcjxPCvYBD880VDXFK8W
2PWjokviPJjjnVkCQO6ZA2BCH56yDF1evjpm7BYBe37xPFiwI+MIQqNlDJGBwKWI
6A2Y864emj7YUe6F/BswYN+16mLQSKFkQJGZYG5YWWgDEES7yc1zMkk61ah0KFRo
JTpM5IudSoR5iyZ72PxSUPAZOPk/Lk/E2eENCD1QoquwnkeWQWOzaIw8xC1zgMMO
Pnu9fPn6ZYffcoxw34gRXtzzol5wR4ZKFhOMkZXpdkCJNqI6wpxqzLEgHlAPVtx5
6OkzPl/gBogf+tNNwUJSMiC0p1XmgZUMl8vI0z+4sAOhmvoZEkVeskROyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB8xQRPMqbAK2fegWX20jvPRjQ1fMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2ABfAOdG
7PWQzdN4ZuoYF1glTvySrq3fflGIIspzrXq8derhX1KLKJll1PigGAjofCAguN55
aXaZbNcIyHlXvu/Dcb/YQBKgRko6DIW4OXJo91ciZgWM0hDnAKceKA/bt7vJL8qw
1ArzHsCI8odAa/j/jBH9tFeFIrknrR4f3xLgfoFAaCtTmgkyxN7UcOcxnuYWtsOj
4pvI1LfEx3uVLfQW/o5pmoxRQiJyUrRksrThjnrJ91mT/zMRQbj35zIQ45PCjil9
GEWW7yY1Lh53vyvkiqRRep4uy4HwhgSCKsdKMnjextbW30CVyTvXllZmb39uGve8
R7oyh3gpkOSeWA==
-----END CERTIFICATE-----