Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
File:                     A1mTnOHGqpvru2WA4VbuvYcd87I.mft (raw, json)
Hash identifier:          cPNtjvPMJofgOTS3aad4fTlH/yB09xc4aq5uBZvOuQw=
Subject key identifier:   C2:7D:18:8E:3C:68:EC:3F:40:9D:CE:BF:53:A1:04:25:67:13:78:6B
Authority key identifier: 03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2
Certificate issuer:       /CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
Certificate serial:       019D2772E95EC1CA46CEBDBF36B01DA94BE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
Manifest number:          06DD
Signing time:             Thu 26 Mar 2026 00:02:15 +0000
Manifest this update:     Thu 26 Mar 2026 00:02:15 +0000
Manifest next update:     Fri 27 Mar 2026 00:02:15 +0000
Files and hashes:         1: A1mTnOHGqpvru2WA4VbuvYcd87I.crl (hash: W20y67nboRS3NpU4kYcz/nUNQhe10BC3aovBp8NNDpU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:e9:5e:c1:ca:46:ce:bd:bf:36:b0:1d:a9:4b:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
        Validity
            Not Before: Mar 26 00:02:15 2026 GMT
            Not After : Mar 27 00:02:15 2026 GMT
        Subject: CN=c27d188e3c68ec3f409dcebf53a104256713786b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:44:a0:aa:e3:0c:2d:31:d2:e6:0f:be:69:b6:
                    a1:6e:ff:f3:c6:4b:01:47:e2:c2:48:a2:d3:aa:d6:
                    ac:87:fe:92:49:ef:58:7a:0d:f7:59:dd:3f:dd:bf:
                    12:24:b5:59:3b:7c:cf:14:1d:34:3d:4c:12:38:94:
                    4c:38:e4:8c:13:b5:70:42:c3:f5:78:97:81:6a:30:
                    a8:cc:8f:b9:24:1a:d7:6e:3b:0e:00:7c:e8:b0:16:
                    8a:27:e6:f7:b6:37:7a:7f:83:07:bb:39:59:55:bb:
                    8b:5f:b6:4a:60:12:92:f5:21:19:13:e4:6f:37:3a:
                    6d:4b:6c:4d:55:ae:0d:14:aa:e4:92:ff:81:4a:cc:
                    bc:a4:88:71:3b:31:c6:01:e8:3d:4c:4a:13:f0:0d:
                    5f:b4:ae:24:c4:b0:f7:34:95:f7:31:09:86:4b:fb:
                    b9:af:ed:c6:c6:d2:bc:50:10:8c:48:da:e6:5e:d8:
                    5c:af:a0:14:6c:8a:c0:68:cf:4f:80:1c:28:7e:63:
                    a2:42:d2:da:44:7e:7b:e7:0a:b8:a5:f9:b3:e0:d9:
                    ad:2f:4b:92:96:67:b7:5e:ec:45:7f:57:ab:5d:2a:
                    ab:24:b5:c3:5f:10:c7:2a:4a:58:84:21:7d:4e:b6:
                    54:ab:2c:2c:2a:53:98:71:0a:02:ef:db:ac:35:ce:
                    3b:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:7D:18:8E:3C:68:EC:3F:40:9D:CE:BF:53:A1:04:25:67:13:78:6B
            X509v3 Authority Key Identifier:
                keyid:03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:eb:57:27:06:87:ca:6d:09:a9:70:08:e6:af:fe:34:db:b9:
         63:b3:79:4b:a3:29:a1:0b:38:dd:1d:d0:62:d5:ef:9c:e3:74:
         db:58:c9:76:0e:4f:8b:91:37:83:a0:29:36:ab:a5:1d:d7:7e:
         73:b8:b7:82:bf:bf:6c:72:17:39:ab:a3:52:d8:50:a9:93:18:
         b1:8d:c9:9b:a1:1a:51:a3:30:13:dd:2f:96:c6:2a:0c:7a:f9:
         25:b4:b2:34:2d:72:f8:65:17:ff:7b:a4:85:ba:ac:da:b4:7d:
         86:68:13:c9:a8:ad:c4:b5:eb:b5:e2:8f:94:20:02:d8:77:47:
         30:93:55:99:96:4d:1a:5f:9a:ad:e8:c9:bb:1a:bc:07:15:44:
         1b:2b:5c:bc:9c:ae:9a:05:dd:5b:41:06:ea:40:57:f6:61:33:
         e0:31:ef:7c:2b:30:f7:37:b2:53:f5:2f:ab:ff:fc:da:f1:4d:
         f3:82:c0:37:84:d9:1a:25:cb:a7:de:3c:8c:21:88:bc:7a:8b:
         5d:f0:1a:dc:75:c3:ab:6d:d2:79:f5:ba:ab:20:ba:54:5d:5f:
         18:90:26:c8:3c:0c:32:e3:de:03:7d:45:36:ef:d2:27:5b:07:
         b3:e2:c3:0b:ef:c4:bb:fb:2b:73:97:f0:7f:28:44:7f:73:8a:
         2d:f0:94:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nculewcpGzr2/NrAdqUvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTk5MzljZTFjNmFhOWJlYmJiNjU4MGUxNTZlZWJkODcx
ZGYzYjIwHhcNMjYwMzI2MDAwMjE1WhcNMjYwMzI3MDAwMjE1WjAzMTEwLwYDVQQD
EyhjMjdkMTg4ZTNjNjhlYzNmNDA5ZGNlYmY1M2ExMDQyNTY3MTM3ODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ESgquMMLTHS5g++abahbv/zxksB
R+LCSKLTqtash/6SSe9Yeg33Wd0/3b8SJLVZO3zPFB00PUwSOJRMOOSME7VwQsP1
eJeBajCozI+5JBrXbjsOAHzosBaKJ+b3tjd6f4MHuzlZVbuLX7ZKYBKS9SEZE+Rv
NzptS2xNVa4NFKrkkv+BSsy8pIhxOzHGAeg9TEoT8A1ftK4kxLD3NJX3MQmGS/u5
r+3GxtK8UBCMSNrmXthcr6AUbIrAaM9PgBwofmOiQtLaRH575wq4pfmz4NmtL0uS
lme3XuxFf1erXSqrJLXDXxDHKkpYhCF9TrZUqywsKlOYcQoC79usNc47RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJ9GI48aOw/QJ3Ov1OhBCVnE3hrMB8GA1UdIwQY
MBaAFANZk5zhxqqb67tlgOFW7r2HHfOyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAt
YTk2MmMyYjdiMTUzLzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAtYTk2MmMyYjdiMTUz
LzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi+tXJwaH
ym0JqXAI5q/+NNu5Y7N5S6MpoQs43R3QYtXvnON021jJdg5Pi5E3g6ApNqulHdd+
c7i3gr+/bHIXOaujUthQqZMYsY3Jm6EaUaMwE90vlsYqDHr5JbSyNC1y+GUX/3uk
hbqs2rR9hmgTyaitxLXrteKPlCAC2HdHMJNVmZZNGl+arejJuxq8BxVEGytcvJyu
mgXdW0EG6kBX9mEz4DHvfCsw9zeyU/Uvq//82vFN84LAN4TZGiXLp948jCGIvHqL
XfAa3HXDq23SefW6qyC6VF1fGJAmyDwMMuPeA31FNu/SJ1sHs+LDC+/Eu/src5fw
fyhEf3OKLfCUCQ==
-----END CERTIFICATE-----