Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
File:                     izHINiDus1ExJXtb-vqrOTRSyJE.mft (raw, json)
Hash identifier:          cPagAtCIEUEt0YgIR4vMSRm9ugQICZE0JuGqnwgH+Co=
Subject key identifier:   6D:1F:A0:CA:1A:FC:26:0A:84:21:71:5E:BB:9F:7F:C0:A7:23:D8:75
Authority key identifier: 8B:31:C8:36:20:EE:B3:51:31:25:7B:5B:FA:FA:AB:39:34:52:C8:91
Certificate issuer:       /CN=8b31c83620eeb35131257b5bfafaab393452c891
Certificate serial:       019D265ECED8C96AA3249F4E94FE4847B1FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
Manifest number:          1881
Signing time:             Wed 25 Mar 2026 19:00:40 +0000
Manifest this update:     Wed 25 Mar 2026 19:00:40 +0000
Manifest next update:     Thu 26 Mar 2026 19:00:40 +0000
Files and hashes:         1: izHINiDus1ExJXtb-vqrOTRSyJE.crl (hash: Q6dT5YGTX/LiHQqGS1cs84dZQaYW1XwXtPSYLqTWYRo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5e:ce:d8:c9:6a:a3:24:9f:4e:94:fe:48:47:b1:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b31c83620eeb35131257b5bfafaab393452c891
        Validity
            Not Before: Mar 25 19:00:40 2026 GMT
            Not After : Mar 26 19:00:40 2026 GMT
        Subject: CN=6d1fa0ca1afc260a8421715ebb9f7fc0a723d875
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:6f:b4:a5:21:c6:0d:c4:b3:30:65:d3:c8:62:
                    da:7a:c8:e6:dd:1f:d3:39:e6:8b:c7:4b:63:cb:3e:
                    f8:95:c0:e9:fc:6a:b1:df:13:81:62:61:7a:0a:5f:
                    6f:17:7c:87:18:b6:99:44:3c:12:da:c6:6b:7d:a2:
                    70:79:96:e1:60:6a:1a:74:30:b1:aa:30:c0:4f:b4:
                    76:10:26:a0:21:db:c7:40:3e:97:57:e6:90:3a:1a:
                    cc:89:2b:88:70:72:f3:5a:e0:65:5a:f6:9b:9e:b8:
                    9b:01:cf:47:9a:42:ec:59:7f:8d:dc:02:1d:9d:05:
                    ee:6e:b7:6b:34:79:3b:4c:90:ee:49:68:04:e0:f9:
                    12:c0:e9:9b:b8:96:ad:85:a2:06:7a:c0:4b:2a:a0:
                    88:7d:92:9d:1a:6b:63:19:91:9c:18:04:a9:80:a9:
                    04:e6:ed:d1:e7:3c:e6:d4:80:bd:6a:0a:3a:81:ae:
                    95:0c:c4:53:bd:4c:d2:e4:78:16:7e:19:72:68:18:
                    f9:73:2c:b4:1f:cf:32:79:f3:56:46:2b:45:b5:0e:
                    67:55:10:00:47:4c:37:3e:f6:e3:77:68:9b:19:eb:
                    f6:fe:ca:27:53:88:a8:00:7f:23:38:11:23:90:9a:
                    08:a6:1a:a1:b8:43:b7:3b:5d:69:8f:eb:81:c2:14:
                    e1:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:1F:A0:CA:1A:FC:26:0A:84:21:71:5E:BB:9F:7F:C0:A7:23:D8:75
            X509v3 Authority Key Identifier:
                keyid:8B:31:C8:36:20:EE:B3:51:31:25:7B:5B:FA:FA:AB:39:34:52:C8:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izHINiDus1ExJXtb-vqrOTRSyJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f74d38-965d-4a29-ad8a-f84674d46303/1/izHINiDus1ExJXtb-vqrOTRSyJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:4f:b9:9c:c9:d5:92:c0:e0:c4:4c:78:cc:4b:0e:e1:c9:3c:
         f8:44:29:b8:e0:f9:c8:ab:b7:30:df:fc:3e:ec:5e:93:46:14:
         36:22:c1:31:2f:c9:d0:57:c5:72:23:57:49:a7:f8:70:c1:20:
         e0:24:8a:e8:60:be:5e:90:71:c2:b4:fa:0d:9f:18:dd:f6:93:
         56:8c:c7:a2:60:d3:d0:ab:98:ba:e0:48:a1:7a:a8:c1:7e:48:
         83:0c:45:16:15:a9:a2:91:24:1f:25:2a:0a:0b:67:cc:53:2b:
         65:1e:0a:bb:de:d0:15:4a:6c:30:8c:c9:dc:ec:7d:97:9f:a4:
         df:e4:74:b1:12:69:a8:dd:f0:fe:7a:08:42:6f:9e:1b:5c:fe:
         5d:9d:c7:bb:99:e3:0a:d2:68:35:52:36:31:9f:40:b6:0e:74:
         06:aa:ca:82:88:29:97:04:30:fa:70:53:ff:1c:ef:53:84:08:
         32:0f:f2:7e:31:7f:17:81:e9:84:79:66:9f:ba:e7:80:32:22:
         b4:39:fb:b6:45:2e:ae:7b:36:4e:72:e6:cb:23:76:be:3d:10:
         fc:b5:82:79:49:1a:b6:a7:9a:f6:c0:11:70:6e:d2:b0:ff:92:
         98:18:a0:0f:c5:35:c3:0e:c0:09:0c:21:f5:ef:0f:ee:1d:9e:
         4f:60:14:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXs7YyWqjJJ9OlP5IR7H/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzFjODM2MjBlZWIzNTEzMTI1N2I1YmZhZmFhYjM5MzQ1
MmM4OTEwHhcNMjYwMzI1MTkwMDQwWhcNMjYwMzI2MTkwMDQwWjAzMTEwLwYDVQQD
Eyg2ZDFmYTBjYTFhZmMyNjBhODQyMTcxNWViYjlmN2ZjMGE3MjNkODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42+0pSHGDcSzMGXTyGLaesjm3R/T
OeaLx0tjyz74lcDp/Gqx3xOBYmF6Cl9vF3yHGLaZRDwS2sZrfaJweZbhYGoadDCx
qjDAT7R2ECagIdvHQD6XV+aQOhrMiSuIcHLzWuBlWvabnribAc9HmkLsWX+N3AId
nQXubrdrNHk7TJDuSWgE4PkSwOmbuJathaIGesBLKqCIfZKdGmtjGZGcGASpgKkE
5u3R5zzm1IC9ago6ga6VDMRTvUzS5HgWfhlyaBj5cyy0H88yefNWRitFtQ5nVRAA
R0w3Pvbjd2ibGev2/sonU4ioAH8jOBEjkJoIphqhuEO3O11pj+uBwhThTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0foMoa/CYKhCFxXruff8CnI9h1MB8GA1UdIwQY
MBaAFIsxyDYg7rNRMSV7W/r6qzk0UsiRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mNzRkMzgtOTY1ZC00YTI5LWFkOGEt
Zjg0Njc0ZDQ2MzAzLzEvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mNzRkMzgtOTY1ZC00YTI5LWFkOGEtZjg0Njc0ZDQ2MzAz
LzEvaXpISU5pRHVzMUV4Slh0Yi12cXJPVFJTeUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVk+5nMnV
ksDgxEx4zEsO4ck8+EQpuOD5yKu3MN/8Puxek0YUNiLBMS/J0FfFciNXSaf4cMEg
4CSK6GC+XpBxwrT6DZ8Y3faTVozHomDT0KuYuuBIoXqowX5IgwxFFhWpopEkHyUq
CgtnzFMrZR4Ku97QFUpsMIzJ3Ox9l5+k3+R0sRJpqN3w/noIQm+eG1z+XZ3Hu5nj
CtJoNVI2MZ9Atg50BqrKgogplwQw+nBT/xzvU4QIMg/yfjF/F4HphHlmn7rngDIi
tDn7tkUurns2TnLmyyN2vj0Q/LWCeUkatqea9sARcG7SsP+SmBigD8U1ww7ACQwh
9e8P7h2eT2AUZQ==
-----END CERTIFICATE-----