Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
File:                     ICNzDgbEv7_6ypBeUxJldCwXirQ.mft (raw, json)
Hash identifier:          VBnmGCfWHDBMeVRasn09z38/uz/Y04AW/4zZzqBRmTE=
Subject key identifier:   5A:EE:47:8B:52:BD:5B:9A:83:09:83:AA:C0:97:FE:C1:52:61:66:B8
Authority key identifier: 20:23:73:0E:06:C4:BF:BF:FA:CA:90:5E:53:12:65:74:2C:17:8A:B4
Certificate issuer:       /CN=2023730e06c4bfbffaca905e531265742c178ab4
Certificate serial:       019D2704AFE6AB09716CBDB3F80296441056
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
Manifest number:          125A
Signing time:             Wed 25 Mar 2026 22:01:51 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:51 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:51 +0000
Files and hashes:         1: ICNzDgbEv7_6ypBeUxJldCwXirQ.crl (hash: +p8YIsLI+gBHzZuKlBgYr9REcB+/4iNN9rzBc76lcTE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:af:e6:ab:09:71:6c:bd:b3:f8:02:96:44:10:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2023730e06c4bfbffaca905e531265742c178ab4
        Validity
            Not Before: Mar 25 22:01:51 2026 GMT
            Not After : Mar 26 22:01:51 2026 GMT
        Subject: CN=5aee478b52bd5b9a830983aac097fec1526166b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:a5:ec:e2:98:82:4b:13:fd:f0:09:26:88:15:
                    c2:fc:82:73:90:99:b0:89:48:89:28:bc:aa:22:af:
                    8a:66:61:2f:df:ec:ce:38:c1:cc:8a:f4:75:b2:de:
                    d0:19:47:7d:52:e3:b3:b2:65:c9:67:09:c1:a1:19:
                    df:3e:b0:3f:33:94:98:72:e5:d9:2a:0e:13:5f:a1:
                    94:ac:d9:87:4d:d6:95:99:99:a0:38:e1:71:76:88:
                    83:c9:1d:f3:10:84:18:fb:1d:ac:0f:e2:9a:7b:08:
                    f7:27:5b:72:63:47:4a:84:78:60:95:13:df:d0:25:
                    c6:5c:3f:38:ea:a4:f2:86:dc:95:e1:09:b9:44:ce:
                    cd:73:00:b6:89:7f:b0:be:02:8a:d2:ca:71:10:dc:
                    c5:d6:b2:1f:9e:2a:60:f5:3f:50:e4:ef:93:0b:20:
                    82:dd:9a:37:bb:06:51:07:59:1f:fd:ef:d2:02:2a:
                    f9:f1:7c:1d:72:e8:b5:05:30:f0:cf:b3:2a:53:a0:
                    07:cc:d8:7b:4b:91:2e:f9:31:d5:ca:62:58:0d:bf:
                    98:61:99:c1:d7:05:b5:21:41:da:b6:04:d4:70:e3:
                    48:79:d2:3a:13:9f:7c:5d:aa:c5:1d:42:a9:30:3f:
                    9a:fe:4a:f7:b7:c0:19:21:f5:be:63:bb:b7:a8:14:
                    0e:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:EE:47:8B:52:BD:5B:9A:83:09:83:AA:C0:97:FE:C1:52:61:66:B8
            X509v3 Authority Key Identifier:
                keyid:20:23:73:0E:06:C4:BF:BF:FA:CA:90:5E:53:12:65:74:2C:17:8A:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:15:1a:03:9e:08:95:9a:65:a2:35:ad:5f:d8:63:fd:ef:70:
         82:e1:7d:92:e8:b3:2b:d8:7c:89:69:60:20:3b:c6:51:ed:d0:
         95:49:ac:d1:5a:dc:23:ee:ac:73:79:1f:f1:ed:71:0b:5c:bd:
         bf:19:3f:0b:17:8f:c5:4f:a1:a4:d5:c0:cc:76:50:a6:92:14:
         5a:67:5c:c2:9b:78:25:79:d0:ba:f4:df:32:37:10:d2:1d:98:
         4a:bb:08:a5:32:c9:9d:b7:1b:e6:b8:b1:e8:1f:0c:92:3a:7a:
         16:fe:d1:d6:2c:72:ed:a0:5e:14:42:d8:f0:ac:8e:11:1f:b1:
         cd:00:65:07:e6:e0:ee:32:47:3f:b8:b7:bc:81:21:6f:12:27:
         82:99:f7:cb:dc:d9:11:b8:fc:9e:92:f1:de:6e:4b:fe:15:f0:
         a3:83:f4:46:d2:13:27:35:36:2c:a4:0f:f5:03:af:8a:5d:d2:
         57:9c:af:5d:ee:8d:1e:8c:cb:a0:84:ef:f2:b8:64:df:29:b7:
         86:a1:bf:dd:33:5c:24:d1:f2:e2:77:8b:54:12:0b:c8:84:25:
         48:fc:3b:79:b7:5b:c3:c0:90:00:71:2f:a2:57:ff:74:4f:93:
         93:ed:9f:fa:c7:8e:25:18:39:07:45:92:8c:cd:0f:f4:06:b1:
         6e:cc:ea:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBK/mqwlxbL2z+AKWRBBWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjM3MzBlMDZjNGJmYmZmYWNhOTA1ZTUzMTI2NTc0MmMx
NzhhYjQwHhcNMjYwMzI1MjIwMTUxWhcNMjYwMzI2MjIwMTUxWjAzMTEwLwYDVQQD
Eyg1YWVlNDc4YjUyYmQ1YjlhODMwOTgzYWFjMDk3ZmVjMTUyNjE2NmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qXs4piCSxP98AkmiBXC/IJzkJmw
iUiJKLyqIq+KZmEv3+zOOMHMivR1st7QGUd9UuOzsmXJZwnBoRnfPrA/M5SYcuXZ
Kg4TX6GUrNmHTdaVmZmgOOFxdoiDyR3zEIQY+x2sD+Kaewj3J1tyY0dKhHhglRPf
0CXGXD846qTyhtyV4Qm5RM7NcwC2iX+wvgKK0spxENzF1rIfnipg9T9Q5O+TCyCC
3Zo3uwZRB1kf/e/SAir58Xwdcui1BTDwz7MqU6AHzNh7S5Eu+THVymJYDb+YYZnB
1wW1IUHatgTUcONIedI6E598XarFHUKpMD+a/kr3t8AZIfW+Y7u3qBQO6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFruR4tSvVuagwmDqsCX/sFSYWa4MB8GA1UdIwQY
MBaAFCAjcw4GxL+/+sqQXlMSZXQsF4q0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80NWQ3YzEtYzRmMC00ODM1LWI0NjYt
YjAzMzViYTNlMGMyLzEvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80NWQ3YzEtYzRmMC00ODM1LWI0NjYtYjAzMzViYTNlMGMy
LzEvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKhUaA54I
lZplojWtX9hj/e9wguF9kuizK9h8iWlgIDvGUe3QlUms0VrcI+6sc3kf8e1xC1y9
vxk/CxePxU+hpNXAzHZQppIUWmdcwpt4JXnQuvTfMjcQ0h2YSrsIpTLJnbcb5rix
6B8Mkjp6Fv7R1ixy7aBeFELY8KyOER+xzQBlB+bg7jJHP7i3vIEhbxIngpn3y9zZ
Ebj8npLx3m5L/hXwo4P0RtITJzU2LKQP9QOvil3SV5yvXe6NHozLoITv8rhk3ym3
hqG/3TNcJNHy4neLVBILyIQlSPw7ebdbw8CQAHEvolf/dE+Tk+2f+seOJRg5B0WS
jM0P9AaxbszqAA==
-----END CERTIFICATE-----