Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
File:                     FhQcZCnqr_caNR-yVz32A7uV8nA.mft (raw, json)
Hash identifier:          xKm9Vd6jZqLPtgyEcQvsZX5Z3qsEF4yOVgMCMhE+r0o=
Subject key identifier:   29:DD:8B:50:8C:46:91:51:E7:03:72:CF:C3:E4:71:FD:A2:C1:22:8A
Authority key identifier: 16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70
Certificate issuer:       /CN=16141c6429eaaff71a351fb2573df603bb95f270
Certificate serial:       019D2703C3B728D9D20D697B782C5623DD78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
Manifest number:          033A
Signing time:             Wed 25 Mar 2026 22:00:51 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:51 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:51 +0000
Files and hashes:         1: FhQcZCnqr_caNR-yVz32A7uV8nA.crl (hash: I65BraMU7q4OI3+RXYstM7uYwULIMhp6BfXc3P8jpKo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:c3:b7:28:d9:d2:0d:69:7b:78:2c:56:23:dd:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16141c6429eaaff71a351fb2573df603bb95f270
        Validity
            Not Before: Mar 25 22:00:51 2026 GMT
            Not After : Mar 26 22:00:51 2026 GMT
        Subject: CN=29dd8b508c469151e70372cfc3e471fda2c1228a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:2f:a2:fd:33:39:75:5c:e4:6e:75:69:0c:0a:
                    4c:07:ff:1d:d0:fc:a4:4f:9b:f9:4b:6a:4c:28:c6:
                    86:8a:71:51:c0:bb:95:2e:33:8b:52:4c:27:fe:d0:
                    f6:e3:ca:ba:a2:28:11:ff:5a:a7:04:a4:ef:d5:cd:
                    8a:9c:c4:8a:55:64:3c:ae:93:86:73:03:1d:97:32:
                    b9:07:4c:3a:85:93:64:f2:f2:6a:3b:da:b6:6f:5d:
                    6e:ed:0e:0f:25:90:8e:bd:a1:39:71:cf:9c:ab:1f:
                    fa:ef:d8:8a:50:6f:f0:e0:c7:f2:72:67:75:4b:53:
                    86:93:54:6c:18:53:c4:33:6e:d2:72:f0:29:f4:96:
                    de:36:62:51:d0:52:1b:48:c1:1b:ba:13:d0:33:47:
                    57:3e:28:93:34:47:04:1e:7b:19:ed:fc:67:38:9d:
                    19:e9:df:03:fa:7c:34:42:2a:22:12:cb:c5:21:53:
                    26:29:e4:10:75:8a:ee:58:b0:bb:a6:3b:77:ff:83:
                    6f:87:58:e2:2f:e1:fd:e9:2a:52:9a:3a:78:52:ef:
                    15:c1:69:99:41:68:99:e5:c6:e5:9e:81:0d:5c:f6:
                    00:f3:7a:17:89:ff:32:23:2f:ea:94:b3:c0:94:1e:
                    5f:67:d1:20:03:2d:83:c6:84:07:42:01:7c:40:f0:
                    8a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:DD:8B:50:8C:46:91:51:E7:03:72:CF:C3:E4:71:FD:A2:C1:22:8A
            X509v3 Authority Key Identifier:
                keyid:16:14:1C:64:29:EA:AF:F7:1A:35:1F:B2:57:3D:F6:03:BB:95:F2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FhQcZCnqr_caNR-yVz32A7uV8nA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/63d28b-d152-44cd-b504-5d8fce0a0bb2/1/FhQcZCnqr_caNR-yVz32A7uV8nA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:a0:78:85:fb:77:b2:7b:df:57:d2:52:e9:31:cf:78:1c:95:
         f9:af:70:2f:b7:3c:98:ed:17:da:d1:ad:a0:55:5a:2b:bd:ed:
         da:3d:ef:08:91:40:72:2c:0f:49:ba:3f:17:64:65:83:72:82:
         72:2b:a0:33:78:65:9b:41:6e:5d:4c:61:64:44:44:18:53:37:
         68:41:a5:f7:3f:d3:fd:31:9f:51:15:ab:66:73:35:84:09:a3:
         30:95:20:ce:f1:ac:66:2e:b6:1b:f4:0a:4a:d0:88:29:65:3d:
         7d:94:f6:a4:75:77:d6:b5:ae:40:74:ef:71:c4:c6:09:f1:a5:
         66:47:c3:d6:aa:73:8c:ed:62:85:d0:62:09:51:cd:d0:3c:b1:
         a8:06:7b:0d:a5:38:05:fe:6c:78:8e:b7:28:3a:bd:94:4c:a1:
         45:c3:9f:f1:c1:4a:2e:4f:a2:0e:fc:81:42:a4:a6:7b:95:2f:
         d1:a5:a9:4d:fa:c3:e9:6f:ac:20:07:d2:6d:91:a9:8d:e8:6d:
         c3:5c:ce:4b:c3:8b:23:dd:8d:fb:69:52:e0:5a:a8:5d:78:fb:
         cc:30:0f:39:07:6f:67:e8:c7:af:b9:43:f6:41:98:c5:40:05:
         a9:ae:c3:d4:df:76:72:08:b8:ab:2d:37:1d:00:69:6f:cd:25:
         96:38:7d:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA8O3KNnSDWl7eCxWI914MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MTQxYzY0MjllYWFmZjcxYTM1MWZiMjU3M2RmNjAzYmI5
NWYyNzAwHhcNMjYwMzI1MjIwMDUxWhcNMjYwMzI2MjIwMDUxWjAzMTEwLwYDVQQD
EygyOWRkOGI1MDhjNDY5MTUxZTcwMzcyY2ZjM2U0NzFmZGEyYzEyMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoi+i/TM5dVzkbnVpDApMB/8d0Pyk
T5v5S2pMKMaGinFRwLuVLjOLUkwn/tD248q6oigR/1qnBKTv1c2KnMSKVWQ8rpOG
cwMdlzK5B0w6hZNk8vJqO9q2b11u7Q4PJZCOvaE5cc+cqx/679iKUG/w4Mfycmd1
S1OGk1RsGFPEM27ScvAp9JbeNmJR0FIbSMEbuhPQM0dXPiiTNEcEHnsZ7fxnOJ0Z
6d8D+nw0QioiEsvFIVMmKeQQdYruWLC7pjt3/4Nvh1jiL+H96SpSmjp4Uu8VwWmZ
QWiZ5cblnoENXPYA83oXif8yIy/qlLPAlB5fZ9EgAy2DxoQHQgF8QPCKFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCndi1CMRpFR5wNyz8Pkcf2iwSKKMB8GA1UdIwQY
MBaAFBYUHGQp6q/3GjUfslc99gO7lfJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQt
NWQ4ZmNlMGEwYmIyLzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82M2QyOGItZDE1Mi00NGNkLWI1MDQtNWQ4ZmNlMGEwYmIy
LzEvRmhRY1pDbnFyX2NhTlIteVZ6MzJBN3VWOG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaaB4hft3
snvfV9JS6THPeByV+a9wL7c8mO0X2tGtoFVaK73t2j3vCJFAciwPSbo/F2Rlg3KC
ciugM3hlm0FuXUxhZEREGFM3aEGl9z/T/TGfURWrZnM1hAmjMJUgzvGsZi62G/QK
StCIKWU9fZT2pHV31rWuQHTvccTGCfGlZkfD1qpzjO1ihdBiCVHN0DyxqAZ7DaU4
Bf5seI63KDq9lEyhRcOf8cFKLk+iDvyBQqSme5Uv0aWpTfrD6W+sIAfSbZGpjeht
w1zOS8OLI92N+2lS4FqoXXj7zDAPOQdvZ+jHr7lD9kGYxUAFqa7D1N92cgi4qy03
HQBpb80lljh9Hg==
-----END CERTIFICATE-----