Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft
File:                     8cgdjkJn0tRetlJQoqSCULX7Uls.mft (raw, json)
Hash identifier:          Y1sypiSR1PbbvVs4CrYRwEfookA4C3jGHs1fEfrDHqk=
Subject key identifier:   CD:C5:88:35:3F:82:E7:99:02:8C:B8:92:91:2C:7F:24:23:4B:38:22
Authority key identifier: F1:C8:1D:8E:42:67:D2:D4:5E:B6:52:50:A2:A4:82:50:B5:FB:52:5B
Certificate issuer:       /CN=f1c81d8e4267d2d45eb65250a2a48250b5fb525b
Certificate serial:       019D2704D7711A27EFF588BAFC7BFB8F6F5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8cgdjkJn0tRetlJQoqSCULX7Uls.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft
Manifest number:          0CAA
Signing time:             Wed 25 Mar 2026 22:02:01 +0000
Manifest this update:     Wed 25 Mar 2026 22:02:01 +0000
Manifest next update:     Thu 26 Mar 2026 22:02:01 +0000
Files and hashes:         1: 8cgdjkJn0tRetlJQoqSCULX7Uls.crl (hash: cEDPDzjVpHDxQjHhkTtnsHnJfzITa6UMto2+o5RcTzY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8cgdjkJn0tRetlJQoqSCULX7Uls.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:d7:71:1a:27:ef:f5:88:ba:fc:7b:fb:8f:6f:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1c81d8e4267d2d45eb65250a2a48250b5fb525b
        Validity
            Not Before: Mar 25 22:02:01 2026 GMT
            Not After : Mar 26 22:02:01 2026 GMT
        Subject: CN=cdc588353f82e799028cb892912c7f24234b3822
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:0a:26:ea:6c:c8:96:a7:45:d1:27:cc:06:2a:
                    fd:66:1f:26:f7:60:73:9f:c0:a4:c7:8c:94:e0:0d:
                    26:84:db:80:96:00:25:77:f7:9b:fe:d4:4c:2a:05:
                    5d:0f:76:dd:d6:81:a4:1d:b4:cd:41:b5:a7:da:1a:
                    a8:35:37:b4:2a:52:e7:1b:2e:e2:fa:ca:e3:5f:9c:
                    74:0e:75:c8:d4:b1:84:01:ef:5d:68:8e:e4:8e:69:
                    61:ee:2e:b7:1d:24:0a:d1:80:7b:ea:1a:e2:60:74:
                    fa:8b:77:ba:03:39:38:ce:e4:13:3f:23:c7:3b:a7:
                    0b:6c:80:7a:67:14:44:36:7b:5e:ed:6a:83:39:ae:
                    12:c0:35:4a:93:36:1d:7d:e0:85:ab:0d:6b:db:b3:
                    9d:ad:c3:f9:fd:ba:f6:de:82:0a:62:1e:e5:e5:59:
                    fe:bb:c5:36:e6:cd:b4:b1:4d:eb:6d:df:45:50:44:
                    87:8c:05:96:85:36:3e:cb:f2:87:d2:40:67:bc:88:
                    49:de:56:b5:26:df:46:70:38:2f:c9:68:1d:35:ad:
                    c8:cc:61:35:e7:fc:64:a2:55:ef:4f:fd:37:5b:be:
                    b4:67:87:92:77:96:0b:d0:03:17:35:e7:ca:92:ea:
                    f2:f5:4d:e8:c8:fc:65:5c:02:05:f7:22:6a:47:f6:
                    65:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:C5:88:35:3F:82:E7:99:02:8C:B8:92:91:2C:7F:24:23:4B:38:22
            X509v3 Authority Key Identifier:
                keyid:F1:C8:1D:8E:42:67:D2:D4:5E:B6:52:50:A2:A4:82:50:B5:FB:52:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8cgdjkJn0tRetlJQoqSCULX7Uls.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/ebab47-6091-4b14-8008-362bb5446085/1/8cgdjkJn0tRetlJQoqSCULX7Uls.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:98:bd:6b:4a:21:fd:3a:01:41:42:5c:8b:70:ac:39:e8:cc:
         5b:10:b5:df:80:8a:9d:fa:d3:b8:4c:c6:d8:50:c5:d0:5f:ac:
         aa:c6:df:1a:f7:64:d5:d9:e5:ff:7a:b0:8a:2e:08:73:b0:fb:
         1f:ba:08:4a:93:b0:b4:69:13:80:09:bd:98:38:b6:af:7e:f1:
         b2:e1:2d:5e:5f:a4:08:16:f1:32:49:67:bb:c1:2b:ea:80:8c:
         76:f2:d9:e8:fa:a5:f4:92:1c:2d:78:01:dd:57:1a:c8:c6:4d:
         69:db:de:1b:a0:c2:dc:73:a8:c0:2e:46:07:84:11:e2:b8:11:
         83:a6:20:02:5a:30:3d:a4:13:1c:7b:fa:74:2c:40:ca:4a:bb:
         ad:54:fb:a9:4c:d7:97:00:b0:7f:b5:c4:c9:4f:ad:b8:df:e1:
         62:53:8d:4c:9b:46:a5:d8:55:14:f5:b0:3d:da:2f:07:94:1f:
         3c:1a:06:13:aa:8e:c8:5c:d0:e8:b6:7a:08:f2:82:eb:84:4b:
         7a:df:3f:04:07:86:12:cf:10:23:56:3e:19:e8:af:3e:e1:d8:
         f0:99:0a:0a:5e:8c:42:e9:1d:b5:fc:84:59:b0:c6:e0:73:0b:
         54:94:6b:a0:b6:21:8a:b2:2a:96:87:b0:82:8b:2d:7c:e2:4c:
         c1:c0:01:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBNdxGifv9Yi6/Hv7j29dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYzgxZDhlNDI2N2QyZDQ1ZWI2NTI1MGEyYTQ4MjUwYjVm
YjUyNWIwHhcNMjYwMzI1MjIwMjAxWhcNMjYwMzI2MjIwMjAxWjAzMTEwLwYDVQQD
EyhjZGM1ODgzNTNmODJlNzk5MDI4Y2I4OTI5MTJjN2YyNDIzNGIzODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgom6mzIlqdF0SfMBir9Zh8m92Bz
n8Ckx4yU4A0mhNuAlgAld/eb/tRMKgVdD3bd1oGkHbTNQbWn2hqoNTe0KlLnGy7i
+srjX5x0DnXI1LGEAe9daI7kjmlh7i63HSQK0YB76hriYHT6i3e6Azk4zuQTPyPH
O6cLbIB6ZxRENnte7WqDOa4SwDVKkzYdfeCFqw1r27OdrcP5/br23oIKYh7l5Vn+
u8U25s20sU3rbd9FUESHjAWWhTY+y/KH0kBnvIhJ3la1Jt9GcDgvyWgdNa3IzGE1
5/xkolXvT/03W760Z4eSd5YL0AMXNefKkury9U3oyPxlXAIF9yJqR/ZlYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3FiDU/gueZAoy4kpEsfyQjSzgiMB8GA1UdIwQY
MBaAFPHIHY5CZ9LUXrZSUKKkglC1+1JbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGNnZGprSm4wdFJldGxKUW9xU0NVTFg3VWxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9lYmFiNDctNjA5MS00YjE0LTgwMDgt
MzYyYmI1NDQ2MDg1LzEvOGNnZGprSm4wdFJldGxKUW9xU0NVTFg3VWxzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9lYmFiNDctNjA5MS00YjE0LTgwMDgtMzYyYmI1NDQ2MDg1
LzEvOGNnZGprSm4wdFJldGxKUW9xU0NVTFg3VWxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACpi9a0oh
/ToBQUJci3CsOejMWxC134CKnfrTuEzG2FDF0F+sqsbfGvdk1dnl/3qwii4Ic7D7
H7oISpOwtGkTgAm9mDi2r37xsuEtXl+kCBbxMklnu8Er6oCMdvLZ6Pql9JIcLXgB
3VcayMZNadveG6DC3HOowC5GB4QR4rgRg6YgAlowPaQTHHv6dCxAykq7rVT7qUzX
lwCwf7XEyU+tuN/hYlONTJtGpdhVFPWwPdovB5QfPBoGE6qOyFzQ6LZ6CPKC64RL
et8/BAeGEs8QI1Y+GeivPuHY8JkKCl6MQukdtfyEWbDG4HMLVJRroLYhirIqloew
gostfOJMwcABdg==
-----END CERTIFICATE-----