Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft
File:                     PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft (raw, json)
Hash identifier:          deNAHtIrv0JZnRjDMqDi89fecAprmAXy+DZQDMh0iFM=
Subject key identifier:   FB:4C:E5:96:E2:D8:9F:E8:9D:94:3D:06:AC:09:02:6B:30:5C:11:A6
Authority key identifier: 3D:3D:69:AB:62:C8:D8:82:5F:2B:A4:B4:83:D0:E3:93:E2:53:4E:EF
Certificate issuer:       /CN=3d3d69ab62c8d8825f2ba4b483d0e393e2534eef
Certificate serial:       019D2AE0F6DD8AF904CBC4432927F3F286EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft
Manifest number:          1676
Signing time:             Thu 26 Mar 2026 16:01:19 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:19 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:19 +0000
Files and hashes:         1: PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl (hash: g/FzojAKNKxwHoEZvpF1b5x5FV40Kj+FRSpNdgacS4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:f6:dd:8a:f9:04:cb:c4:43:29:27:f3:f2:86:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d3d69ab62c8d8825f2ba4b483d0e393e2534eef
        Validity
            Not Before: Mar 26 16:01:19 2026 GMT
            Not After : Mar 27 16:01:19 2026 GMT
        Subject: CN=fb4ce596e2d89fe89d943d06ac09026b305c11a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:7b:e7:ff:b6:bb:b8:d5:ba:a1:d2:c9:88:12:
                    9d:af:1a:f7:c1:c1:8e:5c:77:da:82:c6:30:09:69:
                    56:54:93:ad:ac:b4:60:f2:b2:d7:2e:7a:b0:9e:71:
                    ca:99:4f:b2:85:cb:94:47:fa:6f:22:7a:0e:d4:24:
                    82:23:27:e6:a2:ec:e2:03:2b:b7:92:88:9b:ee:08:
                    35:4f:16:6c:b0:5c:4c:b6:02:1d:6e:64:6e:bf:df:
                    a3:06:73:6b:04:60:d5:69:f5:8a:58:b2:5c:ac:8e:
                    b2:c9:d6:ab:c6:b9:00:a0:f2:ce:9f:24:b1:a2:39:
                    80:e3:3c:95:ab:77:7a:7a:16:eb:62:cd:8d:e9:4f:
                    be:bb:ab:8b:b3:a3:34:bf:78:d6:6b:6d:8a:94:9a:
                    75:ad:d0:f7:85:6a:65:a4:c5:14:15:22:14:90:68:
                    19:99:40:94:54:db:e7:8f:8e:58:c1:2c:4d:b7:14:
                    b4:11:24:4b:8f:61:96:61:06:84:e0:be:35:6f:1b:
                    05:bb:49:d3:62:2a:ae:c1:bc:a2:69:11:08:34:cb:
                    08:32:69:f2:fd:c4:18:3e:76:06:6e:8b:32:84:ff:
                    dc:3e:34:ec:9d:94:b8:6c:29:e4:77:20:34:6d:5c:
                    f7:0e:28:73:18:d8:cf:ad:c5:26:73:d7:76:8a:c8:
                    f7:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:4C:E5:96:E2:D8:9F:E8:9D:94:3D:06:AC:09:02:6B:30:5C:11:A6
            X509v3 Authority Key Identifier:
                keyid:3D:3D:69:AB:62:C8:D8:82:5F:2B:A4:B4:83:D0:E3:93:E2:53:4E:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PT1pq2LI2IJfK6S0g9Djk-JTTu8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d1205b-072f-46c1-8170-0705bccd1f2a/1/PT1pq2LI2IJfK6S0g9Djk-JTTu8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:2e:a1:3d:31:32:98:c2:ac:b4:75:5d:bc:34:05:32:62:29:
         96:f2:92:2d:7f:55:ba:4b:75:8e:1a:08:26:03:09:f6:25:9c:
         9f:0f:cc:69:0f:5b:b9:f8:19:af:b0:a8:4e:c8:44:cc:47:59:
         f1:23:14:1e:37:97:5d:8f:76:2b:7b:07:78:d4:a9:1b:0b:78:
         38:84:1a:ff:ea:82:11:45:48:01:aa:45:d7:36:1c:87:9b:8b:
         97:3c:f1:5c:02:3a:72:90:e9:2f:ee:00:31:da:d8:cf:ab:74:
         51:e0:cd:9b:91:78:dc:e2:02:dd:31:78:bf:7f:e6:47:8c:00:
         1c:d4:a7:f4:ce:c8:50:f5:1d:4a:63:0f:f2:dc:b3:88:ce:00:
         52:76:05:09:34:d3:c4:fe:cc:ee:78:ca:4f:4f:ce:da:72:f6:
         f9:5a:e5:b5:ff:02:cc:51:ef:b9:3b:35:0b:cd:5b:16:89:a6:
         27:84:93:7c:1c:3b:ef:83:dd:05:a8:04:73:80:78:25:c7:6e:
         55:08:71:16:ca:53:21:00:0d:87:d0:f4:92:db:c6:62:10:09:
         79:13:db:45:03:2b:63:9d:fd:6e:13:fe:80:8d:f5:6b:c2:68:
         e5:c4:66:3e:81:d8:81:e0:cb:62:0a:4a:b7:e3:59:61:92:f7:
         f3:31:10:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4PbdivkEy8RDKSfz8obrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkM2Q2OWFiNjJjOGQ4ODI1ZjJiYTRiNDgzZDBlMzkzZTI1
MzRlZWYwHhcNMjYwMzI2MTYwMTE5WhcNMjYwMzI3MTYwMTE5WjAzMTEwLwYDVQQD
EyhmYjRjZTU5NmUyZDg5ZmU4OWQ5NDNkMDZhYzA5MDI2YjMwNWMxMWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnvn/7a7uNW6odLJiBKdrxr3wcGO
XHfagsYwCWlWVJOtrLRg8rLXLnqwnnHKmU+yhcuUR/pvInoO1CSCIyfmouziAyu3
koib7gg1TxZssFxMtgIdbmRuv9+jBnNrBGDVafWKWLJcrI6yydarxrkAoPLOnySx
ojmA4zyVq3d6ehbrYs2N6U++u6uLs6M0v3jWa22KlJp1rdD3hWplpMUUFSIUkGgZ
mUCUVNvnj45YwSxNtxS0ESRLj2GWYQaE4L41bxsFu0nTYiquwbyiaREINMsIMmny
/cQYPnYGbosyhP/cPjTsnZS4bCnkdyA0bVz3DihzGNjPrcUmc9d2isj3iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtM5Zbi2J/onZQ9BqwJAmswXBGmMB8GA1UdIwQY
MBaAFD09aatiyNiCXyuktIPQ45PiU07vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kMTIwNWItMDcyZi00NmMxLTgxNzAt
MDcwNWJjY2QxZjJhLzEvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kMTIwNWItMDcyZi00NmMxLTgxNzAtMDcwNWJjY2QxZjJh
LzEvUFQxcHEyTEkySUpmSzZTMGc5RGprLUpUVHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABy6hPTEy
mMKstHVdvDQFMmIplvKSLX9Vukt1jhoIJgMJ9iWcnw/MaQ9bufgZr7CoTshEzEdZ
8SMUHjeXXY92K3sHeNSpGwt4OIQa/+qCEUVIAapF1zYch5uLlzzxXAI6cpDpL+4A
MdrYz6t0UeDNm5F43OIC3TF4v3/mR4wAHNSn9M7IUPUdSmMP8tyziM4AUnYFCTTT
xP7M7njKT0/O2nL2+Vrltf8CzFHvuTs1C81bFommJ4STfBw774PdBagEc4B4Jcdu
VQhxFspTIQANh9D0ktvGYhAJeRPbRQMrY539bhP+gI31a8Jo5cRmPoHYgeDLYgpK
t+NZYZL38zEQxg==
-----END CERTIFICATE-----