Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          keXI/mklhDIODaMdfcO+rf18dP0FkSOshrSclSYv8kw=
Subject key identifier:   02:68:0C:98:07:61:1D:1A:13:E7:33:D4:C3:F6:EC:C8:12:2E:81:1D
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       019D2704019EFB194DA509ED346FA456E5B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          1884
Signing time:             Wed 25 Mar 2026 22:01:07 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:07 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:07 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: aNiwA7jNjFxrE21mjw3xH76WNGDEV7AoKhpqmvausBE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:01:9e:fb:19:4d:a5:09:ed:34:6f:a4:56:e5:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: Mar 25 22:01:07 2026 GMT
            Not After : Mar 26 22:01:07 2026 GMT
        Subject: CN=02680c9807611d1a13e733d4c3f6ecc8122e811d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:3e:44:c9:f3:2f:4e:eb:c3:5b:ed:61:4e:11:
                    6a:82:c8:70:fe:54:ee:2b:f5:57:54:06:de:c9:45:
                    00:4d:df:82:f0:69:c8:92:fe:46:af:b4:7c:d0:5a:
                    24:63:75:b7:c6:f2:85:fc:e9:71:44:0f:a4:1d:0d:
                    64:c5:2f:d5:b6:52:7f:e3:69:4a:ec:1f:9b:4b:16:
                    3f:a0:70:42:93:11:11:e2:ff:d3:3a:df:61:de:4a:
                    71:54:2f:af:28:fb:d9:b4:a7:5a:3a:0c:9d:cd:9f:
                    56:16:f4:b2:f7:91:eb:ab:46:7a:27:f8:a6:d3:88:
                    41:0f:64:df:41:ff:48:99:4a:c0:14:a5:1c:4d:f0:
                    93:c4:01:49:ad:86:dd:81:ac:d4:2d:f1:fb:90:c9:
                    8e:4f:3e:29:ac:b2:ce:1f:0c:4f:fd:ae:56:43:4e:
                    25:71:fc:f9:2b:5a:39:fa:a7:39:a9:35:a7:dc:99:
                    02:30:03:20:1c:d7:0e:d0:58:63:36:03:ed:a3:f7:
                    07:4b:57:1e:bc:07:11:0a:55:70:39:37:03:9d:8d:
                    32:e1:54:97:a9:ed:9b:ad:1f:2f:3b:31:7c:29:c8:
                    53:8d:30:5d:30:22:bb:5d:8b:c0:3e:7d:73:48:66:
                    4b:b6:fc:88:d8:ca:b7:77:d5:3a:6c:e5:1b:9b:5d:
                    11:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:68:0C:98:07:61:1D:1A:13:E7:33:D4:C3:F6:EC:C8:12:2E:81:1D
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:c1:4a:ef:bd:66:68:27:4e:1a:45:76:dc:5b:60:69:55:4b:
         3f:34:b3:0e:a3:f1:44:e6:c1:0d:1a:d9:d0:d8:6b:47:9e:49:
         67:37:9d:b5:f5:90:d2:13:b2:33:fc:f9:94:43:c3:f7:7c:ee:
         65:65:73:d2:f7:e4:fc:8b:ec:53:1e:54:0c:c4:23:86:09:88:
         b1:7a:01:97:b0:03:e5:7b:b1:1b:d1:b3:6b:7f:f9:e1:c8:3a:
         85:32:3a:11:2c:e3:e9:b2:3d:ba:4a:02:31:bb:1f:ed:0e:9f:
         13:d1:f6:ff:52:e6:31:77:ef:38:4a:5f:c0:e1:18:c3:c6:37:
         6c:4d:b1:4b:75:ee:12:8e:cc:1b:db:6b:e1:f8:d1:28:7c:59:
         10:3b:80:ab:71:e2:96:17:68:62:8c:7d:73:c1:be:74:64:49:
         c3:9c:95:01:fd:38:c7:54:05:04:26:ed:a0:cf:d8:1a:91:02:
         f5:f0:b1:f6:49:1b:27:b8:77:31:c3:00:bf:3e:85:53:4d:54:
         41:c9:51:93:c2:ec:fa:2e:99:83:51:d0:a6:df:79:c4:6e:49:
         cd:c3:38:c3:18:84:ef:51:45:4f:6b:72:6a:be:03:4e:0f:76:
         66:00:07:cf:0e:ee:e4:de:d4:e3:dd:05:78:40:6d:f1:85:81:
         e0:13:af:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBAGe+xlNpQntNG+kVuWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjYwMzI1MjIwMTA3WhcNMjYwMzI2MjIwMTA3WjAzMTEwLwYDVQQD
EygwMjY4MGM5ODA3NjExZDFhMTNlNzMzZDRjM2Y2ZWNjODEyMmU4MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0T5EyfMvTuvDW+1hThFqgshw/lTu
K/VXVAbeyUUATd+C8GnIkv5Gr7R80FokY3W3xvKF/OlxRA+kHQ1kxS/VtlJ/42lK
7B+bSxY/oHBCkxER4v/TOt9h3kpxVC+vKPvZtKdaOgydzZ9WFvSy95Hrq0Z6J/im
04hBD2TfQf9ImUrAFKUcTfCTxAFJrYbdgazULfH7kMmOTz4prLLOHwxP/a5WQ04l
cfz5K1o5+qc5qTWn3JkCMAMgHNcO0FhjNgPto/cHS1cevAcRClVwOTcDnY0y4VSX
qe2brR8vOzF8KchTjTBdMCK7XYvAPn1zSGZLtvyI2Mq3d9U6bOUbm10RGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJoDJgHYR0aE+cz1MP27MgSLoEdMB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd8FK771m
aCdOGkV23FtgaVVLPzSzDqPxRObBDRrZ0NhrR55JZzedtfWQ0hOyM/z5lEPD93zu
ZWVz0vfk/IvsUx5UDMQjhgmIsXoBl7AD5XuxG9Gza3/54cg6hTI6ESzj6bI9ukoC
Mbsf7Q6fE9H2/1LmMXfvOEpfwOEYw8Y3bE2xS3XuEo7MG9tr4fjRKHxZEDuAq3Hi
lhdoYox9c8G+dGRJw5yVAf04x1QFBCbtoM/YGpEC9fCx9kkbJ7h3McMAvz6FU01U
QclRk8Ls+i6Zg1HQpt95xG5JzcM4wxiE71FFT2tyar4DTg92ZgAHzw7u5N7U490F
eEBt8YWB4BOvPQ==
-----END CERTIFICATE-----