Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
File:                     iX81rEgorqlfpdLYBNM6ewz_RYo.mft (raw, json)
Hash identifier:          kda1M1EvJbVx89nQF0jhDSqha0lQB2MUoR6Sl0hV6eQ=
Subject key identifier:   A4:D5:D7:EC:99:AA:75:35:BC:78:6D:D6:22:13:61:CB:1C:BA:45:61
Authority key identifier: 89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A
Certificate issuer:       /CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a
Certificate serial:       019D2A7233EDAAEBB76D46F05A58992519C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
Manifest number:          0749
Signing time:             Thu 26 Mar 2026 14:00:20 +0000
Manifest this update:     Thu 26 Mar 2026 14:00:20 +0000
Manifest next update:     Fri 27 Mar 2026 14:00:20 +0000
Files and hashes:         1: iX81rEgorqlfpdLYBNM6ewz_RYo.crl (hash: jZB/onTs1D1O1YGZQI9gWUZIRbxgC3FKWESyHIupQWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:72:33:ed:aa:eb:b7:6d:46:f0:5a:58:99:25:19:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a
        Validity
            Not Before: Mar 26 14:00:20 2026 GMT
            Not After : Mar 27 14:00:20 2026 GMT
        Subject: CN=a4d5d7ec99aa7535bc786dd6221361cb1cba4561
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:4a:81:9c:e4:51:b5:a7:d3:91:13:f6:fe:7d:
                    a3:31:08:c3:46:1c:97:43:8c:96:3c:fc:6a:1a:9c:
                    e0:18:41:41:cd:f9:ff:de:e3:b1:af:aa:f2:33:4b:
                    07:b9:6d:b8:fe:e1:18:64:ac:36:c9:f3:83:0e:98:
                    16:2f:43:74:24:dd:35:1b:db:b8:92:ba:5b:96:a6:
                    59:73:1f:24:b1:33:d2:79:53:83:45:35:ad:6a:35:
                    17:b1:13:0f:70:71:50:20:9f:a0:b7:b8:71:2a:e3:
                    f7:6b:09:be:5a:ef:f6:5a:25:02:55:27:fa:0f:30:
                    8e:4a:62:e5:02:a0:9c:d2:aa:62:56:f9:f1:37:70:
                    47:dd:e7:4c:66:dd:5d:2a:10:c6:16:de:d4:50:f4:
                    cf:02:16:bd:f6:0e:2c:f6:a5:38:b3:33:f4:78:e9:
                    2f:c7:e2:a8:de:22:97:37:5d:d8:39:6c:5f:07:3b:
                    ad:fd:5c:73:e7:be:72:b0:4d:c5:00:34:c6:89:d8:
                    19:8f:25:79:08:b3:4d:b4:24:d8:ee:a8:60:10:50:
                    bf:b1:7d:42:00:1b:21:1f:7b:5e:bc:d5:72:8d:d0:
                    1e:a1:49:a7:9f:45:22:09:68:ef:00:5a:3b:75:4a:
                    95:bd:71:aa:c4:0c:3a:87:21:f1:55:23:12:ee:49:
                    e6:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:D5:D7:EC:99:AA:75:35:BC:78:6D:D6:22:13:61:CB:1C:BA:45:61
            X509v3 Authority Key Identifier:
                keyid:89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:93:34:c3:80:dc:83:0a:c0:4a:c3:4e:6b:3a:84:81:69:91:
         f5:89:82:5a:a0:75:88:c8:fa:8f:5e:80:6a:53:80:65:72:a9:
         9c:89:bd:ea:19:01:31:05:20:46:6e:e8:a4:14:34:9d:79:f8:
         99:b6:0b:97:5c:4f:46:ff:57:8d:a6:cc:48:4f:9a:10:65:1e:
         75:58:90:d6:de:98:46:f4:44:71:c0:b7:71:c4:f7:d7:12:e5:
         f3:20:90:1f:fc:8f:e9:bc:82:57:fc:d3:a5:53:37:5e:e2:9b:
         aa:2f:dc:2c:8c:8e:28:d7:15:f6:d7:91:da:df:91:51:e0:0f:
         34:11:20:a6:7b:aa:42:ae:5d:4b:4a:ad:96:f5:7c:7b:36:d9:
         7c:0b:d3:16:2e:6f:55:99:b5:ed:c4:0f:ee:c9:b0:eb:86:b9:
         54:26:a2:53:aa:c3:8d:f1:8a:f8:a2:4b:29:02:49:09:28:46:
         1c:56:28:2b:37:3f:22:0f:b3:60:1a:6b:b7:f7:16:ea:36:88:
         f0:af:7c:18:4a:6e:00:65:f5:10:c9:e0:b4:3a:24:0a:03:8a:
         e2:1f:4f:ef:64:19:9b:f8:d2:86:f5:30:38:78:8f:1f:0c:e4:
         44:42:6e:49:54:82:8b:16:05:c0:54:16:5d:70:59:59:04:fb:
         4d:03:34:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qcjPtquu3bUbwWliZJRnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5N2YzNWFjNDgyOGFlYTk1ZmE1ZDJkODA0ZDMzYTdiMGNm
ZjQ1OGEwHhcNMjYwMzI2MTQwMDIwWhcNMjYwMzI3MTQwMDIwWjAzMTEwLwYDVQQD
EyhhNGQ1ZDdlYzk5YWE3NTM1YmM3ODZkZDYyMjEzNjFjYjFjYmE0NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUqBnORRtafTkRP2/n2jMQjDRhyX
Q4yWPPxqGpzgGEFBzfn/3uOxr6ryM0sHuW24/uEYZKw2yfODDpgWL0N0JN01G9u4
krpblqZZcx8ksTPSeVODRTWtajUXsRMPcHFQIJ+gt7hxKuP3awm+Wu/2WiUCVSf6
DzCOSmLlAqCc0qpiVvnxN3BH3edMZt1dKhDGFt7UUPTPAha99g4s9qU4szP0eOkv
x+Ko3iKXN13YOWxfBzut/Vxz575ysE3FADTGidgZjyV5CLNNtCTY7qhgEFC/sX1C
ABshH3tevNVyjdAeoUmnn0UiCWjvAFo7dUqVvXGqxAw6hyHxVSMS7knmbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTV1+yZqnU1vHht1iITYcscukVhMB8GA1UdIwQY
MBaAFIl/NaxIKK6pX6XS2ATTOnsM/0WKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYt
YjBlNDEwM2Y0OTYyLzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYtYjBlNDEwM2Y0OTYy
LzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeZM0w4Dc
gwrASsNOazqEgWmR9YmCWqB1iMj6j16AalOAZXKpnIm96hkBMQUgRm7opBQ0nXn4
mbYLl1xPRv9XjabMSE+aEGUedViQ1t6YRvREccC3ccT31xLl8yCQH/yP6byCV/zT
pVM3XuKbqi/cLIyOKNcV9teR2t+RUeAPNBEgpnuqQq5dS0qtlvV8ezbZfAvTFi5v
VZm17cQP7smw64a5VCaiU6rDjfGK+KJLKQJJCShGHFYoKzc/Ig+zYBprt/cW6jaI
8K98GEpuAGX1EMngtDokCgOK4h9P72QZm/jShvUwOHiPHwzkREJuSVSCixYFwFQW
XXBZWQT7TQM0EA==
-----END CERTIFICATE-----