Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          XawtLo4kqyPDZKxKIwEDajnbCqeZqQ16dVBgI0X6Mjc=
Subject key identifier:   E3:24:03:C3:9A:20:10:67:D5:51:61:F8:A0:21:86:40:3E:09:F6:3D
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       019D270450F9CEB597DAAADD80209147CFE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          1884
Signing time:             Wed 25 Mar 2026 22:01:27 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:27 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:27 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: OCM/acTXCxyuybxPzzZwoOea8A5s1PiYeoDp5tcr/Lo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:50:f9:ce:b5:97:da:aa:dd:80:20:91:47:cf:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: Mar 25 22:01:27 2026 GMT
            Not After : Mar 26 22:01:27 2026 GMT
        Subject: CN=e32403c39a201067d55161f8a02186403e09f63d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:f3:01:df:5d:7b:ec:a8:71:f4:a6:6f:81:4d:
                    8e:22:53:0c:a5:ee:9d:f0:a3:a8:32:51:e7:18:0c:
                    6c:21:19:43:bf:e3:6f:dc:3c:2a:5d:7a:e3:3b:86:
                    f3:7f:ac:c6:28:3c:d6:47:52:da:34:13:d1:cc:72:
                    7c:29:7d:9f:c6:50:fa:87:d0:db:57:f1:8d:41:8e:
                    9c:b9:e3:5c:51:fe:87:c5:8d:9f:cd:3b:dc:ac:e0:
                    8a:e5:65:8b:1d:f1:73:31:35:cc:da:96:b2:a3:81:
                    e5:96:65:de:ad:e3:e6:85:f1:52:3d:56:c1:fa:84:
                    31:4e:72:31:9a:35:b7:a4:ce:1d:2a:55:c5:10:3c:
                    03:2c:a3:e4:f1:8e:3c:fa:2a:2c:40:9d:4b:f0:0e:
                    b5:5b:64:07:7b:98:45:aa:ed:36:0c:b1:22:a4:c1:
                    96:ae:64:4a:3d:6d:ff:4d:1f:63:f8:72:90:b2:8a:
                    6e:bb:39:17:61:f7:a7:8d:12:0c:bb:a1:de:4e:1b:
                    8f:64:dd:f9:88:e7:7b:0b:94:07:51:39:67:d7:1d:
                    fc:9f:54:b9:43:55:2e:e5:bf:8c:31:41:98:9e:f5:
                    07:59:4c:11:22:5e:df:8b:99:ee:d5:3b:71:7d:5d:
                    b5:af:52:5b:95:42:ca:90:df:17:50:6f:0f:8b:6d:
                    d8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:24:03:C3:9A:20:10:67:D5:51:61:F8:A0:21:86:40:3E:09:F6:3D
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:a8:48:f8:60:86:10:ca:92:10:60:16:69:7a:e3:e2:2c:c4:
         c2:e3:8e:d2:c6:57:b8:25:44:58:50:a7:d0:75:07:a5:8b:a5:
         46:5c:b4:46:b0:f5:85:f5:fa:ad:b7:ab:a4:d6:5a:a3:80:27:
         6e:f7:09:a4:15:0b:1f:2c:a3:c3:28:71:1d:be:28:a1:4f:29:
         f2:1a:cf:0d:61:54:70:c6:89:cd:0e:75:ff:52:cb:5b:d5:a1:
         17:db:f1:5f:af:8c:01:0f:86:e9:0f:d2:a7:4b:f5:38:5e:6a:
         4b:e5:56:f9:f2:0d:d1:2d:c4:a8:d0:1a:0f:1c:bd:5b:db:e6:
         29:05:36:f3:6b:d4:1d:ba:70:eb:fa:fe:82:9c:61:30:dd:ec:
         e5:5c:d0:8b:b3:d9:aa:6c:05:84:ce:9d:3b:ce:e4:6b:05:75:
         61:15:cd:48:6a:62:9a:fb:d8:00:71:67:71:3f:51:90:e9:25:
         46:4d:96:78:1e:5b:f9:d6:16:cb:8d:59:b2:3d:89:12:cb:7c:
         78:b7:bc:74:3c:0f:0a:82:e3:9a:92:15:fc:4a:e9:a9:79:f3:
         d8:43:17:da:e5:3c:4f:e2:9e:4f:7f:83:34:eb:d1:4a:e2:cf:
         75:08:f3:83:1c:2f:21:c9:41:05:bb:a0:86:7a:3a:e9:d7:50:
         6a:e2:26:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBFD5zrWX2qrdgCCRR8/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjYwMzI1MjIwMTI3WhcNMjYwMzI2MjIwMTI3WjAzMTEwLwYDVQQD
EyhlMzI0MDNjMzlhMjAxMDY3ZDU1MTYxZjhhMDIxODY0MDNlMDlmNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPMB31177Khx9KZvgU2OIlMMpe6d
8KOoMlHnGAxsIRlDv+Nv3DwqXXrjO4bzf6zGKDzWR1LaNBPRzHJ8KX2fxlD6h9Db
V/GNQY6cueNcUf6HxY2fzTvcrOCK5WWLHfFzMTXM2payo4HllmXerePmhfFSPVbB
+oQxTnIxmjW3pM4dKlXFEDwDLKPk8Y48+iosQJ1L8A61W2QHe5hFqu02DLEipMGW
rmRKPW3/TR9j+HKQsopuuzkXYfenjRIMu6HeThuPZN35iOd7C5QHUTln1x38n1S5
Q1Uu5b+MMUGYnvUHWUwRIl7fi5nu1TtxfV21r1JblULKkN8XUG8Pi23Y3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMkA8OaIBBn1VFh+KAhhkA+CfY9MB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN6hI+GCG
EMqSEGAWaXrj4izEwuOO0sZXuCVEWFCn0HUHpYulRly0RrD1hfX6rberpNZao4An
bvcJpBULHyyjwyhxHb4ooU8p8hrPDWFUcMaJzQ51/1LLW9WhF9vxX6+MAQ+G6Q/S
p0v1OF5qS+VW+fIN0S3EqNAaDxy9W9vmKQU282vUHbpw6/r+gpxhMN3s5VzQi7PZ
qmwFhM6dO87kawV1YRXNSGpimvvYAHFncT9RkOklRk2WeB5b+dYWy41Zsj2JEst8
eLe8dDwPCoLjmpIV/ErpqXnz2EMX2uU8T+KeT3+DNOvRSuLPdQjzgxwvIclBBbug
hno66ddQauImCg==
-----END CERTIFICATE-----