Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
File:                     8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft (raw, json)
Hash identifier:          y1gOsTvF9gJ7Wtvij3SUhvc3Ak5vIfCmPHB1YLSrDRA=
Subject key identifier:   75:90:D1:1A:F1:E2:9B:66:4F:89:9F:16:66:D3:7C:A8:F6:FB:85:90
Authority key identifier: F0:8A:2C:EC:71:01:F2:17:73:DE:FC:59:16:C0:8B:01:C1:85:90:E7
Certificate issuer:       /CN=f08a2cec7101f21773defc5916c08b01c18590e7
Certificate serial:       019D28BBFB1A5B19E1A1392A77108F1C83DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
Manifest number:          01A3
Signing time:             Thu 26 Mar 2026 06:01:41 +0000
Manifest this update:     Thu 26 Mar 2026 06:01:41 +0000
Manifest next update:     Fri 27 Mar 2026 06:01:41 +0000
Files and hashes:         1: 8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl (hash: t3S5HFxPpuhKcyV7Tmm1Ec76Af/BQ14CZ6xU4PEyrpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:fb:1a:5b:19:e1:a1:39:2a:77:10:8f:1c:83:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f08a2cec7101f21773defc5916c08b01c18590e7
        Validity
            Not Before: Mar 26 06:01:41 2026 GMT
            Not After : Mar 27 06:01:41 2026 GMT
        Subject: CN=7590d11af1e29b664f899f1666d37ca8f6fb8590
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:48:61:47:10:07:a5:bf:63:e8:e3:33:b3:d9:
                    42:5c:80:ca:7c:1a:ae:7f:9e:ef:cb:26:ad:cf:99:
                    ab:d2:b7:6b:38:52:6d:48:21:1b:d8:36:dd:7c:e8:
                    9b:d8:25:39:b2:33:a3:2a:1a:b0:f5:db:46:e9:c2:
                    35:dd:ae:85:1e:d4:9c:ce:ab:b2:f7:9c:39:23:91:
                    1b:0f:34:23:7a:dd:d3:c1:2c:0a:a0:d3:44:4e:8b:
                    d0:23:8d:a2:b6:64:fd:70:f4:d7:c6:29:73:70:0e:
                    33:2a:7e:ff:65:bf:15:39:ef:83:c8:43:d2:38:92:
                    5f:dc:e8:6c:25:a3:99:85:0d:a5:58:44:ae:e7:6b:
                    c7:44:f0:37:e2:bc:ad:2f:98:36:2d:f1:ff:e0:b9:
                    93:fa:e5:ca:5d:7c:e8:25:4d:c2:be:76:85:4d:96:
                    f6:e5:42:30:0f:78:b2:dc:50:f3:88:a9:e7:9d:bf:
                    f3:06:7a:9b:d3:83:89:02:6b:8e:b4:a1:f8:6b:d2:
                    8f:38:3d:2c:b8:a6:b9:11:b4:29:3a:d8:0b:da:4f:
                    c8:60:23:cf:fe:c2:ce:fd:33:54:f0:c5:e9:b4:09:
                    dc:eb:83:8f:d2:87:86:a1:ea:2d:06:1e:1a:a7:5e:
                    49:74:55:6c:7d:9b:b8:7e:52:13:e5:6a:df:a0:13:
                    8d:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:90:D1:1A:F1:E2:9B:66:4F:89:9F:16:66:D3:7C:A8:F6:FB:85:90
            X509v3 Authority Key Identifier:
                keyid:F0:8A:2C:EC:71:01:F2:17:73:DE:FC:59:16:C0:8B:01:C1:85:90:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Ios7HEB8hdz3vxZFsCLAcGFkOc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6f252d-59ed-4a22-9d97-65b6408bdffe/1/8Ios7HEB8hdz3vxZFsCLAcGFkOc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:14:fd:f3:5b:f3:c4:e7:98:21:50:67:1f:17:a2:5f:4c:fe:
         97:78:18:21:0a:9b:1e:54:a7:13:54:e8:6b:75:b5:9b:ed:54:
         d7:f7:4b:cd:d5:40:b2:9f:32:f3:7b:9e:22:7b:16:0f:1f:88:
         26:f6:86:f9:f6:67:87:9e:15:d6:84:c9:20:70:04:9c:34:db:
         7f:fc:cd:cf:71:dc:78:b1:7a:43:d4:dd:ff:b6:08:4f:53:1e:
         9f:74:7d:4a:00:f7:fe:1c:65:c2:6d:61:a7:d7:8e:83:46:ba:
         40:31:54:f2:11:95:63:ca:40:39:8a:d2:26:a7:98:a7:ee:48:
         2c:3b:3a:1e:31:cc:2b:c4:53:ba:bf:f9:f2:31:33:f0:c8:3a:
         ed:be:e9:47:57:98:49:09:8e:93:1f:71:93:0b:d7:98:18:35:
         fb:09:e4:b2:85:4f:15:0e:7f:42:f0:ed:fc:de:da:fb:8f:ab:
         18:08:b4:c8:78:c6:fa:9c:2f:d6:71:2a:d9:03:ac:0e:f1:50:
         46:94:a3:54:92:a3:cc:39:37:78:f1:bd:e7:7b:d7:fd:48:4a:
         aa:de:c1:ea:2a:c3:5b:f9:7f:df:51:2a:2c:de:89:bf:71:98:
         2b:a3:0d:b0:a5:4c:a3:75:23:11:d7:af:ae:c1:2f:c1:96:b6:
         f5:61:a7:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou/saWxnhoTkqdxCPHIPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwOGEyY2VjNzEwMWYyMTc3M2RlZmM1OTE2YzA4YjAxYzE4
NTkwZTcwHhcNMjYwMzI2MDYwMTQxWhcNMjYwMzI3MDYwMTQxWjAzMTEwLwYDVQQD
Eyg3NTkwZDExYWYxZTI5YjY2NGY4OTlmMTY2NmQzN2NhOGY2ZmI4NTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0hhRxAHpb9j6OMzs9lCXIDKfBqu
f57vyyatz5mr0rdrOFJtSCEb2DbdfOib2CU5sjOjKhqw9dtG6cI13a6FHtSczquy
95w5I5EbDzQjet3TwSwKoNNETovQI42itmT9cPTXxilzcA4zKn7/Zb8VOe+DyEPS
OJJf3OhsJaOZhQ2lWESu52vHRPA34rytL5g2LfH/4LmT+uXKXXzoJU3CvnaFTZb2
5UIwD3iy3FDziKnnnb/zBnqb04OJAmuOtKH4a9KPOD0suKa5EbQpOtgL2k/IYCPP
/sLO/TNU8MXptAnc64OP0oeGoeotBh4ap15JdFVsfZu4flIT5WrfoBONLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHWQ0Rrx4ptmT4mfFmbTfKj2+4WQMB8GA1UdIwQY
MBaAFPCKLOxxAfIXc978WRbAiwHBhZDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ZjI1MmQtNTllZC00YTIyLTlkOTct
NjViNjQwOGJkZmZlLzEvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ZjI1MmQtNTllZC00YTIyLTlkOTctNjViNjQwOGJkZmZl
LzEvOElvczdIRUI4aGR6M3Z4WkZzQ0xBY0dGa09jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnhT981vz
xOeYIVBnHxeiX0z+l3gYIQqbHlSnE1Toa3W1m+1U1/dLzdVAsp8y83ueInsWDx+I
JvaG+fZnh54V1oTJIHAEnDTbf/zNz3HceLF6Q9Td/7YIT1Men3R9SgD3/hxlwm1h
p9eOg0a6QDFU8hGVY8pAOYrSJqeYp+5ILDs6HjHMK8RTur/58jEz8Mg67b7pR1eY
SQmOkx9xkwvXmBg1+wnksoVPFQ5/QvDt/N7a+4+rGAi0yHjG+pwv1nEq2QOsDvFQ
RpSjVJKjzDk3ePG953vX/UhKqt7B6irDW/l/31EqLN6Jv3GYK6MNsKVMo3UjEdev
rsEvwZa29WGnig==
-----END CERTIFICATE-----