Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
File:                     cfxj7vZnTya1A6gwpd-pU9L_qr4.mft (raw, json)
Hash identifier:          zY9bmKMfOH+jbbPELQQuPpJsABl+LvVzM6T7TJ/W7R8=
Subject key identifier:   EA:76:6F:1B:7C:91:58:4D:1A:33:EA:BA:CF:87:DB:54:78:AF:74:E9
Authority key identifier: 71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE
Certificate issuer:       /CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
Certificate serial:       019D254CD21BE721FA4573B408C40ECFFBF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
Manifest number:          16ED
Signing time:             Wed 25 Mar 2026 14:01:24 +0000
Manifest this update:     Wed 25 Mar 2026 14:01:24 +0000
Manifest next update:     Thu 26 Mar 2026 14:01:24 +0000
Files and hashes:         1: cfxj7vZnTya1A6gwpd-pU9L_qr4.crl (hash: 9gHUWiGDf/nI86bjxzh1Z+Q8iFHmo26juJ2Q5iG/fFc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 14:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:4c:d2:1b:e7:21:fa:45:73:b4:08:c4:0e:cf:fb:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
        Validity
            Not Before: Mar 25 14:01:24 2026 GMT
            Not After : Mar 26 14:01:24 2026 GMT
        Subject: CN=ea766f1b7c91584d1a33eabacf87db5478af74e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:7a:58:06:cc:63:0e:5a:f9:89:73:bd:ae:6f:
                    aa:0b:4b:da:91:fb:c5:fa:35:c8:17:60:77:4e:bf:
                    a7:14:bf:8a:00:21:b7:07:48:86:0a:5d:f4:1f:da:
                    8b:a1:1a:5a:43:eb:02:2f:ae:e1:78:0b:4d:36:09:
                    31:b5:3f:51:ee:77:fc:e2:d2:44:c2:0c:aa:4a:9e:
                    09:1f:9c:69:37:30:a5:c3:aa:70:e8:d7:bd:ab:fe:
                    03:cc:ed:66:33:73:98:f7:c0:39:5d:ac:ca:09:09:
                    1b:0f:65:ae:e7:b8:df:f8:b0:53:02:0c:63:1a:74:
                    26:ee:1e:60:84:cd:ad:63:85:69:ce:e9:ce:96:c2:
                    b6:05:7f:0b:32:8f:c0:18:25:42:f3:49:12:e7:32:
                    57:09:8c:ad:8a:61:83:0f:da:36:04:90:51:d9:24:
                    a4:28:a5:f7:a8:86:bb:b6:a4:63:59:e7:4b:6a:11:
                    79:e5:09:c7:7b:27:89:d2:07:30:49:59:22:0c:c7:
                    60:9f:84:00:bc:55:42:5d:b8:3a:1d:4b:fa:f2:1f:
                    16:f5:f3:d0:e6:81:bc:cf:cd:94:44:2f:31:a5:06:
                    85:02:b2:90:a0:df:2d:6d:b8:e6:95:1c:36:57:88:
                    f0:fa:f6:8a:01:a7:29:f9:aa:8b:ee:16:e5:0c:8c:
                    83:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:76:6F:1B:7C:91:58:4D:1A:33:EA:BA:CF:87:DB:54:78:AF:74:E9
            X509v3 Authority Key Identifier:
                keyid:71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:34:25:95:1b:59:cb:8e:73:b7:ed:71:b1:1b:23:90:8f:95:
         d6:b3:3d:00:08:1b:66:3f:4e:fc:47:ca:1d:90:44:9f:45:55:
         cf:f6:e9:f5:b4:27:a7:59:d7:bb:8e:40:a6:66:12:eb:0e:d1:
         87:23:05:f9:a9:ef:18:58:7c:69:2d:51:37:95:b0:cd:cc:ed:
         66:c9:2d:1b:c4:ae:e2:c5:f5:eb:03:b8:4a:89:cd:d6:65:4d:
         5e:4b:ad:f4:d4:6d:79:fc:46:73:5f:ed:df:39:10:46:f3:2c:
         6b:f7:5f:ec:af:e9:75:93:c1:44:1e:6d:d4:af:ae:b9:ba:60:
         fa:40:88:b1:c0:cd:1f:ca:a3:d8:55:be:9c:49:74:cd:ba:83:
         4c:fa:ed:54:42:0c:a4:99:75:14:62:ab:5e:bb:fe:7f:d6:c0:
         c2:a7:c7:d7:fc:4a:0b:c0:48:e8:55:67:66:f1:b5:de:80:6b:
         3c:4e:b2:6e:19:42:14:40:cb:3f:a9:22:04:f8:53:02:c4:ea:
         48:22:c7:48:c6:9b:68:ce:77:10:e3:f7:f2:bf:c8:c2:5a:1b:
         f0:65:b0:c0:d7:d7:c7:b8:08:82:35:01:0d:9b:6f:e0:be:5c:
         44:3d:14:3e:1a:82:d0:8a:d7:41:c1:08:96:95:ae:ca:5d:23:
         cc:e9:8b:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lTNIb5yH6RXO0CMQOz/v3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZmM2M2VlZjY2NzRmMjZiNTAzYTgzMGE1ZGZhOTUzZDJm
ZmFhYmUwHhcNMjYwMzI1MTQwMTI0WhcNMjYwMzI2MTQwMTI0WjAzMTEwLwYDVQQD
EyhlYTc2NmYxYjdjOTE1ODRkMWEzM2VhYmFjZjg3ZGI1NDc4YWY3NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XpYBsxjDlr5iXO9rm+qC0vakfvF
+jXIF2B3Tr+nFL+KACG3B0iGCl30H9qLoRpaQ+sCL67heAtNNgkxtT9R7nf84tJE
wgyqSp4JH5xpNzClw6pw6Ne9q/4DzO1mM3OY98A5XazKCQkbD2Wu57jf+LBTAgxj
GnQm7h5ghM2tY4VpzunOlsK2BX8LMo/AGCVC80kS5zJXCYytimGDD9o2BJBR2SSk
KKX3qIa7tqRjWedLahF55QnHeyeJ0gcwSVkiDMdgn4QAvFVCXbg6HUv68h8W9fPQ
5oG8z82URC8xpQaFArKQoN8tbbjmlRw2V4jw+vaKAacp+aqL7hblDIyDEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOp2bxt8kVhNGjPqus+H21R4r3TpMB8GA1UdIwQY
MBaAFHH8Y+72Z08mtQOoMKXfqVPS/6q+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTct
ZDQxODI0OGU1NzI4LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTctZDQxODI0OGU1NzI4
LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZjQllRtZ
y45zt+1xsRsjkI+V1rM9AAgbZj9O/EfKHZBEn0VVz/bp9bQnp1nXu45ApmYS6w7R
hyMF+anvGFh8aS1RN5WwzcztZsktG8Su4sX16wO4SonN1mVNXkut9NRtefxGc1/t
3zkQRvMsa/df7K/pdZPBRB5t1K+uubpg+kCIscDNH8qj2FW+nEl0zbqDTPrtVEIM
pJl1FGKrXrv+f9bAwqfH1/xKC8BI6FVnZvG13oBrPE6ybhlCFEDLP6kiBPhTAsTq
SCLHSMabaM53EOP38r/Iwlob8GWwwNfXx7gIgjUBDZtv4L5cRD0UPhqC0IrXQcEI
lpWuyl0jzOmLkg==
-----END CERTIFICATE-----