Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
File:                     l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json)
Hash identifier:          ++p+h4WFFNQV/vAbnBRpOrQKLO3L8sHW+t+za0fm8PM=
Subject key identifier:   29:D4:81:DC:20:7F:CE:B1:31:6C:25:BC:1B:4F:2F:5E:28:64:2A:DB
Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8
Certificate issuer:       /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
Certificate serial:       019D296155A393E1F88C95BEC5E0D16C6D07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
Manifest number:          1882
Signing time:             Thu 26 Mar 2026 09:02:17 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:17 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:17 +0000
Files and hashes:         1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: sEyl+Rl55h/ScWjDhuWTRJlFMXtYk9Xodpdl7v7MxRs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:55:a3:93:e1:f8:8c:95:be:c5:e0:d1:6c:6d:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
        Validity
            Not Before: Mar 26 09:02:17 2026 GMT
            Not After : Mar 27 09:02:17 2026 GMT
        Subject: CN=29d481dc207fceb1316c25bc1b4f2f5e28642adb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b0:39:4d:5b:7d:5a:ac:2e:f1:e4:0f:a6:bb:
                    c1:8a:51:74:19:7b:6e:71:90:1d:bc:26:c3:67:08:
                    84:a5:3a:12:eb:c7:68:3e:eb:21:ec:d7:87:75:9b:
                    61:8e:6c:57:cb:91:fb:d2:ac:8d:73:77:12:7f:bd:
                    a9:68:ed:e3:a2:b5:24:36:f3:20:4d:ac:ca:80:9f:
                    a3:29:7b:47:59:88:f0:db:49:bc:20:cc:f2:c0:9e:
                    fc:77:21:09:45:1e:49:d5:fb:f1:9c:c7:37:c0:25:
                    bc:86:02:ec:b4:c3:36:5f:5a:32:30:3a:19:dd:69:
                    f8:61:7c:0b:a1:6d:4f:32:4d:c7:7e:ea:38:8d:29:
                    fe:05:95:0f:ee:76:6b:e6:14:20:c0:11:af:56:aa:
                    09:55:71:bb:69:20:20:0b:85:aa:1a:d2:04:1b:c2:
                    18:49:35:3c:a8:82:71:bd:7e:c7:f3:e9:3e:9b:98:
                    4a:9c:d2:c2:0f:84:96:fe:5c:7c:2e:40:9a:01:c4:
                    af:21:21:e0:43:46:18:69:41:14:a4:13:4b:1d:1e:
                    18:b9:ed:d1:6a:db:9f:9c:41:4f:19:38:18:52:8d:
                    94:74:7c:ba:c5:c8:43:f0:1f:6f:11:8b:24:cc:ff:
                    f4:63:d0:dc:04:d9:eb:f9:a2:52:70:53:d9:f6:cd:
                    ba:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:D4:81:DC:20:7F:CE:B1:31:6C:25:BC:1B:4F:2F:5E:28:64:2A:DB
            X509v3 Authority Key Identifier:
                keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:4f:d2:f1:ae:a6:d4:48:e2:fd:86:ee:5b:d0:00:d0:8c:30:
         7e:c0:56:fe:95:c3:89:f7:9d:f0:ad:e4:54:a9:90:f8:48:f2:
         6e:c0:5e:9c:8c:66:b2:51:0b:dc:d5:3c:69:f9:1b:38:f9:65:
         60:39:ea:20:30:5f:86:78:3d:9d:b6:44:2a:d5:ac:be:12:63:
         da:7e:72:2d:a5:e2:09:b9:c8:3f:38:b2:7a:59:ab:3c:c8:06:
         a4:42:85:1c:2f:7e:41:de:44:4f:3e:bd:61:bc:56:24:ec:b0:
         23:46:e9:f1:0c:c6:c0:32:9a:89:55:7f:6a:1f:95:8a:db:53:
         07:57:f1:eb:1c:78:39:6c:a7:9e:3c:49:0e:29:dc:fb:64:4e:
         29:bd:eb:d3:cb:36:20:ef:6d:bd:76:80:be:a7:e2:8d:d2:cd:
         44:44:5f:f3:35:df:b0:83:4c:e6:4f:72:5f:0b:fb:c4:1d:1b:
         15:86:37:8d:8d:9e:44:4b:e8:cb:09:c9:d4:cc:84:9c:7c:fc:
         4b:b8:58:0c:8d:ce:ee:a4:f3:e1:cd:bd:cc:38:10:3b:fd:3c:
         8c:44:da:f9:9e:77:c6:7e:a8:03:07:8f:c6:f2:b4:f2:ce:54:
         a4:9e:09:2a:9a:3b:3c:cf:ce:64:c2:d6:7e:dd:48:6a:ae:14:
         cc:ec:56:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYVWjk+H4jJW+xeDRbG0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5
OTQ5YjgwHhcNMjYwMzI2MDkwMjE3WhcNMjYwMzI3MDkwMjE3WjAzMTEwLwYDVQQD
EygyOWQ0ODFkYzIwN2ZjZWIxMzE2YzI1YmMxYjRmMmY1ZTI4NjQyYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprA5TVt9Wqwu8eQPprvBilF0GXtu
cZAdvCbDZwiEpToS68doPush7NeHdZthjmxXy5H70qyNc3cSf72paO3jorUkNvMg
TazKgJ+jKXtHWYjw20m8IMzywJ78dyEJRR5J1fvxnMc3wCW8hgLstMM2X1oyMDoZ
3Wn4YXwLoW1PMk3Hfuo4jSn+BZUP7nZr5hQgwBGvVqoJVXG7aSAgC4WqGtIEG8IY
STU8qIJxvX7H8+k+m5hKnNLCD4SW/lx8LkCaAcSvISHgQ0YYaUEUpBNLHR4Yue3R
atufnEFPGTgYUo2UdHy6xchD8B9vEYskzP/0Y9DcBNnr+aJScFPZ9s26xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnUgdwgf86xMWwlvBtPL14oZCrbMB8GA1UdIwQY
MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt
YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw
LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEE/S8a6m
1Eji/YbuW9AA0IwwfsBW/pXDifed8K3kVKmQ+EjybsBenIxmslEL3NU8afkbOPll
YDnqIDBfhng9nbZEKtWsvhJj2n5yLaXiCbnIPziyelmrPMgGpEKFHC9+Qd5ETz69
YbxWJOywI0bp8QzGwDKaiVV/ah+VittTB1fx6xx4OWynnjxJDinc+2ROKb3r08s2
IO9tvXaAvqfijdLNRERf8zXfsINM5k9yXwv7xB0bFYY3jY2eREvoywnJ1MyEnHz8
S7hYDI3O7qTz4c29zDgQO/08jETa+Z53xn6oAwePxvK08s5UpJ4JKpo7PM/OZMLW
ft1Iaq4UzOxWdA==
-----END CERTIFICATE-----