Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
File:                     9j_pwTQEHOvaVoufkI4q7zirf3U.mft (raw, json)
Hash identifier:          ScgcIQjf8/2SPFCsJU39Hh39tafkKBJADOTwidoJhIg=
Subject key identifier:   E5:83:8F:20:EB:E5:64:5E:7A:7C:F5:9A:E9:B6:ED:93:F1:BF:DA:16
Authority key identifier: F6:3F:E9:C1:34:04:1C:EB:DA:56:8B:9F:90:8E:2A:EF:38:AB:7F:75
Certificate issuer:       /CN=f63fe9c134041cebda568b9f908e2aef38ab7f75
Certificate serial:       019D27049D3936B1923445C83277D3936F1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
Manifest number:          0EDA
Signing time:             Wed 25 Mar 2026 22:01:46 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:46 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:46 +0000
Files and hashes:         1: 9j_pwTQEHOvaVoufkI4q7zirf3U.crl (hash: Xicnq6vkXGJA57cc2t7aIAs1C0h2BLHIA7EGHWc3qVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:9d:39:36:b1:92:34:45:c8:32:77:d3:93:6f:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f63fe9c134041cebda568b9f908e2aef38ab7f75
        Validity
            Not Before: Mar 25 22:01:46 2026 GMT
            Not After : Mar 26 22:01:46 2026 GMT
        Subject: CN=e5838f20ebe5645e7a7cf59ae9b6ed93f1bfda16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ce:4a:a3:c3:a3:9a:f6:96:d5:86:98:7c:0d:
                    51:bc:99:91:c0:3a:a3:39:f5:45:5a:4c:fe:8e:01:
                    96:9f:9c:e9:69:bf:04:d3:43:52:ac:4b:5a:03:d6:
                    b5:7d:72:66:61:a0:86:e8:3a:75:86:90:c1:a2:f7:
                    c5:7f:72:19:fe:59:54:04:1d:36:07:88:c8:8e:27:
                    0d:a6:e7:94:69:89:87:bc:18:ec:cc:b1:d1:4a:95:
                    30:c9:aa:c5:1a:07:30:07:91:84:a8:3c:be:b9:2c:
                    c1:16:0d:d1:cd:22:0b:dc:81:df:83:78:80:fb:3a:
                    ad:17:c9:80:d5:8e:0e:65:9c:34:ac:0d:49:b3:84:
                    e8:55:1d:a8:e2:d7:75:23:d4:73:70:54:af:6f:36:
                    18:cc:53:18:69:13:b4:03:01:42:47:b3:a5:96:c5:
                    9d:ba:5c:71:90:ae:aa:6a:6b:f8:52:cb:30:82:6b:
                    cb:b9:91:62:48:b8:0a:48:aa:3f:18:4e:d7:b0:11:
                    b6:8d:b2:96:97:17:a6:bb:07:89:6b:e8:97:08:29:
                    e4:0b:7a:4d:79:36:8b:c9:2a:7e:94:fa:7a:d0:3a:
                    4d:87:7b:02:86:d3:80:62:4a:f5:c2:37:50:fc:df:
                    e4:35:d6:1e:97:a3:31:31:93:be:71:66:9e:14:3a:
                    83:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:83:8F:20:EB:E5:64:5E:7A:7C:F5:9A:E9:B6:ED:93:F1:BF:DA:16
            X509v3 Authority Key Identifier:
                keyid:F6:3F:E9:C1:34:04:1C:EB:DA:56:8B:9F:90:8E:2A:EF:38:AB:7F:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9j_pwTQEHOvaVoufkI4q7zirf3U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b39d3a-2784-4255-9066-5aec766a49b4/1/9j_pwTQEHOvaVoufkI4q7zirf3U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:89:54:c3:f8:00:97:28:50:d1:ef:13:83:ce:62:f4:ea:bb:
         9e:d5:8b:fc:58:c3:5c:e1:84:79:3f:1e:81:8d:40:fd:16:6e:
         da:10:e8:aa:97:54:13:9c:85:3e:b9:a1:2e:c8:d4:f6:8b:35:
         59:ab:d2:7e:02:97:4e:7a:28:09:02:d7:c7:54:e3:57:db:df:
         05:f8:b3:a2:8d:82:46:c6:6c:ac:ea:e6:1b:d5:9c:22:5a:3c:
         d7:7f:e5:cc:04:21:e1:be:77:5d:1f:3f:10:f0:cb:05:22:fe:
         09:e6:38:57:74:f7:41:c5:16:88:6b:95:67:d8:6a:cd:58:61:
         74:e4:d9:86:8f:83:73:c6:e1:34:33:d6:97:cc:64:24:79:55:
         de:52:8d:14:3b:5d:05:c3:95:e6:40:f2:d1:7a:fe:74:67:1c:
         9d:10:db:6c:25:be:2a:1c:68:80:ca:f4:95:de:d4:20:9b:b1:
         8f:d1:6a:13:2e:06:99:17:09:5d:6b:1c:41:80:f4:e7:9f:af:
         2d:a0:e7:c1:06:c9:27:d5:81:07:86:6c:a1:57:5d:27:af:dc:
         5e:ba:87:c7:cc:40:88:15:6f:cc:6c:ff:8d:f6:28:65:64:57:
         b2:ad:ec:20:67:36:60:a5:41:2c:80:e1:f8:66:fd:25:ce:bf:
         62:b9:d9:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBJ05NrGSNEXIMnfTk28eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2M2ZlOWMxMzQwNDFjZWJkYTU2OGI5ZjkwOGUyYWVmMzhh
YjdmNzUwHhcNMjYwMzI1MjIwMTQ2WhcNMjYwMzI2MjIwMTQ2WjAzMTEwLwYDVQQD
EyhlNTgzOGYyMGViZTU2NDVlN2E3Y2Y1OWFlOWI2ZWQ5M2YxYmZkYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps5Ko8OjmvaW1YaYfA1RvJmRwDqj
OfVFWkz+jgGWn5zpab8E00NSrEtaA9a1fXJmYaCG6Dp1hpDBovfFf3IZ/llUBB02
B4jIjicNpueUaYmHvBjszLHRSpUwyarFGgcwB5GEqDy+uSzBFg3RzSIL3IHfg3iA
+zqtF8mA1Y4OZZw0rA1Js4ToVR2o4td1I9RzcFSvbzYYzFMYaRO0AwFCR7OllsWd
ulxxkK6qamv4UsswgmvLuZFiSLgKSKo/GE7XsBG2jbKWlxemuweJa+iXCCnkC3pN
eTaLySp+lPp60DpNh3sChtOAYkr1wjdQ/N/kNdYel6MxMZO+cWaeFDqD4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOWDjyDr5WReenz1mum27ZPxv9oWMB8GA1UdIwQY
MBaAFPY/6cE0BBzr2laLn5COKu84q391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMzlkM2EtMjc4NC00MjU1LTkwNjYt
NWFlYzc2NmE0OWI0LzEvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMzlkM2EtMjc4NC00MjU1LTkwNjYtNWFlYzc2NmE0OWI0
LzEvOWpfcHdUUUVIT3ZhVm91ZmtJNHE3emlyZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXolUw/gA
lyhQ0e8Tg85i9Oq7ntWL/FjDXOGEeT8egY1A/RZu2hDoqpdUE5yFPrmhLsjU9os1
WavSfgKXTnooCQLXx1TjV9vfBfizoo2CRsZsrOrmG9WcIlo813/lzAQh4b53XR8/
EPDLBSL+CeY4V3T3QcUWiGuVZ9hqzVhhdOTZho+Dc8bhNDPWl8xkJHlV3lKNFDtd
BcOV5kDy0Xr+dGccnRDbbCW+KhxogMr0ld7UIJuxj9FqEy4GmRcJXWscQYD055+v
LaDnwQbJJ9WBB4ZsoVddJ6/cXrqHx8xAiBVvzGz/jfYoZWRXsq3sIGc2YKVBLIDh
+Gb9Jc6/YrnZ1Q==
-----END CERTIFICATE-----