Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          dJkp/kkbwp1F3bbdXQzsnfut0X9n+9b8uF+donQlkZ4=
Subject key identifier:   B2:B1:BF:13:AA:9E:79:0E:90:53:78:0E:EB:09:58:17:20:21:89:ED
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       019D27723879AE3B03928333985ED04837F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          08D8
Signing time:             Thu 26 Mar 2026 00:01:30 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:30 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:30 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: PMj/pDRTSTxTrpcF4jpIpId8ViJHw7iD1SPSLBaIDZc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:38:79:ae:3b:03:92:83:33:98:5e:d0:48:37:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: Mar 26 00:01:30 2026 GMT
            Not After : Mar 27 00:01:30 2026 GMT
        Subject: CN=b2b1bf13aa9e790e9053780eeb095817202189ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:09:af:55:4b:a4:e5:b4:79:2c:0f:82:d1:62:
                    88:74:25:24:69:05:9f:94:c3:d0:ad:7b:5e:14:4d:
                    9e:7a:10:5c:52:c2:eb:28:b5:ab:2e:02:ba:3f:06:
                    54:94:66:3e:c5:20:8e:9f:c7:27:11:5e:86:29:a7:
                    87:dd:23:6b:aa:ca:04:4f:e6:a9:4e:94:8d:89:44:
                    9a:da:39:1e:75:f4:ef:8b:8f:0f:16:7e:7b:df:62:
                    42:3a:3f:2d:46:6c:dd:9c:5b:bd:d6:1e:c3:50:49:
                    19:dc:3e:a7:6e:b5:1d:e9:c8:88:f7:e9:cf:b5:f9:
                    19:49:85:d8:72:15:ea:66:58:a4:e7:7f:8b:04:4d:
                    8a:5e:16:e2:dc:e2:fb:e8:f1:3f:b6:2e:50:a6:6a:
                    8a:c5:fc:91:6d:4e:20:85:af:a8:3d:e2:bc:e5:8d:
                    7b:c9:c2:ad:51:1d:2b:e2:59:ad:d6:e8:ab:28:e8:
                    28:c8:28:b2:4c:34:db:22:5c:d9:c3:ad:ef:3d:de:
                    96:5d:4e:40:01:85:9e:d0:82:5d:e7:17:09:e1:60:
                    2b:27:4d:69:4d:73:a0:93:11:7b:de:f8:8d:78:6b:
                    fb:d5:b7:08:6f:cc:10:13:a9:4d:53:01:ac:5e:3e:
                    c6:1d:47:e2:b5:88:fb:dd:7b:e1:27:6a:da:0f:99:
                    4a:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:B1:BF:13:AA:9E:79:0E:90:53:78:0E:EB:09:58:17:20:21:89:ED
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:0e:23:c5:28:b6:58:af:44:56:8e:9b:d9:a5:e2:98:9a:7b:
         78:79:c0:4a:42:a8:34:49:58:82:8e:02:bb:5f:96:65:a1:e6:
         5f:bb:e2:3e:11:4a:88:3f:87:44:9a:3f:1c:ee:c9:7f:40:f4:
         9a:10:9d:ba:57:5f:59:1a:90:e6:3c:cd:29:5c:ba:31:8a:16:
         de:3e:36:5b:1d:bc:bb:90:4f:73:44:0e:22:9a:c4:90:7e:22:
         d9:2c:d8:ce:e7:3e:07:08:60:9f:31:32:6b:48:9e:74:22:4c:
         9e:94:db:24:7d:d0:b5:21:b0:66:58:13:f8:af:18:e9:f2:3e:
         ef:a1:81:d8:fe:96:a4:1f:f7:a4:4a:4c:07:4b:ab:4f:b8:1e:
         34:6e:23:c0:69:8d:11:df:0d:b2:20:ea:b7:c1:2b:44:5f:f9:
         3c:56:58:5d:23:3c:ff:7e:1a:7c:a5:a8:c0:1e:b2:a8:16:ff:
         c9:de:c6:94:5a:a0:07:ce:51:1d:2d:51:e4:54:e6:ac:4b:5a:
         3a:d7:72:75:9a:76:a2:8b:de:f9:48:65:ac:2e:69:cc:41:8f:
         d6:f0:4a:aa:13:a6:39:37:61:14:a7:7b:5c:c8:39:f1:1b:36:
         23:4e:b5:d8:ce:e0:2d:9c:3c:a1:2f:6a:0b:69:04:24:cc:ad:
         20:c5:0d:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncjh5rjsDkoMzmF7QSDf1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjYwMzI2MDAwMTMwWhcNMjYwMzI3MDAwMTMwWjAzMTEwLwYDVQQD
EyhiMmIxYmYxM2FhOWU3OTBlOTA1Mzc4MGVlYjA5NTgxNzIwMjE4OWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQmvVUuk5bR5LA+C0WKIdCUkaQWf
lMPQrXteFE2eehBcUsLrKLWrLgK6PwZUlGY+xSCOn8cnEV6GKaeH3SNrqsoET+ap
TpSNiUSa2jkedfTvi48PFn5732JCOj8tRmzdnFu91h7DUEkZ3D6nbrUd6ciI9+nP
tfkZSYXYchXqZlik53+LBE2KXhbi3OL76PE/ti5QpmqKxfyRbU4gha+oPeK85Y17
ycKtUR0r4lmt1uirKOgoyCiyTDTbIlzZw63vPd6WXU5AAYWe0IJd5xcJ4WArJ01p
TXOgkxF73viNeGv71bcIb8wQE6lNUwGsXj7GHUfitYj73XvhJ2raD5lKVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLKxvxOqnnkOkFN4DusJWBcgIYntMB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYg4jxSi2
WK9EVo6b2aXimJp7eHnASkKoNElYgo4Cu1+WZaHmX7viPhFKiD+HRJo/HO7Jf0D0
mhCduldfWRqQ5jzNKVy6MYoW3j42Wx28u5BPc0QOIprEkH4i2SzYzuc+BwhgnzEy
a0iedCJMnpTbJH3QtSGwZlgT+K8Y6fI+76GB2P6WpB/3pEpMB0urT7geNG4jwGmN
Ed8NsiDqt8ErRF/5PFZYXSM8/34afKWowB6yqBb/yd7GlFqgB85RHS1R5FTmrEta
OtdydZp2oove+UhlrC5pzEGP1vBKqhOmOTdhFKd7XMg58Rs2I0612M7gLZw8oS9q
C2kEJMytIMUNmQ==
-----END CERTIFICATE-----