Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/df74c0-cb06-4791-b709-4d7fb8383d1d/1/cLGxqhHKSqSjduXHKpIa9MJ3eDk.mft
File:                     cLGxqhHKSqSjduXHKpIa9MJ3eDk.mft (raw, json)
Hash identifier:          mYCs4ZyrAHnkeW3vxYDxzv/e79eLBECLVHapqO4qBuM=
Subject key identifier:   B0:E9:11:12:74:51:C2:50:D0:45:E8:FC:8E:38:48:5D:00:A5:40:05
Authority key identifier: 70:B1:B1:AA:11:CA:4A:A4:A3:76:E5:C7:2A:92:1A:F4:C2:77:78:39
Certificate issuer:       /CN=70b1b1aa11ca4aa4a376e5c72a921af4c2777839
Certificate serial:       019D27A91FCA2BEA28FA40D7B1A74FF22A40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLGxqhHKSqSjduXHKpIa9MJ3eDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/df74c0-cb06-4791-b709-4d7fb8383d1d/1/cLGxqhHKSqSjduXHKpIa9MJ3eDk.mft
Manifest number:          95
Signing time:             Thu 26 Mar 2026 01:01:28 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:28 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:28 +0000
Files and hashes:         1: cLGxqhHKSqSjduXHKpIa9MJ3eDk.crl (hash: Cn7f4Auaj4MeXxeJurAzN+RG1H8lsoCMK/n837L4zHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/df74c0-cb06-4791-b709-4d7fb8383d1d/1/cLGxqhHKSqSjduXHKpIa9MJ3eDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/df74c0-cb06-4791-b709-4d7fb8383d1d/1/cLGxqhHKSqSjduXHKpIa9MJ3eDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLGxqhHKSqSjduXHKpIa9MJ3eDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a9:1f:ca:2b:ea:28:fa:40:d7:b1:a7:4f:f2:2a:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b1b1aa11ca4aa4a376e5c72a921af4c2777839
        Validity
            Not Before: Mar 26 01:01:28 2026 GMT
            Not After : Mar 27 01:01:28 2026 GMT
        Subject: CN=b0e911127451c250d045e8fc8e38485d00a54005
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:62:6a:1d:21:56:98:25:f7:96:7c:63:e0:d2:
                    93:82:f4:91:a8:47:20:71:fb:67:69:2e:48:f2:a1:
                    f8:0b:29:de:20:2f:70:51:12:51:dc:5d:79:d7:53:
                    7b:e2:fc:73:20:4e:89:67:f1:c6:83:ef:76:40:12:
                    5f:df:5e:2f:93:b8:ec:ce:f2:aa:47:41:3f:e8:4d:
                    eb:5c:a8:99:9a:15:69:2d:23:5a:1d:e4:24:f8:e2:
                    bf:01:00:fa:33:05:d3:05:7f:9b:e2:c6:17:d3:f7:
                    16:d9:a7:c2:c0:61:79:61:5f:73:56:8e:48:37:d5:
                    d9:59:38:50:6f:ef:5b:bf:ff:bc:fa:27:bc:49:72:
                    ca:e3:0b:38:83:a3:d0:8a:2e:1e:7a:f2:61:ec:71:
                    08:4b:3f:bb:89:c2:56:2d:30:52:3f:75:d0:67:4f:
                    81:19:42:7a:77:58:c7:ff:d9:d9:df:39:7b:b1:b6:
                    f8:e6:11:8d:43:c3:46:86:3f:c3:62:02:c4:16:4f:
                    fd:6c:36:bf:9d:f8:14:52:54:1c:0d:cd:1d:76:27:
                    17:df:76:cb:f6:1b:d4:99:9e:e0:1c:de:b1:50:bb:
                    d9:9d:5e:17:13:fd:3c:7e:03:2f:13:68:84:77:9f:
                    29:72:58:5f:2f:17:a3:1e:f0:c7:9f:e0:87:5d:db:
                    e6:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:E9:11:12:74:51:C2:50:D0:45:E8:FC:8E:38:48:5D:00:A5:40:05
            X509v3 Authority Key Identifier:
                keyid:70:B1:B1:AA:11:CA:4A:A4:A3:76:E5:C7:2A:92:1A:F4:C2:77:78:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLGxqhHKSqSjduXHKpIa9MJ3eDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/df74c0-cb06-4791-b709-4d7fb8383d1d/1/cLGxqhHKSqSjduXHKpIa9MJ3eDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/df74c0-cb06-4791-b709-4d7fb8383d1d/1/cLGxqhHKSqSjduXHKpIa9MJ3eDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:19:9d:e4:22:55:ad:e4:8e:01:33:cf:2a:c1:c4:54:7a:2c:
         b0:73:2b:f4:4e:39:cb:fe:cb:f4:25:17:a0:b6:b8:d0:91:00:
         49:cf:a7:10:1a:a3:eb:29:9d:cc:9c:27:8a:7b:96:28:46:ef:
         20:5b:b8:de:99:e5:32:c4:6a:a7:fe:d5:97:88:b8:b9:93:13:
         41:57:ed:e5:e8:fb:1c:da:1f:fe:30:ca:5a:d9:28:74:45:e9:
         e2:82:ab:df:e7:94:62:3c:5d:64:b4:c7:f4:df:eb:15:8f:b8:
         67:35:9d:bd:79:33:6e:d0:be:71:9b:e6:b6:65:df:5d:9b:a1:
         94:ec:d4:ed:1b:37:16:e1:8d:5e:58:e5:c5:61:54:b6:a8:da:
         66:4a:a7:a7:16:8b:ef:97:66:59:8c:c6:bd:16:e4:e0:96:c1:
         fd:5f:08:47:30:4c:ab:c5:3f:d4:7d:d4:90:5d:c2:f9:dc:05:
         34:8a:f8:fc:b5:bd:af:2d:ed:28:f8:b4:a7:6d:71:cc:29:3e:
         16:dd:60:75:46:ca:9c:33:8b:f2:40:da:e5:28:4e:36:32:e9:
         d1:8c:cc:24:11:fe:a3:13:16:a9:bc:2c:38:da:0a:eb:38:b3:
         9c:9e:af:e9:a7:c6:47:63:15:40:b5:91:c7:e7:33:01:f5:7b:
         09:ba:03:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqR/KK+oo+kDXsadP8ipAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjFiMWFhMTFjYTRhYTRhMzc2ZTVjNzJhOTIxYWY0YzI3
Nzc4MzkwHhcNMjYwMzI2MDEwMTI4WhcNMjYwMzI3MDEwMTI4WjAzMTEwLwYDVQQD
EyhiMGU5MTExMjc0NTFjMjUwZDA0NWU4ZmM4ZTM4NDg1ZDAwYTU0MDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGJqHSFWmCX3lnxj4NKTgvSRqEcg
cftnaS5I8qH4CyneIC9wURJR3F1511N74vxzIE6JZ/HGg+92QBJf314vk7jszvKq
R0E/6E3rXKiZmhVpLSNaHeQk+OK/AQD6MwXTBX+b4sYX0/cW2afCwGF5YV9zVo5I
N9XZWThQb+9bv/+8+ie8SXLK4ws4g6PQii4eevJh7HEISz+7icJWLTBSP3XQZ0+B
GUJ6d1jH/9nZ3zl7sbb45hGNQ8NGhj/DYgLEFk/9bDa/nfgUUlQcDc0ddicX33bL
9hvUmZ7gHN6xULvZnV4XE/08fgMvE2iEd58pclhfLxejHvDHn+CHXdvmiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDpERJ0UcJQ0EXo/I44SF0ApUAFMB8GA1UdIwQY
MBaAFHCxsaoRykqko3blxyqSGvTCd3g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xHeHFoSEtTcVNqZHVYSEtwSWE5TUozZURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9kZjc0YzAtY2IwNi00NzkxLWI3MDkt
NGQ3ZmI4MzgzZDFkLzEvY0xHeHFoSEtTcVNqZHVYSEtwSWE5TUozZURrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9kZjc0YzAtY2IwNi00NzkxLWI3MDktNGQ3ZmI4MzgzZDFk
LzEvY0xHeHFoSEtTcVNqZHVYSEtwSWE5TUozZURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAchmd5CJV
reSOATPPKsHEVHossHMr9E45y/7L9CUXoLa40JEASc+nEBqj6ymdzJwninuWKEbv
IFu43pnlMsRqp/7Vl4i4uZMTQVft5ej7HNof/jDKWtkodEXp4oKr3+eUYjxdZLTH
9N/rFY+4ZzWdvXkzbtC+cZvmtmXfXZuhlOzU7Rs3FuGNXljlxWFUtqjaZkqnpxaL
75dmWYzGvRbk4JbB/V8IRzBMq8U/1H3UkF3C+dwFNIr4/LW9ry3tKPi0p21xzCk+
Ft1gdUbKnDOL8kDa5ShONjLp0YzMJBH+oxMWqbwsONoK6ziznJ6v6afGR2MVQLWR
x+czAfV7CboDiQ==
-----END CERTIFICATE-----