Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          bqN+slgjyfZlRd2d4VTb24fjRXfgEpTElUkNq9fKGyw=
Subject key identifier:   73:C1:43:14:F0:21:F0:9F:11:54:AA:B1:E0:CC:4E:39:6A:05:57:63
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       019D28F2BABEB42B7D03060AAD35F4999F18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          09CB
Signing time:             Thu 26 Mar 2026 07:01:29 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:29 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:29 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: z6tC8dMZLCX14gdcuRmBfCIxsAQYvD3kCy3njOIhsAg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:ba:be:b4:2b:7d:03:06:0a:ad:35:f4:99:9f:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: Mar 26 07:01:29 2026 GMT
            Not After : Mar 27 07:01:29 2026 GMT
        Subject: CN=73c14314f021f09f1154aab1e0cc4e396a055763
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:eb:e8:f5:fb:69:12:a8:53:9d:f8:d5:ae:af:
                    81:9f:74:2b:e2:d9:31:40:ea:d5:3b:bf:16:11:d9:
                    5e:f6:5c:94:32:e4:df:8c:b7:f8:a6:9e:0f:46:a8:
                    5d:19:a3:f1:60:85:97:eb:a0:a5:e5:a0:77:bb:e3:
                    f9:fa:d0:31:92:0e:a9:c0:b6:c2:e2:53:79:bd:0e:
                    b7:b1:3f:58:cb:36:25:dd:31:4a:d2:76:40:eb:4c:
                    b8:a4:0b:52:fe:da:12:62:46:e1:9f:30:1a:14:c9:
                    14:96:ba:19:34:fa:ff:f7:2b:0d:1c:7f:e9:79:1f:
                    18:85:a8:86:bd:4d:25:8d:b6:6b:f5:60:b6:ed:5f:
                    81:16:29:26:cb:11:ff:3d:8a:c5:9e:d7:f9:a3:34:
                    ab:9d:f0:90:59:94:0f:15:87:ab:b8:59:28:7d:6e:
                    b6:44:79:15:91:79:3e:7e:93:10:d6:51:24:34:22:
                    c7:32:da:ab:65:5c:41:0e:a7:ed:8b:43:03:5d:99:
                    34:95:cc:92:6e:b8:30:12:db:a3:fb:bf:a2:83:0f:
                    c6:d4:8c:bf:1f:b4:05:79:a1:da:14:42:52:55:e0:
                    33:2b:31:16:b0:a8:d7:cb:0d:e8:1c:b9:91:4b:5d:
                    f9:4b:d5:39:93:21:be:be:d6:98:81:79:12:da:11:
                    90:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:C1:43:14:F0:21:F0:9F:11:54:AA:B1:E0:CC:4E:39:6A:05:57:63
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:93:d2:02:67:cf:a2:60:8a:a5:e3:62:5c:1b:27:7e:89:9d:
         5a:3a:16:a1:45:0a:30:9e:0d:b3:bb:f0:43:59:f5:fe:04:e2:
         ae:84:c5:ad:16:5e:57:20:c3:cc:8a:ca:ed:fc:2e:b3:d8:41:
         2e:8c:48:7d:ab:4e:c2:97:0e:b8:90:35:cd:2d:1c:2c:ac:76:
         d2:be:5e:af:c9:83:44:c3:c4:80:ed:59:ab:a3:84:eb:d2:77:
         96:02:cf:8a:7d:34:37:45:ba:fb:46:4d:ab:8d:77:f3:ad:3c:
         1d:20:97:30:fe:29:46:92:e1:1b:ed:46:4b:3d:a2:15:29:0f:
         bb:51:ca:dc:9c:e0:73:0b:51:26:c9:e1:f4:39:71:a7:ab:8a:
         1b:14:fb:a8:8c:bd:dd:d6:cf:c3:53:2a:03:a5:ed:e7:47:c3:
         ac:10:bf:33:cc:e0:ae:b4:1e:70:78:41:7e:e7:ea:1f:ea:bf:
         86:0a:6a:a8:fe:da:76:a8:40:7e:55:b5:ce:e3:b7:7b:48:ef:
         c5:13:24:30:ac:14:b2:21:5f:a1:bd:55:fa:7d:b7:13:8a:5a:
         f1:14:13:a0:37:1c:ef:5b:9f:49:85:78:86:a3:ca:41:03:c7:
         59:bf:9b:d4:15:a7:f3:82:aa:8a:15:96:0c:8d:e6:5a:78:e4:
         48:7f:46:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8rq+tCt9AwYKrTX0mZ8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjYwMzI2MDcwMTI5WhcNMjYwMzI3MDcwMTI5WjAzMTEwLwYDVQQD
Eyg3M2MxNDMxNGYwMjFmMDlmMTE1NGFhYjFlMGNjNGUzOTZhMDU1NzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+vo9ftpEqhTnfjVrq+Bn3Qr4tkx
QOrVO78WEdle9lyUMuTfjLf4pp4PRqhdGaPxYIWX66Cl5aB3u+P5+tAxkg6pwLbC
4lN5vQ63sT9YyzYl3TFK0nZA60y4pAtS/toSYkbhnzAaFMkUlroZNPr/9ysNHH/p
eR8YhaiGvU0ljbZr9WC27V+BFikmyxH/PYrFntf5ozSrnfCQWZQPFYeruFkofW62
RHkVkXk+fpMQ1lEkNCLHMtqrZVxBDqfti0MDXZk0lcySbrgwEtuj+7+igw/G1Iy/
H7QFeaHaFEJSVeAzKzEWsKjXyw3oHLmRS135S9U5kyG+vtaYgXkS2hGQkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPBQxTwIfCfEVSqseDMTjlqBVdjMB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADZPSAmfP
omCKpeNiXBsnfomdWjoWoUUKMJ4Ns7vwQ1n1/gTiroTFrRZeVyDDzIrK7fwus9hB
LoxIfatOwpcOuJA1zS0cLKx20r5er8mDRMPEgO1Zq6OE69J3lgLPin00N0W6+0ZN
q4138608HSCXMP4pRpLhG+1GSz2iFSkPu1HK3JzgcwtRJsnh9Dlxp6uKGxT7qIy9
3dbPw1MqA6Xt50fDrBC/M8zgrrQecHhBfufqH+q/hgpqqP7adqhAflW1zuO3e0jv
xRMkMKwUsiFfob1V+n23E4pa8RQToDcc71ufSYV4hqPKQQPHWb+b1BWn84KqihWW
DI3mWnjkSH9GXw==
-----END CERTIFICATE-----