Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
File:                     r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json)
Hash identifier:          9HO0yi/4AZ81ox29bZMemSba4ao1bmqAeT7ccdIsPCo=
Subject key identifier:   24:1F:B0:66:53:DB:91:2D:E2:99:3C:0C:94:68:25:99:01:0D:24:A0
Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30
Certificate issuer:       /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
Certificate serial:       019D28F2AB500B144FFD1C80B5313B26074D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
Manifest number:          111C
Signing time:             Thu 26 Mar 2026 07:01:25 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:25 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:25 +0000
Files and hashes:         1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: gTR51jDk/bKSpWXGwO4ZbjuAL2oVgSkH7DbOyr+8nM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:ab:50:0b:14:4f:fd:1c:80:b5:31:3b:26:07:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
        Validity
            Not Before: Mar 26 07:01:25 2026 GMT
            Not After : Mar 27 07:01:25 2026 GMT
        Subject: CN=241fb06653db912de2993c0c94682599010d24a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:e2:70:b6:1f:80:0a:6d:8e:ab:d4:63:c8:f5:
                    21:b5:a3:b1:12:6d:10:d2:45:d3:cf:94:6e:53:47:
                    e7:69:65:9f:d3:b1:9e:36:ec:b3:e5:23:d9:f5:6b:
                    21:dc:8e:ce:b9:4f:3f:63:80:44:cd:fd:f0:05:4d:
                    ee:e1:3f:59:20:33:16:15:87:60:7c:58:97:a5:b5:
                    d3:69:47:4d:fc:7f:3b:85:b6:a3:ec:bb:c6:bb:04:
                    97:86:c9:28:ab:b6:b2:24:48:b4:c1:07:16:71:db:
                    25:d7:40:35:2d:3d:18:b7:4c:bf:99:9a:b1:d3:51:
                    fd:09:c4:91:e2:79:41:86:d8:4d:40:09:28:cc:87:
                    d6:72:80:df:0a:4c:ae:31:1c:07:af:57:e2:10:34:
                    ba:b6:f7:4c:af:41:54:4d:5b:c5:b2:5d:31:93:e0:
                    33:8a:b3:2b:b9:ee:04:13:f8:3e:5f:65:e0:95:1a:
                    a4:53:79:12:19:57:a0:57:2b:24:0d:c5:65:51:3f:
                    29:3e:26:ac:02:f6:9b:21:ac:34:9f:73:d1:5f:b4:
                    6b:ac:38:ac:86:bc:58:56:af:60:9c:ec:8f:7b:26:
                    4c:3a:24:6e:23:d7:1b:83:61:fc:2d:21:f6:ea:4f:
                    0c:0d:c5:97:39:4b:d9:d9:2c:8b:bf:4e:c0:a9:16:
                    39:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:1F:B0:66:53:DB:91:2D:E2:99:3C:0C:94:68:25:99:01:0D:24:A0
            X509v3 Authority Key Identifier:
                keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:7e:22:d1:53:04:ec:60:4b:4d:78:3a:4d:f4:dd:7c:f9:66:
         2e:9b:b6:04:d6:24:10:b1:5f:20:96:be:d8:7a:6a:68:06:a8:
         67:25:c2:9b:e9:12:16:64:15:87:bf:30:b7:ed:c5:80:05:bf:
         f7:97:66:12:15:3f:f5:37:fa:23:54:7e:de:21:57:72:7f:23:
         a9:e4:67:ea:31:2f:4e:2d:67:19:14:7b:51:43:bf:a1:81:0b:
         41:2e:bf:87:4d:81:d2:7d:ff:fc:cf:91:72:47:af:e8:6c:2d:
         f6:2d:c5:5f:87:f1:d1:b0:69:29:d9:49:7b:e0:ec:69:a1:bf:
         eb:57:98:cd:34:fa:aa:f7:90:8d:dd:70:3a:72:26:0b:df:4c:
         56:cb:c2:de:f6:57:29:a7:fb:71:46:79:af:19:7f:e4:2d:2d:
         64:87:06:86:77:77:e9:b3:33:6d:6c:cd:c7:26:98:49:82:0d:
         61:b4:eb:09:d5:a3:86:6b:39:3b:bb:14:52:42:5d:e2:36:c1:
         15:c2:6e:22:a4:4a:f4:da:bc:77:19:f5:f9:cd:ad:91:f8:e4:
         71:33:c4:42:4e:77:72:cf:8c:3d:5f:26:8e:7b:15:87:73:d5:
         76:b9:e6:75:13:5f:b9:4c:fa:f8:e9:32:8c:49:a4:ae:62:6b:
         dc:6a:53:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8qtQCxRP/RyAtTE7JgdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx
OTgzMzAwHhcNMjYwMzI2MDcwMTI1WhcNMjYwMzI3MDcwMTI1WjAzMTEwLwYDVQQD
EygyNDFmYjA2NjUzZGI5MTJkZTI5OTNjMGM5NDY4MjU5OTAxMGQyNGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+Jwth+ACm2Oq9RjyPUhtaOxEm0Q
0kXTz5RuU0fnaWWf07GeNuyz5SPZ9Wsh3I7OuU8/Y4BEzf3wBU3u4T9ZIDMWFYdg
fFiXpbXTaUdN/H87hbaj7LvGuwSXhskoq7ayJEi0wQcWcdsl10A1LT0Yt0y/mZqx
01H9CcSR4nlBhthNQAkozIfWcoDfCkyuMRwHr1fiEDS6tvdMr0FUTVvFsl0xk+Az
irMrue4EE/g+X2XglRqkU3kSGVegVyskDcVlUT8pPiasAvabIaw0n3PRX7RrrDis
hrxYVq9gnOyPeyZMOiRuI9cbg2H8LSH26k8MDcWXOUvZ2SyLv07AqRY50wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQfsGZT25Et4pk8DJRoJZkBDSSgMB8GA1UdIwQY
MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt
ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi
LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh34i0VME
7GBLTXg6TfTdfPlmLpu2BNYkELFfIJa+2HpqaAaoZyXCm+kSFmQVh78wt+3FgAW/
95dmEhU/9Tf6I1R+3iFXcn8jqeRn6jEvTi1nGRR7UUO/oYELQS6/h02B0n3//M+R
ckev6Gwt9i3FX4fx0bBpKdlJe+DsaaG/61eYzTT6qveQjd1wOnImC99MVsvC3vZX
Kaf7cUZ5rxl/5C0tZIcGhnd36bMzbWzNxyaYSYINYbTrCdWjhms5O7sUUkJd4jbB
FcJuIqRK9Nq8dxn1+c2tkfjkcTPEQk53cs+MPV8mjnsVh3PVdrnmdRNfuUz6+Oky
jEmkrmJr3GpTXA==
-----END CERTIFICATE-----