Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
File:                     i6gkldaDsIyIGoGM0B-kL_9v9tE.mft (raw, json)
Hash identifier:          0zRrqcrdUZEbCJXHRQ/0+QUPbhxx3vVfsgQ+Yt0kRyA=
Subject key identifier:   3C:70:98:28:2C:5A:BF:DC:47:7D:26:42:D4:68:6F:FC:ED:D6:BE:7A
Authority key identifier: 8B:A8:24:95:D6:83:B0:8C:88:1A:81:8C:D0:1F:A4:2F:FF:6F:F6:D1
Certificate issuer:       /CN=8ba82495d683b08c881a818cd01fa42fff6ff6d1
Certificate serial:       019D284E59BA6E14BB1BD56EAF0FD94CB260
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
Manifest number:          047C
Signing time:             Thu 26 Mar 2026 04:01:56 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:56 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:56 +0000
Files and hashes:         1: i6gkldaDsIyIGoGM0B-kL_9v9tE.crl (hash: /L3BhNROvBDtHi7OU+eoXPzJdEClk0CzgxWKaVcAYGY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:59:ba:6e:14:bb:1b:d5:6e:af:0f:d9:4c:b2:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ba82495d683b08c881a818cd01fa42fff6ff6d1
        Validity
            Not Before: Mar 26 04:01:56 2026 GMT
            Not After : Mar 27 04:01:56 2026 GMT
        Subject: CN=3c7098282c5abfdc477d2642d4686ffcedd6be7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0c:e8:ce:19:8e:f2:8f:6b:75:55:1d:a8:5d:
                    78:59:76:d9:bf:93:ae:e0:72:ef:60:9a:ca:32:41:
                    cd:89:03:76:7b:57:2d:27:28:60:76:3c:2f:f8:35:
                    eb:c0:50:71:9f:03:99:d4:d5:ad:a8:75:ac:bf:6d:
                    a6:f1:f0:3b:09:f2:4c:89:91:50:ad:16:f1:27:e1:
                    2d:05:dc:9e:1a:f6:1d:48:f8:13:62:5b:f7:eb:a1:
                    56:67:4a:fd:39:5d:c2:88:e5:2a:f4:61:df:86:96:
                    df:b9:53:c3:7b:aa:63:2e:34:22:95:f3:78:47:df:
                    7f:ec:d3:bf:fc:4d:70:c1:47:57:b1:63:1b:fe:e1:
                    bd:92:46:2b:12:9f:ba:4c:51:bf:85:2f:48:6f:fb:
                    38:4e:d3:47:d4:6e:ab:0e:c3:4a:91:a8:cb:46:1f:
                    0f:e7:23:00:ae:a8:f2:a8:83:e1:5e:c0:69:86:62:
                    3d:bf:bb:c6:12:cb:03:c5:be:25:49:57:d9:ab:45:
                    73:e1:ac:32:f4:d9:05:aa:cd:f2:e8:5c:dc:63:c2:
                    43:e8:80:99:de:cd:31:df:48:c6:44:45:68:2f:c2:
                    34:bd:d2:0d:e0:1e:ee:a8:d7:38:65:5a:c5:7e:4d:
                    c3:c6:a6:4f:05:a2:dc:90:12:fa:7f:62:12:c9:2c:
                    98:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:70:98:28:2C:5A:BF:DC:47:7D:26:42:D4:68:6F:FC:ED:D6:BE:7A
            X509v3 Authority Key Identifier:
                keyid:8B:A8:24:95:D6:83:B0:8C:88:1A:81:8C:D0:1F:A4:2F:FF:6F:F6:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6gkldaDsIyIGoGM0B-kL_9v9tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68ed98-fe3f-4063-91a9-c6250fb6096e/1/i6gkldaDsIyIGoGM0B-kL_9v9tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:88:41:d6:96:1e:74:50:ee:29:36:dc:d7:f1:ab:0e:ca:f1:
         3e:49:ed:5d:4e:24:7e:28:97:e7:0f:48:ac:1c:99:be:0e:4e:
         bc:ca:26:27:9c:69:74:58:8c:a4:0e:3c:32:a5:f4:07:2c:98:
         fc:1c:5f:fa:8a:66:19:ab:81:2d:9f:42:57:f7:3b:6c:56:5c:
         47:55:32:8c:20:ea:9a:d0:1d:12:24:55:a8:80:99:09:b9:22:
         97:d2:d0:78:d9:34:28:1d:75:07:78:b7:81:23:d0:60:e7:0e:
         e4:ce:37:5a:fd:90:49:7f:a6:21:47:84:d1:5d:f3:e4:10:c0:
         fe:52:06:0d:08:8a:c8:17:92:99:b7:bd:72:57:3d:61:ad:7f:
         3d:4b:f6:07:65:64:b6:db:f1:a1:87:97:fa:78:e0:65:fb:d4:
         91:58:12:8f:b6:1d:4c:2e:26:8c:86:1e:5e:f4:a0:7b:f5:7f:
         c7:01:e5:19:82:3f:ee:8a:16:af:1f:34:5d:38:91:d8:0e:d6:
         46:0c:a1:43:32:fc:31:d6:4e:10:ed:67:bb:a5:ee:a9:71:ca:
         c7:9b:3d:ed:78:3e:b4:cd:2d:2d:ee:e8:1a:1e:11:f6:45:53:
         9d:e8:84:74:d4:11:c0:ae:0e:72:c3:e5:9a:8c:14:63:19:9c:
         3d:d9:de:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTlm6bhS7G9Vurw/ZTLJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYTgyNDk1ZDY4M2IwOGM4ODFhODE4Y2QwMWZhNDJmZmY2
ZmY2ZDEwHhcNMjYwMzI2MDQwMTU2WhcNMjYwMzI3MDQwMTU2WjAzMTEwLwYDVQQD
EygzYzcwOTgyODJjNWFiZmRjNDc3ZDI2NDJkNDY4NmZmY2VkZDZiZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQzozhmO8o9rdVUdqF14WXbZv5Ou
4HLvYJrKMkHNiQN2e1ctJyhgdjwv+DXrwFBxnwOZ1NWtqHWsv22m8fA7CfJMiZFQ
rRbxJ+EtBdyeGvYdSPgTYlv366FWZ0r9OV3CiOUq9GHfhpbfuVPDe6pjLjQilfN4
R99/7NO//E1wwUdXsWMb/uG9kkYrEp+6TFG/hS9Ib/s4TtNH1G6rDsNKkajLRh8P
5yMArqjyqIPhXsBphmI9v7vGEssDxb4lSVfZq0Vz4awy9NkFqs3y6FzcY8JD6ICZ
3s0x30jGREVoL8I0vdIN4B7uqNc4ZVrFfk3DxqZPBaLckBL6f2ISySyYMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDxwmCgsWr/cR30mQtRob/zt1r56MB8GA1UdIwQY
MBaAFIuoJJXWg7CMiBqBjNAfpC//b/bRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82OGVkOTgtZmUzZi00MDYzLTkxYTkt
YzYyNTBmYjYwOTZlLzEvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82OGVkOTgtZmUzZi00MDYzLTkxYTktYzYyNTBmYjYwOTZl
LzEvaTZna2xkYURzSXlJR29HTTBCLWtMXzl2OXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ4hB1pYe
dFDuKTbc1/GrDsrxPkntXU4kfiiX5w9IrByZvg5OvMomJ5xpdFiMpA48MqX0ByyY
/Bxf+opmGauBLZ9CV/c7bFZcR1UyjCDqmtAdEiRVqICZCbkil9LQeNk0KB11B3i3
gSPQYOcO5M43Wv2QSX+mIUeE0V3z5BDA/lIGDQiKyBeSmbe9clc9Ya1/PUv2B2Vk
ttvxoYeX+njgZfvUkVgSj7YdTC4mjIYeXvSge/V/xwHlGYI/7ooWrx80XTiR2A7W
RgyhQzL8MdZOEO1nu6XuqXHKx5s97Xg+tM0tLe7oGh4R9kVTneiEdNQRwK4OcsPl
mowUYxmcPdnegA==
-----END CERTIFICATE-----