Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
File:                     r89alhpnpvrt_v2PKluD8mg3WYQ.mft (raw, json)
Hash identifier:          lK/3R6bncnBTVVvm2wZdTRdYXLLom9T7eT7otaSfbsM=
Subject key identifier:   6F:F1:74:74:2C:80:1B:A6:9F:A6:A7:93:19:AE:58:DE:43:B3:21:D3
Authority key identifier: AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84
Certificate issuer:       /CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
Certificate serial:       019D29CDFD040F5DB6EDF9DAE644F3C5D3FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
Manifest number:          04F9
Signing time:             Thu 26 Mar 2026 11:00:58 +0000
Manifest this update:     Thu 26 Mar 2026 11:00:58 +0000
Manifest next update:     Fri 27 Mar 2026 11:00:58 +0000
Files and hashes:         1: r89alhpnpvrt_v2PKluD8mg3WYQ.crl (hash: k4hubJ+XsSENIUeO/9na9tbk8TK2ercdTJx1bsWw3Ys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:cd:fd:04:0f:5d:b6:ed:f9:da:e6:44:f3:c5:d3:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=afcf5a961a67a6faedfefd8f2a5b83f268375984
        Validity
            Not Before: Mar 26 11:00:58 2026 GMT
            Not After : Mar 27 11:00:58 2026 GMT
        Subject: CN=6ff174742c801ba69fa6a79319ae58de43b321d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:be:4c:ba:bc:27:e2:92:76:bd:34:76:1a:cd:
                    23:8f:b3:4c:7c:f1:86:ca:4e:8f:c2:d5:14:20:e2:
                    e3:c3:d9:db:42:86:0f:a0:81:9e:cf:b8:75:c2:5e:
                    82:72:0e:4c:59:c7:31:a4:c0:84:26:32:ef:c9:ce:
                    17:ff:0b:1d:37:69:eb:c7:10:d4:e2:5a:4a:4c:df:
                    29:59:f3:8a:86:b4:9b:59:94:80:b4:2a:01:23:5c:
                    62:93:75:63:b0:70:15:27:4b:b6:8a:7d:cc:67:38:
                    2d:1b:31:be:be:33:f9:cc:6b:75:51:bc:23:ba:13:
                    2c:62:b0:f0:b7:b5:0e:fc:43:26:2d:32:83:d9:75:
                    18:54:d2:2f:a6:18:a7:53:1f:ff:55:ee:32:e4:af:
                    74:c3:f4:ad:0e:82:07:62:c2:99:9b:50:e5:4c:0f:
                    51:d6:5c:01:57:8d:57:29:d5:ad:d5:9d:88:0e:0d:
                    14:05:37:63:c0:a8:a9:4f:c0:bf:0b:cf:52:69:3c:
                    59:23:89:5d:2e:49:d3:e1:54:1f:94:5f:73:d2:78:
                    64:7a:02:25:f9:d7:76:63:ba:70:48:49:6b:de:42:
                    8a:91:1a:89:0d:8a:1d:1d:9a:45:e2:70:be:fa:07:
                    e5:b0:ac:d8:e2:91:eb:dc:6d:8b:db:e9:ac:48:ee:
                    07:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:F1:74:74:2C:80:1B:A6:9F:A6:A7:93:19:AE:58:DE:43:B3:21:D3
            X509v3 Authority Key Identifier:
                keyid:AF:CF:5A:96:1A:67:A6:FA:ED:FE:FD:8F:2A:5B:83:F2:68:37:59:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r89alhpnpvrt_v2PKluD8mg3WYQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b11584-19e9-453f-84c7-56c2a44d1878/1/r89alhpnpvrt_v2PKluD8mg3WYQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:81:c3:36:d6:37:c4:d0:1a:45:ec:d0:54:d6:be:75:cc:54:
         7e:ea:40:84:c3:56:53:56:19:22:f4:be:26:4c:d6:87:62:7f:
         c0:7c:97:d8:74:fd:92:bd:f5:1c:55:8d:e6:ed:71:f5:25:38:
         bd:8c:53:50:74:55:4c:38:7d:30:1a:ed:92:d1:b8:a5:c5:e9:
         04:d3:e7:cd:7d:20:2b:91:a4:d4:30:ec:1f:66:6d:83:76:44:
         0d:cf:4f:50:64:ae:28:e6:e7:89:e3:fe:58:5b:bc:41:8a:2e:
         ac:e5:23:93:17:52:80:5a:80:b5:04:39:f2:07:b3:8b:fd:48:
         b1:58:5f:93:82:bf:d2:36:1f:21:b1:69:c2:3f:6e:05:85:a4:
         5e:ba:cb:8f:5d:48:9f:4f:51:84:60:0f:db:5e:b6:e3:72:81:
         5f:6d:29:4a:2a:6f:a3:b8:bf:84:0a:f4:9b:64:32:c6:7a:66:
         d6:80:5f:92:bf:ff:78:0d:7b:f2:e4:3a:de:ba:91:f1:fe:2f:
         dc:fa:a1:8c:0c:2e:66:65:b7:99:54:a8:f3:62:90:27:bd:d7:
         3c:bb:cd:66:e4:1b:ad:bb:cd:c8:b1:cc:f2:6c:11:94:b6:90:
         07:5c:96:1c:cd:97:fa:58:a1:f6:c3:ef:07:d4:24:18:38:26:
         7c:a0:d4:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzf0ED1227fna5kTzxdP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2Y1YTk2MWE2N2E2ZmFlZGZlZmQ4ZjJhNWI4M2YyNjgz
NzU5ODQwHhcNMjYwMzI2MTEwMDU4WhcNMjYwMzI3MTEwMDU4WjAzMTEwLwYDVQQD
Eyg2ZmYxNzQ3NDJjODAxYmE2OWZhNmE3OTMxOWFlNThkZTQzYjMyMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq75Murwn4pJ2vTR2Gs0jj7NMfPGG
yk6PwtUUIOLjw9nbQoYPoIGez7h1wl6Ccg5MWccxpMCEJjLvyc4X/wsdN2nrxxDU
4lpKTN8pWfOKhrSbWZSAtCoBI1xik3VjsHAVJ0u2in3MZzgtGzG+vjP5zGt1Ubwj
uhMsYrDwt7UO/EMmLTKD2XUYVNIvphinUx//Ve4y5K90w/StDoIHYsKZm1DlTA9R
1lwBV41XKdWt1Z2IDg0UBTdjwKipT8C/C89SaTxZI4ldLknT4VQflF9z0nhkegIl
+dd2Y7pwSElr3kKKkRqJDYodHZpF4nC++gflsKzY4pHr3G2L2+msSO4HaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG/xdHQsgBumn6ankxmuWN5DsyHTMB8GA1UdIwQY
MBaAFK/PWpYaZ6b67f79jypbg/JoN1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0Yzct
NTZjMmE0NGQxODc4LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMTE1ODQtMTllOS00NTNmLTg0YzctNTZjMmE0NGQxODc4
LzEvcjg5YWxocG5wdnJ0X3YyUEtsdUQ4bWczV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu4HDNtY3
xNAaRezQVNa+dcxUfupAhMNWU1YZIvS+JkzWh2J/wHyX2HT9kr31HFWN5u1x9SU4
vYxTUHRVTDh9MBrtktG4pcXpBNPnzX0gK5Gk1DDsH2Ztg3ZEDc9PUGSuKObnieP+
WFu8QYourOUjkxdSgFqAtQQ58gezi/1IsVhfk4K/0jYfIbFpwj9uBYWkXrrLj11I
n09RhGAP216243KBX20pSipvo7i/hAr0m2Qyxnpm1oBfkr//eA178uQ63rqR8f4v
3PqhjAwuZmW3mVSo82KQJ73XPLvNZuQbrbvNyLHM8mwRlLaQB1yWHM2X+lih9sPv
B9QkGDgmfKDUbQ==
-----END CERTIFICATE-----