Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
File:                     9PpnFz_1YpCIuXCWGuG-dGldxmE.mft (raw, json)
Hash identifier:          YisIlnzJ4/ts3LNt689LeGEgSaDukloYxZBEYsWjV98=
Subject key identifier:   95:8F:65:07:D8:48:1B:CA:11:BB:F1:5D:2E:44:C4:17:C3:47:5C:A7
Authority key identifier: F4:FA:67:17:3F:F5:62:90:88:B9:70:96:1A:E1:BE:74:69:5D:C6:61
Certificate issuer:       /CN=f4fa67173ff5629088b970961ae1be74695dc661
Certificate serial:       019D2704BB7945F87DEE7E4AA424CEDE637D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 22:01:54 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:54 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:54 +0000
Files and hashes:         1: 9PpnFz_1YpCIuXCWGuG-dGldxmE.crl (hash: ecnjMnCNDNQ0F/A4k8jJDB4cRO2N1UTwS0XtptcGPyQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:bb:79:45:f8:7d:ee:7e:4a:a4:24:ce:de:63:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4fa67173ff5629088b970961ae1be74695dc661
        Validity
            Not Before: Mar 25 22:01:54 2026 GMT
            Not After : Mar 26 22:01:54 2026 GMT
        Subject: CN=958f6507d8481bca11bbf15d2e44c417c3475ca7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:bf:53:22:c9:74:18:ea:f0:0b:5a:e1:ac:00:
                    73:8e:4b:c5:d3:42:71:d9:d6:c2:43:96:a3:04:13:
                    0b:f8:3c:ab:13:5c:92:65:80:26:a6:46:e3:d2:21:
                    10:a5:04:7a:e7:d4:13:b2:0f:78:c8:09:06:2a:b0:
                    08:7c:bf:23:70:ae:5e:c9:21:1d:92:73:18:c6:1c:
                    75:d1:46:7a:91:fd:e1:7a:22:14:db:ea:d9:13:0d:
                    30:13:32:ea:03:5a:76:41:56:d8:c9:e3:68:d9:e5:
                    72:14:14:a2:44:13:02:7c:aa:7e:e4:5c:77:d9:43:
                    15:3d:a4:98:6b:b7:e0:91:a8:62:2a:da:03:4b:2d:
                    70:a7:33:d7:8e:0c:33:7b:29:23:be:d7:65:9e:50:
                    b2:a5:d8:2c:eb:54:cf:87:3e:72:34:21:3e:d0:3d:
                    5c:36:b6:ef:be:f0:5a:29:67:f1:6d:b3:f1:be:81:
                    1a:2c:6d:b2:9c:e4:04:27:21:03:70:5f:05:c0:26:
                    60:2d:79:43:ed:df:70:8a:22:eb:5a:17:5d:70:ee:
                    a0:c4:6e:8e:1d:69:94:bd:ba:5c:70:b8:31:c4:d8:
                    ed:9b:2f:5b:13:71:19:d9:7c:4c:99:d0:50:71:22:
                    15:cd:f9:7b:c5:0d:7b:3b:05:98:6c:f8:d2:93:14:
                    92:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:8F:65:07:D8:48:1B:CA:11:BB:F1:5D:2E:44:C4:17:C3:47:5C:A7
            X509v3 Authority Key Identifier:
                keyid:F4:FA:67:17:3F:F5:62:90:88:B9:70:96:1A:E1:BE:74:69:5D:C6:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9PpnFz_1YpCIuXCWGuG-dGldxmE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/684df4-7257-4cca-824e-d85ebc5ea98d/1/9PpnFz_1YpCIuXCWGuG-dGldxmE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:65:5c:d2:66:63:85:77:e2:c0:bf:47:eb:72:57:2c:13:9f:
         05:39:46:79:7f:e1:f4:a8:c0:08:c9:3f:3e:25:76:04:4d:d9:
         d8:58:aa:3f:04:69:1f:81:0f:cc:f9:b8:66:71:bf:95:e7:14:
         8e:cb:40:cc:76:65:bf:d3:3f:0b:45:a5:f4:50:7a:6a:e1:4e:
         71:5c:4a:99:fb:e3:76:59:14:c1:ac:5e:65:ed:4b:9e:17:de:
         0a:a0:2a:f0:10:36:dc:a7:f5:96:98:08:9f:15:2d:34:f0:7c:
         ad:40:01:2d:65:73:8e:14:c6:04:4f:fc:22:e1:ef:93:19:7c:
         ea:38:a4:60:f1:61:fd:c5:dc:67:7b:42:79:74:35:78:76:83:
         35:da:89:bd:6a:3a:1a:39:21:9c:dd:53:e1:39:90:31:2f:56:
         f3:97:dd:a2:ce:5d:f5:df:90:21:d5:e4:ee:c7:31:f8:0c:c2:
         de:5c:e2:b1:e3:89:0c:9d:a2:fe:2f:d1:c0:0b:11:83:e6:76:
         a5:77:ca:4d:d6:51:ef:a0:06:b7:ab:e3:e5:bb:e7:8f:3f:36:
         c9:ad:a3:8a:c6:c6:79:63:fc:ba:b5:45:d2:ac:60:a3:40:a6:
         c7:3c:5f:ee:d1:56:83:49:4d:fc:ad:9d:d1:c7:7b:c1:0b:d5:
         02:4b:0a:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBLt5Rfh97n5KpCTO3mN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZmE2NzE3M2ZmNTYyOTA4OGI5NzA5NjFhZTFiZTc0Njk1
ZGM2NjEwHhcNMjYwMzI1MjIwMTU0WhcNMjYwMzI2MjIwMTU0WjAzMTEwLwYDVQQD
Eyg5NThmNjUwN2Q4NDgxYmNhMTFiYmYxNWQyZTQ0YzQxN2MzNDc1Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvr9TIsl0GOrwC1rhrABzjkvF00Jx
2dbCQ5ajBBML+DyrE1ySZYAmpkbj0iEQpQR659QTsg94yAkGKrAIfL8jcK5eySEd
knMYxhx10UZ6kf3heiIU2+rZEw0wEzLqA1p2QVbYyeNo2eVyFBSiRBMCfKp+5Fx3
2UMVPaSYa7fgkahiKtoDSy1wpzPXjgwzeykjvtdlnlCypdgs61TPhz5yNCE+0D1c
NrbvvvBaKWfxbbPxvoEaLG2ynOQEJyEDcF8FwCZgLXlD7d9wiiLrWhddcO6gxG6O
HWmUvbpccLgxxNjtmy9bE3EZ2XxMmdBQcSIVzfl7xQ17OwWYbPjSkxSSvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWPZQfYSBvKEbvxXS5ExBfDR1ynMB8GA1UdIwQY
MBaAFPT6Zxc/9WKQiLlwlhrhvnRpXcZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi82ODRkZjQtNzI1Ny00Y2NhLTgyNGUt
ZDg1ZWJjNWVhOThkLzEvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi82ODRkZjQtNzI1Ny00Y2NhLTgyNGUtZDg1ZWJjNWVhOThk
LzEvOVBwbkZ6XzFZcENJdVhDV0d1Ry1kR2xkeG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ2Vc0mZj
hXfiwL9H63JXLBOfBTlGeX/h9KjACMk/PiV2BE3Z2FiqPwRpH4EPzPm4ZnG/lecU
jstAzHZlv9M/C0Wl9FB6auFOcVxKmfvjdlkUwaxeZe1LnhfeCqAq8BA23Kf1lpgI
nxUtNPB8rUABLWVzjhTGBE/8IuHvkxl86jikYPFh/cXcZ3tCeXQ1eHaDNdqJvWo6
GjkhnN1T4TmQMS9W85fdos5d9d+QIdXk7scx+AzC3lziseOJDJ2i/i/RwAsRg+Z2
pXfKTdZR76AGt6vj5bvnjz82ya2jisbGeWP8urVF0qxgo0Cmxzxf7tFWg0lN/K2d
0cd7wQvVAksKkQ==
-----END CERTIFICATE-----