Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
File:                     AIce9D_KCSFC2TVYXyGSZG9HTBw.mft (raw, json)
Hash identifier:          0Kfc8DnPPc9lgU0G529H/9R42JVBRPObKCou7/ml+zw=
Subject key identifier:   24:E3:DB:9C:CB:9B:34:02:C5:5A:FD:96:73:59:96:0C:C0:21:A0:DB
Authority key identifier: 00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C
Certificate issuer:       /CN=00871ef43fca092142d935585f2192646f474c1c
Certificate serial:       019D28BB0FB660190366F6014D93FE88FC6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
Manifest number:          017B
Signing time:             Thu 26 Mar 2026 06:00:41 +0000
Manifest this update:     Thu 26 Mar 2026 06:00:41 +0000
Manifest next update:     Fri 27 Mar 2026 06:00:41 +0000
Files and hashes:         1: AIce9D_KCSFC2TVYXyGSZG9HTBw.crl (hash: tAEq4IDzKhDAESJyGfpRQecZki8+xKFc3T7Bs+r4OLQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:0f:b6:60:19:03:66:f6:01:4d:93:fe:88:fc:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00871ef43fca092142d935585f2192646f474c1c
        Validity
            Not Before: Mar 26 06:00:41 2026 GMT
            Not After : Mar 27 06:00:41 2026 GMT
        Subject: CN=24e3db9ccb9b3402c55afd967359960cc021a0db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:7d:85:5f:d0:f2:c6:1c:7c:45:05:21:3b:ea:
                    f8:d3:fa:61:b6:9a:87:4f:05:1b:f4:16:93:25:28:
                    cb:6d:7b:2a:9b:ec:2c:b3:93:2c:36:23:36:e4:cc:
                    7c:e9:72:2c:ad:f5:65:0b:86:f0:c9:31:0b:38:b6:
                    72:9d:2f:26:a5:f9:31:7c:19:40:04:f5:15:15:43:
                    99:8f:e5:09:7b:ca:aa:f8:6f:18:35:1b:3c:3c:b3:
                    eb:08:5d:89:1c:08:aa:9d:e7:1d:55:a9:d8:b4:5a:
                    d9:c1:61:df:13:ab:7a:12:7e:bb:56:8d:06:0c:16:
                    84:6d:f4:ec:b5:c9:fe:8d:b2:46:f7:98:66:41:4e:
                    00:11:1f:24:56:60:10:0b:fd:53:13:6e:de:e1:44:
                    fd:6c:ea:53:04:2d:20:3a:78:7a:e7:dc:28:89:b1:
                    7f:a8:b5:8a:cd:0d:a5:eb:c4:95:c7:02:c5:fe:25:
                    79:ec:5e:a2:04:38:1f:bc:aa:6c:d3:2e:3a:7e:4d:
                    45:80:da:df:37:cb:5e:4f:aa:73:65:0c:3c:9e:24:
                    a4:c8:20:1e:55:86:86:ac:84:92:6a:8f:e5:58:49:
                    2d:be:2e:ab:d5:fd:2c:b9:1b:f8:7b:62:16:27:53:
                    a3:d0:ab:b8:70:5b:88:83:48:12:17:85:29:0c:62:
                    72:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:E3:DB:9C:CB:9B:34:02:C5:5A:FD:96:73:59:96:0C:C0:21:A0:DB
            X509v3 Authority Key Identifier:
                keyid:00:87:1E:F4:3F:CA:09:21:42:D9:35:58:5F:21:92:64:6F:47:4C:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AIce9D_KCSFC2TVYXyGSZG9HTBw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7bb576-35da-4ac1-b7ee-0a9c4bddc8ac/1/AIce9D_KCSFC2TVYXyGSZG9HTBw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:69:14:16:4c:c3:e9:4b:c9:b1:0f:5d:2f:67:fc:94:da:01:
         1a:3e:5f:b3:d2:dd:8e:55:73:b3:9b:04:85:94:c2:38:f9:40:
         27:1b:a7:87:93:89:02:53:cb:1a:87:a9:6e:f9:ae:dd:ec:ea:
         b9:a8:2f:81:e9:7b:a2:0a:58:d2:d2:a8:f3:65:df:a7:0c:ad:
         64:8e:bf:89:40:d2:26:99:ac:9d:d5:07:67:5e:4f:2a:ff:6c:
         28:b1:ff:d3:ae:92:11:e2:49:37:fd:70:1f:7b:18:bb:0f:03:
         ff:48:eb:c0:5c:9a:79:6f:df:76:ab:4a:4f:a2:b2:00:d9:7d:
         93:31:3b:8a:47:57:ee:e0:93:4c:2c:49:5f:16:92:0c:5d:f5:
         22:83:5b:92:17:01:1a:d0:22:70:46:ee:0d:4c:f3:23:54:08:
         15:78:51:1d:45:a5:4c:75:59:43:2f:39:c7:7e:af:a0:03:70:
         a4:f6:07:d9:54:19:49:2d:ee:52:61:37:be:f6:06:5d:cf:c8:
         0a:a6:3e:85:2e:b5:ba:75:89:9e:d3:64:2b:08:c8:e9:f8:4f:
         25:52:cb:d1:28:d1:b0:92:ca:35:8c:5e:ae:04:b0:3e:66:fb:
         0b:95:06:df:ca:d1:5b:8c:bb:a9:fe:5f:11:7a:b1:42:f2:13:
         d9:ba:6c:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouw+2YBkDZvYBTZP+iPxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwODcxZWY0M2ZjYTA5MjE0MmQ5MzU1ODVmMjE5MjY0NmY0
NzRjMWMwHhcNMjYwMzI2MDYwMDQxWhcNMjYwMzI3MDYwMDQxWjAzMTEwLwYDVQQD
EygyNGUzZGI5Y2NiOWIzNDAyYzU1YWZkOTY3MzU5OTYwY2MwMjFhMGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH2FX9Dyxhx8RQUhO+r40/phtpqH
TwUb9BaTJSjLbXsqm+wss5MsNiM25Mx86XIsrfVlC4bwyTELOLZynS8mpfkxfBlA
BPUVFUOZj+UJe8qq+G8YNRs8PLPrCF2JHAiqnecdVanYtFrZwWHfE6t6En67Vo0G
DBaEbfTstcn+jbJG95hmQU4AER8kVmAQC/1TE27e4UT9bOpTBC0gOnh659woibF/
qLWKzQ2l68SVxwLF/iV57F6iBDgfvKps0y46fk1FgNrfN8teT6pzZQw8niSkyCAe
VYaGrISSao/lWEktvi6r1f0suRv4e2IWJ1Oj0Ku4cFuIg0gSF4UpDGJy+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTj25zLmzQCxVr9lnNZlgzAIaDbMB8GA1UdIwQY
MBaAFACHHvQ/ygkhQtk1WF8hkmRvR0wcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUt
MGE5YzRiZGRjOGFjLzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83YmI1NzYtMzVkYS00YWMxLWI3ZWUtMGE5YzRiZGRjOGFj
LzEvQUljZTlEX0tDU0ZDMlRWWVh5R1NaRzlIVEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu2kUFkzD
6UvJsQ9dL2f8lNoBGj5fs9LdjlVzs5sEhZTCOPlAJxunh5OJAlPLGoepbvmu3ezq
uagvgel7ogpY0tKo82XfpwytZI6/iUDSJpmsndUHZ15PKv9sKLH/066SEeJJN/1w
H3sYuw8D/0jrwFyaeW/fdqtKT6KyANl9kzE7ikdX7uCTTCxJXxaSDF31IoNbkhcB
GtAicEbuDUzzI1QIFXhRHUWlTHVZQy85x36voANwpPYH2VQZSS3uUmE3vvYGXc/I
CqY+hS61unWJntNkKwjI6fhPJVLL0SjRsJLKNYxergSwPmb7C5UG38rRW4y7qf5f
EXqxQvIT2bpsoQ==
-----END CERTIFICATE-----