Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
File:                     j31CCyNDzZHsI_UImoNC6J1tkWU.mft (raw, json)
Hash identifier:          O3D4XDhEgmuLyWc8996WEEZb1TJK2Kq4sh+zC9SddCM=
Subject key identifier:   B8:85:10:5C:8C:B7:E4:F2:E7:C3:DA:42:65:34:B4:87:A2:32:3D:90
Authority key identifier: 8F:7D:42:0B:23:43:CD:91:EC:23:F5:08:9A:83:42:E8:9D:6D:91:65
Certificate issuer:       /CN=8f7d420b2343cd91ec23f5089a8342e89d6d9165
Certificate serial:       019CAB6B54A278CB46FB7BCF2409C23524E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
Manifest number:          11AC
Signing time:             Sun 01 Mar 2026 22:01:03 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:03 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:03 +0000
Files and hashes:         1: j31CCyNDzZHsI_UImoNC6J1tkWU.crl (hash: dFQ+OknvBCTQbLdQJvZebVBWwjqe7iDS5a2v+Qryegk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:54:a2:78:cb:46:fb:7b:cf:24:09:c2:35:24:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7d420b2343cd91ec23f5089a8342e89d6d9165
        Validity
            Not Before: Mar  1 22:01:03 2026 GMT
            Not After : Mar  2 22:01:03 2026 GMT
        Subject: CN=b885105c8cb7e4f2e7c3da426534b487a2323d90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:dc:ef:f7:20:ef:c9:62:c4:ea:1d:ce:0b:94:
                    c6:45:cd:cc:a7:0a:61:50:1b:c3:56:fe:bd:b6:ee:
                    0c:54:0b:bc:3d:06:e2:06:d6:05:39:63:74:ab:83:
                    ae:4b:f6:b4:86:7a:45:b1:03:c4:74:45:a3:46:92:
                    77:28:b2:59:d1:03:60:24:50:c1:dc:38:1d:34:0f:
                    b8:37:e6:83:b7:db:2f:7d:fa:ec:a4:dd:95:f7:ce:
                    a8:da:15:73:c9:da:96:06:d3:82:7a:ce:65:21:c6:
                    09:1a:a6:a8:ac:51:c4:6f:a5:01:bb:45:3a:80:d8:
                    de:d5:8c:e7:a0:be:fa:0c:39:0f:ea:f5:31:c0:5f:
                    a5:e1:b5:bf:66:9d:90:2c:aa:4f:0a:3b:b5:ee:9b:
                    bd:24:d7:4f:d0:f3:f2:40:06:ba:b3:1f:c7:3e:66:
                    4d:07:67:34:0d:07:ca:31:ea:9a:e1:51:ca:52:7e:
                    b4:98:1b:04:66:23:8f:d9:9d:94:15:f8:0f:e0:ed:
                    4f:9a:5e:a7:8c:d1:4e:ae:75:cc:5c:16:57:f5:67:
                    30:38:ac:01:9f:00:ea:7b:69:2d:6f:4d:ca:61:fc:
                    40:c5:e3:85:21:dd:db:48:68:f2:db:e6:b5:24:39:
                    e2:e1:d6:35:74:b2:3c:03:a1:68:7f:70:1c:dd:99:
                    22:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:85:10:5C:8C:B7:E4:F2:E7:C3:DA:42:65:34:B4:87:A2:32:3D:90
            X509v3 Authority Key Identifier:
                keyid:8F:7D:42:0B:23:43:CD:91:EC:23:F5:08:9A:83:42:E8:9D:6D:91:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j31CCyNDzZHsI_UImoNC6J1tkWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d17665-68b4-496b-9d9a-c5e1722a0c68/1/j31CCyNDzZHsI_UImoNC6J1tkWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:46:2b:d3:6a:f9:e2:70:2e:94:e2:e6:27:8d:92:b6:73:7a:
         4f:d3:32:4e:e5:a2:b6:ce:9f:29:bf:37:05:66:35:48:b5:4a:
         f9:a4:2a:ef:a7:3d:8c:20:ef:08:b9:5d:49:e6:91:d7:d2:79:
         a5:4c:64:77:ac:41:49:5b:75:75:75:56:e4:3b:8d:31:67:3f:
         3b:39:71:d2:06:46:8e:d3:32:05:8b:5e:d6:cf:6e:51:ce:69:
         86:92:e0:2c:ab:ca:81:4f:0e:ea:66:59:74:9a:b6:e5:67:c2:
         89:0d:d5:74:2f:d8:22:48:df:8b:78:39:77:ab:28:25:af:f3:
         26:88:7f:b3:56:d9:6a:6f:a3:eb:74:db:78:3d:f0:0f:43:c1:
         d2:0a:5c:98:c8:74:bc:ae:07:b9:c1:20:73:fc:24:f1:bd:01:
         7e:d8:86:e7:d0:8e:a7:13:26:aa:ab:98:53:65:8c:17:33:a1:
         94:f7:7b:68:03:1f:41:c8:7e:dc:e9:58:f6:63:d5:db:fa:ee:
         44:1f:02:a9:27:9e:c2:6c:a0:bc:de:70:b5:e1:9f:d0:f9:0b:
         7c:f9:53:17:d3:82:36:6b:fa:f9:25:05:d6:b5:a1:a2:c1:38:
         b9:64:74:59:12:5f:e4:73:9c:44:e0:30:5f:1c:3c:04:56:d1:
         86:f4:08:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra1SieMtG+3vPJAnCNSToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Q0MjBiMjM0M2NkOTFlYzIzZjUwODlhODM0MmU4OWQ2
ZDkxNjUwHhcNMjYwMzAxMjIwMTAzWhcNMjYwMzAyMjIwMTAzWjAzMTEwLwYDVQQD
EyhiODg1MTA1YzhjYjdlNGYyZTdjM2RhNDI2NTM0YjQ4N2EyMzIzZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutzv9yDvyWLE6h3OC5TGRc3Mpwph
UBvDVv69tu4MVAu8PQbiBtYFOWN0q4OuS/a0hnpFsQPEdEWjRpJ3KLJZ0QNgJFDB
3DgdNA+4N+aDt9svffrspN2V986o2hVzydqWBtOCes5lIcYJGqaorFHEb6UBu0U6
gNje1YznoL76DDkP6vUxwF+l4bW/Zp2QLKpPCju17pu9JNdP0PPyQAa6sx/HPmZN
B2c0DQfKMeqa4VHKUn60mBsEZiOP2Z2UFfgP4O1Pml6njNFOrnXMXBZX9WcwOKwB
nwDqe2ktb03KYfxAxeOFId3bSGjy2+a1JDni4dY1dLI8A6Fof3Ac3ZkiPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLiFEFyMt+Ty58PaQmU0tIeiMj2QMB8GA1UdIwQY
MBaAFI99QgsjQ82R7CP1CJqDQuidbZFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kMTc2NjUtNjhiNC00OTZiLTlkOWEt
YzVlMTcyMmEwYzY4LzEvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kMTc2NjUtNjhiNC00OTZiLTlkOWEtYzVlMTcyMmEwYzY4
LzEvajMxQ0N5TkR6WkhzSV9VSW1vTkM2SjF0a1dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeEYr02r5
4nAulOLmJ42StnN6T9MyTuWits6fKb83BWY1SLVK+aQq76c9jCDvCLldSeaR19J5
pUxkd6xBSVt1dXVW5DuNMWc/Ozlx0gZGjtMyBYte1s9uUc5phpLgLKvKgU8O6mZZ
dJq25WfCiQ3VdC/YIkjfi3g5d6soJa/zJoh/s1bZam+j63TbeD3wD0PB0gpcmMh0
vK4HucEgc/wk8b0BftiG59COpxMmqquYU2WMFzOhlPd7aAMfQch+3OlY9mPV2/ru
RB8CqSeewmygvN5wteGf0PkLfPlTF9OCNmv6+SUF1rWhosE4uWR0WRJf5HOcROAw
Xxw8BFbRhvQI5g==
-----END CERTIFICATE-----