Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
File:                     IYCTB4hvuv261Th2Eu_-dxOHowA.mft (raw, json)
Hash identifier:          zg7E/7jwtICJTZEV6QTmBaNLMoQDP3Knkw7PBIdz2Tc=
Subject key identifier:   A1:F3:C3:07:D0:D7:69:21:4D:82:45:45:BD:1D:F4:B1:1B:85:D5:DD
Authority key identifier: 21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00
Certificate issuer:       /CN=21809307886fbafdbad5387612effe771387a300
Certificate serial:       019CAB6B36BE46E20AC9958CC9A428041A19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
Manifest number:          098A
Signing time:             Sun 01 Mar 2026 22:00:56 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:56 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:56 +0000
Files and hashes:         1: IYCTB4hvuv261Th2Eu_-dxOHowA.crl (hash: 4VnI5bLdGWTotn5Z5TwPre6rZrXVUgo5n7fb5evlDPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:36:be:46:e2:0a:c9:95:8c:c9:a4:28:04:1a:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21809307886fbafdbad5387612effe771387a300
        Validity
            Not Before: Mar  1 22:00:56 2026 GMT
            Not After : Mar  2 22:00:56 2026 GMT
        Subject: CN=a1f3c307d0d769214d824545bd1df4b11b85d5dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:85:f2:ee:53:95:a1:31:c3:df:c2:a3:6d:92:
                    69:ec:c6:4b:12:60:d3:e0:9d:89:05:a0:83:e1:ef:
                    66:ed:eb:7f:a7:d0:e5:89:16:fa:5c:ca:17:d8:bc:
                    c4:af:13:8b:68:e8:6c:fb:63:19:e3:7e:f5:c9:40:
                    65:44:f0:cb:03:2e:0d:b1:0b:91:6b:5e:ec:e0:af:
                    30:1c:bf:17:1f:51:7e:7d:e7:0e:dd:98:23:e4:8f:
                    06:5b:84:13:a4:d8:0a:bd:cb:c9:bf:e0:9c:3f:67:
                    e3:2f:9f:c4:bf:94:8a:73:6c:79:4e:4b:fd:fd:eb:
                    3c:e7:23:cb:0a:32:fa:f0:52:da:73:80:35:af:5d:
                    33:41:67:4a:62:be:a7:4d:03:1d:8a:28:6f:52:5e:
                    d1:aa:ce:5e:e2:29:77:33:3e:57:b7:28:de:8a:6a:
                    44:97:b2:f2:93:5e:2e:b0:3d:e9:5a:2b:90:f3:e8:
                    b4:be:37:7e:a6:c0:31:59:9a:f7:92:5e:0f:10:3c:
                    1d:a6:a6:f4:ca:4c:f1:57:bb:80:b8:e7:7a:89:fe:
                    66:53:69:1f:b4:08:f0:a0:60:3a:b4:cc:e6:f9:0b:
                    7e:64:96:22:63:75:ce:35:0b:3b:5e:a1:d6:4d:db:
                    fb:05:fe:64:60:42:74:19:8e:74:97:4d:4a:0a:da:
                    46:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:F3:C3:07:D0:D7:69:21:4D:82:45:45:BD:1D:F4:B1:1B:85:D5:DD
            X509v3 Authority Key Identifier:
                keyid:21:80:93:07:88:6F:BA:FD:BA:D5:38:76:12:EF:FE:77:13:87:A3:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYCTB4hvuv261Th2Eu_-dxOHowA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/a7cbaa-bb9d-47f5-922d-f708dad0eeca/1/IYCTB4hvuv261Th2Eu_-dxOHowA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:3b:32:18:e8:72:05:84:78:97:51:9c:23:71:b9:72:36:01:
         da:b7:bf:8e:77:00:da:df:0f:10:f6:e3:c1:96:c5:2b:24:99:
         d5:0e:20:7a:ce:ab:9f:6f:7d:a8:ee:74:35:8a:2e:4e:8a:14:
         62:40:62:8b:1c:5a:5d:ec:65:16:dd:ca:6b:d3:72:a4:3c:c4:
         f1:22:74:8d:68:b1:ce:99:9b:a9:13:a5:55:bf:8e:40:07:59:
         65:83:ca:5d:f9:65:1e:81:a1:8f:7f:b0:33:02:b0:20:28:25:
         04:c5:aa:32:76:7b:8e:9e:05:8b:e6:78:cc:fc:d8:f9:dc:ab:
         b1:4b:22:9a:8e:f8:7f:0e:6b:70:70:6d:4f:9a:4b:ab:5d:7b:
         92:d4:ee:69:3d:3c:c7:3f:4b:b0:cb:00:b8:bd:a3:b4:36:09:
         83:5b:cf:0d:ff:ea:45:65:c2:ae:5c:a4:cd:d9:8b:f7:34:ac:
         2e:38:4b:9e:e1:e6:0f:83:d4:84:8e:e9:71:98:b1:49:a2:b9:
         63:f5:11:a1:bd:8e:3f:b6:b9:a0:3e:79:67:cc:ff:f5:07:9c:
         9d:f4:4f:68:70:77:c9:28:4c:ce:25:01:45:54:60:da:17:7c:
         32:9b:6d:71:eb:37:82:e9:f0:27:92:84:89:2c:3f:f2:64:62:
         e6:34:1d:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraza+RuIKyZWMyaQoBBoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODA5MzA3ODg2ZmJhZmRiYWQ1Mzg3NjEyZWZmZTc3MTM4
N2EzMDAwHhcNMjYwMzAxMjIwMDU2WhcNMjYwMzAyMjIwMDU2WjAzMTEwLwYDVQQD
EyhhMWYzYzMwN2QwZDc2OTIxNGQ4MjQ1NDViZDFkZjRiMTFiODVkNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIXy7lOVoTHD38KjbZJp7MZLEmDT
4J2JBaCD4e9m7et/p9DliRb6XMoX2LzErxOLaOhs+2MZ4371yUBlRPDLAy4NsQuR
a17s4K8wHL8XH1F+fecO3Zgj5I8GW4QTpNgKvcvJv+CcP2fjL5/Ev5SKc2x5Tkv9
/es85yPLCjL68FLac4A1r10zQWdKYr6nTQMdiihvUl7Rqs5e4il3Mz5XtyjeimpE
l7Lyk14usD3pWiuQ8+i0vjd+psAxWZr3kl4PEDwdpqb0ykzxV7uAuOd6if5mU2kf
tAjwoGA6tMzm+Qt+ZJYiY3XONQs7XqHWTdv7Bf5kYEJ0GY50l01KCtpGZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHzwwfQ12khTYJFRb0d9LEbhdXdMB8GA1UdIwQY
MBaAFCGAkweIb7r9utU4dhLv/ncTh6MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQt
ZjcwOGRhZDBlZWNhLzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9hN2NiYWEtYmI5ZC00N2Y1LTkyMmQtZjcwOGRhZDBlZWNh
LzEvSVlDVEI0aHZ1djI2MVRoMkV1Xy1keE9Ib3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJjsyGOhy
BYR4l1GcI3G5cjYB2re/jncA2t8PEPbjwZbFKySZ1Q4ges6rn299qO50NYouTooU
YkBiixxaXexlFt3Ka9NypDzE8SJ0jWixzpmbqROlVb+OQAdZZYPKXfllHoGhj3+w
MwKwICglBMWqMnZ7jp4Fi+Z4zPzY+dyrsUsimo74fw5rcHBtT5pLq117ktTuaT08
xz9LsMsAuL2jtDYJg1vPDf/qRWXCrlykzdmL9zSsLjhLnuHmD4PUhI7pcZixSaK5
Y/URob2OP7a5oD55Z8z/9QecnfRPaHB3yShMziUBRVRg2hd8Mpttces3gunwJ5KE
iSw/8mRi5jQdJA==
-----END CERTIFICATE-----