Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.mft
File:                     MxSDS__K3sS4kl2gQu8N6YmYBFY.mft (raw, json)
Hash identifier:          lVi639aFqd0/fJa22kKXUmbj4qdZCU5dKsjF+y5jJ8g=
Subject key identifier:   F8:D1:8F:10:A5:73:44:D9:AF:A1:49:9C:41:CB:91:6D:A8:63:35:71
Authority key identifier: 33:14:83:4B:FF:CA:DE:C4:B8:92:5D:A0:42:EF:0D:E9:89:98:04:56
Certificate issuer:       /CN=3314834bffcadec4b8925da042ef0de989980456
Certificate serial:       019D3940FD191D3C413A75D2DE888EEA3E67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MxSDS__K3sS4kl2gQu8N6YmYBFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.mft
Manifest number:          0134
Signing time:             Sun 29 Mar 2026 11:00:53 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:53 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:53 +0000
Files and hashes:         1: MxSDS__K3sS4kl2gQu8N6YmYBFY.crl (hash: 0XvGxMetKgueuG3DLZqW5mIQ1G6R5wFLmdoBJ0/nAS8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MxSDS__K3sS4kl2gQu8N6YmYBFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:fd:19:1d:3c:41:3a:75:d2:de:88:8e:ea:3e:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3314834bffcadec4b8925da042ef0de989980456
        Validity
            Not Before: Mar 29 11:00:53 2026 GMT
            Not After : Mar 30 11:00:53 2026 GMT
        Subject: CN=f8d18f10a57344d9afa1499c41cb916da8633571
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:22:8b:54:5d:f2:75:8a:25:32:2c:c5:b8:32:
                    84:7c:f7:73:c7:09:86:04:b6:2d:f1:59:0f:ef:42:
                    1c:63:1d:b6:37:8b:1a:4e:27:a5:e6:8d:a1:6d:e8:
                    6d:f6:10:bd:43:5e:16:35:10:d8:48:24:f6:03:9c:
                    88:42:b6:4d:61:57:76:8f:45:f1:05:c7:37:17:a7:
                    96:18:e0:36:e2:f6:d3:ed:07:31:33:02:91:cd:cb:
                    30:ca:87:98:72:39:9d:67:14:9c:8d:f9:6a:fb:cb:
                    9a:6d:fb:d3:e0:10:4f:12:0b:fc:f5:6d:c9:43:96:
                    8d:62:33:46:de:1b:8f:aa:4f:d6:ba:76:5b:76:c2:
                    3f:61:3b:0c:6b:36:34:57:57:b9:20:68:3d:b4:33:
                    9e:9c:17:04:11:72:ed:37:84:8a:14:23:06:d9:64:
                    84:b0:cb:35:41:86:64:01:68:e1:d3:44:70:d0:36:
                    70:64:6d:0d:ac:b0:d2:44:00:fd:7e:cf:7d:ff:4a:
                    4c:b0:69:9f:29:90:1c:bd:61:53:03:b8:22:62:6e:
                    9b:9f:78:37:db:b8:ee:ba:e7:1a:08:16:1b:8a:95:
                    9c:f6:e8:a5:91:93:25:48:cb:28:04:e0:92:53:6a:
                    6f:e3:d2:e4:ce:70:38:16:e5:f0:41:b9:5d:e0:9b:
                    1b:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:D1:8F:10:A5:73:44:D9:AF:A1:49:9C:41:CB:91:6D:A8:63:35:71
            X509v3 Authority Key Identifier:
                keyid:33:14:83:4B:FF:CA:DE:C4:B8:92:5D:A0:42:EF:0D:E9:89:98:04:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxSDS__K3sS4kl2gQu8N6YmYBFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/13aaec-648a-43b6-a767-3af11c444835/1/MxSDS__K3sS4kl2gQu8N6YmYBFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:d5:2a:79:79:27:41:14:9f:7a:9a:f4:a0:9e:15:11:1e:df:
         96:4f:c6:df:db:d9:ff:c3:2d:3b:86:66:b5:6c:d4:4d:03:0a:
         45:8d:dc:cb:a7:76:39:95:2c:fe:83:f5:9b:88:24:2e:54:a8:
         20:0b:a4:ec:89:59:f4:0d:a1:d8:b6:ba:7a:f2:b4:f7:f7:bb:
         04:79:9f:4c:f7:93:fb:05:81:aa:d9:4a:12:10:98:3b:fe:9b:
         94:5b:a0:71:50:12:d5:af:a0:8d:25:ce:71:fa:66:37:6b:e9:
         84:de:7a:3d:0b:65:ac:2b:54:2b:7b:77:02:e2:c1:02:42:5f:
         5a:d3:1b:6c:88:23:b4:47:43:06:72:ac:5d:47:d4:30:2a:23:
         85:c3:a5:6d:9f:da:21:99:76:07:38:0c:e5:76:c3:82:73:d5:
         6a:69:d5:b8:2c:ce:26:24:35:80:98:91:f0:ae:35:8a:aa:a6:
         1a:b8:e0:c8:bd:e4:8d:0f:35:a5:85:82:bf:97:7b:6b:ba:72:
         08:4b:ba:71:aa:c3:d8:92:62:e1:d2:a3:16:3e:8c:3e:d3:83:
         4d:c3:cd:7f:ef:fb:8d:98:e4:19:ec:5a:52:3f:68:cd:94:84:
         9c:b7:f9:73:9c:9d:00:0e:12:7e:72:ed:e7:5f:20:16:3e:fb:
         5b:42:b7:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QP0ZHTxBOnXS3oiO6j5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMTQ4MzRiZmZjYWRlYzRiODkyNWRhMDQyZWYwZGU5ODk5
ODA0NTYwHhcNMjYwMzI5MTEwMDUzWhcNMjYwMzMwMTEwMDUzWjAzMTEwLwYDVQQD
EyhmOGQxOGYxMGE1NzM0NGQ5YWZhMTQ5OWM0MWNiOTE2ZGE4NjMzNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyKLVF3ydYolMizFuDKEfPdzxwmG
BLYt8VkP70IcYx22N4saTiel5o2hbeht9hC9Q14WNRDYSCT2A5yIQrZNYVd2j0Xx
Bcc3F6eWGOA24vbT7QcxMwKRzcswyoeYcjmdZxScjflq+8uabfvT4BBPEgv89W3J
Q5aNYjNG3huPqk/WunZbdsI/YTsMazY0V1e5IGg9tDOenBcEEXLtN4SKFCMG2WSE
sMs1QYZkAWjh00Rw0DZwZG0NrLDSRAD9fs99/0pMsGmfKZAcvWFTA7giYm6bn3g3
27juuucaCBYbipWc9uilkZMlSMsoBOCSU2pv49LkznA4FuXwQbld4JsbfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjRjxClc0TZr6FJnEHLkW2oYzVxMB8GA1UdIwQY
MBaAFDMUg0v/yt7EuJJdoELvDemJmARWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXhTRFNfX0szc1M0a2wyZ1F1OE42WW1ZQkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8xM2FhZWMtNjQ4YS00M2I2LWE3Njct
M2FmMTFjNDQ0ODM1LzEvTXhTRFNfX0szc1M0a2wyZ1F1OE42WW1ZQkZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8xM2FhZWMtNjQ4YS00M2I2LWE3NjctM2FmMTFjNDQ0ODM1
LzEvTXhTRFNfX0szc1M0a2wyZ1F1OE42WW1ZQkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEActUqeXkn
QRSfepr0oJ4VER7flk/G39vZ/8MtO4ZmtWzUTQMKRY3cy6d2OZUs/oP1m4gkLlSo
IAuk7IlZ9A2h2La6evK09/e7BHmfTPeT+wWBqtlKEhCYO/6blFugcVAS1a+gjSXO
cfpmN2vphN56PQtlrCtUK3t3AuLBAkJfWtMbbIgjtEdDBnKsXUfUMCojhcOlbZ/a
IZl2BzgM5XbDgnPVamnVuCzOJiQ1gJiR8K41iqqmGrjgyL3kjQ81pYWCv5d7a7py
CEu6carD2JJi4dKjFj6MPtODTcPNf+/7jZjkGexaUj9ozZSEnLf5c5ydAA4SfnLt
518gFj77W0K3JA==
-----END CERTIFICATE-----