Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft
File:                     SO3JpU4ccjtWqu330BVAxbNr2rY.mft (raw, json)
Hash identifier:          KgJPTiyltxCGU5kseCx0wdEZ+Uyp9KF4Skse+QINDXE=
Subject key identifier:   EA:A8:78:FA:3F:32:AF:1D:78:A6:C7:3F:69:8A:94:29:91:51:89:11
Authority key identifier: 48:ED:C9:A5:4E:1C:72:3B:56:AA:ED:F7:D0:15:40:C5:B3:6B:DA:B6
Certificate issuer:       /CN=48edc9a54e1c723b56aaedf7d01540c5b36bdab6
Certificate serial:       019D3909EEA2E3964B00147B1C5FB95B28C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SO3JpU4ccjtWqu330BVAxbNr2rY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft
Manifest number:          0283
Signing time:             Sun 29 Mar 2026 10:00:45 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:45 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:45 +0000
Files and hashes:         1: SO3JpU4ccjtWqu330BVAxbNr2rY.crl (hash: h40nIrPT6sK1OP7p64SyXdDPQZ9bGph2yBqK0VLz1l8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SO3JpU4ccjtWqu330BVAxbNr2rY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:ee:a2:e3:96:4b:00:14:7b:1c:5f:b9:5b:28:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48edc9a54e1c723b56aaedf7d01540c5b36bdab6
        Validity
            Not Before: Mar 29 10:00:45 2026 GMT
            Not After : Mar 30 10:00:45 2026 GMT
        Subject: CN=eaa878fa3f32af1d78a6c73f698a942991518911
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:f4:f5:a0:db:d0:7d:03:26:23:74:1a:de:96:
                    b1:ab:6c:4d:8b:15:60:10:d8:ac:eb:da:75:50:57:
                    39:c4:58:55:21:15:48:fa:47:3e:e0:28:bc:8c:7d:
                    26:20:91:2b:44:56:3e:3c:45:36:1d:29:6c:eb:26:
                    c8:bc:f1:0f:b8:78:5a:47:eb:e0:80:b0:85:33:f9:
                    f4:b2:61:90:7c:a5:45:60:b4:7f:06:db:65:1c:82:
                    6b:3e:f7:f3:81:bb:3d:37:fe:f0:7d:00:31:78:f3:
                    29:e9:80:dc:63:da:f8:0a:3b:2f:aa:66:28:81:16:
                    9b:da:15:15:bb:b9:2b:f9:c3:06:2b:40:e5:16:a6:
                    eb:95:8b:4c:a0:77:ac:6e:c1:88:8e:58:e5:c6:50:
                    db:d6:30:09:43:7c:e8:91:eb:ec:22:5a:dd:90:50:
                    48:5c:82:ce:7f:56:f1:1a:0d:97:ad:70:ee:0a:9d:
                    25:17:c9:c8:27:59:4d:63:af:02:5a:65:bc:0a:22:
                    74:87:dd:48:2e:fd:4a:0d:a7:99:2c:81:0d:df:59:
                    06:8e:4a:8a:2b:b1:56:c4:6f:6a:07:cb:bc:5d:e6:
                    9a:de:fe:bb:68:43:68:b0:05:2c:4a:ce:c9:d2:c6:
                    30:05:cd:2c:c3:a9:98:50:17:95:5f:f7:46:10:3a:
                    3c:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:A8:78:FA:3F:32:AF:1D:78:A6:C7:3F:69:8A:94:29:91:51:89:11
            X509v3 Authority Key Identifier:
                keyid:48:ED:C9:A5:4E:1C:72:3B:56:AA:ED:F7:D0:15:40:C5:B3:6B:DA:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SO3JpU4ccjtWqu330BVAxbNr2rY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/780ef6-53d8-4754-a8e3-c2a6ae0bf6be/1/SO3JpU4ccjtWqu330BVAxbNr2rY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:e8:31:22:2f:fc:71:ce:23:73:c9:1a:45:bf:ec:7d:76:f5:
         a0:48:a5:48:ac:bb:d1:6b:62:63:46:17:66:f1:1f:94:e4:6b:
         a1:72:4f:7d:1c:40:e6:a5:f2:23:cd:72:b2:94:67:b3:66:9b:
         e0:83:e9:b5:c2:01:11:c1:ac:17:f9:e4:16:7d:aa:7d:22:4b:
         c4:e0:d9:bb:c7:b2:5f:46:49:4a:85:43:c3:91:b6:05:72:72:
         5b:35:cd:1f:12:a2:fc:f0:87:2d:b7:b0:33:7e:e2:9d:f3:97:
         97:8f:84:66:9a:24:eb:b0:88:0e:bc:f6:31:12:e3:71:b7:8f:
         58:81:9d:7b:a3:3a:83:ba:09:3c:98:20:ce:92:4f:c2:f3:44:
         72:d0:57:bf:e9:da:01:4d:01:88:17:11:bd:8f:16:ba:5b:c8:
         b0:af:b6:0f:d9:c7:2d:75:a6:b5:cb:21:a3:b0:56:69:02:d8:
         87:71:ea:f5:26:e8:cb:54:86:cd:6e:a3:4d:3d:39:15:95:67:
         49:a4:e0:41:b9:30:c7:e8:34:d9:e6:f2:0a:d9:7d:1c:47:b3:
         b5:81:36:38:0c:0c:33:71:fc:bf:1b:47:85:d5:5c:5f:50:43:
         b3:83:e6:d7:1d:1f:fd:03:6d:ff:2b:c1:fb:37:db:f2:aa:d2:
         ab:ca:e3:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Ce6i45ZLABR7HF+5WyjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZWRjOWE1NGUxYzcyM2I1NmFhZWRmN2QwMTU0MGM1YjM2
YmRhYjYwHhcNMjYwMzI5MTAwMDQ1WhcNMjYwMzMwMTAwMDQ1WjAzMTEwLwYDVQQD
EyhlYWE4NzhmYTNmMzJhZjFkNzhhNmM3M2Y2OThhOTQyOTkxNTE4OTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvT1oNvQfQMmI3Qa3paxq2xNixVg
ENis69p1UFc5xFhVIRVI+kc+4Ci8jH0mIJErRFY+PEU2HSls6ybIvPEPuHhaR+vg
gLCFM/n0smGQfKVFYLR/BttlHIJrPvfzgbs9N/7wfQAxePMp6YDcY9r4CjsvqmYo
gRab2hUVu7kr+cMGK0DlFqbrlYtMoHesbsGIjljlxlDb1jAJQ3zokevsIlrdkFBI
XILOf1bxGg2XrXDuCp0lF8nIJ1lNY68CWmW8CiJ0h91ILv1KDaeZLIEN31kGjkqK
K7FWxG9qB8u8Xeaa3v67aENosAUsSs7J0sYwBc0sw6mYUBeVX/dGEDo8OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqoePo/Mq8deKbHP2mKlCmRUYkRMB8GA1UdIwQY
MBaAFEjtyaVOHHI7Vqrt99AVQMWza9q2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU08zSnBVNGNjanRXcXUzMzBCVkF4Yk5yMnJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS83ODBlZjYtNTNkOC00NzU0LWE4ZTMt
YzJhNmFlMGJmNmJlLzEvU08zSnBVNGNjanRXcXUzMzBCVkF4Yk5yMnJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS83ODBlZjYtNTNkOC00NzU0LWE4ZTMtYzJhNmFlMGJmNmJl
LzEvU08zSnBVNGNjanRXcXUzMzBCVkF4Yk5yMnJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcegxIi/8
cc4jc8kaRb/sfXb1oEilSKy70WtiY0YXZvEflORroXJPfRxA5qXyI81yspRns2ab
4IPptcIBEcGsF/nkFn2qfSJLxODZu8eyX0ZJSoVDw5G2BXJyWzXNHxKi/PCHLbew
M37infOXl4+EZpok67CIDrz2MRLjcbePWIGde6M6g7oJPJggzpJPwvNEctBXv+na
AU0BiBcRvY8WulvIsK+2D9nHLXWmtcsho7BWaQLYh3Hq9Sboy1SGzW6jTT05FZVn
SaTgQbkwx+g02ebyCtl9HEeztYE2OAwMM3H8vxtHhdVcX1BDs4Pm1x0f/QNt/yvB
+zfb8qrSq8rjZA==
-----END CERTIFICATE-----