Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft
File:                     4PcIYcfPbv530i_HBJvpbGdopQA.mft (raw, json)
Hash identifier:          pdlzFL6mqKLiiJ+If5ByLEk+bvTXBK3ZDU2lSZx1ndo=
Subject key identifier:   CE:B6:31:44:A3:9A:3F:3E:96:7A:F9:27:C7:16:94:DC:D4:86:5C:8B
Authority key identifier: E0:F7:08:61:C7:CF:6E:FE:77:D2:2F:C7:04:9B:E9:6C:67:68:A5:00
Certificate issuer:       /CN=e0f70861c7cf6efe77d22fc7049be96c6768a500
Certificate serial:       019D39AEA7AEC5C4445B738E28FFEC88AD4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4PcIYcfPbv530i_HBJvpbGdopQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft
Manifest number:          0853
Signing time:             Sun 29 Mar 2026 13:00:40 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:40 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:40 +0000
Files and hashes:         1: 4PcIYcfPbv530i_HBJvpbGdopQA.crl (hash: BiHs+TD5CgwnSqBqrztqY42RZKKjz+2/pS9L/U4l45I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4PcIYcfPbv530i_HBJvpbGdopQA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:a7:ae:c5:c4:44:5b:73:8e:28:ff:ec:88:ad:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0f70861c7cf6efe77d22fc7049be96c6768a500
        Validity
            Not Before: Mar 29 13:00:40 2026 GMT
            Not After : Mar 30 13:00:40 2026 GMT
        Subject: CN=ceb63144a39a3f3e967af927c71694dcd4865c8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:e4:4d:f6:ad:a2:0c:44:08:93:97:86:7e:94:
                    cb:f5:79:0a:a0:38:ff:ed:7c:8f:88:d2:f9:db:ce:
                    4a:7c:34:a3:5d:6c:f7:56:db:6b:16:5a:9c:ea:b2:
                    c1:b8:73:f6:7b:97:e7:df:ee:05:1d:50:be:6d:83:
                    ca:44:f0:5c:f7:40:16:d7:1f:f4:d6:9d:06:0e:f1:
                    5e:00:e7:47:f0:30:6a:bb:63:36:34:83:89:b7:f4:
                    c9:6d:1a:17:fb:a4:90:7b:c0:bb:7f:a9:c6:46:07:
                    3c:a5:b2:7b:80:87:bf:24:26:74:cd:76:ff:5f:a2:
                    68:33:3f:85:5c:4c:cb:01:e4:a5:2e:ad:67:e5:de:
                    e6:a1:52:10:0d:44:ee:59:63:a0:98:92:15:f1:f6:
                    fa:63:6f:71:cd:d2:b6:1e:f8:de:27:15:18:a4:e5:
                    5c:48:83:cb:a1:46:4c:a4:26:67:31:32:de:42:ec:
                    b6:7c:35:eb:a7:dc:5d:59:37:a4:fa:39:f3:73:b2:
                    5a:5e:88:7a:1d:49:a3:6b:fb:78:3a:4d:70:3e:f4:
                    37:af:f6:42:47:f9:6b:34:85:e0:59:22:dc:3a:e5:
                    a7:b9:a9:c9:b1:59:d5:75:d1:f0:fc:e6:26:1d:1a:
                    47:db:95:ff:c8:9c:b1:83:37:c6:3b:39:3e:8a:86:
                    a7:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:B6:31:44:A3:9A:3F:3E:96:7A:F9:27:C7:16:94:DC:D4:86:5C:8B
            X509v3 Authority Key Identifier:
                keyid:E0:F7:08:61:C7:CF:6E:FE:77:D2:2F:C7:04:9B:E9:6C:67:68:A5:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4PcIYcfPbv530i_HBJvpbGdopQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:41:3c:de:48:74:a1:57:c1:e5:48:42:7f:d1:6e:81:16:e3:
         ff:0b:73:5a:d1:b7:5e:33:84:60:40:54:70:9f:e3:25:22:25:
         0b:77:2b:ca:48:1d:4a:91:1c:d8:b5:a0:f8:b6:8a:d6:32:4f:
         55:80:b0:c2:59:f3:f5:aa:4d:a3:d2:1a:5e:08:0b:d3:eb:ad:
         6a:a8:29:df:0f:13:5b:a6:cf:53:0a:47:0f:49:9b:cd:65:a3:
         d8:89:54:95:1e:b6:9e:11:38:be:cd:68:76:a2:fa:df:94:50:
         4e:42:d7:a0:a6:e5:8c:6c:8f:ab:1f:3a:c9:71:3f:b9:8d:c8:
         4a:77:15:6c:c1:c0:13:a5:7b:14:ce:d5:bd:00:b6:ad:15:2b:
         b3:77:4a:b4:86:5d:5e:e1:8d:e3:71:9e:2f:9f:f0:22:60:75:
         3e:af:7b:ec:ab:65:fa:d9:a5:9c:fe:a3:7c:39:23:4a:54:cc:
         e5:ae:53:15:78:cb:9b:2a:07:06:0c:ba:8b:54:80:c8:bc:c3:
         d1:af:28:cb:45:4e:bf:6d:d5:b6:91:17:5d:84:ad:17:01:2c:
         e2:38:fa:61:0b:b0:03:f4:5a:69:ee:97:ae:d7:be:36:2f:c3:
         7e:40:88:90:d6:96:cc:24:c1:48:3e:1f:95:83:b5:e3:8a:bb:
         93:1a:bb:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rqeuxcREW3OOKP/siK1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZjcwODYxYzdjZjZlZmU3N2QyMmZjNzA0OWJlOTZjNjc2
OGE1MDAwHhcNMjYwMzI5MTMwMDQwWhcNMjYwMzMwMTMwMDQwWjAzMTEwLwYDVQQD
EyhjZWI2MzE0NGEzOWEzZjNlOTY3YWY5MjdjNzE2OTRkY2Q0ODY1YzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eRN9q2iDEQIk5eGfpTL9XkKoDj/
7XyPiNL5285KfDSjXWz3VttrFlqc6rLBuHP2e5fn3+4FHVC+bYPKRPBc90AW1x/0
1p0GDvFeAOdH8DBqu2M2NIOJt/TJbRoX+6SQe8C7f6nGRgc8pbJ7gIe/JCZ0zXb/
X6JoMz+FXEzLAeSlLq1n5d7moVIQDUTuWWOgmJIV8fb6Y29xzdK2HvjeJxUYpOVc
SIPLoUZMpCZnMTLeQuy2fDXrp9xdWTek+jnzc7JaXoh6HUmja/t4Ok1wPvQ3r/ZC
R/lrNIXgWSLcOuWnuanJsVnVddHw/OYmHRpH25X/yJyxgzfGOzk+ioanzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM62MUSjmj8+lnr5J8cWlNzUhlyLMB8GA1UdIwQY
MBaAFOD3CGHHz27+d9IvxwSb6WxnaKUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFBjSVljZlBidjUzMGlfSEJKdnBiR2RvcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81NDI4MzAtY2M0OS00MTVhLTk3YjYt
NDQ3M2MwYjFlMDQ2LzEvNFBjSVljZlBidjUzMGlfSEJKdnBiR2RvcFFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81NDI4MzAtY2M0OS00MTVhLTk3YjYtNDQ3M2MwYjFlMDQ2
LzEvNFBjSVljZlBidjUzMGlfSEJKdnBiR2RvcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABEE83kh0
oVfB5UhCf9FugRbj/wtzWtG3XjOEYEBUcJ/jJSIlC3crykgdSpEc2LWg+LaK1jJP
VYCwwlnz9apNo9IaXggL0+utaqgp3w8TW6bPUwpHD0mbzWWj2IlUlR62nhE4vs1o
dqL635RQTkLXoKbljGyPqx86yXE/uY3ISncVbMHAE6V7FM7VvQC2rRUrs3dKtIZd
XuGN43GeL5/wImB1Pq977Ktl+tmlnP6jfDkjSlTM5a5TFXjLmyoHBgy6i1SAyLzD
0a8oy0VOv23VtpEXXYStFwEs4jj6YQuwA/Raae6Xrte+Ni/DfkCIkNaWzCTBSD4f
lYO144q7kxq7jQ==
-----END CERTIFICATE-----