Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft
File:                     MMOt1700croWgExJC2ahCXZZvTE.mft (raw, json)
Hash identifier:          +aemQxveM2YQ6paADo2dY3lT4mexsxMLdROzqnOdCmA=
Subject key identifier:   5B:FF:76:9C:50:87:25:1D:05:0B:A5:8F:10:04:3E:38:33:CB:FC:7B
Authority key identifier: 30:C3:AD:D7:BD:34:72:BA:16:80:4C:49:0B:66:A1:09:76:59:BD:31
Certificate issuer:       /CN=30c3add7bd3472ba16804c490b66a1097659bd31
Certificate serial:       019D3752AABF03A345BD3EB970A86AC93275
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MMOt1700croWgExJC2ahCXZZvTE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft
Manifest number:          0E41
Signing time:             Sun 29 Mar 2026 02:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:57 +0000
Files and hashes:         1: MMOt1700croWgExJC2ahCXZZvTE.crl (hash: yInYNRcnWU4a2bjAAM146CiEArItzo1fHXfWty1qH+s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MMOt1700croWgExJC2ahCXZZvTE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:aa:bf:03:a3:45:bd:3e:b9:70:a8:6a:c9:32:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30c3add7bd3472ba16804c490b66a1097659bd31
        Validity
            Not Before: Mar 29 02:00:57 2026 GMT
            Not After : Mar 30 02:00:57 2026 GMT
        Subject: CN=5bff769c5087251d050ba58f10043e3833cbfc7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:36:f8:b4:5a:00:4f:bb:23:3d:e8:82:ab:c3:
                    0b:b0:36:cb:1b:d4:0b:7a:71:58:00:9a:30:0c:d5:
                    85:44:a6:b5:6b:70:49:d0:1a:9f:17:20:df:07:7f:
                    23:2a:ae:67:f6:0c:30:6c:9b:c2:f3:3f:64:0c:17:
                    c3:52:2c:16:7f:8c:7e:b8:07:6a:3c:16:c5:08:27:
                    77:64:89:67:9e:28:8b:58:11:7a:86:2f:8d:f6:4e:
                    a2:97:62:5d:2e:ad:4b:41:03:0b:23:cd:36:37:d4:
                    cf:54:3c:2b:c1:fc:bd:f0:54:7d:35:2b:93:a0:04:
                    7d:49:01:51:c8:54:ce:cd:25:9b:74:c2:03:a1:d6:
                    d4:6b:1e:8e:48:3f:a7:f4:1f:44:08:08:64:4a:7b:
                    a0:98:a7:c3:0e:79:67:98:8f:8c:68:58:5d:6c:a3:
                    df:9a:68:fa:6b:57:1e:8b:55:c4:e2:ca:92:ad:d2:
                    f3:2d:bb:d2:b4:d0:66:64:82:2f:ab:71:87:be:0d:
                    80:e4:56:1c:f6:73:5c:10:e0:b1:f8:c0:12:3a:63:
                    b4:13:eb:5e:7e:00:57:f4:8c:74:87:d0:32:ea:2c:
                    a2:c1:86:56:95:fe:f8:b9:e5:45:58:0a:b1:ba:33:
                    59:15:6f:48:a5:c9:f0:7a:cb:16:23:5a:74:df:43:
                    32:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:FF:76:9C:50:87:25:1D:05:0B:A5:8F:10:04:3E:38:33:CB:FC:7B
            X509v3 Authority Key Identifier:
                keyid:30:C3:AD:D7:BD:34:72:BA:16:80:4C:49:0B:66:A1:09:76:59:BD:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMOt1700croWgExJC2ahCXZZvTE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:9f:4f:eb:f9:52:07:9c:8b:d0:c8:be:53:b2:4c:ff:b3:57:
         f5:c6:b9:ff:24:13:2e:c7:8a:9e:de:34:4a:06:5c:fa:b0:b2:
         9d:09:0c:69:1f:d4:c2:f8:f7:fc:23:bb:5d:20:21:0a:db:df:
         46:4d:b9:0b:a3:90:14:94:a6:ac:c1:3f:46:ac:ac:09:24:62:
         29:0d:c4:ab:61:8f:76:62:36:2d:32:db:86:fd:5f:96:37:4b:
         95:4a:ae:df:e4:a4:86:13:b7:53:1f:31:17:06:10:b1:82:13:
         43:8d:3f:59:0a:83:e2:0b:c4:ee:66:c7:03:29:73:38:53:23:
         99:10:37:1f:93:76:9f:f9:43:c2:c1:34:fe:f7:f8:bf:56:0f:
         b0:ab:8b:4c:63:5d:4b:a9:ef:51:94:9e:f2:e3:cd:07:d7:63:
         c5:ae:61:e4:20:3f:13:a9:fe:2c:bf:9c:b4:62:cd:d6:f9:df:
         50:93:41:6a:75:d6:fd:f4:4b:57:30:96:8f:c0:5d:73:ea:67:
         46:e3:ec:71:c3:06:c2:b5:f5:37:61:88:fd:31:9f:7d:5b:21:
         a8:e0:76:35:4d:98:0e:b2:0e:fa:44:fd:da:34:fa:71:47:51:
         f6:5b:35:ae:e0:b9:8e:9e:a4:e5:ec:15:13:72:9f:50:83:37:
         57:ba:dd:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uqq/A6NFvT65cKhqyTJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzNhZGQ3YmQzNDcyYmExNjgwNGM0OTBiNjZhMTA5NzY1
OWJkMzEwHhcNMjYwMzI5MDIwMDU3WhcNMjYwMzMwMDIwMDU3WjAzMTEwLwYDVQQD
Eyg1YmZmNzY5YzUwODcyNTFkMDUwYmE1OGYxMDA0M2UzODMzY2JmYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojb4tFoAT7sjPeiCq8MLsDbLG9QL
enFYAJowDNWFRKa1a3BJ0BqfFyDfB38jKq5n9gwwbJvC8z9kDBfDUiwWf4x+uAdq
PBbFCCd3ZIlnniiLWBF6hi+N9k6il2JdLq1LQQMLI802N9TPVDwrwfy98FR9NSuT
oAR9SQFRyFTOzSWbdMIDodbUax6OSD+n9B9ECAhkSnugmKfDDnlnmI+MaFhdbKPf
mmj6a1cei1XE4sqSrdLzLbvStNBmZIIvq3GHvg2A5FYc9nNcEOCx+MASOmO0E+te
fgBX9Ix0h9Ay6iyiwYZWlf74ueVFWAqxujNZFW9IpcnwessWI1p030MyJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFv/dpxQhyUdBQuljxAEPjgzy/x7MB8GA1UdIwQY
MBaAFDDDrde9NHK6FoBMSQtmoQl2Wb0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1PdDE3MDBjcm9XZ0V4SkMyYWhDWFpadlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8yM2NjYzgtNDcxOC00NTNjLWJlM2Ut
OTVjZDY5MjRhYjRlLzEvTU1PdDE3MDBjcm9XZ0V4SkMyYWhDWFpadlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8yM2NjYzgtNDcxOC00NTNjLWJlM2UtOTVjZDY5MjRhYjRl
LzEvTU1PdDE3MDBjcm9XZ0V4SkMyYWhDWFpadlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ59P6/lS
B5yL0Mi+U7JM/7NX9ca5/yQTLseKnt40SgZc+rCynQkMaR/Uwvj3/CO7XSAhCtvf
Rk25C6OQFJSmrME/RqysCSRiKQ3Eq2GPdmI2LTLbhv1fljdLlUqu3+SkhhO3Ux8x
FwYQsYITQ40/WQqD4gvE7mbHAylzOFMjmRA3H5N2n/lDwsE0/vf4v1YPsKuLTGNd
S6nvUZSe8uPNB9djxa5h5CA/E6n+LL+ctGLN1vnfUJNBanXW/fRLVzCWj8Bdc+pn
RuPsccMGwrX1N2GI/TGffVshqOB2NU2YDrIO+kT92jT6cUdR9ls1ruC5jp6k5ewV
E3KfUIM3V7rdwQ==
-----END CERTIFICATE-----