Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          FQnxbJyt3XOMyTx0mUqj0vjj1VIEmTjYzvu7kH9rDzQ=
Subject key identifier:   8E:5A:E4:3F:78:B3:3D:95:48:52:01:A6:1E:D2:89:28:42:75:19:83
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       019D37F70AD64F426445C2F8C864BF9F1DFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          0768
Signing time:             Sun 29 Mar 2026 05:00:30 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:30 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:30 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: vfwWq0httSi6zmhybmpVtowTagknIOHc/c85caADZbk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:0a:d6:4f:42:64:45:c2:f8:c8:64:bf:9f:1d:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Mar 29 05:00:30 2026 GMT
            Not After : Mar 30 05:00:30 2026 GMT
        Subject: CN=8e5ae43f78b33d95485201a61ed2892842751983
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:54:2b:a4:bf:50:5e:e5:00:c6:81:fa:ae:74:
                    7b:6e:5b:81:aa:70:1e:a4:b2:6c:08:8d:80:c6:25:
                    0e:1e:e9:a3:56:5e:b5:08:82:e6:34:dd:da:34:80:
                    30:01:56:fa:72:88:73:39:7b:9c:b6:86:0e:02:ec:
                    c2:65:f9:d5:e4:0d:15:f8:bc:fd:d6:dd:4a:96:8c:
                    f2:1a:a5:c4:01:2a:55:b8:35:af:42:b6:be:6f:e8:
                    f8:aa:5a:2f:95:f8:05:27:a7:f3:2a:03:b8:85:fa:
                    69:d0:54:45:83:6e:7c:fb:3e:bd:c6:34:9b:16:f7:
                    8a:5c:03:80:3c:89:f1:d4:be:ab:70:18:ab:ce:20:
                    81:53:83:82:61:86:56:2c:e2:44:61:14:9d:db:9e:
                    81:9c:41:7f:92:ac:5c:5d:08:80:a5:b9:d7:a2:db:
                    0d:dd:b7:ba:d5:c6:da:b5:9f:13:5b:88:91:f9:97:
                    62:f2:2a:5d:e7:63:64:f7:b7:1c:61:12:28:81:c1:
                    55:57:55:fa:d6:34:18:08:88:e3:6b:05:f2:24:2a:
                    26:b7:97:0d:5d:fe:9b:c3:97:dc:60:47:a1:dc:9b:
                    4c:97:71:99:f6:05:e5:30:93:df:05:4e:e4:59:38:
                    13:85:ac:a8:15:ec:8a:5b:8f:56:4b:c3:31:0f:40:
                    10:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:5A:E4:3F:78:B3:3D:95:48:52:01:A6:1E:D2:89:28:42:75:19:83
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:0e:b6:17:eb:86:a9:8e:4f:77:2e:08:c4:21:9c:3b:ac:e3:
         3a:5c:13:2d:06:91:cb:0f:e3:5b:99:bc:d4:c9:12:b4:9a:6a:
         e8:e7:4e:b5:da:d4:e2:bf:8a:24:5e:c4:4a:44:df:79:60:a8:
         b2:53:54:77:71:ed:92:6a:32:a9:b7:6f:3b:0a:a7:be:5d:47:
         c8:db:cf:0c:a3:76:63:90:44:65:19:b1:f1:51:43:c5:7d:96:
         89:95:5c:5a:c9:68:04:19:43:a0:14:c5:0b:03:11:d4:3f:8f:
         5d:82:ba:27:f3:31:13:1b:69:ab:1d:3c:ad:3f:a0:a0:c4:2a:
         10:39:28:11:d8:09:13:ea:27:66:05:60:32:fd:3e:5b:d9:65:
         9d:99:0d:5a:c8:3e:7e:ba:ba:88:8e:81:ee:47:e3:df:26:5d:
         40:50:a3:fa:a6:33:8f:08:c7:23:3e:f6:eb:ec:64:ce:90:af:
         79:d4:88:ca:1d:09:81:49:0c:69:40:22:c7:54:de:e7:ff:0d:
         66:a7:de:9b:8a:1d:9a:d4:c9:a6:a0:0a:37:e9:51:d6:c7:02:
         f4:21:91:8f:cb:92:a5:8d:35:3a:5a:0f:a2:be:0b:61:39:4a:
         bd:8c:82:c5:ba:59:d3:3f:e6:67:f7:6f:f0:dd:7c:af:94:19:
         5d:04:21:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039wrWT0JkRcL4yGS/nx37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjYwMzI5MDUwMDMwWhcNMjYwMzMwMDUwMDMwWjAzMTEwLwYDVQQD
Eyg4ZTVhZTQzZjc4YjMzZDk1NDg1MjAxYTYxZWQyODkyODQyNzUxOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lQrpL9QXuUAxoH6rnR7bluBqnAe
pLJsCI2AxiUOHumjVl61CILmNN3aNIAwAVb6cohzOXuctoYOAuzCZfnV5A0V+Lz9
1t1KlozyGqXEASpVuDWvQra+b+j4qlovlfgFJ6fzKgO4hfpp0FRFg258+z69xjSb
FveKXAOAPInx1L6rcBirziCBU4OCYYZWLOJEYRSd256BnEF/kqxcXQiApbnXotsN
3be61cbatZ8TW4iR+Zdi8ipd52Nk97ccYRIogcFVV1X61jQYCIjjawXyJComt5cN
Xf6bw5fcYEeh3JtMl3GZ9gXlMJPfBU7kWTgThayoFeyKW49WS8MxD0AQjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5a5D94sz2VSFIBph7SiShCdRmDMB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsg62F+uG
qY5Pdy4IxCGcO6zjOlwTLQaRyw/jW5m81MkStJpq6OdOtdrU4r+KJF7ESkTfeWCo
slNUd3HtkmoyqbdvOwqnvl1HyNvPDKN2Y5BEZRmx8VFDxX2WiZVcWsloBBlDoBTF
CwMR1D+PXYK6J/MxExtpqx08rT+goMQqEDkoEdgJE+onZgVgMv0+W9llnZkNWsg+
frq6iI6B7kfj3yZdQFCj+qYzjwjHIz726+xkzpCvedSIyh0JgUkMaUAix1Te5/8N
Zqfem4odmtTJpqAKN+lR1scC9CGRj8uSpY01OloPor4LYTlKvYyCxbpZ0z/mZ/dv
8N18r5QZXQQh8Q==
-----END CERTIFICATE-----