Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
File:                     X765nwZBwgALrAWjJrQYpMApS3o.mft (raw, json)
Hash identifier:          T/yn5k8tE3sYDuM0aYH/1hZ/ElrW2rntESv8ERz0T/c=
Subject key identifier:   AE:17:06:62:5F:CB:0C:5A:6A:46:41:B7:1B:05:36:F9:5A:7E:39:3D
Authority key identifier: 5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A
Certificate issuer:       /CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
Certificate serial:       019D386638AF8E5162D03E81C6A9CED12CD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
Manifest number:          0381
Signing time:             Sun 29 Mar 2026 07:01:56 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:56 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:56 +0000
Files and hashes:         1: X765nwZBwgALrAWjJrQYpMApS3o.crl (hash: ZO9vA23VUue7m/9zUdHZUWhl28mXFxptHBxqDHd+wMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:38:af:8e:51:62:d0:3e:81:c6:a9:ce:d1:2c:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
        Validity
            Not Before: Mar 29 07:01:56 2026 GMT
            Not After : Mar 30 07:01:56 2026 GMT
        Subject: CN=ae1706625fcb0c5a6a4641b71b0536f95a7e393d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:3e:be:51:df:02:b0:1b:80:09:7f:31:53:8c:
                    c5:d9:5a:5e:c6:c5:18:62:4b:21:1f:b0:6e:ed:62:
                    81:28:99:5d:bf:e6:2a:8a:db:b4:a4:4d:60:f6:de:
                    e7:b3:00:bc:8d:89:cb:1c:be:57:4e:87:3c:8a:e3:
                    a2:94:c2:35:7e:74:68:77:b0:09:be:bd:df:62:e7:
                    9d:3a:20:91:a5:48:69:09:a8:a6:85:8d:9d:90:67:
                    db:a1:05:be:c2:84:fc:f8:53:b7:a6:bb:6d:35:11:
                    85:43:70:cb:3b:98:8f:0a:ed:d7:f0:e9:0e:76:48:
                    2e:19:dd:e7:92:c1:91:e6:9c:d7:14:74:75:e8:67:
                    4b:7d:60:c8:92:c3:c9:97:46:b5:72:c5:1e:94:18:
                    3c:9c:a6:69:6f:ed:15:a4:0e:fc:95:5e:50:0b:6b:
                    e4:46:d9:af:fb:5f:d0:9e:10:c2:1a:04:15:85:2c:
                    35:b5:eb:46:cc:4d:3a:77:bd:75:d6:cd:da:9d:04:
                    6e:36:c4:63:f9:e5:a0:ab:c1:a7:73:70:3e:f1:9f:
                    fd:38:9e:62:61:87:08:a6:a6:a3:bc:cd:8b:c9:40:
                    41:eb:70:54:fb:86:ab:87:e0:5c:2f:09:bb:fc:82:
                    a7:a7:06:c5:96:64:2d:2a:6f:ea:85:01:db:35:20:
                    e2:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:17:06:62:5F:CB:0C:5A:6A:46:41:B7:1B:05:36:F9:5A:7E:39:3D
            X509v3 Authority Key Identifier:
                keyid:5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:0d:0e:50:64:a7:15:97:d1:dc:03:d3:cc:4d:09:f3:a0:f4:
         29:a8:79:b0:df:d9:3e:38:4b:23:68:cb:4c:f7:2c:aa:70:f3:
         c8:d3:f1:89:aa:81:3c:a4:08:e7:e1:18:c8:0e:7c:e0:d4:ce:
         13:d6:4d:7c:36:2e:eb:e0:52:8c:28:3d:e5:25:8d:9e:56:2b:
         ba:ac:2b:51:f9:4c:32:6d:b9:a9:09:42:a3:a9:87:35:35:67:
         02:c9:f6:4e:ea:38:c1:0c:53:95:c8:60:7c:7b:0b:d5:43:1f:
         2b:fd:d3:73:78:4c:e1:95:29:e6:59:9d:b0:02:23:64:4a:64:
         11:05:44:2e:3b:54:79:8d:98:df:5c:36:75:86:e8:38:64:05:
         5d:30:fa:e6:3d:51:ee:d7:9d:b0:17:cd:b7:ac:45:f0:9c:12:
         fa:1b:1f:46:63:d9:ec:9e:89:ee:62:a8:8c:60:91:6d:40:1e:
         91:f2:dd:f0:4a:4d:57:05:f4:4e:ab:cd:aa:a5:3c:e1:10:73:
         b2:d3:18:5f:8d:ba:73:a6:db:e0:3f:29:79:7b:92:69:8d:11:
         8c:65:bb:63:1a:b4:88:e6:79:81:43:5b:8a:c0:76:c7:2d:52:
         ba:3c:9c:65:57:fc:9c:e9:07:bd:50:90:fc:99:bb:8d:47:03:
         b6:4a:46:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZjivjlFi0D6BxqnO0SzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmViOTlmMDY0MWMyMDAwYmFjMDVhMzI2YjQxOGE0YzAy
OTRiN2EwHhcNMjYwMzI5MDcwMTU2WhcNMjYwMzMwMDcwMTU2WjAzMTEwLwYDVQQD
EyhhZTE3MDY2MjVmY2IwYzVhNmE0NjQxYjcxYjA1MzZmOTVhN2UzOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0z6+Ud8CsBuACX8xU4zF2VpexsUY
YkshH7Bu7WKBKJldv+Yqitu0pE1g9t7nswC8jYnLHL5XToc8iuOilMI1fnRod7AJ
vr3fYuedOiCRpUhpCaimhY2dkGfboQW+woT8+FO3prttNRGFQ3DLO5iPCu3X8OkO
dkguGd3nksGR5pzXFHR16GdLfWDIksPJl0a1csUelBg8nKZpb+0VpA78lV5QC2vk
Rtmv+1/QnhDCGgQVhSw1tetGzE06d7111s3anQRuNsRj+eWgq8Gnc3A+8Z/9OJ5i
YYcIpqajvM2LyUBB63BU+4arh+BcLwm7/IKnpwbFlmQtKm/qhQHbNSDiSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK4XBmJfywxaakZBtxsFNvlafjk9MB8GA1UdIwQY
MBaAFF++uZ8GQcIAC6wFoya0GKTAKUt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3Yzgt
NTc1YTIwODA4OTZhLzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3YzgtNTc1YTIwODA4OTZh
LzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdw0OUGSn
FZfR3APTzE0J86D0Kah5sN/ZPjhLI2jLTPcsqnDzyNPxiaqBPKQI5+EYyA584NTO
E9ZNfDYu6+BSjCg95SWNnlYruqwrUflMMm25qQlCo6mHNTVnAsn2Tuo4wQxTlchg
fHsL1UMfK/3Tc3hM4ZUp5lmdsAIjZEpkEQVELjtUeY2Y31w2dYboOGQFXTD65j1R
7tedsBfNt6xF8JwS+hsfRmPZ7J6J7mKojGCRbUAekfLd8EpNVwX0TqvNqqU84RBz
stMYX426c6bb4D8peXuSaY0RjGW7Yxq0iOZ5gUNbisB2xy1SujycZVf8nOkHvVCQ
/Jm7jUcDtkpG3w==
-----END CERTIFICATE-----