Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
File:                     sxwNSGRgtxY3A-X_TYre2XiIx00.mft (raw, json)
Hash identifier:          E5ZWZrTf/YX6DIg1qIZIVow7gTIZ9GeobNi7Zt1nYpE=
Subject key identifier:   2D:E2:E8:26:C2:06:10:A4:95:0A:AA:A0:BA:37:75:F8:12:85:0C:3C
Authority key identifier: B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D
Certificate issuer:       /CN=b31c0d486460b7163703e5ff4d8aded97888c74d
Certificate serial:       019D37C092B7271E11E4707671AF2375F7DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
Manifest number:          0A43
Signing time:             Sun 29 Mar 2026 04:01:00 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:00 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:00 +0000
Files and hashes:         1: sxwNSGRgtxY3A-X_TYre2XiIx00.crl (hash: uaCQ6TdHlhq4/T+CzJTHQyJRVh/T4Q/sQmjh+E8wtG4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:92:b7:27:1e:11:e4:70:76:71:af:23:75:f7:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31c0d486460b7163703e5ff4d8aded97888c74d
        Validity
            Not Before: Mar 29 04:01:00 2026 GMT
            Not After : Mar 30 04:01:00 2026 GMT
        Subject: CN=2de2e826c20610a4950aaaa0ba3775f812850c3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:5b:4f:70:02:ee:16:80:12:16:8c:99:0e:94:
                    a7:44:bb:b3:d7:ec:66:fa:94:b2:dd:58:70:7e:cf:
                    2b:88:bc:66:13:09:a3:85:60:4f:36:09:59:c5:d4:
                    20:48:5e:de:3c:ce:49:d3:b1:e2:12:98:c7:4d:81:
                    b4:a5:89:63:75:17:6b:d9:42:9b:82:f5:d0:5f:d1:
                    46:93:40:31:5f:ef:6c:93:10:58:a1:fb:85:79:a7:
                    e6:e9:95:d4:f7:35:60:a0:4c:7f:dc:34:25:a6:83:
                    73:4a:5d:07:74:40:b3:a2:8d:00:29:30:18:96:d9:
                    cf:74:15:75:63:47:c0:fd:f0:da:94:53:9e:b6:a0:
                    ae:03:07:cf:6d:09:a2:f9:75:d4:db:ed:57:f5:87:
                    00:a3:15:51:db:8e:fc:98:26:95:a9:ce:ad:d8:3c:
                    9e:1d:33:e1:79:8d:9c:b2:e4:7e:6d:cb:04:d6:00:
                    55:0e:bb:2f:6a:f6:dc:17:5a:e0:aa:e3:f6:3c:3a:
                    cf:4e:5d:39:ed:73:10:8a:ea:32:ef:2e:31:a6:ca:
                    64:1a:b2:51:a9:c3:c2:be:64:5e:b7:26:4a:35:ba:
                    26:4e:74:8c:58:1d:71:2d:12:b2:b4:41:19:ae:1b:
                    8d:4e:4f:33:98:6c:cd:ea:f1:e0:5f:5e:10:7c:47:
                    34:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:E2:E8:26:C2:06:10:A4:95:0A:AA:A0:BA:37:75:F8:12:85:0C:3C
            X509v3 Authority Key Identifier:
                keyid:B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:74:38:03:8c:4d:c9:3e:c7:d9:db:a6:e8:e7:83:cf:1e:37:
         e3:0c:68:61:10:be:fc:cb:fb:20:f5:65:d9:75:a5:60:49:f3:
         67:44:a2:1b:e1:08:e2:76:44:a3:58:07:a4:6d:87:bb:30:52:
         e3:35:b9:9b:57:62:90:f9:dc:77:06:cb:09:30:cd:34:d3:bf:
         c0:34:8f:03:91:ab:85:55:c8:be:5a:92:74:44:9e:a1:1b:61:
         78:33:21:4d:54:14:59:20:13:7c:22:f8:a9:b6:de:3a:c9:bd:
         0f:f7:41:b7:d4:a7:26:11:10:8d:9c:60:97:83:29:2b:4f:71:
         9d:73:b4:40:9a:50:e0:eb:c5:f4:19:6f:0f:96:84:6d:41:9d:
         f1:48:88:52:08:01:6f:a2:c1:19:30:54:9a:bb:4d:2c:ad:9c:
         eb:99:54:ad:51:a7:d8:1c:a5:1f:c6:03:4e:d3:ee:47:18:3a:
         72:10:df:99:7a:35:02:90:97:9b:40:54:1f:4c:d6:0e:31:5f:
         6b:44:b8:88:c1:bc:25:15:26:17:b8:0c:c7:f8:e0:32:66:57:
         79:56:12:55:94:f6:05:26:ac:60:5e:95:df:c9:b3:85:e4:e6:
         01:75:ba:3c:64:d3:84:8a:d6:b5:6e:90:e4:ca:59:43:7b:b7:
         a9:4f:5c:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wJK3Jx4R5HB2ca8jdffaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWMwZDQ4NjQ2MGI3MTYzNzAzZTVmZjRkOGFkZWQ5Nzg4
OGM3NGQwHhcNMjYwMzI5MDQwMTAwWhcNMjYwMzMwMDQwMTAwWjAzMTEwLwYDVQQD
EygyZGUyZTgyNmMyMDYxMGE0OTUwYWFhYTBiYTM3NzVmODEyODUwYzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1tPcALuFoASFoyZDpSnRLuz1+xm
+pSy3Vhwfs8riLxmEwmjhWBPNglZxdQgSF7ePM5J07HiEpjHTYG0pYljdRdr2UKb
gvXQX9FGk0AxX+9skxBYofuFeafm6ZXU9zVgoEx/3DQlpoNzSl0HdECzoo0AKTAY
ltnPdBV1Y0fA/fDalFOetqCuAwfPbQmi+XXU2+1X9YcAoxVR2478mCaVqc6t2Dye
HTPheY2csuR+bcsE1gBVDrsvavbcF1rgquP2PDrPTl057XMQiuoy7y4xpspkGrJR
qcPCvmRetyZKNbomTnSMWB1xLRKytEEZrhuNTk8zmGzN6vHgX14QfEc0DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3i6CbCBhCklQqqoLo3dfgShQw8MB8GA1UdIwQY
MBaAFLMcDUhkYLcWNwPl/02K3tl4iMdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEt
ODI0M2I3ZGIxMDVlLzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEtODI0M2I3ZGIxMDVl
LzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkHQ4A4xN
yT7H2dum6OeDzx434wxoYRC+/Mv7IPVl2XWlYEnzZ0SiG+EI4nZEo1gHpG2HuzBS
4zW5m1dikPncdwbLCTDNNNO/wDSPA5GrhVXIvlqSdESeoRtheDMhTVQUWSATfCL4
qbbeOsm9D/dBt9SnJhEQjZxgl4MpK09xnXO0QJpQ4OvF9BlvD5aEbUGd8UiIUggB
b6LBGTBUmrtNLK2c65lUrVGn2BylH8YDTtPuRxg6chDfmXo1ApCXm0BUH0zWDjFf
a0S4iMG8JRUmF7gMx/jgMmZXeVYSVZT2BSasYF6V38mzheTmAXW6PGTThIrWtW6Q
5MpZQ3u3qU9cvg==
-----END CERTIFICATE-----