Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.mft
File:                     RwXTxqWwUSaCzf3zY7GanFZ_H2w.mft (raw, json)
Hash identifier:          2Tj2HW5lgQQcMlhCLzkkmoGfSfcZ0Zg6Tl000WMJgLQ=
Subject key identifier:   3A:43:8F:B8:AD:16:5D:9B:D5:80:12:C2:DE:78:D3:10:EB:0F:1E:D1
Authority key identifier: 47:05:D3:C6:A5:B0:51:26:82:CD:FD:F3:63:B1:9A:9C:56:7F:1F:6C
Certificate issuer:       /CN=4705d3c6a5b0512682cdfdf363b19a9c567f1f6c
Certificate serial:       019D37893AD5C5CB830D758C36A6A0D632F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.mft
Manifest number:          1896
Signing time:             Sun 29 Mar 2026 03:00:33 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:33 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:33 +0000
Files and hashes:         1: RwXTxqWwUSaCzf3zY7GanFZ_H2w.crl (hash: 0LAIofWy/oBL+KLbtbIcfaQ/ca8jwlao924Z6c2kpQY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:3a:d5:c5:cb:83:0d:75:8c:36:a6:a0:d6:32:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4705d3c6a5b0512682cdfdf363b19a9c567f1f6c
        Validity
            Not Before: Mar 29 03:00:33 2026 GMT
            Not After : Mar 30 03:00:33 2026 GMT
        Subject: CN=3a438fb8ad165d9bd58012c2de78d310eb0f1ed1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:a3:fe:b1:d6:69:26:2f:3b:c1:ce:e6:b0:12:
                    90:2a:3c:62:c6:08:20:b5:19:17:96:1e:3f:c7:a3:
                    2f:a8:a6:61:ef:f8:69:1e:20:58:c2:7f:b5:cf:90:
                    d3:32:f5:96:5e:ff:66:31:b3:52:97:fd:c0:cc:b6:
                    bb:90:e9:47:7d:d3:2b:2a:10:07:d3:a9:0f:6f:e7:
                    c1:8d:47:92:30:4a:fe:e9:ce:81:a0:55:d5:4d:65:
                    2f:c6:63:24:d7:ae:34:90:73:a5:c8:62:48:c6:0d:
                    f4:70:90:8a:cb:b1:5c:15:7f:60:48:5c:a3:0b:80:
                    6e:33:29:85:7c:90:bb:e0:1e:d9:59:5a:81:02:99:
                    38:eb:17:e9:9c:03:ea:c0:d0:a0:52:10:ae:56:3e:
                    0e:f5:7b:e0:60:25:c5:74:58:c0:24:78:df:33:b1:
                    b2:35:09:d1:d5:e4:68:f9:31:1b:d3:90:b9:f1:77:
                    a8:54:2a:36:5e:da:66:d0:c1:f0:44:f2:7a:24:bf:
                    b2:9a:09:c7:f9:9b:90:95:39:89:a8:f9:8d:00:13:
                    41:93:32:c1:92:f1:f7:cb:f6:35:fc:f4:2e:9b:a7:
                    43:86:57:81:5a:bd:a5:9a:41:66:be:37:a4:92:59:
                    82:78:92:81:33:4b:ef:ed:42:73:22:06:df:f0:f3:
                    67:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:43:8F:B8:AD:16:5D:9B:D5:80:12:C2:DE:78:D3:10:EB:0F:1E:D1
            X509v3 Authority Key Identifier:
                keyid:47:05:D3:C6:A5:B0:51:26:82:CD:FD:F3:63:B1:9A:9C:56:7F:1F:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d7:e5:c7:2c:9a:10:2a:cb:66:0a:af:4a:f0:08:a0:38:08:9c:
         69:29:21:af:ef:a6:ff:cc:5a:f3:f9:3b:6c:88:88:15:68:43:
         ca:42:1c:12:3a:32:d0:8d:3d:c0:1a:37:c9:f5:81:d1:2c:32:
         97:08:08:ea:9b:cd:8b:90:3c:5d:39:3b:26:de:40:19:28:a5:
         6a:25:a5:47:b8:25:7c:af:37:42:54:46:c8:e1:76:cf:99:29:
         de:d7:b3:61:77:4c:d6:cb:43:ac:e8:87:80:b2:53:05:2f:44:
         b0:fd:a3:b8:c4:43:9d:85:92:66:aa:5d:b8:b3:7d:7d:50:85:
         56:de:dc:7e:84:09:44:60:8d:10:83:cc:10:3f:8d:40:cb:a8:
         bf:1c:56:70:02:79:16:37:08:b2:0f:4d:46:3c:03:41:ca:75:
         1a:4b:a8:1f:d8:3c:b6:27:fa:23:b9:8f:91:31:79:eb:1f:40:
         2c:b0:cc:ea:c7:94:74:7e:a7:f5:46:b5:a5:4a:10:b3:9c:48:
         83:1f:67:be:b0:30:9a:e0:87:53:02:da:dd:4c:a8:d9:b7:35:
         11:05:b9:1a:17:89:4e:b8:34:15:d2:6b:f3:4e:d9:b5:9b:33:
         1f:81:4a:15:81:52:17:e0:04:52:5a:0c:e6:49:2d:13:86:6f:
         49:87:e6:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iTrVxcuDDXWMNqag1jL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MDVkM2M2YTViMDUxMjY4MmNkZmRmMzYzYjE5YTljNTY3
ZjFmNmMwHhcNMjYwMzI5MDMwMDMzWhcNMjYwMzMwMDMwMDMzWjAzMTEwLwYDVQQD
EygzYTQzOGZiOGFkMTY1ZDliZDU4MDEyYzJkZTc4ZDMxMGViMGYxZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaP+sdZpJi87wc7msBKQKjxixggg
tRkXlh4/x6MvqKZh7/hpHiBYwn+1z5DTMvWWXv9mMbNSl/3AzLa7kOlHfdMrKhAH
06kPb+fBjUeSMEr+6c6BoFXVTWUvxmMk1640kHOlyGJIxg30cJCKy7FcFX9gSFyj
C4BuMymFfJC74B7ZWVqBApk46xfpnAPqwNCgUhCuVj4O9XvgYCXFdFjAJHjfM7Gy
NQnR1eRo+TEb05C58XeoVCo2Xtpm0MHwRPJ6JL+ymgnH+ZuQlTmJqPmNABNBkzLB
kvH3y/Y1/PQum6dDhleBWr2lmkFmvjekklmCeJKBM0vv7UJzIgbf8PNncQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpDj7itFl2b1YASwt540xDrDx7RMB8GA1UdIwQY
MBaAFEcF08alsFEmgs3982OxmpxWfx9sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUndYVHhxV3dVU2FDemYzelk3R2FuRlpfSDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi81NmFlZTktOTk2Yy00MzhmLWJiMDAt
MGRmYTZiMjJlZmYyLzEvUndYVHhxV3dVU2FDemYzelk3R2FuRlpfSDJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi81NmFlZTktOTk2Yy00MzhmLWJiMDAtMGRmYTZiMjJlZmYy
LzEvUndYVHhxV3dVU2FDemYzelk3R2FuRlpfSDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1+XHLJoQ
KstmCq9K8AigOAicaSkhr++m/8xa8/k7bIiIFWhDykIcEjoy0I09wBo3yfWB0Swy
lwgI6pvNi5A8XTk7Jt5AGSilaiWlR7glfK83QlRGyOF2z5kp3tezYXdM1stDrOiH
gLJTBS9EsP2juMRDnYWSZqpduLN9fVCFVt7cfoQJRGCNEIPMED+NQMuovxxWcAJ5
FjcIsg9NRjwDQcp1GkuoH9g8tif6I7mPkTF56x9ALLDM6seUdH6n9Ua1pUoQs5xI
gx9nvrAwmuCHUwLa3Uyo2bc1EQW5GheJTrg0FdJr807ZtZszH4FKFYFSF+AEUloM
5kktE4ZvSYfmbA==
-----END CERTIFICATE-----