Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          X5I9ti5n6YKRwetc0InvV9nGSMYOqPxEFdj0yAWM92M=
Subject key identifier:   E5:DB:97:65:74:1C:78:43:BE:0D:20:25:1E:15:BF:56:DD:57:5F:25
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       019D3789A364376290E2B0F54D23A580A3BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          054D
Signing time:             Sun 29 Mar 2026 03:01:00 +0000
Manifest this update:     Sun 29 Mar 2026 03:01:00 +0000
Manifest next update:     Mon 30 Mar 2026 03:01:00 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: Eg0zZRztu5N+w3vL/mVMhdhxQaDT9j5wHXkU/o/feHU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:a3:64:37:62:90:e2:b0:f5:4d:23:a5:80:a3:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Mar 29 03:01:00 2026 GMT
            Not After : Mar 30 03:01:00 2026 GMT
        Subject: CN=e5db9765741c7843be0d20251e15bf56dd575f25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:b2:a5:b1:ce:bd:b5:7a:d5:23:97:94:0d:83:
                    83:e7:89:74:84:de:24:11:fe:4f:d5:2c:93:ef:61:
                    68:b2:6a:d1:16:06:d5:16:c7:c6:64:1f:ed:68:e5:
                    c2:8f:23:5b:eb:a5:2c:54:bf:8b:2f:47:d1:6f:c4:
                    e2:cc:46:94:ea:80:60:c8:9a:8b:dd:5b:ce:f9:93:
                    14:d3:08:2c:b8:36:e4:d7:c9:7a:b1:94:9a:8f:93:
                    d3:4c:e9:fc:28:5a:e8:f9:ff:f4:0a:05:35:bd:a5:
                    23:a9:f8:be:89:5a:77:9b:b2:8e:38:53:be:3e:6f:
                    f3:37:25:11:37:78:0f:e6:a0:bd:a9:81:c2:ff:b4:
                    33:bc:51:95:d1:14:f6:e9:8b:1f:73:37:3b:e9:00:
                    eb:bf:21:d5:fe:4b:1c:04:48:8c:5a:33:19:f6:32:
                    a8:fd:9c:43:65:d0:56:c0:48:bb:e5:96:f1:47:9c:
                    28:57:be:a9:f3:28:27:8a:bb:cb:2c:0a:8b:ac:90:
                    fb:6a:11:a7:12:52:e2:ab:25:51:5a:b9:c8:b4:c9:
                    d7:5d:fb:02:21:ac:97:ff:3d:15:17:8d:18:5c:cd:
                    f1:95:23:7f:26:85:b8:f1:ad:5d:d4:ae:e4:7e:c9:
                    d1:db:eb:93:4b:64:f6:e5:34:72:27:b7:2a:04:92:
                    fb:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:DB:97:65:74:1C:78:43:BE:0D:20:25:1E:15:BF:56:DD:57:5F:25
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:d5:41:d7:c4:d8:65:8c:88:8d:ac:47:e1:81:50:6b:5a:a0:
         60:bc:04:82:d8:76:79:61:4f:f7:a4:8c:46:b3:dd:0f:e9:5d:
         15:5e:db:86:24:cb:cb:9b:ac:cd:18:25:37:6e:8b:8c:f6:29:
         aa:5c:e3:05:72:a7:89:9f:da:a4:ab:42:bc:51:83:da:d5:1e:
         e1:a6:f1:d4:8e:bc:28:97:97:f4:6d:d5:20:36:85:a5:4d:96:
         19:35:1d:63:00:03:da:d2:4f:2e:f3:63:12:d3:7f:e4:9c:79:
         15:0c:e8:e7:1b:4e:57:38:34:bf:7d:ef:8d:0d:be:2d:00:05:
         ab:24:f6:9e:d8:42:00:19:a2:e2:7b:cc:82:36:84:47:f0:70:
         7e:ea:77:2d:f2:ac:c3:fd:b2:ab:90:86:7c:b5:57:02:bd:3c:
         51:23:ce:e0:59:5e:4c:f8:06:07:e6:f0:11:8f:d1:09:04:d8:
         df:6e:8d:cb:06:b8:cb:31:d4:30:06:bd:6b:ba:d9:bb:85:91:
         3c:3a:8c:b8:1c:ce:be:6c:a6:95:85:e5:54:0f:f4:44:81:40:
         1f:a3:4f:96:4f:20:e6:92:be:d8:8b:de:bd:f2:01:2d:27:2f:
         82:1d:ef:83:96:f6:95:01:d5:06:cd:de:04:76:a8:b1:78:85:
         cb:ac:bf:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iaNkN2KQ4rD1TSOlgKO7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjYwMzI5MDMwMTAwWhcNMjYwMzMwMDMwMTAwWjAzMTEwLwYDVQQD
EyhlNWRiOTc2NTc0MWM3ODQzYmUwZDIwMjUxZTE1YmY1NmRkNTc1ZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7Klsc69tXrVI5eUDYOD54l0hN4k
Ef5P1SyT72FosmrRFgbVFsfGZB/taOXCjyNb66UsVL+LL0fRb8TizEaU6oBgyJqL
3VvO+ZMU0wgsuDbk18l6sZSaj5PTTOn8KFro+f/0CgU1vaUjqfi+iVp3m7KOOFO+
Pm/zNyURN3gP5qC9qYHC/7QzvFGV0RT26Ysfczc76QDrvyHV/kscBEiMWjMZ9jKo
/ZxDZdBWwEi75ZbxR5woV76p8ygnirvLLAqLrJD7ahGnElLiqyVRWrnItMnXXfsC
IayX/z0VF40YXM3xlSN/JoW48a1d1K7kfsnR2+uTS2T25TRyJ7cqBJL79QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOXbl2V0HHhDvg0gJR4Vv1bdV18lMB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAltVB18TY
ZYyIjaxH4YFQa1qgYLwEgth2eWFP96SMRrPdD+ldFV7bhiTLy5uszRglN26LjPYp
qlzjBXKniZ/apKtCvFGD2tUe4abx1I68KJeX9G3VIDaFpU2WGTUdYwAD2tJPLvNj
EtN/5Jx5FQzo5xtOVzg0v33vjQ2+LQAFqyT2nthCABmi4nvMgjaER/Bwfup3LfKs
w/2yq5CGfLVXAr08USPO4FleTPgGB+bwEY/RCQTY326Nywa4yzHUMAa9a7rZu4WR
PDqMuBzOvmymlYXlVA/0RIFAH6NPlk8g5pK+2IvevfIBLScvgh3vg5b2lQHVBs3e
BHaosXiFy6y/Og==
-----END CERTIFICATE-----