Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft
File:                     d1xabqkPXz0AfBDkROO5Y7bTDMU.mft (raw, json)
Hash identifier:          shJiIsxDAOSUbsI8Zx4p3FgJSbW7A7x46uMk0IuLc4A=
Subject key identifier:   84:A0:43:52:D6:6B:43:42:4C:71:42:B8:A9:4B:86:9F:36:67:43:E3
Authority key identifier: 77:5C:5A:6E:A9:0F:5F:3D:00:7C:10:E4:44:E3:B9:63:B6:D3:0C:C5
Certificate issuer:       /CN=775c5a6ea90f5f3d007c10e444e3b963b6d30cc5
Certificate serial:       019D3752BF10CD9BC903684B252BC39632E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d1xabqkPXz0AfBDkROO5Y7bTDMU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft
Manifest number:          0668
Signing time:             Sun 29 Mar 2026 02:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:02 +0000
Files and hashes:         1: d1xabqkPXz0AfBDkROO5Y7bTDMU.crl (hash: F+72Wmr89fgSRo2n/YjK260ad3AuSCvjW9mAndSgWag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d1xabqkPXz0AfBDkROO5Y7bTDMU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:bf:10:cd:9b:c9:03:68:4b:25:2b:c3:96:32:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=775c5a6ea90f5f3d007c10e444e3b963b6d30cc5
        Validity
            Not Before: Mar 29 02:01:02 2026 GMT
            Not After : Mar 30 02:01:02 2026 GMT
        Subject: CN=84a04352d66b43424c7142b8a94b869f366743e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:83:02:56:73:4f:42:fe:2c:75:08:3b:c1:51:
                    f6:51:c2:b5:a1:cf:7b:37:59:8c:df:22:e2:b3:2c:
                    59:39:fd:28:d6:f9:8f:a7:ca:41:9b:7e:fc:b6:22:
                    e4:b6:3e:df:99:2b:25:29:35:f3:c4:5d:c4:87:9a:
                    18:bc:d0:07:a4:30:87:c8:27:43:de:26:60:32:6a:
                    c5:28:44:e6:f3:8e:71:2f:8a:f7:6b:23:cf:02:01:
                    36:be:71:91:f7:a7:f3:cc:89:94:6c:4d:66:b0:37:
                    ca:47:ce:71:75:f9:d2:0b:55:2f:4b:1c:ae:b8:e9:
                    cb:02:95:ad:b8:31:af:bf:53:b0:b2:59:34:e2:04:
                    50:58:65:62:0c:00:af:2f:54:f2:96:e6:50:76:5b:
                    6c:00:57:58:81:f8:e5:6f:6b:20:48:b0:00:6f:20:
                    ab:48:ed:16:9d:58:fe:a7:86:81:f3:3c:09:45:af:
                    d1:05:64:11:15:f3:2c:6e:71:2b:90:ba:dd:c4:e1:
                    8d:27:8b:3d:1e:ca:3a:50:6d:f1:53:e6:21:85:b8:
                    4e:f0:7a:34:84:43:c7:02:7f:f3:5a:b8:b0:69:2d:
                    77:3a:a3:20:88:98:5d:ac:3b:76:bd:e3:30:55:b7:
                    98:b3:c7:e2:02:66:d8:cb:8b:56:88:7e:b7:37:37:
                    c9:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:A0:43:52:D6:6B:43:42:4C:71:42:B8:A9:4B:86:9F:36:67:43:E3
            X509v3 Authority Key Identifier:
                keyid:77:5C:5A:6E:A9:0F:5F:3D:00:7C:10:E4:44:E3:B9:63:B6:D3:0C:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1xabqkPXz0AfBDkROO5Y7bTDMU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/968732-6d76-464d-97c4-e40a334691c9/1/d1xabqkPXz0AfBDkROO5Y7bTDMU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:ec:01:eb:d1:57:2c:8e:5f:1c:6f:85:2b:86:93:40:00:a5:
         08:27:8d:7e:2f:21:19:0f:8f:c5:8a:c7:16:88:7c:e3:a4:32:
         7f:4c:7a:77:78:03:c2:22:33:75:b6:93:a2:d5:c0:2e:e6:fa:
         b4:0d:b9:b5:49:d7:87:89:01:32:3a:77:6e:ed:30:fc:f8:2e:
         29:01:dc:67:3e:2b:f7:63:50:1c:e2:02:f7:b2:de:51:89:ac:
         74:e4:9b:91:77:75:35:c5:62:f8:58:0b:f6:81:cc:8c:1f:5d:
         0c:a7:ea:af:e4:c9:58:d7:eb:dd:c2:0d:3e:4a:89:38:c0:79:
         6b:c6:cf:2f:63:f5:20:9f:bb:5a:28:a5:76:06:c2:ab:15:c3:
         be:7b:55:0c:b9:82:49:6b:a5:a3:24:a3:46:9c:b2:d9:ed:1a:
         57:01:07:97:87:59:e6:ef:ae:0c:0f:c0:26:14:74:0d:9c:8a:
         84:c5:94:6a:3e:95:d2:6a:c5:5a:a9:e3:f1:d8:1d:70:5a:8a:
         5f:da:15:46:eb:da:e4:3c:af:35:36:9c:18:d2:65:a6:04:27:
         0f:16:a7:60:15:b0:13:44:c9:e0:3e:0c:01:0a:70:80:43:4a:
         95:85:e5:75:12:7d:30:f8:0f:58:64:7f:b9:30:51:a5:33:00:
         e9:13:58:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Ur8QzZvJA2hLJSvDljLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NWM1YTZlYTkwZjVmM2QwMDdjMTBlNDQ0ZTNiOTYzYjZk
MzBjYzUwHhcNMjYwMzI5MDIwMTAyWhcNMjYwMzMwMDIwMTAyWjAzMTEwLwYDVQQD
Eyg4NGEwNDM1MmQ2NmI0MzQyNGM3MTQyYjhhOTRiODY5ZjM2Njc0M2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIMCVnNPQv4sdQg7wVH2UcK1oc97
N1mM3yLisyxZOf0o1vmPp8pBm378tiLktj7fmSslKTXzxF3Eh5oYvNAHpDCHyCdD
3iZgMmrFKETm845xL4r3ayPPAgE2vnGR96fzzImUbE1msDfKR85xdfnSC1UvSxyu
uOnLApWtuDGvv1Owslk04gRQWGViDACvL1TyluZQdltsAFdYgfjlb2sgSLAAbyCr
SO0WnVj+p4aB8zwJRa/RBWQRFfMsbnErkLrdxOGNJ4s9Hso6UG3xU+YhhbhO8Ho0
hEPHAn/zWriwaS13OqMgiJhdrDt2veMwVbeYs8fiAmbYy4tWiH63NzfJrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISgQ1LWa0NCTHFCuKlLhp82Z0PjMB8GA1UdIwQY
MBaAFHdcWm6pD189AHwQ5ETjuWO20wzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDF4YWJxa1BYejBBZkJEa1JPTzVZN2JURE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Njg3MzItNmQ3Ni00NjRkLTk3YzQt
ZTQwYTMzNDY5MWM5LzEvZDF4YWJxa1BYejBBZkJEa1JPTzVZN2JURE1VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Njg3MzItNmQ3Ni00NjRkLTk3YzQtZTQwYTMzNDY5MWM5
LzEvZDF4YWJxa1BYejBBZkJEa1JPTzVZN2JURE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALewB69FX
LI5fHG+FK4aTQAClCCeNfi8hGQ+PxYrHFoh846Qyf0x6d3gDwiIzdbaTotXALub6
tA25tUnXh4kBMjp3bu0w/PguKQHcZz4r92NQHOIC97LeUYmsdOSbkXd1NcVi+FgL
9oHMjB9dDKfqr+TJWNfr3cINPkqJOMB5a8bPL2P1IJ+7WiildgbCqxXDvntVDLmC
SWuloySjRpyy2e0aVwEHl4dZ5u+uDA/AJhR0DZyKhMWUaj6V0mrFWqnj8dgdcFqK
X9oVRuva5DyvNTacGNJlpgQnDxanYBWwE0TJ4D4MAQpwgENKlYXldRJ9MPgPWGR/
uTBRpTMA6RNY0g==
-----END CERTIFICATE-----