Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
File:                     dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json)
Hash identifier:          erhUguQoyfF+loCVUDX37y7/IGgrDMWascCxTlOohsU=
Subject key identifier:   E8:49:A7:D3:A4:B7:86:F5:98:DD:17:4B:FA:70:BC:AE:51:21:F7:E0
Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84
Certificate issuer:       /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
Certificate serial:       019D3A53B60AAF2046E84E1C396BBBF2E129
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
Manifest number:          1345
Signing time:             Sun 29 Mar 2026 16:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:57 +0000
Files and hashes:         1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: Unq5Dzi7TqCe6wqbUCBccmOOE6nE3GwEkAKEJk2+CIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:b6:0a:af:20:46:e8:4e:1c:39:6b:bb:f2:e1:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
        Validity
            Not Before: Mar 29 16:00:57 2026 GMT
            Not After : Mar 30 16:00:57 2026 GMT
        Subject: CN=e849a7d3a4b786f598dd174bfa70bcae5121f7e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ba:8a:9e:bb:79:42:5b:a2:b4:af:19:99:d2:
                    1e:82:48:af:76:33:f2:a0:bb:2f:90:9f:91:35:ad:
                    e2:60:45:24:f2:80:db:f7:0c:90:16:2f:11:d7:e9:
                    99:d6:af:b8:f5:c2:6a:fc:e8:07:a2:6e:4c:8d:1c:
                    20:fd:5c:2e:f5:f0:9a:b8:e6:96:ad:51:61:5c:ad:
                    bf:9a:b2:17:10:8d:71:8d:3e:57:96:5c:7f:70:3c:
                    10:34:d0:39:4b:46:4a:39:55:f2:cf:a6:eb:6d:ed:
                    d8:99:7f:1a:31:f9:5f:00:2d:d0:e4:8b:22:b8:ec:
                    ee:12:a3:ac:b6:ce:49:0e:00:0e:28:af:27:3a:43:
                    a2:95:85:57:66:83:47:e9:a5:30:10:1a:6a:71:8f:
                    f5:1a:62:ee:73:1c:0b:7f:0a:fc:71:05:f1:0d:37:
                    c6:74:b9:20:0a:41:34:7b:02:f4:31:b0:5a:4a:eb:
                    77:30:0c:b9:93:06:01:04:ec:fb:5b:59:44:eb:1c:
                    55:5e:8a:13:26:92:3f:e5:2e:92:b1:e8:ec:3e:7c:
                    88:ef:22:59:5e:36:60:d7:56:ae:ab:27:16:9b:07:
                    ee:06:e8:1a:bb:ab:62:26:7b:d8:94:f6:d4:fa:7c:
                    1f:98:07:08:bf:d8:b5:bb:83:6d:54:a5:ad:c9:01:
                    f4:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:49:A7:D3:A4:B7:86:F5:98:DD:17:4B:FA:70:BC:AE:51:21:F7:E0
            X509v3 Authority Key Identifier:
                keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:d3:09:eb:7d:80:db:9c:63:31:c6:16:76:d2:90:1b:a1:7f:
         78:8f:90:5e:a3:16:08:39:55:83:15:8b:0e:b0:10:aa:45:4d:
         eb:dc:df:24:5b:2a:7c:8f:da:50:4b:1b:3e:f0:e9:5a:74:e1:
         63:23:85:86:65:1c:9b:ce:36:e8:14:80:52:8d:27:d3:a7:13:
         b2:2b:7b:2e:a2:21:20:50:23:73:45:22:f6:95:de:f7:f4:86:
         0b:23:c1:e1:f0:8b:8b:09:3e:12:be:ef:25:47:6f:3b:05:63:
         36:ba:f3:c5:d8:cf:14:06:08:6a:79:e8:65:92:d6:e5:83:2c:
         00:55:e1:9c:5a:ee:02:93:20:ea:10:cb:76:ff:d6:48:ea:11:
         4f:58:f4:f9:5c:9c:88:ef:bd:88:7b:08:2b:7d:ac:d3:13:84:
         1d:6b:6c:de:23:5a:51:98:df:ab:cc:8c:98:47:35:7a:cb:59:
         05:da:78:ee:78:74:f4:43:e6:c9:90:c4:de:43:88:53:36:36:
         58:fe:b4:80:18:74:e0:4b:6d:2b:9a:42:5e:fb:47:b8:54:ff:
         03:fa:e3:f8:57:59:af:14:ce:43:6f:36:d8:b9:84:34:85:d3:
         eb:57:a8:65:cf:93:a5:04:a8:27:38:db:bc:05:0b:f6:e9:23:
         b1:2c:11:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U7YKryBG6E4cOWu78uEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi
NTRjODQwHhcNMjYwMzI5MTYwMDU3WhcNMjYwMzMwMTYwMDU3WjAzMTEwLwYDVQQD
EyhlODQ5YTdkM2E0Yjc4NmY1OThkZDE3NGJmYTcwYmNhZTUxMjFmN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrqKnrt5QluitK8ZmdIegkivdjPy
oLsvkJ+RNa3iYEUk8oDb9wyQFi8R1+mZ1q+49cJq/OgHom5MjRwg/Vwu9fCauOaW
rVFhXK2/mrIXEI1xjT5Xllx/cDwQNNA5S0ZKOVXyz6brbe3YmX8aMflfAC3Q5Isi
uOzuEqOsts5JDgAOKK8nOkOilYVXZoNH6aUwEBpqcY/1GmLucxwLfwr8cQXxDTfG
dLkgCkE0ewL0MbBaSut3MAy5kwYBBOz7W1lE6xxVXooTJpI/5S6SsejsPnyI7yJZ
XjZg11auqycWmwfuBugau6tiJnvYlPbU+nwfmAcIv9i1u4NtVKWtyQH0NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOhJp9Okt4b1mN0XS/pwvK5RIffgMB8GA1UdIwQY
MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt
NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi
LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhdMJ632A
25xjMcYWdtKQG6F/eI+QXqMWCDlVgxWLDrAQqkVN69zfJFsqfI/aUEsbPvDpWnTh
YyOFhmUcm8426BSAUo0n06cTsit7LqIhIFAjc0Ui9pXe9/SGCyPB4fCLiwk+Er7v
JUdvOwVjNrrzxdjPFAYIannoZZLW5YMsAFXhnFruApMg6hDLdv/WSOoRT1j0+Vyc
iO+9iHsIK32s0xOEHWts3iNaUZjfq8yMmEc1estZBdp47nh09EPmyZDE3kOIUzY2
WP60gBh04EttK5pCXvtHuFT/A/rj+FdZrxTOQ2822LmENIXT61eoZc+TpQSoJzjb
vAUL9ukjsSwRag==
-----END CERTIFICATE-----