Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
File:                     4T3UuB8fx53U2mQo-cKgJzRX_wY.mft (raw, json)
Hash identifier:          R9UwZ7cmhHM+g2SVp1yZD6zSc19/WEx46MMCayWANIE=
Subject key identifier:   23:5E:51:5B:E0:51:1A:17:67:47:A2:80:66:1C:8B:21:EF:20:8C:2C
Authority key identifier: E1:3D:D4:B8:1F:1F:C7:9D:D4:DA:64:28:F9:C2:A0:27:34:57:FF:06
Certificate issuer:       /CN=e13dd4b81f1fc79dd4da6428f9c2a0273457ff06
Certificate serial:       019D39AEBC99FDA5C43DE4625D6A6CD98A58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
Manifest number:          0709
Signing time:             Sun 29 Mar 2026 13:00:45 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:45 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:45 +0000
Files and hashes:         1: 4T3UuB8fx53U2mQo-cKgJzRX_wY.crl (hash: KW1KHIfrNKp8jf3PX7qiY4tubhDgqfebZ+o038HbzJ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 13:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:bc:99:fd:a5:c4:3d:e4:62:5d:6a:6c:d9:8a:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e13dd4b81f1fc79dd4da6428f9c2a0273457ff06
        Validity
            Not Before: Mar 29 13:00:45 2026 GMT
            Not After : Mar 30 13:00:45 2026 GMT
        Subject: CN=235e515be0511a176747a280661c8b21ef208c2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:fc:fe:04:82:25:02:c5:a5:d7:6b:75:27:bd:
                    95:4e:42:c9:95:44:28:28:fa:5a:d7:d1:09:e5:52:
                    01:7d:7e:03:e6:c8:ad:c6:1b:9f:ab:72:fe:47:92:
                    e4:66:9b:ce:31:42:9e:24:b8:08:43:a8:2f:37:fd:
                    1a:9b:93:1b:23:b7:5e:0b:83:42:c8:65:17:fa:9d:
                    50:ea:2a:b0:5b:95:91:c0:a8:80:c1:e4:8d:d2:09:
                    db:e6:f9:94:ad:d3:ae:4a:66:1e:ca:d5:76:28:0d:
                    96:7e:29:c3:bf:16:11:7c:49:a4:32:88:cf:af:18:
                    de:a0:c2:ed:62:20:16:66:7d:db:e3:91:42:8a:94:
                    94:84:d2:85:4f:96:2e:02:28:20:b4:93:96:fb:cc:
                    93:41:f3:47:9b:a0:cb:69:6c:29:09:fd:8d:fd:d9:
                    4a:be:7d:d3:6b:c8:33:c0:24:cb:39:aa:96:a4:af:
                    f5:27:11:27:9d:63:7d:21:34:72:eb:48:af:21:ae:
                    25:da:63:48:f6:2c:88:ca:43:30:a6:24:82:12:70:
                    d2:41:f5:79:bc:0f:de:77:13:7d:49:3b:42:20:20:
                    1d:59:7a:00:dd:af:bb:f1:f7:6b:df:e7:b6:77:c1:
                    61:e1:22:57:05:85:37:f1:7a:f9:b1:7e:4c:b9:88:
                    4e:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:5E:51:5B:E0:51:1A:17:67:47:A2:80:66:1C:8B:21:EF:20:8C:2C
            X509v3 Authority Key Identifier:
                keyid:E1:3D:D4:B8:1F:1F:C7:9D:D4:DA:64:28:F9:C2:A0:27:34:57:FF:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4T3UuB8fx53U2mQo-cKgJzRX_wY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/0b5bd7-603b-4a5c-8a98-d563959d277d/1/4T3UuB8fx53U2mQo-cKgJzRX_wY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:09:bf:2d:ce:d4:16:b4:69:c2:59:60:2c:32:e9:f1:a7:01:
         59:92:cb:66:ff:66:72:72:de:8f:f1:cb:25:87:c1:56:fd:38:
         0d:48:a3:e9:d3:f4:db:67:fd:3e:2f:c4:3b:69:a9:74:68:7c:
         98:f4:0d:5b:9e:89:1f:3c:b1:4d:fb:da:d7:71:6f:fc:cc:4d:
         51:4d:01:fb:a0:6f:95:35:3e:ed:26:03:b2:3c:73:a7:de:74:
         29:9b:1a:52:ee:89:f1:a2:5e:c3:f6:2d:a5:97:70:91:3a:4d:
         a7:1e:bd:18:ac:56:be:7e:05:b0:9e:71:84:47:67:69:8e:d9:
         8d:7e:b1:e1:09:38:fc:79:4b:d6:38:52:c5:8a:44:54:c4:72:
         6a:9e:a8:0b:ff:f9:16:28:b1:42:72:65:09:04:bd:6e:4e:8f:
         0d:c8:65:bf:3e:cd:8a:28:d7:6a:67:f1:3c:bf:8e:33:99:3e:
         7d:48:99:96:2f:f2:ff:4f:09:73:65:9e:e0:d3:7f:b4:8a:25:
         8a:95:26:c1:df:d5:48:fe:4a:a9:b9:d6:3f:9f:c4:9c:e3:8c:
         58:24:07:fd:57:55:1d:fa:cb:4a:8d:0d:65:05:7a:b0:27:0b:
         15:b3:c1:41:90:13:9f:29:d9:0c:40:82:b5:4a:65:21:64:6f:
         9c:57:f1:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rryZ/aXEPeRiXWps2YpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxM2RkNGI4MWYxZmM3OWRkNGRhNjQyOGY5YzJhMDI3MzQ1
N2ZmMDYwHhcNMjYwMzI5MTMwMDQ1WhcNMjYwMzMwMTMwMDQ1WjAzMTEwLwYDVQQD
EygyMzVlNTE1YmUwNTExYTE3Njc0N2EyODA2NjFjOGIyMWVmMjA4YzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPz+BIIlAsWl12t1J72VTkLJlUQo
KPpa19EJ5VIBfX4D5sitxhufq3L+R5LkZpvOMUKeJLgIQ6gvN/0am5MbI7deC4NC
yGUX+p1Q6iqwW5WRwKiAweSN0gnb5vmUrdOuSmYeytV2KA2WfinDvxYRfEmkMojP
rxjeoMLtYiAWZn3b45FCipSUhNKFT5YuAiggtJOW+8yTQfNHm6DLaWwpCf2N/dlK
vn3Ta8gzwCTLOaqWpK/1JxEnnWN9ITRy60ivIa4l2mNI9iyIykMwpiSCEnDSQfV5
vA/edxN9STtCICAdWXoA3a+78fdr3+e2d8Fh4SJXBYU38Xr5sX5MuYhOrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNeUVvgURoXZ0eigGYciyHvIIwsMB8GA1UdIwQY
MBaAFOE91LgfH8ed1NpkKPnCoCc0V/8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wYjViZDctNjAzYi00YTVjLThhOTgt
ZDU2Mzk1OWQyNzdkLzEvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wYjViZDctNjAzYi00YTVjLThhOTgtZDU2Mzk1OWQyNzdk
LzEvNFQzVXVCOGZ4NTNVMm1Rby1jS2dKelJYX3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADQm/Lc7U
FrRpwllgLDLp8acBWZLLZv9mcnLej/HLJYfBVv04DUij6dP022f9Pi/EO2mpdGh8
mPQNW56JHzyxTfva13Fv/MxNUU0B+6BvlTU+7SYDsjxzp950KZsaUu6J8aJew/Yt
pZdwkTpNpx69GKxWvn4FsJ5xhEdnaY7ZjX6x4Qk4/HlL1jhSxYpEVMRyap6oC//5
FiixQnJlCQS9bk6PDchlvz7NiijXamfxPL+OM5k+fUiZli/y/08Jc2We4NN/tIol
ipUmwd/VSP5KqbnWP5/EnOOMWCQH/VdVHfrLSo0NZQV6sCcLFbPBQZATnynZDECC
tUplIWRvnFfxsw==
-----END CERTIFICATE-----