Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
File:                     Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft (raw, json)
Hash identifier:          GXSoH/jc3yZBBZBiTN3m98AZ6tdTZv6+SzxMrXBpqgw=
Subject key identifier:   C1:95:B9:DB:13:48:D3:41:B6:3A:6F:F5:AC:E5:B2:CE:72:3D:74:92
Authority key identifier: 46:7A:38:81:12:E6:8F:4C:7D:4D:80:C3:2D:37:CF:CD:6C:D2:3A:45
Certificate issuer:       /CN=467a388112e68f4c7d4d80c32d37cfcd6cd23a45
Certificate serial:       019D3909B2F7E8066B03EF858336BAA5BB09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
Manifest number:          154C
Signing time:             Sun 29 Mar 2026 10:00:30 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:30 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:30 +0000
Files and hashes:         1: Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl (hash: g2NP4ZOYgN8/PreJweYoC1TksJs+96zKJ8q3188FiR4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:b2:f7:e8:06:6b:03:ef:85:83:36:ba:a5:bb:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=467a388112e68f4c7d4d80c32d37cfcd6cd23a45
        Validity
            Not Before: Mar 29 10:00:30 2026 GMT
            Not After : Mar 30 10:00:30 2026 GMT
        Subject: CN=c195b9db1348d341b63a6ff5ace5b2ce723d7492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0d:72:04:df:b0:75:32:db:22:c3:fe:e9:15:
                    3d:f0:63:16:b8:a8:94:21:c0:c8:4d:69:f8:db:c4:
                    77:4b:c4:32:f7:dd:99:83:6a:d6:dc:a8:0f:80:d9:
                    6d:7f:68:7d:f2:7e:90:04:94:52:68:12:62:ba:84:
                    84:22:72:02:f0:c8:5d:5b:f3:40:6c:96:0a:07:42:
                    4a:c5:1f:34:8f:7c:b0:2e:2b:cc:ae:02:6c:d0:15:
                    21:8b:4b:b0:15:eb:b0:30:0a:1d:ff:3c:84:46:26:
                    6d:43:af:34:3b:0b:87:2e:d3:6a:dc:97:a1:e8:4c:
                    e1:47:99:53:64:76:4f:ae:0d:0f:ef:1f:be:34:8b:
                    53:b9:9b:39:72:33:c3:81:df:18:6a:ea:71:2a:c8:
                    ab:a4:be:81:d3:89:b6:cd:be:97:43:9d:c2:44:ae:
                    d0:f9:60:7d:d1:33:88:41:4d:a2:b2:29:72:34:1c:
                    98:9f:a5:98:2f:d2:e7:b6:30:e7:df:ae:cf:8c:53:
                    af:4f:b2:f7:8e:65:4b:0e:d2:85:90:80:f5:45:fe:
                    bd:51:ec:ab:a0:be:9f:56:88:1d:ed:a0:d4:c8:0b:
                    24:a7:fe:e0:35:92:43:40:f9:12:13:be:13:b4:a6:
                    88:df:20:f0:2e:e7:5f:0b:41:99:11:d1:9f:cc:52:
                    0b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:95:B9:DB:13:48:D3:41:B6:3A:6F:F5:AC:E5:B2:CE:72:3D:74:92
            X509v3 Authority Key Identifier:
                keyid:46:7A:38:81:12:E6:8F:4C:7D:4D:80:C3:2D:37:CF:CD:6C:D2:3A:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:fb:d6:a2:86:5f:7f:26:7f:06:bd:a4:80:11:0d:13:7c:e2:
         cc:cf:f3:a2:62:83:75:39:1a:ee:9b:8d:72:c8:8a:df:8e:59:
         bb:14:d7:53:79:28:72:5f:80:d5:57:e3:80:dc:a8:c5:08:bc:
         58:bd:bb:5e:0d:55:45:b2:50:f5:77:f9:93:c1:28:67:57:7a:
         41:9a:3e:18:53:e5:ca:bc:db:e2:73:73:75:ed:fa:da:6a:02:
         4d:ca:f6:7f:b1:b6:bf:2e:8a:df:f4:09:bf:a7:2a:fa:ff:7e:
         71:0d:33:49:d8:b3:85:a0:a7:e2:88:0d:8f:09:ab:25:07:89:
         ca:50:00:43:80:97:b5:e0:da:43:d4:d5:cb:5a:db:c1:da:93:
         10:ec:69:42:83:f4:38:a8:9b:f6:18:a0:45:2e:64:95:2f:66:
         4b:44:45:0e:d8:d5:68:8f:a7:17:4f:15:e8:01:c9:a3:30:07:
         83:ab:32:b8:bb:1a:91:16:bf:17:e3:1b:6e:e2:96:83:a2:fe:
         fb:88:2e:6c:4c:53:4b:ab:bd:10:85:8f:8d:48:ba:69:ed:03:
         e8:f5:b8:8b:b3:e5:5a:b3:3d:20:49:ec:38:6e:e5:83:9a:0e:
         d6:1e:b1:d2:ce:35:20:61:0a:ca:c1:a1:57:0a:f5:14:fd:30:
         fb:f6:48:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CbL36AZrA++Fgza6pbsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2N2EzODgxMTJlNjhmNGM3ZDRkODBjMzJkMzdjZmNkNmNk
MjNhNDUwHhcNMjYwMzI5MTAwMDMwWhcNMjYwMzMwMTAwMDMwWjAzMTEwLwYDVQQD
EyhjMTk1YjlkYjEzNDhkMzQxYjYzYTZmZjVhY2U1YjJjZTcyM2Q3NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ1yBN+wdTLbIsP+6RU98GMWuKiU
IcDITWn428R3S8Qy992Zg2rW3KgPgNltf2h98n6QBJRSaBJiuoSEInIC8MhdW/NA
bJYKB0JKxR80j3ywLivMrgJs0BUhi0uwFeuwMAod/zyERiZtQ680OwuHLtNq3Jeh
6EzhR5lTZHZPrg0P7x++NItTuZs5cjPDgd8YaupxKsirpL6B04m2zb6XQ53CRK7Q
+WB90TOIQU2isilyNByYn6WYL9LntjDn367PjFOvT7L3jmVLDtKFkID1Rf69Ueyr
oL6fVogd7aDUyAskp/7gNZJDQPkSE74TtKaI3yDwLudfC0GZEdGfzFILQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMGVudsTSNNBtjpv9azlss5yPXSSMB8GA1UdIwQY
MBaAFEZ6OIES5o9MfU2Awy03z81s0jpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xZDc3MjctYTRkZS00YWU4LWI2YzUt
YzcxODQ1YTAxNzQ5LzEvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xZDc3MjctYTRkZS00YWU4LWI2YzUtYzcxODQ1YTAxNzQ5
LzEvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW/vWooZf
fyZ/Br2kgBENE3zizM/zomKDdTka7puNcsiK345ZuxTXU3kocl+A1VfjgNyoxQi8
WL27Xg1VRbJQ9Xf5k8EoZ1d6QZo+GFPlyrzb4nNzde362moCTcr2f7G2vy6K3/QJ
v6cq+v9+cQ0zSdizhaCn4ogNjwmrJQeJylAAQ4CXteDaQ9TVy1rbwdqTEOxpQoP0
OKib9higRS5klS9mS0RFDtjVaI+nF08V6AHJozAHg6syuLsakRa/F+MbbuKWg6L+
+4gubExTS6u9EIWPjUi6ae0D6PW4i7PlWrM9IEnsOG7lg5oO1h6x0s41IGEKysGh
Vwr1FP0w+/ZImg==
-----END CERTIFICATE-----