Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
File:                     A2x42XMHxhcQhWc4FBzAvTlczJ4.mft (raw, json)
Hash identifier:          JuRhQD03aELd/is/0TFm0lBW8TTE6ynI2ZzdWlqhQOg=
Subject key identifier:   0D:13:A8:24:7B:99:1E:C2:75:57:4E:E5:2F:81:DB:C2:07:65:0E:94
Authority key identifier: 03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E
Certificate issuer:       /CN=036c78d97307c61710856738141cc0bd395ccc9e
Certificate serial:       019D39779AB90392D135B7C5F8B767931484
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
Manifest number:          031E
Signing time:             Sun 29 Mar 2026 12:00:32 +0000
Manifest this update:     Sun 29 Mar 2026 12:00:32 +0000
Manifest next update:     Mon 30 Mar 2026 12:00:32 +0000
Files and hashes:         1: A2x42XMHxhcQhWc4FBzAvTlczJ4.crl (hash: wXj0lLg47PEsB16QuL66tPixGemTyw1p2fx15YlfmHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:77:9a:b9:03:92:d1:35:b7:c5:f8:b7:67:93:14:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036c78d97307c61710856738141cc0bd395ccc9e
        Validity
            Not Before: Mar 29 12:00:32 2026 GMT
            Not After : Mar 30 12:00:32 2026 GMT
        Subject: CN=0d13a8247b991ec275574ee52f81dbc207650e94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7c:dc:c8:8e:c1:bd:86:73:bd:35:8f:40:21:
                    9f:1c:7b:da:03:c1:b4:3c:fd:3f:0c:d1:b7:c3:bd:
                    c9:44:60:81:b8:5e:b9:b1:6c:f7:c3:80:5f:21:6c:
                    bb:90:56:84:e2:8e:aa:92:24:70:e7:c3:84:3a:73:
                    10:04:f4:55:c8:63:63:ab:81:7d:35:48:81:94:6d:
                    6d:7e:a6:39:ba:74:97:74:9d:53:62:d4:89:70:0b:
                    19:d5:8b:a9:a1:11:be:b9:f5:f3:1a:b7:06:9b:ef:
                    3f:b2:44:a2:39:ae:08:09:b2:5e:a7:14:9f:9a:bd:
                    1f:d3:0a:c3:fd:78:4d:99:11:c5:e3:f5:5f:79:19:
                    75:4f:1e:cb:af:d5:04:34:2a:f8:2a:4a:35:60:d6:
                    2a:dd:8b:44:36:32:82:67:8e:4a:fd:7c:27:41:84:
                    1c:68:fb:52:78:30:59:b9:84:d2:75:30:a5:18:bf:
                    0a:c4:f0:39:f6:87:18:4e:2e:36:5c:4d:96:50:f6:
                    64:66:96:5c:96:c9:12:f1:e4:10:b6:26:34:90:03:
                    6d:4c:90:f0:15:00:c9:3f:4e:9c:72:a5:90:29:f6:
                    f2:19:66:da:24:3b:8b:55:be:c4:e9:0b:b0:27:85:
                    0b:9b:b3:de:0a:2c:7f:13:0a:94:e8:97:38:fb:78:
                    a8:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:13:A8:24:7B:99:1E:C2:75:57:4E:E5:2F:81:DB:C2:07:65:0E:94
            X509v3 Authority Key Identifier:
                keyid:03:6C:78:D9:73:07:C6:17:10:85:67:38:14:1C:C0:BD:39:5C:CC:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2x42XMHxhcQhWc4FBzAvTlczJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dc7117-8851-4322-9c79-e0755f089c1a/1/A2x42XMHxhcQhWc4FBzAvTlczJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:d0:4f:6e:0e:5d:ab:c0:3f:af:74:d3:9e:9e:cb:70:bd:4d:
         97:43:87:73:ee:e1:6b:39:e3:34:24:90:2b:e2:47:c2:14:29:
         5a:48:e4:a8:a9:63:94:8f:65:04:d2:11:44:76:be:46:0a:13:
         dd:c9:c6:88:e2:92:f6:0b:86:cb:4a:0f:37:1d:cf:ca:8c:0c:
         f3:fc:87:13:af:82:06:b0:55:58:b1:18:58:bb:e2:65:80:31:
         f4:8f:b5:cd:72:38:1d:00:4a:bc:7d:4c:34:07:c1:77:38:df:
         e5:23:8c:ab:53:b7:1a:46:c1:29:f1:aa:5c:d9:32:7f:6f:b7:
         d0:dd:e9:f4:23:af:29:ab:2f:18:5e:c5:ed:45:8e:92:5a:35:
         71:7f:db:4d:dc:7d:8b:a2:af:ba:a3:a6:07:ac:96:b9:a2:d4:
         05:9c:6f:0e:ea:54:98:2a:54:0c:7b:30:f9:b9:b7:69:4c:7c:
         e8:a7:f0:8f:4c:0e:a4:75:15:c0:e2:da:5c:6a:db:59:f4:7d:
         47:9f:e0:b4:93:8b:0b:18:28:e3:e8:5a:51:f3:0a:28:16:f9:
         83:99:ca:23:c6:18:5a:d1:39:54:63:f0:ac:2d:d4:e7:db:8c:
         41:27:8e:14:6a:99:29:39:ac:7d:46:77:d6:28:26:21:c5:d5:
         5d:82:31:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d5q5A5LRNbfF+LdnkxSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNmM3OGQ5NzMwN2M2MTcxMDg1NjczODE0MWNjMGJkMzk1
Y2NjOWUwHhcNMjYwMzI5MTIwMDMyWhcNMjYwMzMwMTIwMDMyWjAzMTEwLwYDVQQD
EygwZDEzYTgyNDdiOTkxZWMyNzU1NzRlZTUyZjgxZGJjMjA3NjUwZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3zcyI7BvYZzvTWPQCGfHHvaA8G0
PP0/DNG3w73JRGCBuF65sWz3w4BfIWy7kFaE4o6qkiRw58OEOnMQBPRVyGNjq4F9
NUiBlG1tfqY5unSXdJ1TYtSJcAsZ1YupoRG+ufXzGrcGm+8/skSiOa4ICbJepxSf
mr0f0wrD/XhNmRHF4/VfeRl1Tx7Lr9UENCr4Kko1YNYq3YtENjKCZ45K/XwnQYQc
aPtSeDBZuYTSdTClGL8KxPA59ocYTi42XE2WUPZkZpZclskS8eQQtiY0kANtTJDw
FQDJP06ccqWQKfbyGWbaJDuLVb7E6QuwJ4ULm7PeCix/EwqU6Jc4+3io6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0TqCR7mR7CdVdO5S+B28IHZQ6UMB8GA1UdIwQY
MBaAFANseNlzB8YXEIVnOBQcwL05XMyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzkt
ZTA3NTVmMDg5YzFhLzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kYzcxMTctODg1MS00MzIyLTljNzktZTA3NTVmMDg5YzFh
LzEvQTJ4NDJYTUh4aGNRaFdjNEZCekF2VGxjeko0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALNBPbg5d
q8A/r3TTnp7LcL1Nl0OHc+7haznjNCSQK+JHwhQpWkjkqKljlI9lBNIRRHa+RgoT
3cnGiOKS9guGy0oPNx3PyowM8/yHE6+CBrBVWLEYWLviZYAx9I+1zXI4HQBKvH1M
NAfBdzjf5SOMq1O3GkbBKfGqXNkyf2+30N3p9COvKasvGF7F7UWOklo1cX/bTdx9
i6KvuqOmB6yWuaLUBZxvDupUmCpUDHsw+bm3aUx86Kfwj0wOpHUVwOLaXGrbWfR9
R5/gtJOLCxgo4+haUfMKKBb5g5nKI8YYWtE5VGPwrC3U59uMQSeOFGqZKTmsfUZ3
1igmIcXVXYIxiA==
-----END CERTIFICATE-----