Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          D219cCJ+UWAh+35tn+RWd86DTSEVG3lRhC6JoCrcmyA=
Subject key identifier:   D6:D3:BE:36:71:4E:B0:16:1D:53:5D:0D:25:B5:2C:D6:3E:1E:BC:9E
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       019D3865FE680BD54AEE9ECCC8343A418EE1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          0A46
Signing time:             Sun 29 Mar 2026 07:01:41 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:41 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:41 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: F/mpFvu0I4PQPenYhrvdltTieOy+QCBy9VMHyhvGR1Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:fe:68:0b:d5:4a:ee:9e:cc:c8:34:3a:41:8e:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Mar 29 07:01:41 2026 GMT
            Not After : Mar 30 07:01:41 2026 GMT
        Subject: CN=d6d3be36714eb0161d535d0d25b52cd63e1ebc9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:94:80:50:9e:fd:f9:c4:83:db:60:28:92:3c:
                    ac:53:34:e0:47:a1:b2:8d:d1:17:04:74:bd:39:77:
                    af:e0:25:7c:d8:e6:cf:44:60:78:c4:fb:b7:4f:09:
                    41:01:a2:fe:5d:78:57:c3:81:89:87:f2:13:7e:33:
                    4e:42:4e:15:fc:d9:57:cd:30:c7:71:99:31:0d:b5:
                    c5:aa:eb:a7:03:94:02:37:df:da:ca:f7:a4:47:c6:
                    c0:af:b1:33:30:96:64:36:9b:6d:01:90:00:12:b2:
                    e4:17:94:77:18:b3:33:65:1f:5c:12:a3:aa:6b:c6:
                    f0:98:8f:d7:20:39:9d:26:d5:cc:20:eb:b0:12:49:
                    40:eb:ea:39:71:d9:97:61:1f:3b:1a:42:9e:93:e9:
                    f3:1a:cc:73:6e:80:44:56:c8:02:c6:43:bd:16:9e:
                    2e:51:0d:89:24:96:f6:18:45:8a:98:8c:53:33:d6:
                    ad:1e:60:a7:e5:45:3b:51:68:45:ea:83:ff:48:5a:
                    46:eb:dc:db:0a:cf:84:8a:e6:08:a0:b4:78:ce:25:
                    d4:2a:ed:0b:0c:d0:65:16:a2:3a:8f:4f:97:a1:31:
                    ca:30:cd:2b:09:dc:74:1e:d9:d3:2c:b6:e9:74:c0:
                    f5:d1:55:b4:73:12:47:56:96:97:2c:9d:00:22:b3:
                    14:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:D3:BE:36:71:4E:B0:16:1D:53:5D:0D:25:B5:2C:D6:3E:1E:BC:9E
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:a1:10:1f:e6:5a:29:12:e1:2a:c3:c8:34:e1:4f:7d:45:53:
         05:a3:93:c5:4e:83:46:20:dd:bb:b8:42:16:a9:d0:95:15:1b:
         bb:76:69:19:d0:27:d4:e8:4c:5c:f3:91:c5:12:29:2a:d8:de:
         9f:6d:80:a3:e1:6f:e0:d1:91:06:8e:6f:86:ef:1a:71:57:75:
         08:50:03:72:07:44:b0:76:76:41:65:b3:76:cb:65:a9:6f:54:
         82:bd:17:c8:87:02:d8:e0:7c:f1:ac:bc:30:07:72:55:e8:15:
         29:8f:64:64:ef:fa:b0:cf:f5:9c:34:2f:29:28:63:42:83:32:
         d9:1b:9b:dc:c6:5e:a5:0a:2b:1a:14:95:d9:33:fd:e0:7d:96:
         6a:3a:63:53:1e:26:1b:a5:ec:5c:21:4f:4e:d9:34:b6:45:0a:
         3b:ef:29:58:07:68:c0:d1:5f:2e:c0:41:3e:82:e7:8b:11:2c:
         96:bc:77:5a:87:0c:fc:a9:99:38:dc:74:e3:1e:42:2c:6d:d4:
         f3:67:b7:eb:23:fa:0d:fc:d3:e6:2c:85:17:1f:42:39:52:57:
         ea:26:e4:9e:0c:00:34:2a:18:2e:4d:20:5f:2f:6d:38:d9:77:
         57:76:fc:f3:91:d1:85:f4:62:aa:62:c2:d6:43:fa:c6:58:e4:
         05:f4:e4:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zf5oC9VK7p7MyDQ6QY7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjYwMzI5MDcwMTQxWhcNMjYwMzMwMDcwMTQxWjAzMTEwLwYDVQQD
EyhkNmQzYmUzNjcxNGViMDE2MWQ1MzVkMGQyNWI1MmNkNjNlMWViYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZSAUJ79+cSD22AokjysUzTgR6Gy
jdEXBHS9OXev4CV82ObPRGB4xPu3TwlBAaL+XXhXw4GJh/ITfjNOQk4V/NlXzTDH
cZkxDbXFquunA5QCN9/ayvekR8bAr7EzMJZkNpttAZAAErLkF5R3GLMzZR9cEqOq
a8bwmI/XIDmdJtXMIOuwEklA6+o5cdmXYR87GkKek+nzGsxzboBEVsgCxkO9Fp4u
UQ2JJJb2GEWKmIxTM9atHmCn5UU7UWhF6oP/SFpG69zbCs+EiuYIoLR4ziXUKu0L
DNBlFqI6j0+XoTHKMM0rCdx0HtnTLLbpdMD10VW0cxJHVpaXLJ0AIrMU4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbTvjZxTrAWHVNdDSW1LNY+HryeMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApaEQH+Za
KRLhKsPINOFPfUVTBaOTxU6DRiDdu7hCFqnQlRUbu3ZpGdAn1OhMXPORxRIpKtje
n22Ao+Fv4NGRBo5vhu8acVd1CFADcgdEsHZ2QWWzdstlqW9Ugr0XyIcC2OB88ay8
MAdyVegVKY9kZO/6sM/1nDQvKShjQoMy2Rub3MZepQorGhSV2TP94H2WajpjUx4m
G6XsXCFPTtk0tkUKO+8pWAdowNFfLsBBPoLnixEslrx3WocM/KmZONx04x5CLG3U
82e36yP6DfzT5iyFFx9COVJX6ibkngwANCoYLk0gXy9tONl3V3b885HRhfRiqmLC
1kP6xljkBfTkwA==
-----END CERTIFICATE-----