Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          bFj60W6EdLHGr6FVxcoDzqINZNdvWg+zgiD1tssL8Hc=
Subject key identifier:   7A:AE:EB:00:19:56:EB:3E:D5:D0:0C:26:64:C6:34:F6:42:02:D0:D0
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       019D3A8B0D24D448058814334624DC3EA8E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          07DC
Signing time:             Sun 29 Mar 2026 17:01:24 +0000
Manifest this update:     Sun 29 Mar 2026 17:01:24 +0000
Manifest next update:     Mon 30 Mar 2026 17:01:24 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: kmIo5IBOZZPW+B4i53nyIZTcxAGT7JfUrX6U14oxbN0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:8b:0d:24:d4:48:05:88:14:33:46:24:dc:3e:a8:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: Mar 29 17:01:24 2026 GMT
            Not After : Mar 30 17:01:24 2026 GMT
        Subject: CN=7aaeeb001956eb3ed5d00c2664c634f64202d0d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:24:53:a7:0f:67:05:e0:73:ae:ab:ba:da:c2:
                    fc:d5:c0:cb:fa:b3:15:50:8c:37:89:36:c6:f9:87:
                    2b:46:12:60:9d:58:ab:db:0c:60:ee:40:d5:04:87:
                    75:35:97:21:a1:ac:b8:62:c2:9c:dd:9d:21:36:6d:
                    3f:cf:4b:ce:8c:b0:b1:be:1c:a1:c9:a3:5b:05:da:
                    53:7b:ec:69:93:4c:0f:e0:16:e8:6b:b5:c4:b0:7c:
                    ae:2d:b3:12:89:d8:cd:d7:c6:66:d9:f4:80:bf:6b:
                    7c:22:94:27:ce:dd:36:db:d3:39:20:42:3b:1c:11:
                    f3:d6:91:9b:25:a2:a0:03:49:d0:83:73:e2:aa:e7:
                    40:1b:74:98:32:56:ac:f7:bc:1c:71:15:2d:07:b3:
                    76:3c:b5:16:12:b2:4a:fa:cb:93:b9:a9:cd:a1:bc:
                    84:3f:f5:8a:ea:27:0a:8a:dd:4f:78:16:a0:21:c1:
                    48:00:bf:02:64:cd:26:f4:a3:5f:b4:2b:38:e2:a0:
                    d1:f8:b0:97:e8:b0:c9:80:a6:de:e5:c2:0c:da:82:
                    71:65:b1:6a:97:bf:5f:f4:05:0d:2e:ba:6d:a3:68:
                    bd:1c:94:72:4f:44:fc:aa:b1:12:b7:d5:2b:c3:0d:
                    8b:5d:b2:6f:1e:4d:12:ef:ff:b0:fd:f6:fa:90:1f:
                    7e:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:AE:EB:00:19:56:EB:3E:D5:D0:0C:26:64:C6:34:F6:42:02:D0:D0
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:10:1c:38:ff:4c:bf:5f:21:bd:5f:ec:b4:69:d9:15:f1:af:
         7d:01:21:14:99:da:a4:c6:f3:04:13:12:ef:44:f4:d9:45:01:
         f5:c9:a1:50:38:f8:e6:0d:52:b0:63:02:db:ad:33:93:ec:be:
         73:e2:54:11:00:47:c6:5d:86:fa:ac:c9:21:ab:46:fe:2b:f9:
         ca:e7:bc:b8:f1:dc:32:b4:01:da:99:bd:ec:5a:24:ec:dd:44:
         7f:f9:a6:af:50:fc:61:f2:52:7e:6e:50:75:e3:09:60:cb:ba:
         d0:b5:ae:64:10:ff:a9:86:be:7e:56:37:40:d9:63:cf:9d:75:
         89:22:1e:48:8e:5c:f9:14:9a:db:b6:cf:8a:f4:be:14:44:2e:
         5b:20:71:73:1b:c8:80:35:af:fb:f6:71:df:cb:03:f2:d0:39:
         a8:7d:34:34:6d:98:7c:66:86:e6:5d:6f:5f:92:44:2f:32:f3:
         88:4c:d2:7e:07:6c:8a:da:7b:39:7f:e6:f6:91:3a:ca:84:9d:
         f7:8d:9f:ff:cd:b2:fa:cd:ff:dc:7b:e8:49:e3:cf:21:4c:af:
         03:71:84:81:d4:ab:e9:17:fc:45:f4:40:e0:bc:bd:b8:6c:a9:
         2f:28:18:5c:a7:8d:08:8b:a0:f0:24:38:db:54:a1:1a:18:b9:
         e6:22:6b:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06iw0k1EgFiBQzRiTcPqjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjYwMzI5MTcwMTI0WhcNMjYwMzMwMTcwMTI0WjAzMTEwLwYDVQQD
Eyg3YWFlZWIwMDE5NTZlYjNlZDVkMDBjMjY2NGM2MzRmNjQyMDJkMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyRTpw9nBeBzrqu62sL81cDL+rMV
UIw3iTbG+YcrRhJgnVir2wxg7kDVBId1NZchoay4YsKc3Z0hNm0/z0vOjLCxvhyh
yaNbBdpTe+xpk0wP4Bboa7XEsHyuLbMSidjN18Zm2fSAv2t8IpQnzt0229M5IEI7
HBHz1pGbJaKgA0nQg3PiqudAG3SYMlas97wccRUtB7N2PLUWErJK+suTuanNobyE
P/WK6icKit1PeBagIcFIAL8CZM0m9KNftCs44qDR+LCX6LDJgKbe5cIM2oJxZbFq
l79f9AUNLrpto2i9HJRyT0T8qrESt9Urww2LXbJvHk0S7/+w/fb6kB9+/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHqu6wAZVus+1dAMJmTGNPZCAtDQMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWRAcOP9M
v18hvV/stGnZFfGvfQEhFJnapMbzBBMS70T02UUB9cmhUDj45g1SsGMC260zk+y+
c+JUEQBHxl2G+qzJIatG/iv5yue8uPHcMrQB2pm97Fok7N1Ef/mmr1D8YfJSfm5Q
deMJYMu60LWuZBD/qYa+flY3QNljz511iSIeSI5c+RSa27bPivS+FEQuWyBxcxvI
gDWv+/Zx38sD8tA5qH00NG2YfGaG5l1vX5JELzLziEzSfgdsitp7OX/m9pE6yoSd
942f/82y+s3/3HvoSePPIUyvA3GEgdSr6Rf8RfRA4Ly9uGypLygYXKeNCIug8CQ4
21ShGhi55iJrjQ==
-----END CERTIFICATE-----