Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
File:                     St2XYC4ZGOerwfYtz9TaynNJmz4.mft (raw, json)
Hash identifier:          dWLs+k10Nw6u+QOw5Z5+yGlvRNbzhkE0gZV+IUnesF8=
Subject key identifier:   4B:1B:0C:39:DC:D5:A7:DB:E2:E8:D9:33:7A:53:5F:FE:FF:F0:B3:CA
Authority key identifier: 4A:DD:97:60:2E:19:18:E7:AB:C1:F6:2D:CF:D4:DA:CA:73:49:9B:3E
Certificate issuer:       /CN=4add97602e1918e7abc1f62dcfd4daca73499b3e
Certificate serial:       019D38D2951D3A70547F6373980782AA51D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
Manifest number:          03FB
Signing time:             Sun 29 Mar 2026 09:00:17 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:17 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:17 +0000
Files and hashes:         1: St2XYC4ZGOerwfYtz9TaynNJmz4.crl (hash: n/7AglBM9nPnEZVZBkAOA6jbplXiOFk7l03/+eTj8vE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:95:1d:3a:70:54:7f:63:73:98:07:82:aa:51:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4add97602e1918e7abc1f62dcfd4daca73499b3e
        Validity
            Not Before: Mar 29 09:00:17 2026 GMT
            Not After : Mar 30 09:00:17 2026 GMT
        Subject: CN=4b1b0c39dcd5a7dbe2e8d9337a535ffefff0b3ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:07:1d:6f:23:0c:32:7a:ef:cd:8e:09:89:c7:
                    d2:bd:26:e6:bb:c5:ea:fd:37:03:f1:42:d9:ca:06:
                    47:0b:75:4b:39:f4:d3:79:4d:c7:02:5a:8c:a4:b0:
                    e3:7a:f2:ae:91:ee:9b:c1:f4:df:dd:c2:22:04:c5:
                    b4:24:31:c9:60:99:a3:e0:91:09:37:1d:00:3e:50:
                    6f:f0:d6:87:5b:ab:e4:a0:ba:50:68:19:5c:0d:df:
                    f8:33:0a:1d:49:0d:6f:ed:2b:17:c2:42:aa:39:29:
                    d9:dc:bd:e8:66:2f:ed:6b:1d:66:eb:3c:f9:95:a7:
                    ca:64:fd:fb:f3:55:68:e4:b0:0a:2a:9a:a7:25:27:
                    f2:0b:02:f9:c1:68:04:dd:ae:62:32:bc:7e:d3:3c:
                    53:25:37:17:af:4a:c6:2b:e3:d1:85:d8:8b:81:23:
                    a4:d0:d0:a1:62:02:18:c3:be:d5:9d:ae:df:68:8f:
                    59:97:7e:40:f6:2e:42:41:59:85:6c:49:ab:10:1a:
                    94:33:83:33:5d:2e:dc:26:4e:09:e3:84:29:8f:ec:
                    92:6d:bb:a6:49:f0:57:46:c6:58:1e:cf:f2:8b:ab:
                    6d:5f:c8:fd:3e:86:ee:5f:2d:97:b9:05:d2:bd:e3:
                    0c:75:46:b6:71:e8:36:7f:8c:82:53:54:31:17:81:
                    7e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:1B:0C:39:DC:D5:A7:DB:E2:E8:D9:33:7A:53:5F:FE:FF:F0:B3:CA
            X509v3 Authority Key Identifier:
                keyid:4A:DD:97:60:2E:19:18:E7:AB:C1:F6:2D:CF:D4:DA:CA:73:49:9B:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/St2XYC4ZGOerwfYtz9TaynNJmz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/57542a-e1ac-4014-86fe-12e5e8173201/1/St2XYC4ZGOerwfYtz9TaynNJmz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:50:c5:1b:1d:7d:06:26:93:2a:67:41:d6:21:2d:e7:e2:77:
         71:5f:76:f3:cf:65:57:16:00:f2:77:57:0e:93:6c:24:a4:e7:
         85:3c:db:cd:2d:34:6f:e1:0b:e3:7e:83:3b:90:1c:1a:98:e5:
         4a:b0:42:c1:ee:cf:ac:68:ab:47:1c:bc:5a:78:72:fe:d3:d8:
         98:30:1c:55:2c:bd:b6:29:32:77:3b:9e:68:d3:03:7a:46:e2:
         b1:d2:75:84:e1:00:d0:34:81:39:68:36:49:30:d2:80:72:bd:
         dc:ee:4a:fa:dd:c0:19:8b:39:b7:27:e2:fc:1b:ba:52:43:c1:
         35:93:33:dc:d1:49:35:92:ed:41:d6:51:cd:09:5d:ec:6a:0e:
         cc:b0:50:df:57:29:86:14:a9:a4:8d:63:05:da:d9:1c:8d:4b:
         1e:f3:1b:c6:68:ad:83:c0:c0:f0:4e:70:d1:91:e4:73:62:65:
         d9:54:1c:71:39:19:7a:88:1d:bd:80:d1:9b:d0:c1:1e:51:6a:
         d4:29:5a:66:03:7c:f4:f2:be:ac:48:5c:ba:db:6c:58:76:8f:
         76:7f:48:6a:1a:01:1c:e1:e3:b7:dc:d1:ed:90:18:4e:eb:5e:
         4f:1f:90:05:63:40:f5:b9:26:82:37:a9:20:19:d5:83:0e:f3:
         d8:95:b3:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040pUdOnBUf2NzmAeCqlHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZGQ5NzYwMmUxOTE4ZTdhYmMxZjYyZGNmZDRkYWNhNzM0
OTliM2UwHhcNMjYwMzI5MDkwMDE3WhcNMjYwMzMwMDkwMDE3WjAzMTEwLwYDVQQD
Eyg0YjFiMGMzOWRjZDVhN2RiZTJlOGQ5MzM3YTUzNWZmZWZmZjBiM2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QcdbyMMMnrvzY4JicfSvSbmu8Xq
/TcD8ULZygZHC3VLOfTTeU3HAlqMpLDjevKuke6bwfTf3cIiBMW0JDHJYJmj4JEJ
Nx0APlBv8NaHW6vkoLpQaBlcDd/4MwodSQ1v7SsXwkKqOSnZ3L3oZi/tax1m6zz5
lafKZP3781Vo5LAKKpqnJSfyCwL5wWgE3a5iMrx+0zxTJTcXr0rGK+PRhdiLgSOk
0NChYgIYw77Vna7faI9Zl35A9i5CQVmFbEmrEBqUM4MzXS7cJk4J44Qpj+ySbbum
SfBXRsZYHs/yi6ttX8j9PobuXy2XuQXSveMMdUa2ceg2f4yCU1QxF4F+0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsbDDnc1afb4ujZM3pTX/7/8LPKMB8GA1UdIwQY
MBaAFErdl2AuGRjnq8H2Lc/U2spzSZs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My81NzU0MmEtZTFhYy00MDE0LTg2ZmUt
MTJlNWU4MTczMjAxLzEvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My81NzU0MmEtZTFhYy00MDE0LTg2ZmUtMTJlNWU4MTczMjAx
LzEvU3QyWFlDNFpHT2Vyd2ZZdHo5VGF5bk5KbXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAclDFGx19
BiaTKmdB1iEt5+J3cV92889lVxYA8ndXDpNsJKTnhTzbzS00b+EL436DO5AcGpjl
SrBCwe7PrGirRxy8Wnhy/tPYmDAcVSy9tikydzueaNMDekbisdJ1hOEA0DSBOWg2
STDSgHK93O5K+t3AGYs5tyfi/Bu6UkPBNZMz3NFJNZLtQdZRzQld7GoOzLBQ31cp
hhSppI1jBdrZHI1LHvMbxmitg8DA8E5w0ZHkc2Jl2VQccTkZeogdvYDRm9DBHlFq
1ClaZgN89PK+rEhcuttsWHaPdn9IahoBHOHjt9zR7ZAYTuteTx+QBWNA9bkmgjep
IBnVgw7z2JWz+Q==
-----END CERTIFICATE-----