Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
File:                     Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft (raw, json)
Hash identifier:          QJn2EWFNIiu0A+4a5zwe1+u9Znp1t+y/pEPq/lvXaWo=
Subject key identifier:   04:18:B2:EC:D0:87:18:2A:E9:45:5A:51:1C:66:42:B5:D1:20:09:56
Authority key identifier: 3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77
Certificate issuer:       /CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
Certificate serial:       019D3909CF6545F54ABDC2666CA9BFF72116
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
Manifest number:          070E
Signing time:             Sun 29 Mar 2026 10:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:37 +0000
Files and hashes:         1: Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl (hash: LRknlTp8ALouKaEZGSbz4tI9CNzzBMYlkURv3axIQU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:cf:65:45:f5:4a:bd:c2:66:6c:a9:bf:f7:21:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e0aba30f4b404ff4dec9fc0016c0bbee4b6b877
        Validity
            Not Before: Mar 29 10:00:37 2026 GMT
            Not After : Mar 30 10:00:37 2026 GMT
        Subject: CN=0418b2ecd087182ae9455a511c6642b5d1200956
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:7c:fd:34:ea:3b:09:3c:2c:6e:67:94:b8:eb:
                    3c:b1:d8:3b:5c:f1:13:4b:a7:2c:a6:4a:cf:09:af:
                    30:e1:09:d6:cc:98:d7:1e:ec:cd:f0:5d:8d:b8:74:
                    77:ff:07:16:79:8e:e2:ee:23:c2:ad:f1:8b:03:d1:
                    c8:16:7b:f5:9a:fb:db:b1:5d:dc:52:7e:b3:26:99:
                    03:d5:1e:de:7e:f5:67:b8:15:96:c1:b1:99:84:32:
                    30:e7:80:02:ed:c8:b2:88:02:93:f1:49:a6:33:c7:
                    48:f4:07:10:28:56:bf:79:5d:72:43:2d:de:6f:4c:
                    ca:b5:be:e9:03:2e:53:2a:62:cd:68:93:1d:18:5c:
                    4d:c6:e4:e1:7c:84:a3:a7:41:b8:6f:b7:f6:2b:56:
                    86:b1:eb:2d:10:b0:d1:d2:a5:18:d4:eb:5c:d6:b8:
                    ae:c3:c3:f1:3c:5d:d2:9d:95:18:9f:d3:ae:83:96:
                    3d:90:9c:f6:2f:a9:05:f2:65:ee:54:31:08:2e:10:
                    2f:c5:53:27:d3:f1:4d:44:c9:ee:f5:5b:34:00:93:
                    04:73:2c:ff:c2:78:20:bf:06:73:b7:53:a9:c3:0b:
                    b6:0c:e0:1d:5e:e1:ab:ba:01:16:cb:91:e3:44:0d:
                    a6:b2:c1:cf:33:7e:02:f2:db:25:67:52:7d:6f:e4:
                    f0:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:18:B2:EC:D0:87:18:2A:E9:45:5A:51:1C:66:42:B5:D1:20:09:56
            X509v3 Authority Key Identifier:
                keyid:3E:0A:BA:30:F4:B4:04:FF:4D:EC:9F:C0:01:6C:0B:BE:E4:B6:B8:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d4e557-0640-48d3-87d6-59029a8b533a/1/Pgq6MPS0BP9N7J_AAWwLvuS2uHc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:65:36:c6:b2:b9:a0:0d:17:ac:5c:40:b4:b2:67:d4:dd:4e:
         f3:16:1d:f2:db:9b:6f:d7:44:ad:ae:c9:23:96:e3:47:73:17:
         f9:83:5b:93:fc:2e:20:de:cc:17:f6:4e:99:d6:1b:9b:1a:1c:
         a9:bc:a7:f2:0f:a4:b6:a6:6b:15:6d:22:eb:f7:b2:84:7d:6a:
         53:7e:3b:b0:85:d7:bc:a8:7d:7d:1a:92:32:68:48:04:97:b3:
         62:64:1f:0f:66:67:e7:8a:4e:ec:73:5a:d1:cd:85:ad:f6:f5:
         ca:3d:21:6d:94:f3:86:f8:ec:f0:80:af:60:d9:da:fd:79:89:
         e4:8d:c6:57:86:8b:d2:da:c4:73:83:50:77:e6:28:85:c1:bf:
         20:67:b5:76:ef:46:c3:01:d6:27:80:e3:db:42:bd:ee:e8:13:
         8a:20:dc:ce:c1:97:62:31:13:86:eb:43:91:9a:37:7d:7b:9a:
         42:20:c0:2a:49:1c:ce:c9:4c:46:3e:42:12:67:10:ae:01:a3:
         8d:02:0c:82:6d:23:dc:35:6b:46:3d:f8:24:1f:25:9c:09:37:
         d6:60:00:5a:61:54:f5:cc:32:f3:19:d2:11:c5:21:e6:a5:34:
         b8:d3:aa:88:fd:09:9a:01:8e:d7:b8:c1:db:a6:05:d0:9d:0a:
         5c:da:25:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cc9lRfVKvcJmbKm/9yEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMGFiYTMwZjRiNDA0ZmY0ZGVjOWZjMDAxNmMwYmJlZTRi
NmI4NzcwHhcNMjYwMzI5MTAwMDM3WhcNMjYwMzMwMTAwMDM3WjAzMTEwLwYDVQQD
EygwNDE4YjJlY2QwODcxODJhZTk0NTVhNTExYzY2NDJiNWQxMjAwOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHz9NOo7CTwsbmeUuOs8sdg7XPET
S6cspkrPCa8w4QnWzJjXHuzN8F2NuHR3/wcWeY7i7iPCrfGLA9HIFnv1mvvbsV3c
Un6zJpkD1R7efvVnuBWWwbGZhDIw54AC7ciyiAKT8UmmM8dI9AcQKFa/eV1yQy3e
b0zKtb7pAy5TKmLNaJMdGFxNxuThfISjp0G4b7f2K1aGsestELDR0qUY1Otc1riu
w8PxPF3SnZUYn9Oug5Y9kJz2L6kF8mXuVDEILhAvxVMn0/FNRMnu9Vs0AJMEcyz/
wnggvwZzt1Opwwu2DOAdXuGrugEWy5HjRA2mssHPM34C8tslZ1J9b+Tw7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQYsuzQhxgq6UVaURxmQrXRIAlWMB8GA1UdIwQY
MBaAFD4KujD0tAT/TeyfwAFsC77ktrh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYt
NTkwMjlhOGI1MzNhLzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kNGU1NTctMDY0MC00OGQzLTg3ZDYtNTkwMjlhOGI1MzNh
LzEvUGdxNk1QUzBCUDlON0pfQUFXd0x2dVMydUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdmU2xrK5
oA0XrFxAtLJn1N1O8xYd8tubb9dEra7JI5bjR3MX+YNbk/wuIN7MF/ZOmdYbmxoc
qbyn8g+ktqZrFW0i6/eyhH1qU347sIXXvKh9fRqSMmhIBJezYmQfD2Zn54pO7HNa
0c2Frfb1yj0hbZTzhvjs8ICvYNna/XmJ5I3GV4aL0trEc4NQd+YohcG/IGe1du9G
wwHWJ4Dj20K97ugTiiDczsGXYjEThutDkZo3fXuaQiDAKkkczslMRj5CEmcQrgGj
jQIMgm0j3DVrRj34JB8lnAk31mAAWmFU9cwy8xnSEcUh5qU0uNOqiP0JmgGO17jB
26YF0J0KXNolbw==
-----END CERTIFICATE-----