Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
File:                     PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft (raw, json)
Hash identifier:          csk91c2xon0eFR0CO2e9/AiWG3Mcbma7C13B9GQCQSM=
Subject key identifier:   A6:90:DD:D9:36:5A:A9:55:9A:50:B4:92:C3:DC:57:1D:E8:56:04:A5
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Certificate issuer:       /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial:       019D37C0BC12EC84338977CA69BA19CF5F34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
Manifest number:          1362
Signing time:             Sun 29 Mar 2026 04:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:11 +0000
Files and hashes:         1: PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl (hash: s2I1LZMU6wiekf7YZ/9fm7yhiqMzl2D4xMJ4zvGVpPU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:bc:12:ec:84:33:89:77:ca:69:ba:19:cf:5f:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
        Validity
            Not Before: Mar 29 04:01:11 2026 GMT
            Not After : Mar 30 04:01:11 2026 GMT
        Subject: CN=a690ddd9365aa9559a50b492c3dc571de85604a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:38:38:8e:45:63:2d:1b:e6:4d:34:92:e9:57:
                    bc:8a:12:ef:82:d6:7c:50:ab:3f:93:31:ec:f4:2a:
                    82:a3:9f:37:19:d4:5e:0a:b0:5b:a7:04:c2:6f:97:
                    7e:e7:28:9c:c8:83:84:ec:7a:1a:1a:78:41:7f:9d:
                    d2:1d:5e:4e:14:08:05:08:33:dd:0d:e5:65:7a:f2:
                    9c:06:e9:4e:4e:78:5c:90:7f:f3:0b:80:41:ca:49:
                    eb:3b:e4:21:e5:8e:98:12:ed:5c:94:df:a7:31:02:
                    59:90:e9:1c:f4:ab:51:3f:47:97:52:f9:0f:55:da:
                    a5:c9:11:d5:0f:4f:27:33:af:72:31:80:19:35:0f:
                    31:46:c1:84:8f:c7:90:f2:93:23:54:fc:4a:a5:64:
                    cd:e7:10:12:84:82:6d:e7:05:4b:5d:15:6b:c4:3e:
                    32:e6:71:e0:22:48:70:cd:fb:a4:d6:28:37:00:9c:
                    75:39:61:71:61:1e:f6:8b:14:77:99:88:c6:8b:69:
                    e9:c1:99:8d:b4:ad:89:72:ac:b0:e9:b6:82:22:01:
                    57:3e:41:fa:41:ab:d0:f0:71:71:c3:64:ae:a5:e0:
                    7e:9d:81:5e:5a:15:8c:6b:8b:33:10:61:7b:09:b0:
                    0e:08:a2:d9:ac:d7:a4:8c:a2:6c:5a:4f:8d:46:0e:
                    e5:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:90:DD:D9:36:5A:A9:55:9A:50:B4:92:C3:DC:57:1D:E8:56:04:A5
            X509v3 Authority Key Identifier:
                keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:5e:85:16:28:2f:95:e0:98:73:f8:a3:b2:2f:4c:03:74:6c:
         8b:5a:77:16:3e:a3:09:75:a9:92:40:76:9d:0b:34:91:8a:f5:
         55:9c:bb:bb:b7:53:ce:82:62:3c:00:44:9e:f7:1b:d6:e5:8f:
         b0:b6:64:72:54:bd:8b:18:d6:f5:58:9c:4a:30:04:21:a7:11:
         8b:73:88:68:ae:cf:93:3e:48:d4:a5:10:e8:bb:51:54:bb:9e:
         5d:43:f5:87:fa:32:f9:98:c3:6f:42:95:6c:be:40:da:23:7a:
         82:40:c2:90:ce:5b:f6:ed:ec:b3:01:34:22:88:39:82:6a:e4:
         ec:36:48:61:fa:55:9c:f1:20:a0:9b:77:ff:82:c1:da:4f:80:
         29:fb:56:e2:9f:88:b8:9d:62:fd:ab:90:65:98:79:e4:74:44:
         a0:14:b6:90:a4:45:94:19:b5:1e:f9:99:a1:c8:6d:0d:c7:92:
         95:81:c8:10:f9:fe:8d:db:82:e7:0a:75:70:ae:53:f4:35:c4:
         f6:07:42:fd:cd:c2:a8:4a:41:0f:bd:06:f8:4d:1b:70:88:ea:
         bc:ba:69:37:a5:3b:6a:76:51:19:80:5f:a3:17:78:35:24:51:
         8b:ce:19:af:da:1e:67:b9:00:ce:ed:0a:03:f2:23:76:9e:45:
         8e:5a:21:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wLwS7IQziXfKaboZz180MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjYwMzI5MDQwMTExWhcNMjYwMzMwMDQwMTExWjAzMTEwLwYDVQQD
EyhhNjkwZGRkOTM2NWFhOTU1OWE1MGI0OTJjM2RjNTcxZGU4NTYwNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Tg4jkVjLRvmTTSS6Ve8ihLvgtZ8
UKs/kzHs9CqCo583GdReCrBbpwTCb5d+5yicyIOE7HoaGnhBf53SHV5OFAgFCDPd
DeVlevKcBulOTnhckH/zC4BByknrO+Qh5Y6YEu1clN+nMQJZkOkc9KtRP0eXUvkP
VdqlyRHVD08nM69yMYAZNQ8xRsGEj8eQ8pMjVPxKpWTN5xAShIJt5wVLXRVrxD4y
5nHgIkhwzfuk1ig3AJx1OWFxYR72ixR3mYjGi2npwZmNtK2Jcqyw6baCIgFXPkH6
QavQ8HFxw2SupeB+nYFeWhWMa4szEGF7CbAOCKLZrNekjKJsWk+NRg7lkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaQ3dk2WqlVmlC0ksPcVx3oVgSlMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX16FFigv
leCYc/ijsi9MA3Rsi1p3Fj6jCXWpkkB2nQs0kYr1VZy7u7dTzoJiPABEnvcb1uWP
sLZkclS9ixjW9VicSjAEIacRi3OIaK7Pkz5I1KUQ6LtRVLueXUP1h/oy+ZjDb0KV
bL5A2iN6gkDCkM5b9u3sswE0Iog5gmrk7DZIYfpVnPEgoJt3/4LB2k+AKftW4p+I
uJ1i/auQZZh55HREoBS2kKRFlBm1HvmZochtDceSlYHIEPn+jduC5wp1cK5T9DXE
9gdC/c3CqEpBD70G+E0bcIjqvLppN6U7anZRGYBfoxd4NSRRi84Zr9oeZ7kAzu0K
A/Ijdp5Fjlohog==
-----END CERTIFICATE-----