Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/fd617b-b1ce-4993-a73a-15369cce5df5/1/x1KtRhPu9BzbgSTyfc-b-HJNHAw.mft
File:                     x1KtRhPu9BzbgSTyfc-b-HJNHAw.mft (raw, json)
Hash identifier:          s1k17sMXn2PDssnppHZmzR0xFItcUTxNf0JmFy0mWPg=
Subject key identifier:   38:57:1E:28:49:30:16:52:A9:CD:CA:76:C3:D2:5F:E6:83:83:E2:CC
Authority key identifier: C7:52:AD:46:13:EE:F4:1C:DB:81:24:F2:7D:CF:9B:F8:72:4D:1C:0C
Certificate issuer:       /CN=c752ad4613eef41cdb8124f27dcf9bf8724d1c0c
Certificate serial:       019D3940FDB33B8BDEB6E516B0FF71655CF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x1KtRhPu9BzbgSTyfc-b-HJNHAw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/fd617b-b1ce-4993-a73a-15369cce5df5/1/x1KtRhPu9BzbgSTyfc-b-HJNHAw.mft
Manifest number:          0159
Signing time:             Sun 29 Mar 2026 11:00:53 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:53 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:53 +0000
Files and hashes:         1: x1KtRhPu9BzbgSTyfc-b-HJNHAw.crl (hash: cJSv20+kXBWmd15uWbVjJq0Eo3Sn/aPlhALeM89aT3Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/fd617b-b1ce-4993-a73a-15369cce5df5/1/x1KtRhPu9BzbgSTyfc-b-HJNHAw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/fd617b-b1ce-4993-a73a-15369cce5df5/1/x1KtRhPu9BzbgSTyfc-b-HJNHAw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x1KtRhPu9BzbgSTyfc-b-HJNHAw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 11:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:fd:b3:3b:8b:de:b6:e5:16:b0:ff:71:65:5c:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c752ad4613eef41cdb8124f27dcf9bf8724d1c0c
        Validity
            Not Before: Mar 29 11:00:53 2026 GMT
            Not After : Mar 30 11:00:53 2026 GMT
        Subject: CN=38571e2849301652a9cdca76c3d25fe68383e2cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:6b:55:d8:24:f0:9d:7e:05:da:47:82:30:ee:
                    25:fe:f8:5d:56:48:b7:fc:16:39:d3:2f:71:5d:37:
                    c1:5d:aa:e0:cf:a5:ca:54:29:c0:07:7f:be:55:00:
                    e3:b0:22:18:35:6a:f3:dd:cb:be:65:96:87:c2:17:
                    28:0a:d4:ea:56:a4:fc:1b:f1:42:5c:e1:76:17:4a:
                    d5:3a:2d:57:b9:2f:eb:7c:80:58:fe:aa:12:87:38:
                    5a:10:0c:7d:3e:29:7d:88:ac:2d:6a:35:23:f1:eb:
                    de:2d:14:81:e0:0f:4b:aa:f1:3d:aa:ac:e2:5c:c3:
                    a5:57:42:1b:ba:df:1d:a7:60:94:98:17:ea:13:0b:
                    cd:a7:33:43:14:3c:ef:03:dd:61:2e:b3:e9:d5:06:
                    41:b6:0a:f4:24:26:84:03:cd:6f:d7:7c:9f:86:b4:
                    ec:5d:13:44:9b:f7:6f:47:af:7f:01:7d:45:0d:43:
                    c7:1a:f6:1d:0a:94:e9:1b:89:4f:db:41:bd:18:a8:
                    e0:70:dd:5e:70:77:90:2c:3e:49:ff:51:d0:55:de:
                    87:94:09:58:3e:14:2e:94:c7:bc:d1:26:d3:02:23:
                    74:ff:7e:ce:2e:2c:f4:07:3c:20:eb:c1:c6:92:0a:
                    44:97:3c:7d:0b:48:ca:49:63:e3:31:ca:63:f0:ca:
                    17:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:57:1E:28:49:30:16:52:A9:CD:CA:76:C3:D2:5F:E6:83:83:E2:CC
            X509v3 Authority Key Identifier:
                keyid:C7:52:AD:46:13:EE:F4:1C:DB:81:24:F2:7D:CF:9B:F8:72:4D:1C:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1KtRhPu9BzbgSTyfc-b-HJNHAw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/fd617b-b1ce-4993-a73a-15369cce5df5/1/x1KtRhPu9BzbgSTyfc-b-HJNHAw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/fd617b-b1ce-4993-a73a-15369cce5df5/1/x1KtRhPu9BzbgSTyfc-b-HJNHAw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:74:9d:8c:e7:68:3a:d9:5e:8d:26:01:91:a0:4c:85:92:f4:
         3f:22:48:69:1b:dc:4c:41:9b:11:19:13:b3:0f:37:1a:39:9e:
         d9:1a:7a:d7:2a:e8:f6:6f:a1:8a:be:f7:39:73:23:e8:45:55:
         19:55:b9:fe:21:c9:19:26:0e:0a:53:de:28:f2:9a:fe:2e:af:
         ca:1c:6b:64:c7:0f:7a:86:a5:0e:7d:34:ac:3c:8f:8f:7e:a5:
         d3:e2:ce:a5:50:e1:02:e6:a3:1b:32:6e:19:ef:d0:c1:40:3b:
         cb:74:08:9d:0f:e4:87:85:9d:0a:f5:ac:d1:64:13:81:48:4e:
         41:cb:b2:b6:c7:c1:9b:d4:c1:7c:9d:f7:eb:6f:4b:c6:9c:70:
         fc:a1:50:d4:db:b3:35:87:1e:94:80:d7:2c:9d:ca:b1:44:85:
         37:bd:07:25:ee:16:2c:6a:06:d1:e1:c3:8f:75:55:b4:38:5a:
         46:36:4f:36:bf:c1:a5:84:9b:b6:96:d3:d6:bc:95:88:c9:29:
         8a:9d:99:1b:a8:80:05:08:8f:4a:41:1a:cf:4a:53:ce:d2:4d:
         42:fe:00:7e:75:c5:91:5a:a3:04:e2:15:32:e9:8f:93:0e:ad:
         c8:20:b1:99:04:10:df:24:ef:6d:0d:c3:7a:70:8c:e2:1e:c3:
         2f:fc:f7:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QP2zO4vetuUWsP9xZVzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTJhZDQ2MTNlZWY0MWNkYjgxMjRmMjdkY2Y5YmY4NzI0
ZDFjMGMwHhcNMjYwMzI5MTEwMDUzWhcNMjYwMzMwMTEwMDUzWjAzMTEwLwYDVQQD
EygzODU3MWUyODQ5MzAxNjUyYTljZGNhNzZjM2QyNWZlNjgzODNlMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomtV2CTwnX4F2keCMO4l/vhdVki3
/BY50y9xXTfBXargz6XKVCnAB3++VQDjsCIYNWrz3cu+ZZaHwhcoCtTqVqT8G/FC
XOF2F0rVOi1XuS/rfIBY/qoShzhaEAx9Pil9iKwtajUj8eveLRSB4A9LqvE9qqzi
XMOlV0Ibut8dp2CUmBfqEwvNpzNDFDzvA91hLrPp1QZBtgr0JCaEA81v13yfhrTs
XRNEm/dvR69/AX1FDUPHGvYdCpTpG4lP20G9GKjgcN1ecHeQLD5J/1HQVd6HlAlY
PhQulMe80SbTAiN0/37OLiz0Bzwg68HGkgpElzx9C0jKSWPjMcpj8MoXawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhXHihJMBZSqc3KdsPSX+aDg+LMMB8GA1UdIwQY
MBaAFMdSrUYT7vQc24Ek8n3Pm/hyTRwMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFLdFJoUHU5QnpiZ1NUeWZjLWItSEpOSEF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9mZDYxN2ItYjFjZS00OTkzLWE3M2Et
MTUzNjljY2U1ZGY1LzEveDFLdFJoUHU5QnpiZ1NUeWZjLWItSEpOSEF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9mZDYxN2ItYjFjZS00OTkzLWE3M2EtMTUzNjljY2U1ZGY1
LzEveDFLdFJoUHU5QnpiZ1NUeWZjLWItSEpOSEF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUXSdjOdo
OtlejSYBkaBMhZL0PyJIaRvcTEGbERkTsw83Gjme2Rp61yro9m+hir73OXMj6EVV
GVW5/iHJGSYOClPeKPKa/i6vyhxrZMcPeoalDn00rDyPj36l0+LOpVDhAuajGzJu
Ge/QwUA7y3QInQ/kh4WdCvWs0WQTgUhOQcuytsfBm9TBfJ33629Lxpxw/KFQ1Nuz
NYcelIDXLJ3KsUSFN70HJe4WLGoG0eHDj3VVtDhaRjZPNr/BpYSbtpbT1ryViMkp
ip2ZG6iABQiPSkEaz0pTztJNQv4AfnXFkVqjBOIVMumPkw6tyCCxmQQQ3yTvbQ3D
enCM4h7DL/z3xQ==
-----END CERTIFICATE-----