Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
File:                     Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft (raw, json)
Hash identifier:          VLShdFFniO5Itg0/Cc6kHpGT8jDW6YAHTSp+GSPPc8Q=
Subject key identifier:   D2:0B:D4:F5:51:E3:9B:86:70:CD:57:B3:B6:3C:55:2D:12:E0:50:D5
Authority key identifier: 4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14
Certificate issuer:       /CN=4b177c450d2035067baa26920b8a4bd36c7b3314
Certificate serial:       019D3865AB5DDCE973049D6715D5D1EF0CB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
Manifest number:          0FA1
Signing time:             Sun 29 Mar 2026 07:01:20 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:20 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:20 +0000
Files and hashes:         1: Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl (hash: WSjENN82E5GG0o8CAxTlI5Kqe5EFZC+vcgUvnLyUZdc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:ab:5d:dc:e9:73:04:9d:67:15:d5:d1:ef:0c:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b177c450d2035067baa26920b8a4bd36c7b3314
        Validity
            Not Before: Mar 29 07:01:20 2026 GMT
            Not After : Mar 30 07:01:20 2026 GMT
        Subject: CN=d20bd4f551e39b8670cd57b3b63c552d12e050d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:95:19:14:ff:a9:8c:ce:58:18:31:f8:89:9d:
                    04:75:d5:83:40:1e:c2:2e:33:33:15:76:22:e7:e8:
                    8b:5e:7f:e4:72:0b:3a:54:49:65:75:e7:7d:ea:87:
                    e2:59:b7:01:4f:44:97:94:c2:f2:2d:e4:a4:e3:50:
                    7e:44:3f:e3:23:ef:26:a2:8c:77:1b:b3:11:ac:df:
                    fd:88:13:12:98:86:5a:85:f2:85:77:f2:db:4b:76:
                    e4:5b:45:aa:bd:e3:a6:5c:22:43:f0:5c:17:2a:a8:
                    ed:e3:33:03:89:9d:f2:2a:cd:05:be:79:78:4c:51:
                    ed:04:22:71:f1:3a:4b:3f:16:90:0b:84:8d:7d:f2:
                    ac:78:41:52:9e:64:9e:1a:eb:fa:42:a9:e0:15:4e:
                    4f:2e:1f:82:99:85:21:04:d9:de:f7:ff:22:42:0a:
                    a8:53:b4:96:fa:3f:e1:54:09:6e:f9:0a:f0:dc:09:
                    70:bc:8d:a9:59:dc:7b:4c:22:7d:f5:09:3a:56:66:
                    fc:ab:6e:10:77:fa:78:92:c1:8a:33:50:d4:72:51:
                    b3:86:a2:94:23:90:f5:48:51:a8:61:8b:6f:a8:26:
                    f1:73:b5:3b:a4:71:b9:92:80:b0:16:c3:cc:aa:9e:
                    9a:5c:34:18:26:0d:27:bd:b3:50:b3:37:4b:6b:26:
                    19:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:0B:D4:F5:51:E3:9B:86:70:CD:57:B3:B6:3C:55:2D:12:E0:50:D5
            X509v3 Authority Key Identifier:
                keyid:4B:17:7C:45:0D:20:35:06:7B:AA:26:92:0B:8A:4B:D3:6C:7B:33:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/5a6aad-a4c7-43b9-8a9e-8d7b736a695c/1/Sxd8RQ0gNQZ7qiaSC4pL02x7MxQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:83:58:2c:0d:35:72:52:2c:4c:09:8b:fd:4d:d9:63:43:c8:
         ac:fb:0c:6e:32:b7:20:da:6a:72:1b:08:81:a3:44:a2:60:e8:
         4b:25:b5:c2:c4:d2:f3:fd:4d:29:d4:f0:87:06:cd:fe:d8:f8:
         2d:b6:fa:31:3a:37:62:cb:a6:56:c9:40:1f:68:bd:88:bd:c6:
         fd:3e:32:1e:23:c2:df:20:84:4b:32:de:79:5d:f6:97:df:6b:
         bd:65:c6:60:1f:0b:9c:03:cf:4b:70:67:cd:d2:b8:54:c7:97:
         9b:fd:73:77:7c:9b:78:d6:14:eb:02:af:27:6d:b4:1e:85:d0:
         ad:65:a3:dd:8f:b6:32:1d:69:57:ed:15:a1:94:b5:a1:cc:ff:
         17:c0:82:a9:fb:ee:e1:41:26:35:32:ce:d3:d6:68:f8:86:c1:
         5c:25:0d:08:e0:f3:fe:93:57:b0:d7:05:30:41:c5:4c:3b:fe:
         b3:a6:bd:ce:9a:3e:33:0c:5e:22:74:12:e5:e3:c7:b9:55:a1:
         af:cd:87:ef:4e:68:e1:57:ad:a2:f9:68:32:ad:52:ff:2a:a5:
         3f:75:44:27:38:71:af:24:a7:4f:f6:41:58:9f:b1:b3:04:16:
         8b:3e:dc:71:a8:ec:b0:22:2d:cd:dc:16:d5:16:25:eb:0e:61:
         2c:a2:47:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zatd3OlzBJ1nFdXR7wy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMTc3YzQ1MGQyMDM1MDY3YmFhMjY5MjBiOGE0YmQzNmM3
YjMzMTQwHhcNMjYwMzI5MDcwMTIwWhcNMjYwMzMwMDcwMTIwWjAzMTEwLwYDVQQD
EyhkMjBiZDRmNTUxZTM5Yjg2NzBjZDU3YjNiNjNjNTUyZDEyZTA1MGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZUZFP+pjM5YGDH4iZ0EddWDQB7C
LjMzFXYi5+iLXn/kcgs6VEllded96ofiWbcBT0SXlMLyLeSk41B+RD/jI+8moox3
G7MRrN/9iBMSmIZahfKFd/LbS3bkW0WqveOmXCJD8FwXKqjt4zMDiZ3yKs0Fvnl4
TFHtBCJx8TpLPxaQC4SNffKseEFSnmSeGuv6QqngFU5PLh+CmYUhBNne9/8iQgqo
U7SW+j/hVAlu+Qrw3AlwvI2pWdx7TCJ99Qk6Vmb8q24Qd/p4ksGKM1DUclGzhqKU
I5D1SFGoYYtvqCbxc7U7pHG5koCwFsPMqp6aXDQYJg0nvbNQszdLayYZgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIL1PVR45uGcM1Xs7Y8VS0S4FDVMB8GA1UdIwQY
MBaAFEsXfEUNIDUGe6omkguKS9NsezMUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUt
OGQ3YjczNmE2OTVjLzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS81YTZhYWQtYTRjNy00M2I5LThhOWUtOGQ3YjczNmE2OTVj
LzEvU3hkOFJRMGdOUVo3cWlhU0M0cEwwMng3TXhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATYNYLA01
clIsTAmL/U3ZY0PIrPsMbjK3INpqchsIgaNEomDoSyW1wsTS8/1NKdTwhwbN/tj4
Lbb6MTo3YsumVslAH2i9iL3G/T4yHiPC3yCESzLeeV32l99rvWXGYB8LnAPPS3Bn
zdK4VMeXm/1zd3ybeNYU6wKvJ220HoXQrWWj3Y+2Mh1pV+0VoZS1ocz/F8CCqfvu
4UEmNTLO09Zo+IbBXCUNCODz/pNXsNcFMEHFTDv+s6a9zpo+MwxeInQS5ePHuVWh
r82H705o4VetovloMq1S/yqlP3VEJzhxrySnT/ZBWJ+xswQWiz7ccajssCItzdwW
1RYl6w5hLKJHTg==
-----END CERTIFICATE-----