Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
File:                     6MSDt1wtsc-f9OlMeg_fDbAADwA.mft (raw, json)
Hash identifier:          j92QZtuyK8kIll1fv8eCqH1W6hxI/s83QcUQIV/C0cA=
Subject key identifier:   60:0B:B2:77:1A:0E:F7:B1:88:A8:A3:D5:E8:53:9F:E3:0E:29:C8:E7
Authority key identifier: E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00
Certificate issuer:       /CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
Certificate serial:       019D371B3354A400DFF96CDE0379535196CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
Manifest number:          13CA
Signing time:             Sun 29 Mar 2026 01:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:22 +0000
Files and hashes:         1: 6MSDt1wtsc-f9OlMeg_fDbAADwA.crl (hash: ZH0WMYJcbqY18oeICL81MCtnRRhlcPE9jiCKvznEShE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:33:54:a4:00:df:f9:6c:de:03:79:53:51:96:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8c483b75c2db1cf9ff4e94c7a0fdf0db0000f00
        Validity
            Not Before: Mar 29 01:00:22 2026 GMT
            Not After : Mar 30 01:00:22 2026 GMT
        Subject: CN=600bb2771a0ef7b188a8a3d5e8539fe30e29c8e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a0:20:9c:c4:f8:75:1c:21:42:f3:95:79:94:
                    43:d2:26:64:60:41:43:e7:4b:6b:fd:c3:b7:4e:8d:
                    34:ae:21:5a:20:5f:48:0d:02:66:28:6b:ac:82:ef:
                    84:11:4b:71:22:03:5b:21:fc:b7:f4:06:69:39:5e:
                    91:bc:5f:d2:65:51:19:0a:eb:15:93:2c:3b:49:85:
                    1f:d8:7b:18:e8:89:76:69:e7:2d:6a:bc:46:d0:60:
                    6c:14:cc:d8:10:f5:f3:f2:16:b4:22:bf:d8:5a:4a:
                    e3:e6:84:2b:4e:0f:69:d5:35:bf:43:6a:31:4d:20:
                    c4:fb:ef:c4:d9:2e:8b:ad:7b:ec:b8:cd:fb:df:89:
                    bc:05:88:9d:34:e4:ae:44:c6:c4:5e:3a:fc:c8:9b:
                    32:72:40:d0:a0:3f:d6:35:9b:db:07:c5:32:cd:a7:
                    73:57:c3:73:a4:7f:d2:80:da:b6:98:61:dc:70:24:
                    b5:95:c4:a3:8e:4b:61:89:85:83:66:71:97:ea:13:
                    42:81:c4:2a:7b:15:91:05:d9:95:c7:eb:1a:e5:d2:
                    3a:45:68:a9:21:75:9d:cb:72:06:83:c7:e4:67:c7:
                    55:4c:9c:a8:e0:29:95:5f:53:c6:21:15:40:53:7a:
                    1c:06:41:cc:31:b1:41:0a:75:1e:a5:be:e0:dd:88:
                    6a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:0B:B2:77:1A:0E:F7:B1:88:A8:A3:D5:E8:53:9F:E3:0E:29:C8:E7
            X509v3 Authority Key Identifier:
                keyid:E8:C4:83:B7:5C:2D:B1:CF:9F:F4:E9:4C:7A:0F:DF:0D:B0:00:0F:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MSDt1wtsc-f9OlMeg_fDbAADwA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/31fda0-7aaa-461c-a352-eb35bfa065ad/1/6MSDt1wtsc-f9OlMeg_fDbAADwA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:6d:36:67:42:fc:02:42:e9:8c:f4:93:03:7a:25:85:7c:20:
         2b:f3:49:03:3a:d6:03:66:07:16:f5:fd:92:ac:fc:63:7b:fc:
         bb:34:12:65:4c:cf:80:0e:da:ee:1e:b6:96:c8:d7:6c:70:39:
         e1:e5:2a:0f:c7:ba:76:e9:5d:55:2b:a3:43:e3:01:a1:a1:a5:
         73:4f:2b:66:94:23:11:9d:02:fe:e4:f0:c8:03:79:0b:33:9c:
         85:f0:a8:87:d1:82:e2:6f:a0:76:46:4f:ee:d4:ee:ec:1d:ab:
         6b:fa:92:af:47:fc:54:e7:83:de:e4:0c:d2:8c:80:f4:96:1a:
         a9:0a:4c:a7:4f:75:eb:96:bb:fd:12:fa:48:06:6b:fa:0b:1b:
         2e:ba:7e:0e:63:90:f0:4f:1c:5f:f9:b2:3d:21:3a:82:51:f8:
         34:0a:e6:08:af:b8:a8:96:20:2b:19:7d:0f:57:0c:c2:03:c3:
         07:5b:17:bb:4d:d3:0d:e1:1f:34:93:3e:3d:85:db:11:e4:33:
         7c:c4:f1:d4:e2:89:1a:da:cb:1c:73:9a:16:72:d1:e4:a3:46:
         60:72:e2:09:b1:d2:a4:bc:bd:df:cd:59:70:5d:d7:55:1d:08:
         6e:34:b1:af:06:eb:23:62:ba:6d:c9:f8:7a:1e:de:3d:63:f7:
         53:c8:6e:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03GzNUpADf+WzeA3lTUZbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YzQ4M2I3NWMyZGIxY2Y5ZmY0ZTk0YzdhMGZkZjBkYjAw
MDBmMDAwHhcNMjYwMzI5MDEwMDIyWhcNMjYwMzMwMDEwMDIyWjAzMTEwLwYDVQQD
Eyg2MDBiYjI3NzFhMGVmN2IxODhhOGEzZDVlODUzOWZlMzBlMjljOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqAgnMT4dRwhQvOVeZRD0iZkYEFD
50tr/cO3To00riFaIF9IDQJmKGusgu+EEUtxIgNbIfy39AZpOV6RvF/SZVEZCusV
kyw7SYUf2HsY6Il2aectarxG0GBsFMzYEPXz8ha0Ir/YWkrj5oQrTg9p1TW/Q2ox
TSDE++/E2S6LrXvsuM3734m8BYidNOSuRMbEXjr8yJsyckDQoD/WNZvbB8Uyzadz
V8NzpH/SgNq2mGHccCS1lcSjjkthiYWDZnGX6hNCgcQqexWRBdmVx+sa5dI6RWip
IXWdy3IGg8fkZ8dVTJyo4CmVX1PGIRVAU3ocBkHMMbFBCnUepb7g3YhqhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGALsncaDvexiKij1ehTn+MOKcjnMB8GA1UdIwQY
MBaAFOjEg7dcLbHPn/TpTHoP3w2wAA8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zMWZkYTAtN2FhYS00NjFjLWEzNTIt
ZWIzNWJmYTA2NWFkLzEvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zMWZkYTAtN2FhYS00NjFjLWEzNTItZWIzNWJmYTA2NWFk
LzEvNk1TRHQxd3RzYy1mOU9sTWVnX2ZEYkFBRHdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW202Z0L8
AkLpjPSTA3olhXwgK/NJAzrWA2YHFvX9kqz8Y3v8uzQSZUzPgA7a7h62lsjXbHA5
4eUqD8e6duldVSujQ+MBoaGlc08rZpQjEZ0C/uTwyAN5CzOchfCoh9GC4m+gdkZP
7tTu7B2ra/qSr0f8VOeD3uQM0oyA9JYaqQpMp09165a7/RL6SAZr+gsbLrp+DmOQ
8E8cX/myPSE6glH4NArmCK+4qJYgKxl9D1cMwgPDB1sXu03TDeEfNJM+PYXbEeQz
fMTx1OKJGtrLHHOaFnLR5KNGYHLiCbHSpLy9381ZcF3XVR0IbjSxrwbrI2K6bcn4
eh7ePWP3U8hueQ==
-----END CERTIFICATE-----