Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          uCEXaePlxN8wcjt3JlPAauSkDv60NUo9H+Xkw12ZW2E=
Subject key identifier:   63:26:B0:8D:9C:78:22:E3:68:ED:8A:06:CC:7F:41:C2:BA:E2:9F:5E
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       019D39413C4F90745209D0ADA4DD623DF754
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          05B6
Signing time:             Sun 29 Mar 2026 11:01:09 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:09 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:09 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: m9k/xfeKh8KgpoHYIMYsPxczhZ/SS8YlnEQ3v0RJMyE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:3c:4f:90:74:52:09:d0:ad:a4:dd:62:3d:f7:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Mar 29 11:01:09 2026 GMT
            Not After : Mar 30 11:01:09 2026 GMT
        Subject: CN=6326b08d9c7822e368ed8a06cc7f41c2bae29f5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:36:8f:c8:1b:9d:b0:e3:91:9d:f0:7a:c3:f5:
                    6f:99:51:7e:7f:c4:a2:6e:aa:7f:9d:f6:c2:de:4f:
                    2c:09:de:09:3a:fc:57:c4:83:da:05:da:ef:04:96:
                    57:a6:e5:df:73:5e:b5:6b:eb:84:48:be:c9:1a:1d:
                    ae:16:8b:a7:0b:ce:19:dd:3b:be:74:7b:f4:c5:2f:
                    74:ad:af:a4:cd:62:2e:c0:76:7f:c2:c1:a0:32:dd:
                    61:32:15:7b:d7:22:52:39:72:c2:d8:2e:1b:98:ba:
                    15:41:fb:9a:f6:89:ee:db:fb:60:97:27:eb:65:7f:
                    bb:f6:64:c5:ad:d5:68:30:7e:f8:5b:93:dd:20:85:
                    2b:9b:24:6d:db:95:d5:4a:02:75:94:f0:3e:de:15:
                    19:20:5b:bc:3c:37:6e:1a:e8:9a:7c:dc:41:fe:81:
                    b9:83:06:83:e1:0a:00:85:82:a9:6b:ae:12:c1:9f:
                    70:b8:b9:f4:80:1d:e7:17:62:7b:de:c4:8d:c4:e3:
                    cc:bb:a7:d0:fd:91:4d:35:de:e6:a9:4d:9c:19:89:
                    ff:1e:f5:46:f9:b6:d9:1d:03:a3:95:84:4a:24:06:
                    07:ac:2f:62:d8:ae:14:b3:be:78:95:18:66:f8:6d:
                    10:6e:b6:c2:1f:b1:15:58:50:5a:be:83:3d:7e:84:
                    e3:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:26:B0:8D:9C:78:22:E3:68:ED:8A:06:CC:7F:41:C2:BA:E2:9F:5E
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:00:af:7b:17:f7:69:65:c9:16:0a:9d:11:14:18:3a:1f:8e:
         d8:e5:b3:4f:d6:14:23:2b:17:e4:49:e1:c2:8e:c6:2c:63:b0:
         67:d0:b0:3a:19:c6:74:7b:35:48:f5:0d:25:ea:b5:97:81:f3:
         29:0c:19:7e:7a:60:0d:d1:f8:8c:71:75:65:b8:60:f1:8e:36:
         9a:2d:b2:88:2c:5e:67:4d:bd:2e:d6:9a:42:3a:5f:e6:47:92:
         27:b4:6e:e0:43:b9:bb:2e:e7:8a:1e:b9:08:a9:be:16:c1:03:
         1a:e3:b3:b9:76:18:fa:44:4b:57:bb:86:94:fb:26:32:9b:5a:
         dd:c0:97:17:c9:22:ff:24:aa:d7:fe:6a:af:b8:7b:e6:d0:f3:
         58:7f:db:da:f8:ef:56:66:28:98:ca:60:12:ba:c3:cc:5c:9e:
         f9:33:31:86:7d:cd:13:91:a3:ec:c7:1f:31:3e:b5:28:6c:d5:
         43:47:94:a2:e7:63:cc:9f:15:94:0b:3c:d3:63:c5:ef:48:d0:
         9e:50:a5:0e:de:6a:33:ec:f4:bc:17:fe:6e:a9:dc:9a:5a:4e:
         7d:aa:46:21:9d:6f:50:ba:81:fa:71:68:db:56:84:5a:73:8b:
         f0:dd:53:eb:22:62:a1:d3:09:29:d2:1e:02:a6:c9:7a:25:81:
         c4:53:b8:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QTxPkHRSCdCtpN1iPfdUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjYwMzI5MTEwMTA5WhcNMjYwMzMwMTEwMTA5WjAzMTEwLwYDVQQD
Eyg2MzI2YjA4ZDljNzgyMmUzNjhlZDhhMDZjYzdmNDFjMmJhZTI5ZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzaPyBudsOORnfB6w/VvmVF+f8Si
bqp/nfbC3k8sCd4JOvxXxIPaBdrvBJZXpuXfc161a+uESL7JGh2uFounC84Z3Tu+
dHv0xS90ra+kzWIuwHZ/wsGgMt1hMhV71yJSOXLC2C4bmLoVQfua9onu2/tglyfr
ZX+79mTFrdVoMH74W5PdIIUrmyRt25XVSgJ1lPA+3hUZIFu8PDduGuiafNxB/oG5
gwaD4QoAhYKpa64SwZ9wuLn0gB3nF2J73sSNxOPMu6fQ/ZFNNd7mqU2cGYn/HvVG
+bbZHQOjlYRKJAYHrC9i2K4Us754lRhm+G0QbrbCH7EVWFBavoM9foTjiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMmsI2ceCLjaO2KBsx/QcK64p9eMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPwCvexf3
aWXJFgqdERQYOh+O2OWzT9YUIysX5Enhwo7GLGOwZ9CwOhnGdHs1SPUNJeq1l4Hz
KQwZfnpgDdH4jHF1Zbhg8Y42mi2yiCxeZ029LtaaQjpf5keSJ7Ru4EO5uy7nih65
CKm+FsEDGuOzuXYY+kRLV7uGlPsmMpta3cCXF8ki/ySq1/5qr7h75tDzWH/b2vjv
VmYomMpgErrDzFye+TMxhn3NE5Gj7McfMT61KGzVQ0eUoudjzJ8VlAs802PF70jQ
nlClDt5qM+z0vBf+bqncmlpOfapGIZ1vULqB+nFo21aEWnOL8N1T6yJiodMJKdIe
AqbJeiWBxFO4lg==
-----END CERTIFICATE-----