Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
File:                     sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json)
Hash identifier:          RlHUsCWVnlJ36ncWlyTWkTJ+Zw6oesiSadetMpvTpAo=
Subject key identifier:   E8:E4:97:A3:C6:03:8E:D2:63:AB:4F:DE:FC:F9:DE:7F:74:43:F5:4A
Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9
Certificate issuer:       /CN=b13236c4d068931e0b44c98b290a8faa554a03b9
Certificate serial:       019D38D2FE038159CCCC19A23F1D966414F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
Manifest number:          0656
Signing time:             Sun 29 Mar 2026 09:00:44 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:44 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:44 +0000
Files and hashes:         1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: mNe7ioYnJuiRjszT+TRCPZfTlq8bAzVADWNrEQU1Qqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:fe:03:81:59:cc:cc:19:a2:3f:1d:96:64:14:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9
        Validity
            Not Before: Mar 29 09:00:44 2026 GMT
            Not After : Mar 30 09:00:44 2026 GMT
        Subject: CN=e8e497a3c6038ed263ab4fdefcf9de7f7443f54a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c5:ec:c3:2a:2e:ea:78:57:2b:ec:77:98:1a:
                    4d:f4:65:a3:85:dd:a1:82:bf:32:a3:9f:47:9e:e2:
                    d9:4f:9d:f3:03:b6:f6:75:7d:64:3f:db:96:75:49:
                    0f:7b:7f:35:42:5c:cc:17:50:ad:23:79:f2:d8:97:
                    50:c8:e4:5b:c8:f7:8c:63:48:97:af:61:99:82:a5:
                    16:f4:8d:1b:48:e3:2b:69:15:af:20:f5:84:36:ac:
                    10:e2:7b:ad:ab:e5:d0:ea:20:fa:86:23:40:95:48:
                    4b:62:fc:78:7b:37:dd:af:d4:62:f1:83:7e:c7:3c:
                    06:51:1b:48:fe:f6:ce:f3:2b:b4:0f:6e:4b:bc:35:
                    bf:89:c4:eb:e3:ed:13:b4:1d:fe:c3:de:4c:46:7b:
                    2a:4f:44:a1:88:70:05:86:53:26:3c:fe:a1:d1:6e:
                    85:30:55:80:1e:a6:dc:a4:89:5c:00:85:f3:77:ed:
                    e3:f4:0c:90:7d:21:c8:03:0a:2f:0f:df:39:5d:8d:
                    6c:f4:da:85:e7:92:07:a3:9a:35:3c:5b:8b:55:5c:
                    14:1d:cd:cd:b5:eb:5e:63:c5:aa:dd:ad:c5:3c:4f:
                    a7:9c:7a:2d:d2:0a:fd:cd:2f:f3:d8:54:bd:9d:55:
                    ea:2a:d6:a7:e0:3f:f2:bf:4c:a4:e3:15:9f:50:9d:
                    24:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:E4:97:A3:C6:03:8E:D2:63:AB:4F:DE:FC:F9:DE:7F:74:43:F5:4A
            X509v3 Authority Key Identifier:
                keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:e8:ff:78:7f:6b:c3:a2:a7:dd:33:e1:b2:15:cb:34:60:f2:
         f7:dc:53:cc:01:4e:98:bf:45:d3:f1:70:c0:44:2a:0c:9b:b1:
         29:56:9b:a1:38:8d:0c:13:69:97:ac:7e:e7:5c:9c:9d:de:9a:
         53:ec:8b:6a:05:62:af:5c:d8:9d:7d:4c:b3:6e:b9:7d:92:0f:
         d4:a9:bc:ce:35:8c:4f:5c:8d:02:a3:42:a8:86:c9:0b:02:3b:
         d6:79:6d:fb:57:ef:50:57:c4:c7:3e:a5:20:5c:a8:c0:04:aa:
         f9:4b:46:49:9c:a7:61:fb:d9:4a:df:1c:91:4d:e0:e1:58:13:
         9b:40:1e:8c:fd:21:be:c8:e6:92:e2:98:5b:08:5f:dc:61:bc:
         b8:c4:80:6e:e6:e2:33:92:24:35:b1:1d:48:3a:30:9c:71:c6:
         fd:6d:76:99:9f:50:63:ac:a3:43:a1:62:bd:0f:6d:02:c4:c1:
         77:c6:d6:e1:ae:c4:ba:30:bc:d9:d8:a1:79:95:85:b6:02:36:
         42:d8:72:fe:59:62:71:80:34:7e:70:0e:fa:24:31:32:3e:63:
         6d:17:7f:2f:f5:52:92:1f:40:04:a4:a1:49:29:e1:b9:99:4e:
         3c:a7:e0:e0:0f:9e:08:19:b0:c4:72:24:e3:bc:74:3b:00:6c:
         e4:92:db:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040v4DgVnMzBmiPx2WZBT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0
YTAzYjkwHhcNMjYwMzI5MDkwMDQ0WhcNMjYwMzMwMDkwMDQ0WjAzMTEwLwYDVQQD
EyhlOGU0OTdhM2M2MDM4ZWQyNjNhYjRmZGVmY2Y5ZGU3Zjc0NDNmNTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8Xswyou6nhXK+x3mBpN9GWjhd2h
gr8yo59HnuLZT53zA7b2dX1kP9uWdUkPe381QlzMF1CtI3ny2JdQyORbyPeMY0iX
r2GZgqUW9I0bSOMraRWvIPWENqwQ4nutq+XQ6iD6hiNAlUhLYvx4ezfdr9Ri8YN+
xzwGURtI/vbO8yu0D25LvDW/icTr4+0TtB3+w95MRnsqT0ShiHAFhlMmPP6h0W6F
MFWAHqbcpIlcAIXzd+3j9AyQfSHIAwovD985XY1s9NqF55IHo5o1PFuLVVwUHc3N
teteY8Wq3a3FPE+nnHot0gr9zS/z2FS9nVXqKtan4D/yv0yk4xWfUJ0kzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjkl6PGA47SY6tP3vz53n90Q/VKMB8GA1UdIwQY
MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt
MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm
LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABuj/eH9r
w6Kn3TPhshXLNGDy99xTzAFOmL9F0/FwwEQqDJuxKVaboTiNDBNpl6x+51ycnd6a
U+yLagVir1zYnX1Ms265fZIP1Km8zjWMT1yNAqNCqIbJCwI71nlt+1fvUFfExz6l
IFyowASq+UtGSZynYfvZSt8ckU3g4VgTm0AejP0hvsjmkuKYWwhf3GG8uMSAbubi
M5IkNbEdSDownHHG/W12mZ9QY6yjQ6FivQ9tAsTBd8bW4a7EujC82diheZWFtgI2
Qthy/llicYA0fnAO+iQxMj5jbRd/L/VSkh9ABKShSSnhuZlOPKfg4A+eCBmwxHIk
47x0OwBs5JLb9A==
-----END CERTIFICATE-----