Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/15a057-4427-4b9d-ab75-5b7aba0f258c/1/79XDTJ_TJEnLwIirENkbWkq1Nho.mft
File:                     79XDTJ_TJEnLwIirENkbWkq1Nho.mft (raw, json)
Hash identifier:          hp1qFlvrcHe895835qCwAa/SAmBnMPZ9POZN8nVE2Dg=
Subject key identifier:   1A:83:82:E4:12:86:CD:7B:29:18:8B:1F:16:A7:5D:76:0B:90:A9:D3
Authority key identifier: EF:D5:C3:4C:9F:D3:24:49:CB:C0:88:AB:10:D9:1B:5A:4A:B5:36:1A
Certificate issuer:       /CN=efd5c34c9fd32449cbc088ab10d91b5a4ab5361a
Certificate serial:       019D3977F141379D8DB1E015657FC03F37E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/79XDTJ_TJEnLwIirENkbWkq1Nho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/15a057-4427-4b9d-ab75-5b7aba0f258c/1/79XDTJ_TJEnLwIirENkbWkq1Nho.mft
Manifest number:          0867
Signing time:             Sun 29 Mar 2026 12:00:54 +0000
Manifest this update:     Sun 29 Mar 2026 12:00:54 +0000
Manifest next update:     Mon 30 Mar 2026 12:00:54 +0000
Files and hashes:         1: 79XDTJ_TJEnLwIirENkbWkq1Nho.crl (hash: aC6zhIhxQQxYkXXNJe8GUZVTkH4qnnVyZKDHEscvR0k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/15a057-4427-4b9d-ab75-5b7aba0f258c/1/79XDTJ_TJEnLwIirENkbWkq1Nho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/15a057-4427-4b9d-ab75-5b7aba0f258c/1/79XDTJ_TJEnLwIirENkbWkq1Nho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/79XDTJ_TJEnLwIirENkbWkq1Nho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:77:f1:41:37:9d:8d:b1:e0:15:65:7f:c0:3f:37:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=efd5c34c9fd32449cbc088ab10d91b5a4ab5361a
        Validity
            Not Before: Mar 29 12:00:54 2026 GMT
            Not After : Mar 30 12:00:54 2026 GMT
        Subject: CN=1a8382e41286cd7b29188b1f16a75d760b90a9d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:93:e8:5e:fc:d4:cc:8c:05:09:f2:a9:be:bc:
                    82:5c:88:41:90:6f:ca:6f:f2:e6:34:01:11:1d:b7:
                    1b:2a:f8:34:76:29:8a:07:4d:20:2c:92:e6:86:ff:
                    45:c5:3a:50:46:82:8f:b8:23:c4:58:79:d2:65:1c:
                    bb:5f:ff:ff:1e:49:ea:cb:e5:51:0e:23:e8:33:83:
                    19:d4:8e:26:99:a4:c0:bf:b2:79:61:ef:2b:a9:ac:
                    7e:a7:71:8b:7b:66:f0:ef:6a:3f:82:61:90:19:d3:
                    76:cf:be:14:67:d9:b7:51:83:29:95:2d:4c:ab:70:
                    82:e0:92:24:98:0d:a1:f1:f4:b5:19:ed:8b:86:b8:
                    c2:01:f9:64:a9:be:ca:9f:0e:67:c4:e3:03:7c:cc:
                    43:91:d9:95:49:68:ea:73:89:f4:98:6f:e9:b6:af:
                    b0:ae:f0:02:bd:c0:62:ed:7f:dd:9c:81:75:b4:90:
                    35:ab:60:cd:b5:3f:d6:2f:d2:79:aa:ed:3f:8e:9b:
                    f7:b6:02:b5:bd:e4:63:30:62:f8:5f:29:d7:16:da:
                    c7:21:8a:cf:3a:3c:16:91:d9:52:47:a6:31:2d:c1:
                    07:60:6d:f7:08:48:e1:f4:8e:e0:a1:c9:2e:52:5a:
                    f5:05:a0:17:db:46:d6:58:72:37:00:43:e4:d4:39:
                    6b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:83:82:E4:12:86:CD:7B:29:18:8B:1F:16:A7:5D:76:0B:90:A9:D3
            X509v3 Authority Key Identifier:
                keyid:EF:D5:C3:4C:9F:D3:24:49:CB:C0:88:AB:10:D9:1B:5A:4A:B5:36:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/79XDTJ_TJEnLwIirENkbWkq1Nho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/15a057-4427-4b9d-ab75-5b7aba0f258c/1/79XDTJ_TJEnLwIirENkbWkq1Nho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/15a057-4427-4b9d-ab75-5b7aba0f258c/1/79XDTJ_TJEnLwIirENkbWkq1Nho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:ec:f5:de:80:aa:b9:7d:56:12:91:d6:4a:d0:bb:7c:2c:5d:
         b8:60:cb:2a:63:c0:fc:89:96:57:cc:ab:8d:ca:a8:ce:b7:8a:
         8e:97:96:6a:d0:4e:c6:89:12:36:16:6f:f0:63:25:e3:d4:d7:
         da:0b:fd:ac:46:4f:e8:e2:2f:59:a0:c2:8b:fc:0c:91:9b:c0:
         a7:fe:be:08:9a:df:71:d3:8c:df:a6:24:a5:4d:23:40:db:e1:
         d6:0b:b5:b5:91:7e:91:30:28:67:57:ac:20:74:21:44:39:79:
         3d:9f:43:f1:7a:bc:b8:c3:dc:b0:98:bb:49:65:b7:88:ed:4c:
         88:14:39:e6:4b:98:28:eb:41:79:92:16:31:82:33:46:31:d2:
         ef:c1:47:f9:b0:89:db:9a:b8:e4:68:0b:89:36:a9:22:e9:9e:
         5c:de:58:fd:22:ba:36:d2:d3:af:d8:c1:eb:1c:47:36:46:6e:
         3c:48:7d:bd:95:17:2d:76:13:fb:0c:f4:a3:07:f1:cf:d8:8c:
         d1:ca:1f:fa:3c:0d:8c:1c:a4:43:56:1d:bd:8c:8b:dc:e5:cf:
         1f:ec:f2:f6:d2:67:43:5c:af:e3:d5:01:22:88:86:14:16:9d:
         ac:8b:de:60:db:6f:dd:ae:04:56:60:22:d5:39:32:1d:8f:f7:
         81:ac:2a:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d/FBN52NseAVZX/APzfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZDVjMzRjOWZkMzI0NDljYmMwODhhYjEwZDkxYjVhNGFi
NTM2MWEwHhcNMjYwMzI5MTIwMDU0WhcNMjYwMzMwMTIwMDU0WjAzMTEwLwYDVQQD
EygxYTgzODJlNDEyODZjZDdiMjkxODhiMWYxNmE3NWQ3NjBiOTBhOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJPoXvzUzIwFCfKpvryCXIhBkG/K
b/LmNAERHbcbKvg0dimKB00gLJLmhv9FxTpQRoKPuCPEWHnSZRy7X///Hknqy+VR
DiPoM4MZ1I4mmaTAv7J5Ye8rqax+p3GLe2bw72o/gmGQGdN2z74UZ9m3UYMplS1M
q3CC4JIkmA2h8fS1Ge2LhrjCAflkqb7Knw5nxOMDfMxDkdmVSWjqc4n0mG/ptq+w
rvACvcBi7X/dnIF1tJA1q2DNtT/WL9J5qu0/jpv3tgK1veRjMGL4XynXFtrHIYrP
OjwWkdlSR6YxLcEHYG33CEjh9I7gockuUlr1BaAX20bWWHI3AEPk1DlriwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqDguQShs17KRiLHxanXXYLkKnTMB8GA1UdIwQY
MBaAFO/Vw0yf0yRJy8CIqxDZG1pKtTYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzlYRFRKX1RKRW5Md0lpckVOa2JXa3ExTmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8xNWEwNTctNDQyNy00YjlkLWFiNzUt
NWI3YWJhMGYyNThjLzEvNzlYRFRKX1RKRW5Md0lpckVOa2JXa3ExTmhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8xNWEwNTctNDQyNy00YjlkLWFiNzUtNWI3YWJhMGYyNThj
LzEvNzlYRFRKX1RKRW5Md0lpckVOa2JXa3ExTmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUuz13oCq
uX1WEpHWStC7fCxduGDLKmPA/ImWV8yrjcqozreKjpeWatBOxokSNhZv8GMl49TX
2gv9rEZP6OIvWaDCi/wMkZvAp/6+CJrfcdOM36YkpU0jQNvh1gu1tZF+kTAoZ1es
IHQhRDl5PZ9D8Xq8uMPcsJi7SWW3iO1MiBQ55kuYKOtBeZIWMYIzRjHS78FH+bCJ
25q45GgLiTapIumeXN5Y/SK6NtLTr9jB6xxHNkZuPEh9vZUXLXYT+wz0owfxz9iM
0cof+jwNjBykQ1YdvYyL3OXPH+zy9tJnQ1yv49UBIoiGFBadrIveYNtv3a4EVmAi
1TkyHY/3gawqqg==
-----END CERTIFICATE-----