Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
File:                     PP7M1r9kBrDPRPaCuTzYbjNGUko.mft (raw, json)
Hash identifier:          4NAHyvPO3xrKQbFD9mPsPNf/NwLIO+UgohoVp5+XJn4=
Subject key identifier:   70:55:9B:F6:51:AB:C1:A8:65:9C:19:94:C8:EF:B8:9E:B0:97:C8:E6
Authority key identifier: 3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A
Certificate issuer:       /CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
Certificate serial:       019D3865CAF05A6F3D74AF403BC900C8C155
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
Manifest number:          1405
Signing time:             Sun 29 Mar 2026 07:01:28 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:28 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:28 +0000
Files and hashes:         1: PP7M1r9kBrDPRPaCuTzYbjNGUko.crl (hash: wLmWFIL4oWHvWzlZkF9Swnej8cCiWsqowCAivo1jgSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:ca:f0:5a:6f:3d:74:af:40:3b:c9:00:c8:c1:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
        Validity
            Not Before: Mar 29 07:01:28 2026 GMT
            Not After : Mar 30 07:01:28 2026 GMT
        Subject: CN=70559bf651abc1a8659c1994c8efb89eb097c8e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:f0:9d:c5:f5:cf:fa:02:0e:c4:ee:04:97:46:
                    93:70:d6:aa:ad:a6:fe:d7:ae:f0:b0:6c:89:5a:72:
                    79:5c:3b:21:ce:d4:5e:ab:a6:15:85:5a:98:18:44:
                    7f:9f:3d:c4:16:69:26:23:12:67:cb:69:23:ee:f6:
                    c8:9b:e8:c0:90:1a:06:5d:19:64:fe:99:0f:8c:b5:
                    18:2e:b6:95:80:ec:d2:d8:be:6c:50:27:99:61:e2:
                    6b:bd:f2:53:19:ed:f8:47:71:7c:ae:21:9a:6c:aa:
                    1f:e8:f1:30:ce:92:c8:a3:25:14:a5:36:d8:05:4d:
                    01:36:45:79:b0:26:48:3a:2f:e8:5f:6d:8e:59:8a:
                    2f:96:56:3a:99:38:cf:71:d6:f4:8d:ce:61:6a:f3:
                    53:48:ec:40:87:e0:3e:ef:ac:f8:93:42:e5:46:d3:
                    52:74:82:0c:aa:9e:e7:fb:f9:3d:81:3b:35:44:b8:
                    66:39:58:3d:8c:e6:1b:b6:85:9f:22:be:e7:90:fe:
                    ae:30:7a:94:8b:fb:ab:22:a0:da:ef:6d:10:07:d9:
                    41:2f:4d:c4:7f:6d:46:73:0b:9e:d3:bd:b7:ec:df:
                    1f:c5:be:51:8b:80:2d:c5:6e:ae:be:67:0b:10:45:
                    f5:17:e2:5a:73:4a:dc:3f:0c:70:eb:07:8c:3e:68:
                    ae:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:55:9B:F6:51:AB:C1:A8:65:9C:19:94:C8:EF:B8:9E:B0:97:C8:E6
            X509v3 Authority Key Identifier:
                keyid:3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:5f:f7:64:37:f2:a7:fc:f7:ee:da:c6:ef:c3:08:23:00:b1:
         c8:51:4a:3a:af:e7:bd:6a:fc:53:ac:04:d7:95:a3:88:34:c9:
         6c:28:99:90:d7:25:55:a9:2f:51:34:51:2a:15:92:d1:e0:02:
         4d:dc:16:e0:90:59:49:12:25:1f:22:93:ca:29:f7:28:bc:a6:
         d8:c0:b6:76:ab:57:6c:44:0f:ec:5d:7e:95:62:0f:2f:9b:f7:
         c5:80:02:1a:a9:fd:8b:fd:2a:6b:dc:47:79:29:bb:92:99:18:
         86:87:d0:fe:88:c4:30:d8:b4:48:30:10:e0:4a:ca:94:28:88:
         b7:06:09:39:e3:5d:67:93:6d:de:29:4c:d4:aa:d5:21:c8:21:
         eb:ef:5b:60:94:b5:75:33:09:33:4a:13:22:df:7e:ea:2b:11:
         c7:51:b2:93:da:d8:49:49:1b:43:9e:36:51:58:f1:bc:8b:94:
         a1:eb:28:27:88:d5:27:6a:82:c8:51:5e:03:dc:78:fc:f4:ad:
         82:af:d8:84:3f:3c:cc:f1:3a:6a:1b:10:93:c9:b1:f4:ce:13:
         ed:cc:96:a5:b7:75:dd:c1:04:a4:6d:7f:8c:72:56:af:c2:7b:
         3f:e3:57:9d:fa:e1:48:e0:f0:fc:7a:7e:08:a6:69:dc:59:f6:
         0c:13:4a:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZcrwWm89dK9AO8kAyMFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmVjY2Q2YmY2NDA2YjBjZjQ0ZjY4MmI5M2NkODZlMzM0
NjUyNGEwHhcNMjYwMzI5MDcwMTI4WhcNMjYwMzMwMDcwMTI4WjAzMTEwLwYDVQQD
Eyg3MDU1OWJmNjUxYWJjMWE4NjU5YzE5OTRjOGVmYjg5ZWIwOTdjOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvCdxfXP+gIOxO4El0aTcNaqrab+
167wsGyJWnJ5XDshztReq6YVhVqYGER/nz3EFmkmIxJny2kj7vbIm+jAkBoGXRlk
/pkPjLUYLraVgOzS2L5sUCeZYeJrvfJTGe34R3F8riGabKof6PEwzpLIoyUUpTbY
BU0BNkV5sCZIOi/oX22OWYovllY6mTjPcdb0jc5havNTSOxAh+A+76z4k0LlRtNS
dIIMqp7n+/k9gTs1RLhmOVg9jOYbtoWfIr7nkP6uMHqUi/urIqDa720QB9lBL03E
f21Gcwue07237N8fxb5Ri4AtxW6uvmcLEEX1F+Jac0rcPwxw6weMPmiuWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBVm/ZRq8GoZZwZlMjvuJ6wl8jmMB8GA1UdIwQY
MBaAFDz+zNa/ZAawz0T2grk82G4zRlJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2Qt
MjNiODYxMWNjZTIzLzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2QtMjNiODYxMWNjZTIz
LzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG1/3ZDfy
p/z37trG78MIIwCxyFFKOq/nvWr8U6wE15WjiDTJbCiZkNclVakvUTRRKhWS0eAC
TdwW4JBZSRIlHyKTyin3KLym2MC2dqtXbEQP7F1+lWIPL5v3xYACGqn9i/0qa9xH
eSm7kpkYhofQ/ojEMNi0SDAQ4ErKlCiItwYJOeNdZ5Nt3ilM1KrVIcgh6+9bYJS1
dTMJM0oTIt9+6isRx1Gyk9rYSUkbQ542UVjxvIuUoesoJ4jVJ2qCyFFeA9x4/PSt
gq/YhD88zPE6ahsQk8mx9M4T7cyWpbd13cEEpG1/jHJWr8J7P+NXnfrhSODw/Hp+
CKZp3Fn2DBNKKQ==
-----END CERTIFICATE-----