Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
File:                     SVfItkDqWWxdEac7PSZu54w_Cds.mft (raw, json)
Hash identifier:          xETLcmf09PxbNXjnX39BIzLu2pcSg7M5ytuNa1zii/Y=
Subject key identifier:   B5:6F:E3:16:17:CA:65:73:29:B6:04:1D:E3:6B:55:DC:73:86:D3:16
Authority key identifier: 49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB
Certificate issuer:       /CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
Certificate serial:       019D3909C3FC45FF6F0239F0F5A72D6EE9F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
Manifest number:          0B1D
Signing time:             Sun 29 Mar 2026 10:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:34 +0000
Files and hashes:         1: SVfItkDqWWxdEac7PSZu54w_Cds.crl (hash: sMB1kbjxSuxVZv4RZziy/njXqo5SF7XXnbgB+FamS8A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:c3:fc:45:ff:6f:02:39:f0:f5:a7:2d:6e:e9:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
        Validity
            Not Before: Mar 29 10:00:34 2026 GMT
            Not After : Mar 30 10:00:34 2026 GMT
        Subject: CN=b56fe31617ca657329b6041de36b55dc7386d316
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:02:99:54:dd:1a:b4:99:9d:30:2f:2f:c5:33:
                    09:48:6b:22:e5:b0:df:d9:36:52:e3:a9:db:1a:e0:
                    2a:fb:5e:2c:0c:90:e3:ed:14:4a:af:3c:2d:21:10:
                    1d:ec:24:00:a6:39:c0:ef:4c:c5:8c:1f:cd:c0:6f:
                    77:66:68:34:b1:65:ef:8d:59:e4:00:46:eb:20:eb:
                    88:f9:3d:a3:1c:6f:e0:fd:34:a9:1f:31:23:51:c0:
                    e8:28:0c:11:87:38:65:04:a2:bd:1c:92:c5:ff:8c:
                    82:6e:b6:5e:fc:e2:18:1c:64:2a:7c:96:55:42:6b:
                    99:4c:2e:20:8a:45:61:33:e8:4f:da:05:82:cb:80:
                    6e:66:6d:eb:be:63:91:39:56:c2:12:d0:88:32:da:
                    96:bf:0f:06:cb:8d:2c:83:60:38:11:f2:57:d8:67:
                    eb:ba:c1:fc:02:04:fa:12:95:71:84:a6:7b:fc:82:
                    ff:20:b3:19:cb:cc:88:8c:62:74:09:ac:5b:db:fa:
                    9d:d9:35:fc:71:87:fd:58:b9:15:c9:66:9f:e3:a1:
                    77:73:d2:61:8d:3d:84:5b:7b:39:17:49:fa:1d:f4:
                    35:5c:e2:de:cf:ad:db:6e:ef:b1:7b:b5:7f:b0:26:
                    68:b9:73:bf:cd:43:70:1f:e8:ce:b4:1c:ad:bc:96:
                    50:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:6F:E3:16:17:CA:65:73:29:B6:04:1D:E3:6B:55:DC:73:86:D3:16
            X509v3 Authority Key Identifier:
                keyid:49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:bf:17:db:6a:da:a0:c3:a3:16:82:0c:4c:a4:0b:85:f0:5d:
         93:09:57:05:0e:a1:f3:26:f3:7e:e2:9a:ef:f6:f2:c1:13:59:
         91:fa:d0:b9:b4:b3:cb:2c:5f:a2:bb:c4:23:ad:0e:17:10:d8:
         0c:8a:6d:7d:31:06:6c:7e:04:09:36:bd:7f:6d:43:ee:80:00:
         63:8c:c5:1c:e3:60:ca:83:05:eb:a4:99:e4:a2:81:0d:bc:56:
         0f:97:11:0a:82:7e:fe:75:d2:de:84:10:3a:4b:eb:b7:c0:61:
         fc:e7:84:19:e9:f7:0d:5b:58:25:82:0b:b2:b6:32:bb:a5:b7:
         25:a0:6c:b8:70:f9:7b:79:c2:00:33:2f:b0:89:05:06:91:74:
         5d:42:51:93:ae:75:df:9b:d4:d4:44:e1:80:f3:41:65:0a:a8:
         e7:8e:71:c1:71:9f:ec:e5:43:31:2d:3d:7d:ac:ad:53:62:d2:
         49:0b:20:5d:8b:2d:6c:77:9c:0e:d9:18:e5:47:cf:a4:dc:ce:
         57:e6:a2:42:90:52:a7:c2:63:21:93:b5:fd:fd:cd:6d:bc:5d:
         51:12:a7:7b:94:a6:ce:7c:6c:78:17:e3:52:44:b0:35:05:15:
         a5:35:fc:6c:a0:e9:31:b7:60:6d:63:a9:c4:ac:f8:43:41:59:
         fa:0c:c3:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CcP8Rf9vAjnw9actbunyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTdjOGI2NDBlYTU5NmM1ZDExYTczYjNkMjY2ZWU3OGMz
ZjA5ZGIwHhcNMjYwMzI5MTAwMDM0WhcNMjYwMzMwMTAwMDM0WjAzMTEwLwYDVQQD
EyhiNTZmZTMxNjE3Y2E2NTczMjliNjA0MWRlMzZiNTVkYzczODZkMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAKZVN0atJmdMC8vxTMJSGsi5bDf
2TZS46nbGuAq+14sDJDj7RRKrzwtIRAd7CQApjnA70zFjB/NwG93Zmg0sWXvjVnk
AEbrIOuI+T2jHG/g/TSpHzEjUcDoKAwRhzhlBKK9HJLF/4yCbrZe/OIYHGQqfJZV
QmuZTC4gikVhM+hP2gWCy4BuZm3rvmOROVbCEtCIMtqWvw8Gy40sg2A4EfJX2Gfr
usH8AgT6EpVxhKZ7/IL/ILMZy8yIjGJ0Caxb2/qd2TX8cYf9WLkVyWaf46F3c9Jh
jT2EW3s5F0n6HfQ1XOLez63bbu+xe7V/sCZouXO/zUNwH+jOtBytvJZQFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLVv4xYXymVzKbYEHeNrVdxzhtMWMB8GA1UdIwQY
MBaAFElXyLZA6llsXRGnOz0mbueMPwnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWIt
YmZlMWUxNzNkOGYwLzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWItYmZlMWUxNzNkOGYw
LzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY78X22ra
oMOjFoIMTKQLhfBdkwlXBQ6h8ybzfuKa7/bywRNZkfrQubSzyyxforvEI60OFxDY
DIptfTEGbH4ECTa9f21D7oAAY4zFHONgyoMF66SZ5KKBDbxWD5cRCoJ+/nXS3oQQ
Okvrt8Bh/OeEGen3DVtYJYILsrYyu6W3JaBsuHD5e3nCADMvsIkFBpF0XUJRk651
35vU1EThgPNBZQqo545xwXGf7OVDMS09faytU2LSSQsgXYstbHecDtkY5UfPpNzO
V+aiQpBSp8JjIZO1/f3NbbxdURKne5SmznxseBfjUkSwNQUVpTX8bKDpMbdgbWOp
xKz4Q0FZ+gzD7Q==
-----END CERTIFICATE-----