Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
File:                     X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft (raw, json)
Hash identifier:          VMqfuMqjMFjKm+ji3uPKX/XWe83wQg6LShXNQ8vs9aE=
Subject key identifier:   6A:C2:CB:31:3A:5F:11:CB:1F:06:74:89:84:1D:3B:68:F8:07:8E:8A
Authority key identifier: 5F:7A:12:35:46:FE:51:A9:E4:BE:DF:83:EE:E0:37:52:BD:96:39:D6
Certificate issuer:       /CN=5f7a123546fe51a9e4bedf83eee03752bd9639d6
Certificate serial:       019D389C42AEA6B39286D95C57A14CA4D262
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
Manifest number:          0666
Signing time:             Sun 29 Mar 2026 08:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:57 +0000
Files and hashes:         1: X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl (hash: unh9wReRt1UfF/OBUpPdPcBaFxxmvmQkxU9pfT75l14=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9c:42:ae:a6:b3:92:86:d9:5c:57:a1:4c:a4:d2:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f7a123546fe51a9e4bedf83eee03752bd9639d6
        Validity
            Not Before: Mar 29 08:00:57 2026 GMT
            Not After : Mar 30 08:00:57 2026 GMT
        Subject: CN=6ac2cb313a5f11cb1f067489841d3b68f8078e8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ef:e8:97:55:0b:48:41:c7:2a:54:de:6f:a2:
                    6b:84:6c:b7:b1:72:78:65:7e:04:cd:9a:98:d7:0d:
                    35:0d:f0:67:3f:9c:61:d2:1f:4d:b7:fa:b4:91:30:
                    b6:c2:42:1a:97:4a:90:fd:5b:05:7a:2f:6f:c2:d7:
                    20:3d:f1:08:6b:0e:2e:cb:68:35:3a:bf:c7:48:99:
                    90:71:41:89:5b:de:5c:ea:63:d0:0d:8b:48:81:d7:
                    59:60:8b:48:11:11:d4:d3:50:68:9d:e5:2b:79:31:
                    42:1a:ee:47:0e:b2:8c:14:8b:00:5d:37:2a:a8:55:
                    b6:fc:3f:a7:0c:3b:44:c6:f1:f8:67:41:1e:72:c7:
                    88:50:65:4a:56:d2:81:0f:ca:8d:03:32:8a:23:dc:
                    52:a8:90:33:9a:69:0a:c8:bc:f1:ce:4f:3a:7b:93:
                    37:24:38:93:91:1c:d5:9d:fb:64:0b:70:e8:04:d4:
                    32:de:71:d0:2d:88:13:d0:d1:c9:34:7f:6f:e4:7b:
                    b5:d3:89:df:5d:fc:dc:84:06:b5:f7:42:2a:5e:a9:
                    3c:b0:7d:48:35:b9:43:5e:f8:35:19:27:f7:1a:1e:
                    03:d3:0b:a1:a2:b5:ba:1e:b7:e6:43:93:9e:59:a9:
                    25:71:d1:a7:8a:fa:33:ea:47:d4:13:74:11:b0:18:
                    f2:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:C2:CB:31:3A:5F:11:CB:1F:06:74:89:84:1D:3B:68:F8:07:8E:8A
            X509v3 Authority Key Identifier:
                keyid:5F:7A:12:35:46:FE:51:A9:E4:BE:DF:83:EE:E0:37:52:BD:96:39:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X3oSNUb-Uankvt-D7uA3Ur2WOdY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0de238-8d0b-40ff-b569-b2ff681da6bb/1/X3oSNUb-Uankvt-D7uA3Ur2WOdY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:e1:ad:40:9e:39:e3:f7:d5:1c:eb:02:fe:d2:36:56:6d:68:
         03:e7:c7:8e:d9:f6:bb:6e:00:4a:22:fa:6a:53:6f:4a:b6:33:
         83:01:d4:ba:1e:80:a2:69:8d:74:2a:76:2c:87:47:c5:39:72:
         6c:58:87:b5:e3:67:b2:9b:d4:93:71:42:94:2b:d1:a1:cd:0e:
         c0:00:80:1a:e1:e1:4a:52:f0:b3:17:33:7b:8e:87:30:7a:b0:
         d5:79:8c:ec:f4:9d:bf:16:c0:af:7d:6b:3b:e6:77:fc:ab:a8:
         42:70:41:bb:b1:7a:d2:70:a7:ab:0f:c1:0a:27:a5:c9:4d:f5:
         08:e0:42:c7:ea:5a:0c:f2:94:54:6e:bd:42:d1:5f:6e:bf:ee:
         1b:e7:b0:4c:5e:f7:af:27:5d:3d:d6:e5:7b:ed:01:f3:ed:71:
         32:90:07:a0:6b:e8:40:d8:36:a0:30:e8:7f:ae:33:7d:0c:6e:
         fc:94:8d:3b:62:ce:84:85:7d:04:de:3d:8f:d4:bc:f2:de:dd:
         e9:ed:f4:67:41:4a:41:d1:73:2c:b8:9f:9e:5f:d1:2d:f9:27:
         c0:d8:c6:2c:0c:e5:06:c3:44:86:33:e1:0b:62:1f:58:a4:b1:
         2e:a4:13:ee:a3:b9:fc:e4:aa:85:23:f3:12:c0:a8:3a:ac:fc:
         fe:22:98:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nEKuprOShtlcV6FMpNJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2ExMjM1NDZmZTUxYTllNGJlZGY4M2VlZTAzNzUyYmQ5
NjM5ZDYwHhcNMjYwMzI5MDgwMDU3WhcNMjYwMzMwMDgwMDU3WjAzMTEwLwYDVQQD
Eyg2YWMyY2IzMTNhNWYxMWNiMWYwNjc0ODk4NDFkM2I2OGY4MDc4ZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO/ol1ULSEHHKlTeb6JrhGy3sXJ4
ZX4EzZqY1w01DfBnP5xh0h9Nt/q0kTC2wkIal0qQ/VsFei9vwtcgPfEIaw4uy2g1
Or/HSJmQcUGJW95c6mPQDYtIgddZYItIERHU01BoneUreTFCGu5HDrKMFIsAXTcq
qFW2/D+nDDtExvH4Z0EecseIUGVKVtKBD8qNAzKKI9xSqJAzmmkKyLzxzk86e5M3
JDiTkRzVnftkC3DoBNQy3nHQLYgT0NHJNH9v5Hu104nfXfzchAa190IqXqk8sH1I
NblDXvg1GSf3Gh4D0wuhorW6HrfmQ5OeWaklcdGnivoz6kfUE3QRsBjy0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrCyzE6XxHLHwZ0iYQdO2j4B46KMB8GA1UdIwQY
MBaAFF96EjVG/lGp5L7fg+7gN1K9ljnWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8wZGUyMzgtOGQwYi00MGZmLWI1Njkt
YjJmZjY4MWRhNmJiLzEvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8wZGUyMzgtOGQwYi00MGZmLWI1NjktYjJmZjY4MWRhNmJi
LzEvWDNvU05VYi1VYW5rdnQtRDd1QTNVcjJXT2RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVuGtQJ45
4/fVHOsC/tI2Vm1oA+fHjtn2u24ASiL6alNvSrYzgwHUuh6AommNdCp2LIdHxTly
bFiHteNnspvUk3FClCvRoc0OwACAGuHhSlLwsxcze46HMHqw1XmM7PSdvxbAr31r
O+Z3/KuoQnBBu7F60nCnqw/BCielyU31COBCx+paDPKUVG69QtFfbr/uG+ewTF73
ryddPdble+0B8+1xMpAHoGvoQNg2oDDof64zfQxu/JSNO2LOhIV9BN49j9S88t7d
6e30Z0FKQdFzLLifnl/RLfknwNjGLAzlBsNEhjPhC2IfWKSxLqQT7qO5/OSqhSPz
EsCoOqz8/iKYlw==
-----END CERTIFICATE-----