Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
File:                     mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft (raw, json)
Hash identifier:          jBAerUn0l8sIvYy+VsgOrrB1v1UfcQDyoroPXntOnMY=
Subject key identifier:   16:2A:57:C3:73:05:43:7C:16:CC:B9:F3:9D:09:56:C2:DA:F2:C6:FB
Authority key identifier: 99:72:14:8C:73:62:C2:C9:39:9B:B3:AF:74:15:92:C4:25:16:C5:47
Certificate issuer:       /CN=9972148c7362c2c9399bb3af741592c42516c547
Certificate serial:       019D37C09FD2D8FA4516AB183FFE38E31F59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
Manifest number:          13CA
Signing time:             Sun 29 Mar 2026 04:01:03 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:03 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:03 +0000
Files and hashes:         1: mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl (hash: qFYMuKL6SutYDgytsE5jAzHKdoxp6F3xc4QB3byY5SI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:9f:d2:d8:fa:45:16:ab:18:3f:fe:38:e3:1f:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9972148c7362c2c9399bb3af741592c42516c547
        Validity
            Not Before: Mar 29 04:01:03 2026 GMT
            Not After : Mar 30 04:01:03 2026 GMT
        Subject: CN=162a57c37305437c16ccb9f39d0956c2daf2c6fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:ad:17:de:34:10:de:d9:cc:05:b2:fd:00:13:
                    85:bf:8b:c3:d9:e3:7f:33:9a:de:b8:27:88:88:4c:
                    c5:d9:cc:b4:eb:b1:b5:fd:d8:e9:be:13:07:e2:1c:
                    af:3d:d5:4a:80:ec:59:c8:41:93:c3:33:31:5d:03:
                    27:1a:ba:1f:af:57:75:1e:95:c5:9e:68:2c:f5:5d:
                    3d:77:bd:42:f4:d2:1a:a8:97:db:e5:22:e1:19:c1:
                    f1:2a:10:ee:02:22:46:5b:45:3e:15:60:96:37:c4:
                    b9:70:1e:e0:6b:b7:76:5f:75:b3:2a:82:bb:f4:21:
                    32:63:96:b0:9d:7e:c1:bf:20:dd:2a:2f:34:05:7d:
                    79:71:84:b7:f5:62:07:35:95:01:b1:34:09:66:4a:
                    fa:09:62:c4:ce:45:6f:c6:71:9b:75:f3:62:e8:fd:
                    e7:3c:59:06:59:d4:9a:f9:87:a5:14:31:0a:7c:66:
                    e6:f8:55:22:a0:e3:5b:b7:12:31:27:8b:6b:25:2e:
                    7d:d9:4b:76:5a:9e:c4:70:cd:db:b5:64:7f:36:ed:
                    30:57:5d:90:47:2a:0c:f5:69:c8:66:e7:65:71:74:
                    26:56:2d:77:3e:fd:45:bb:9b:af:26:e2:aa:ec:bf:
                    00:f7:9b:c6:b7:f4:41:b1:d4:a6:f8:4d:f1:c8:53:
                    32:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:2A:57:C3:73:05:43:7C:16:CC:B9:F3:9D:09:56:C2:DA:F2:C6:FB
            X509v3 Authority Key Identifier:
                keyid:99:72:14:8C:73:62:C2:C9:39:9B:B3:AF:74:15:92:C4:25:16:C5:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:dd:b1:d7:32:31:dc:c0:fb:12:e9:ee:0f:6e:4b:1d:a0:8c:
         c6:dd:03:09:4a:a6:d9:04:6b:68:91:c2:94:89:ab:d6:22:db:
         1d:9e:cd:8f:be:33:a7:4f:da:73:61:3e:af:b0:44:d7:88:54:
         e8:87:23:5b:3b:e7:c4:74:83:22:5b:26:ef:68:8e:42:47:85:
         72:83:cd:c4:a6:7b:7f:83:c0:6d:0d:d8:39:af:cc:ab:ad:78:
         b2:2f:ac:53:a0:c8:02:c8:17:6e:dd:d7:6b:f8:2e:39:89:6e:
         8a:2a:05:a7:42:d1:20:38:9b:15:b3:b3:5f:53:5a:93:67:22:
         c0:b3:af:78:50:d0:86:c8:a6:d5:e4:a4:08:0f:af:c4:9a:4f:
         5d:00:02:85:10:9f:b0:03:8a:f2:8b:03:b0:f5:17:60:a8:22:
         c7:ae:3d:d8:f7:c4:4f:8c:87:26:e5:76:38:b5:00:45:06:6b:
         e4:45:6e:1a:fe:b2:e4:55:46:c2:70:02:ed:62:0d:fc:d5:d6:
         86:a7:22:ff:c5:3e:17:30:33:c1:19:d0:e3:26:f3:74:05:a5:
         6a:5f:e9:48:e6:68:01:29:f8:70:f6:dd:3e:82:f6:17:fe:56:
         dc:c4:09:ff:34:dd:e2:67:7e:3e:e0:20:98:21:4a:b2:e1:fa:
         88:31:ed:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wJ/S2PpFFqsYP/444x9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzIxNDhjNzM2MmMyYzkzOTliYjNhZjc0MTU5MmM0MjUx
NmM1NDcwHhcNMjYwMzI5MDQwMTAzWhcNMjYwMzMwMDQwMTAzWjAzMTEwLwYDVQQD
EygxNjJhNTdjMzczMDU0MzdjMTZjY2I5ZjM5ZDA5NTZjMmRhZjJjNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7q0X3jQQ3tnMBbL9ABOFv4vD2eN/
M5reuCeIiEzF2cy067G1/djpvhMH4hyvPdVKgOxZyEGTwzMxXQMnGrofr1d1HpXF
nmgs9V09d71C9NIaqJfb5SLhGcHxKhDuAiJGW0U+FWCWN8S5cB7ga7d2X3WzKoK7
9CEyY5awnX7BvyDdKi80BX15cYS39WIHNZUBsTQJZkr6CWLEzkVvxnGbdfNi6P3n
PFkGWdSa+YelFDEKfGbm+FUioONbtxIxJ4trJS592Ut2Wp7EcM3btWR/Nu0wV12Q
RyoM9WnIZudlcXQmVi13Pv1Fu5uvJuKq7L8A95vGt/RBsdSm+E3xyFMyyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYqV8NzBUN8Fsy5850JVsLa8sb7MB8GA1UdIwQY
MBaAFJlyFIxzYsLJOZuzr3QVksQlFsVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81ODdiN2ItMDcxYy00MzBiLTllYjIt
NmVjNjI2OTBiMTliLzEvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81ODdiN2ItMDcxYy00MzBiLTllYjItNmVjNjI2OTBiMTli
LzEvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFd2x1zIx
3MD7EunuD25LHaCMxt0DCUqm2QRraJHClImr1iLbHZ7Nj74zp0/ac2E+r7BE14hU
6IcjWzvnxHSDIlsm72iOQkeFcoPNxKZ7f4PAbQ3YOa/Mq614si+sU6DIAsgXbt3X
a/guOYluiioFp0LRIDibFbOzX1Nak2ciwLOveFDQhsim1eSkCA+vxJpPXQAChRCf
sAOK8osDsPUXYKgix6492PfET4yHJuV2OLUARQZr5EVuGv6y5FVGwnAC7WIN/NXW
hqci/8U+FzAzwRnQ4ybzdAWlal/pSOZoASn4cPbdPoL2F/5W3MQJ/zTd4md+PuAg
mCFKsuH6iDHtKA==
-----END CERTIFICATE-----