Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft
File:                     d_M68l-VqylxEYjp_-pQzMshHXY.mft (raw, json)
Hash identifier:          C1iESN9DH7xQHytCziMjtVk6YbIqbZEqiZu6AYTDOy4=
Subject key identifier:   7D:3B:49:75:48:CB:2B:AB:86:BF:72:44:72:D8:78:37:C6:4A:B2:88
Authority key identifier: 77:F3:3A:F2:5F:95:AB:29:71:11:88:E9:FF:EA:50:CC:CB:21:1D:76
Certificate issuer:       /CN=77f33af25f95ab29711188e9ffea50cccb211d76
Certificate serial:       019D37C0F7A510726BA8E7E564E1299D1261
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_M68l-VqylxEYjp_-pQzMshHXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft
Manifest number:          1004
Signing time:             Sun 29 Mar 2026 04:01:26 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:26 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:26 +0000
Files and hashes:         1: d_M68l-VqylxEYjp_-pQzMshHXY.crl (hash: yr6ph6kR6I7vogNh2CGZjtlMhlbfz7zg7u2dNNoY+ww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_M68l-VqylxEYjp_-pQzMshHXY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:f7:a5:10:72:6b:a8:e7:e5:64:e1:29:9d:12:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f33af25f95ab29711188e9ffea50cccb211d76
        Validity
            Not Before: Mar 29 04:01:26 2026 GMT
            Not After : Mar 30 04:01:26 2026 GMT
        Subject: CN=7d3b497548cb2bab86bf724472d87837c64ab288
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:03:44:a6:08:03:c4:c0:2b:d7:b3:9f:06:2a:
                    f0:f2:4e:b8:3c:69:8b:3a:27:c4:32:a1:1c:4b:ae:
                    ad:78:4b:12:f1:aa:8c:6e:d0:d1:42:12:77:07:17:
                    c7:ea:1e:1a:6b:b0:61:81:28:24:29:cd:16:ab:5d:
                    d9:57:6c:0e:85:b0:a5:76:0a:48:05:b7:6a:d0:47:
                    0c:30:82:e4:ba:76:c6:29:fb:ee:f6:9a:a5:82:07:
                    29:f6:5a:bb:97:4b:22:ca:3e:6f:bb:ad:e4:01:90:
                    86:24:8e:f9:00:11:64:76:cb:45:1a:cc:f8:f0:94:
                    76:b5:aa:56:58:5d:a1:02:88:fd:2d:fe:2d:cb:b0:
                    bd:8d:37:26:ca:bb:ce:6b:5a:9b:3b:71:b0:46:07:
                    5c:40:c0:78:73:30:f9:5a:26:12:59:1f:4d:3f:e9:
                    27:18:c8:e1:b1:bc:b4:44:11:ad:78:33:b1:9e:cf:
                    cb:db:e6:93:a9:ac:fa:dd:c5:40:59:d0:03:33:bc:
                    76:ce:88:52:bf:a8:9d:9c:01:7b:0b:31:fa:51:d2:
                    be:e9:5b:3f:a8:25:48:67:fd:bf:7e:43:0c:71:14:
                    dd:87:a3:93:da:4e:c9:30:cd:30:e1:d5:5c:9e:6c:
                    89:4f:8e:33:5f:13:79:0e:9f:e1:3a:48:7c:b2:9a:
                    0d:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:3B:49:75:48:CB:2B:AB:86:BF:72:44:72:D8:78:37:C6:4A:B2:88
            X509v3 Authority Key Identifier:
                keyid:77:F3:3A:F2:5F:95:AB:29:71:11:88:E9:FF:EA:50:CC:CB:21:1D:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_M68l-VqylxEYjp_-pQzMshHXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b6462f-cc72-4f69-96f4-8bca0561b72d/1/d_M68l-VqylxEYjp_-pQzMshHXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:37:82:ad:57:a4:f6:06:a4:72:77:d8:7f:52:f4:bd:2f:e8:
         a3:aa:1c:cf:eb:b9:94:31:40:97:38:d8:64:62:74:a5:40:61:
         bd:77:07:d1:cc:e5:a3:94:83:21:63:1d:53:75:77:93:86:c8:
         ed:a6:a6:31:49:35:8a:f0:86:b8:8c:a7:ab:8b:73:7f:b5:c8:
         e1:e9:b5:cb:d8:ff:50:e0:32:28:da:7a:4e:04:8b:1a:f2:42:
         4f:59:7e:64:4c:ff:34:c8:b7:0d:e9:18:d5:69:8d:84:c3:7b:
         fc:85:76:88:f2:6f:0c:60:5f:63:9a:96:55:4b:11:c4:7c:44:
         26:57:e0:bc:67:8b:93:91:98:5b:d0:e7:c3:a7:ff:13:fa:54:
         ba:df:8a:87:87:81:51:32:88:78:0c:fb:d2:f8:ac:97:53:25:
         bb:f3:a2:2c:62:c3:1b:dc:37:62:18:c4:03:b1:bf:2d:4c:2b:
         a2:0e:c8:6c:46:6a:26:34:c4:85:a4:08:83:3c:df:22:98:c7:
         d1:47:21:81:ce:0e:d7:f6:5a:2b:c7:82:61:df:fb:97:39:30:
         0d:f9:fc:88:78:c0:2a:22:d0:27:77:24:eb:27:fa:58:a9:c1:
         f9:a1:d3:49:a3:35:b1:7a:bf:96:9c:ac:eb:18:e9:7a:75:93:
         84:b3:86:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wPelEHJrqOflZOEpnRJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjMzYWYyNWY5NWFiMjk3MTExODhlOWZmZWE1MGNjY2Iy
MTFkNzYwHhcNMjYwMzI5MDQwMTI2WhcNMjYwMzMwMDQwMTI2WjAzMTEwLwYDVQQD
Eyg3ZDNiNDk3NTQ4Y2IyYmFiODZiZjcyNDQ3MmQ4NzgzN2M2NGFiMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQNEpggDxMAr17OfBirw8k64PGmL
OifEMqEcS66teEsS8aqMbtDRQhJ3BxfH6h4aa7BhgSgkKc0Wq13ZV2wOhbCldgpI
Bbdq0EcMMILkunbGKfvu9pqlggcp9lq7l0siyj5vu63kAZCGJI75ABFkdstFGsz4
8JR2tapWWF2hAoj9Lf4ty7C9jTcmyrvOa1qbO3GwRgdcQMB4czD5WiYSWR9NP+kn
GMjhsby0RBGteDOxns/L2+aTqaz63cVAWdADM7x2zohSv6idnAF7CzH6UdK+6Vs/
qCVIZ/2/fkMMcRTdh6OT2k7JMM0w4dVcnmyJT44zXxN5Dp/hOkh8spoNqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH07SXVIyyurhr9yRHLYeDfGSrKIMB8GA1UdIwQY
MBaAFHfzOvJflaspcRGI6f/qUMzLIR12MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9NNjhsLVZxeWx4RVlqcF8tcFF6TXNoSFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNjQ2MmYtY2M3Mi00ZjY5LTk2ZjQt
OGJjYTA1NjFiNzJkLzEvZF9NNjhsLVZxeWx4RVlqcF8tcFF6TXNoSFhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNjQ2MmYtY2M3Mi00ZjY5LTk2ZjQtOGJjYTA1NjFiNzJk
LzEvZF9NNjhsLVZxeWx4RVlqcF8tcFF6TXNoSFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATjeCrVek
9gakcnfYf1L0vS/oo6ocz+u5lDFAlzjYZGJ0pUBhvXcH0czlo5SDIWMdU3V3k4bI
7aamMUk1ivCGuIynq4tzf7XI4em1y9j/UOAyKNp6TgSLGvJCT1l+ZEz/NMi3DekY
1WmNhMN7/IV2iPJvDGBfY5qWVUsRxHxEJlfgvGeLk5GYW9Dnw6f/E/pUut+Kh4eB
UTKIeAz70visl1Mlu/OiLGLDG9w3YhjEA7G/LUwrog7IbEZqJjTEhaQIgzzfIpjH
0Uchgc4O1/ZaK8eCYd/7lzkwDfn8iHjAKiLQJ3ck6yf6WKnB+aHTSaM1sXq/lpys
6xjpenWThLOG6Q==
-----END CERTIFICATE-----