Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
File:                     PQJjyVdcvQESY66Ig5p4iLdPoHY.mft (raw, json)
Hash identifier:          tdMOQ/UJ+elyzP00BC3i5vwjdhg8ah5EwOsWQfS/dVk=
Subject key identifier:   A6:99:B7:25:85:84:CD:EB:3E:CF:E1:E5:86:71:FC:A7:82:D0:AD:32
Authority key identifier: 3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76
Certificate issuer:       /CN=3d0263c9575cbd011263ae88839a7888b74fa076
Certificate serial:       019D386654314A48BD79CDBDB5C6E6B21024
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
Manifest number:          13BA
Signing time:             Sun 29 Mar 2026 07:02:03 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:03 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:03 +0000
Files and hashes:         1: PQJjyVdcvQESY66Ig5p4iLdPoHY.crl (hash: Ou3+xrLn3XYZIuWD4d9h/RBNI/laI8HqvLXUHEO5bCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:54:31:4a:48:bd:79:cd:bd:b5:c6:e6:b2:10:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d0263c9575cbd011263ae88839a7888b74fa076
        Validity
            Not Before: Mar 29 07:02:03 2026 GMT
            Not After : Mar 30 07:02:03 2026 GMT
        Subject: CN=a699b7258584cdeb3ecfe1e58671fca782d0ad32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:4f:a8:47:43:4f:41:b7:f7:9c:f7:c8:83:cb:
                    5a:c0:53:9f:72:af:e8:4d:18:9f:38:f4:9c:6f:8d:
                    f1:e3:c3:8c:af:28:80:5e:f5:cf:8b:d1:a2:76:18:
                    2c:16:b3:04:8f:95:bd:0a:4a:cc:08:29:bb:79:93:
                    41:32:ad:41:8e:67:34:c6:9a:03:28:3b:03:37:93:
                    a5:64:21:1f:57:1f:9e:ae:15:ca:ce:a9:8d:1a:f2:
                    72:0f:dc:ac:1c:1e:14:ff:fa:34:64:fc:90:b6:3e:
                    7a:59:4f:f9:78:eb:28:79:ca:aa:8d:1a:54:cc:17:
                    30:22:a8:d8:da:60:2d:49:bf:c1:06:81:d5:b2:33:
                    76:17:e2:13:46:13:5a:b9:31:ec:80:70:5e:9a:16:
                    dd:34:15:9f:36:90:2f:04:1b:d6:19:49:d8:52:73:
                    4e:c2:0a:2c:0e:91:ad:a3:78:d6:06:04:60:25:47:
                    a0:19:8f:3c:48:0c:9f:3a:a8:66:38:6a:90:7f:e1:
                    b4:7e:e3:8b:46:9a:42:2f:79:9c:af:1b:f8:9c:49:
                    b4:a1:06:06:52:48:df:0c:d1:00:92:04:15:5d:1c:
                    18:f1:a4:ce:15:62:5b:d8:f6:b1:d2:1e:50:d5:eb:
                    05:01:67:84:b2:da:fa:3e:c6:45:11:5e:09:9d:bb:
                    29:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:99:B7:25:85:84:CD:EB:3E:CF:E1:E5:86:71:FC:A7:82:D0:AD:32
            X509v3 Authority Key Identifier:
                keyid:3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:e9:9f:e5:48:88:47:23:a2:a6:c1:da:f7:bf:b3:51:1f:36:
         be:9f:54:1a:8e:22:2b:b3:2b:0e:f1:50:ab:2b:f0:07:4e:a1:
         da:14:80:ed:c8:0b:c8:c4:24:0b:4c:03:29:3f:7f:61:ff:6c:
         ca:39:85:92:54:a4:15:e2:a0:5a:14:46:f0:94:09:ec:58:53:
         61:42:d6:b4:00:f8:78:61:5d:f3:d2:89:9b:ea:92:b2:c7:0b:
         1a:3b:5b:2d:db:66:22:0c:f5:df:e9:8c:cc:6b:c6:d3:ce:92:
         64:91:53:69:3b:a8:bb:92:d5:2c:f0:fa:9a:b1:c9:12:10:cf:
         77:79:f4:6f:7c:12:8c:70:f1:85:9f:b7:14:35:0c:c3:34:93:
         60:f0:f5:98:f4:2a:32:d1:47:1b:aa:e0:ba:09:a7:fd:45:22:
         2f:a2:46:ee:d9:9c:e3:17:12:e6:8c:8f:c8:f3:d7:34:71:eb:
         67:7f:10:a2:81:08:db:cc:1e:78:10:75:bc:f8:56:60:53:a1:
         d8:d4:10:ad:d3:65:45:02:11:3b:22:05:a6:b6:70:46:19:2f:
         8d:e0:2a:7b:8a:a5:bf:55:39:48:8e:6a:5f:4f:91:7e:0e:4f:
         ba:59:99:b7:b2:0a:7c:8b:a0:3c:b1:70:d1:03:30:24:20:c3:
         22:7b:fd:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZlQxSki9ec29tcbmshAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDI2M2M5NTc1Y2JkMDExMjYzYWU4ODgzOWE3ODg4Yjc0
ZmEwNzYwHhcNMjYwMzI5MDcwMjAzWhcNMjYwMzMwMDcwMjAzWjAzMTEwLwYDVQQD
EyhhNjk5YjcyNTg1ODRjZGViM2VjZmUxZTU4NjcxZmNhNzgyZDBhZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxU+oR0NPQbf3nPfIg8tawFOfcq/o
TRifOPScb43x48OMryiAXvXPi9GidhgsFrMEj5W9CkrMCCm7eZNBMq1Bjmc0xpoD
KDsDN5OlZCEfVx+erhXKzqmNGvJyD9ysHB4U//o0ZPyQtj56WU/5eOsoecqqjRpU
zBcwIqjY2mAtSb/BBoHVsjN2F+ITRhNauTHsgHBemhbdNBWfNpAvBBvWGUnYUnNO
wgosDpGto3jWBgRgJUegGY88SAyfOqhmOGqQf+G0fuOLRppCL3mcrxv4nEm0oQYG
UkjfDNEAkgQVXRwY8aTOFWJb2Pax0h5Q1esFAWeEstr6PsZFEV4JnbspvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaZtyWFhM3rPs/h5YZx/KeC0K0yMB8GA1UdIwQY
MBaAFD0CY8lXXL0BEmOuiIOaeIi3T6B2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUt
MTJmNGU2MjczODc3LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUtMTJmNGU2MjczODc3
LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACumf5UiI
RyOipsHa97+zUR82vp9UGo4iK7MrDvFQqyvwB06h2hSA7cgLyMQkC0wDKT9/Yf9s
yjmFklSkFeKgWhRG8JQJ7FhTYULWtAD4eGFd89KJm+qSsscLGjtbLdtmIgz13+mM
zGvG086SZJFTaTuou5LVLPD6mrHJEhDPd3n0b3wSjHDxhZ+3FDUMwzSTYPD1mPQq
MtFHG6rgugmn/UUiL6JG7tmc4xcS5oyPyPPXNHHrZ38QooEI28weeBB1vPhWYFOh
2NQQrdNlRQIROyIFprZwRhkvjeAqe4qlv1U5SI5qX0+Rfg5PulmZt7IKfIugPLFw
0QMwJCDDInv9Qw==
-----END CERTIFICATE-----