Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          L+OlBupy+vn99ucLN75eQ0dqh8I8tsuGLwp+KuXFxgQ=
Subject key identifier:   12:21:A6:44:7F:6E:B2:82:43:D9:91:8D:4B:3C:9F:DA:50:80:AE:90
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       019D390A2121A6643A40C51B8141EBFE63D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          055C
Signing time:             Sun 29 Mar 2026 10:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:58 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: 2FxoSOraFdB0Ph+lePxx9aUB5czI0Qh6tibU4ZE0bfg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:21:21:a6:64:3a:40:c5:1b:81:41:eb:fe:63:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Mar 29 10:00:58 2026 GMT
            Not After : Mar 30 10:00:58 2026 GMT
        Subject: CN=1221a6447f6eb28243d9918d4b3c9fda5080ae90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d0:93:fc:15:3a:86:bd:54:6e:b8:91:28:5b:
                    80:67:f8:57:a0:ca:eb:80:fb:fd:32:c9:08:52:f7:
                    12:8f:e1:8d:e9:7e:b2:2a:37:53:72:64:26:9e:c3:
                    33:d5:94:a7:0c:09:02:97:eb:a8:b7:8c:c9:b3:ff:
                    4c:fe:97:b9:69:c5:2a:e4:96:6b:78:df:88:26:f9:
                    46:bb:a1:0a:a4:9d:fa:ec:2e:d5:dd:b9:00:94:fa:
                    17:f2:78:5d:e0:6d:c6:97:41:16:ba:b7:73:f3:27:
                    d2:ff:07:1a:47:8e:e0:09:00:00:9b:6d:3b:df:12:
                    98:7c:a0:84:fb:73:9e:ca:7b:d8:25:39:bc:b8:b1:
                    c0:b9:bf:69:ac:ce:a0:ef:db:68:c5:06:78:71:36:
                    18:2a:74:56:a2:81:7e:8b:86:3e:fe:5a:2a:73:b2:
                    e1:2e:24:16:05:e8:9e:d4:76:62:1c:d8:26:62:b1:
                    0d:22:ad:b3:af:13:29:73:d4:5c:75:1f:0c:fe:f1:
                    4b:6c:9e:b0:36:7b:53:26:16:10:79:24:9e:06:7c:
                    f2:2a:6a:49:30:5a:d7:37:66:fd:13:6d:65:bc:39:
                    91:87:72:78:b3:fc:e8:2b:a4:ce:d6:64:97:4a:0e:
                    59:a4:73:0b:64:8d:02:6d:bc:ca:4c:53:d9:b1:19:
                    15:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:21:A6:44:7F:6E:B2:82:43:D9:91:8D:4B:3C:9F:DA:50:80:AE:90
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:56:2f:62:fe:d4:80:e1:0b:f7:5b:17:26:ca:04:3e:65:aa:
         e5:ae:e2:49:bd:ed:25:0c:57:67:ac:34:7b:ad:b4:cf:f2:73:
         0d:57:1e:e8:a8:12:fe:82:f9:65:e3:7a:08:ed:97:a8:02:60:
         83:92:97:8e:06:89:5c:fc:0d:a5:61:7c:20:c1:94:61:7a:8c:
         09:3e:6b:ba:f2:6a:39:b8:ab:0b:55:60:b7:85:22:33:80:27:
         2c:2c:a0:b1:b9:97:b5:58:09:04:20:93:81:86:9e:d8:b0:28:
         a9:a1:fb:79:8d:84:4b:d3:1d:5b:a1:e5:32:95:c4:83:68:51:
         fe:d6:cc:a7:70:02:0f:4e:02:84:c1:e3:eb:0f:23:48:a7:c2:
         0e:d2:af:a3:ee:db:e0:fc:13:3d:8c:76:17:c6:96:91:af:bc:
         22:10:b0:e4:60:5a:b9:b5:90:e9:03:15:67:a2:46:36:aa:90:
         b8:0d:3e:29:df:37:f6:68:e3:05:a9:6e:7e:a5:07:08:b6:c0:
         37:a2:57:eb:a8:bf:bc:83:55:8b:38:59:e3:34:7a:61:9b:bb:
         48:20:03:04:64:9b:29:3f:a6:9a:47:02:c6:26:18:45:be:51:
         4a:f7:c0:47:50:c5:40:d5:8e:8b:d4:3b:07:35:4c:7a:b3:37:
         73:a3:95:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CiEhpmQ6QMUbgUHr/mPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjYwMzI5MTAwMDU4WhcNMjYwMzMwMTAwMDU4WjAzMTEwLwYDVQQD
EygxMjIxYTY0NDdmNmViMjgyNDNkOTkxOGQ0YjNjOWZkYTUwODBhZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtCT/BU6hr1UbriRKFuAZ/hXoMrr
gPv9MskIUvcSj+GN6X6yKjdTcmQmnsMz1ZSnDAkCl+uot4zJs/9M/pe5acUq5JZr
eN+IJvlGu6EKpJ367C7V3bkAlPoX8nhd4G3Gl0EWurdz8yfS/wcaR47gCQAAm207
3xKYfKCE+3OeynvYJTm8uLHAub9prM6g79toxQZ4cTYYKnRWooF+i4Y+/loqc7Lh
LiQWBeie1HZiHNgmYrENIq2zrxMpc9RcdR8M/vFLbJ6wNntTJhYQeSSeBnzyKmpJ
MFrXN2b9E21lvDmRh3J4s/zoK6TO1mSXSg5ZpHMLZI0CbbzKTFPZsRkVkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIhpkR/brKCQ9mRjUs8n9pQgK6QMB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT1YvYv7U
gOEL91sXJsoEPmWq5a7iSb3tJQxXZ6w0e620z/JzDVce6KgS/oL5ZeN6CO2XqAJg
g5KXjgaJXPwNpWF8IMGUYXqMCT5ruvJqObirC1Vgt4UiM4AnLCygsbmXtVgJBCCT
gYae2LAoqaH7eY2ES9MdW6HlMpXEg2hR/tbMp3ACD04ChMHj6w8jSKfCDtKvo+7b
4PwTPYx2F8aWka+8IhCw5GBaubWQ6QMVZ6JGNqqQuA0+Kd839mjjBalufqUHCLbA
N6JX66i/vINVizhZ4zR6YZu7SCADBGSbKT+mmkcCxiYYRb5RSvfAR1DFQNWOi9Q7
BzVMerM3c6OVxQ==
-----END CERTIFICATE-----