Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
File:                     PnpcKTN0JfqBOVVRcmyMK35MUIc.mft (raw, json)
Hash identifier:          jCo0pjJ2d22cawmTUSkWAfW6gUkLHDiKiDMEGwRWhxI=
Subject key identifier:   AD:30:40:7D:70:B0:3A:46:F0:4D:30:92:A1:5D:77:39:B2:C7:2A:F6
Authority key identifier: 3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87
Certificate issuer:       /CN=3e7a5c29337425fa81395551726c8c2b7e4c5087
Certificate serial:       019D38D2C0C5202B4FF1E6107CAB07F15CCA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
Manifest number:          05D7
Signing time:             Sun 29 Mar 2026 09:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:29 +0000
Files and hashes:         1: PnpcKTN0JfqBOVVRcmyMK35MUIc.crl (hash: zDzeheOvgl92/f3WIw/G8pqAu3bQ9z4/SqtM35ILAjo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:c0:c5:20:2b:4f:f1:e6:10:7c:ab:07:f1:5c:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e7a5c29337425fa81395551726c8c2b7e4c5087
        Validity
            Not Before: Mar 29 09:00:29 2026 GMT
            Not After : Mar 30 09:00:29 2026 GMT
        Subject: CN=ad30407d70b03a46f04d3092a15d7739b2c72af6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e2:80:c7:be:05:fd:95:05:f3:14:82:8a:a8:
                    c1:37:1c:45:35:fa:2b:e1:3e:d6:9d:e5:a2:ee:51:
                    a2:6a:1d:55:47:ff:24:f1:55:94:13:94:13:71:a7:
                    2c:de:a3:b1:4a:ba:9c:22:e3:24:d4:d0:99:a2:b2:
                    ec:c3:57:d5:4b:19:fb:6f:2a:88:70:ad:d3:0b:33:
                    16:28:a3:8e:b3:98:53:58:71:1f:f5:cc:48:c4:df:
                    20:0c:26:2d:13:b3:e9:42:23:b4:bd:d1:33:f9:6f:
                    87:05:e7:a2:50:60:f2:8f:b0:77:53:fe:39:16:b7:
                    b5:7f:be:1c:ef:45:1c:74:9e:b2:58:50:19:3b:55:
                    d3:e7:9a:8a:7a:78:00:d4:97:8b:36:1e:51:c1:71:
                    54:5b:34:37:42:bd:47:88:d1:76:f8:26:14:cd:b4:
                    03:e8:0d:a9:14:ab:f5:13:2d:d1:88:a8:a8:e5:c2:
                    58:03:9d:a9:26:11:38:75:60:45:60:92:4b:f1:7a:
                    0c:89:d7:36:a1:eb:7d:8a:70:c5:6b:e8:53:a2:bb:
                    7e:c3:94:dd:b7:b0:a6:50:ea:e3:9a:03:30:26:14:
                    13:58:a1:c2:d7:55:70:34:f0:8c:e6:c6:61:31:0c:
                    9f:26:b0:e0:d7:44:e3:cc:a9:a7:7e:84:43:ce:75:
                    d8:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:30:40:7D:70:B0:3A:46:F0:4D:30:92:A1:5D:77:39:B2:C7:2A:F6
            X509v3 Authority Key Identifier:
                keyid:3E:7A:5C:29:33:74:25:FA:81:39:55:51:72:6C:8C:2B:7E:4C:50:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnpcKTN0JfqBOVVRcmyMK35MUIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/67b254-56f4-4e89-a99d-caa329181964/1/PnpcKTN0JfqBOVVRcmyMK35MUIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:e2:9c:09:6d:b3:da:52:ef:f3:7c:4e:4a:bb:80:40:ef:93:
         05:de:14:f3:42:f4:cb:5e:dc:4e:91:fb:82:78:50:8d:1b:32:
         0b:06:f2:25:c4:f3:dc:fa:f1:5f:7b:26:91:c1:85:f7:89:cc:
         56:dd:28:98:ee:5c:13:20:6e:84:79:4e:79:3b:b0:5d:73:e8:
         31:df:fd:97:87:c2:47:68:a6:2b:97:a8:01:01:2f:75:c1:d7:
         f1:24:d9:58:0c:b7:63:48:72:5b:db:9c:57:7d:d8:ab:6c:a9:
         0d:b0:bc:2f:8b:90:42:0c:9a:c8:7b:e3:2c:93:98:5c:1e:a0:
         ab:ac:a0:ed:b4:3e:42:07:21:84:a9:2a:79:7c:db:55:45:d1:
         3f:47:5a:8e:fe:91:0a:73:38:40:33:fd:9d:24:b9:8a:df:e0:
         ae:6e:60:7c:9e:c5:f6:fa:a7:39:fe:55:9e:2e:a8:b5:be:8e:
         8b:31:99:67:07:8e:e0:2e:51:a0:78:e8:91:2e:53:9d:de:43:
         a2:ac:ac:33:b7:94:cc:62:de:0c:00:7b:e7:5d:fb:10:a3:36:
         29:dd:eb:0c:90:b2:f6:89:61:13:76:1c:78:16:ce:cc:ee:99:
         71:cc:b5:b9:b2:7e:da:b5:0c:7e:f8:c6:ad:6d:be:7d:c5:ce:
         7f:28:d6:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040sDFICtP8eYQfKsH8VzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlN2E1YzI5MzM3NDI1ZmE4MTM5NTU1MTcyNmM4YzJiN2U0
YzUwODcwHhcNMjYwMzI5MDkwMDI5WhcNMjYwMzMwMDkwMDI5WjAzMTEwLwYDVQQD
EyhhZDMwNDA3ZDcwYjAzYTQ2ZjA0ZDMwOTJhMTVkNzczOWIyYzcyYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveKAx74F/ZUF8xSCiqjBNxxFNfor
4T7WneWi7lGiah1VR/8k8VWUE5QTcacs3qOxSrqcIuMk1NCZorLsw1fVSxn7byqI
cK3TCzMWKKOOs5hTWHEf9cxIxN8gDCYtE7PpQiO0vdEz+W+HBeeiUGDyj7B3U/45
Fre1f74c70UcdJ6yWFAZO1XT55qKengA1JeLNh5RwXFUWzQ3Qr1HiNF2+CYUzbQD
6A2pFKv1Ey3RiKio5cJYA52pJhE4dWBFYJJL8XoMidc2oet9inDFa+hTort+w5Td
t7CmUOrjmgMwJhQTWKHC11VwNPCM5sZhMQyfJrDg10TjzKmnfoRDznXYowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK0wQH1wsDpG8E0wkqFddzmyxyr2MB8GA1UdIwQY
MBaAFD56XCkzdCX6gTlVUXJsjCt+TFCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQt
Y2FhMzI5MTgxOTY0LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82N2IyNTQtNTZmNC00ZTg5LWE5OWQtY2FhMzI5MTgxOTY0
LzEvUG5wY0tUTjBKZnFCT1ZWUmNteU1LMzVNVUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfeKcCW2z
2lLv83xOSruAQO+TBd4U80L0y17cTpH7gnhQjRsyCwbyJcTz3PrxX3smkcGF94nM
Vt0omO5cEyBuhHlOeTuwXXPoMd/9l4fCR2imK5eoAQEvdcHX8STZWAy3Y0hyW9uc
V33Yq2ypDbC8L4uQQgyayHvjLJOYXB6gq6yg7bQ+QgchhKkqeXzbVUXRP0dajv6R
CnM4QDP9nSS5it/grm5gfJ7F9vqnOf5Vni6otb6OizGZZweO4C5RoHjokS5Tnd5D
oqysM7eUzGLeDAB75137EKM2Kd3rDJCy9olhE3YceBbOzO6Zccy1ubJ+2rUMfvjG
rW2+fcXOfyjWtg==
-----END CERTIFICATE-----