Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
File:                     6kHoOY_3zvtSIWNusighJuv-O3g.mft (raw, json)
Hash identifier:          Uu9cTr7LOg0foBD3z2SwCRgy3kXkw+RuY2/XnGsuwUw=
Subject key identifier:   AC:E1:F6:60:5E:21:7A:52:3A:01:47:BB:3C:61:F2:04:89:20:FB:57
Authority key identifier: EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78
Certificate issuer:       /CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
Certificate serial:       019D38661511FE8139D0BC62D7759DEF71C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
Manifest number:          04DE
Signing time:             Sun 29 Mar 2026 07:01:47 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:47 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:47 +0000
Files and hashes:         1: 6kHoOY_3zvtSIWNusighJuv-O3g.crl (hash: 5MJVnSbahX4QJc8Wo2bfy70cbPYPViwALWrRYgwkGSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:15:11:fe:81:39:d0:bc:62:d7:75:9d:ef:71:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
        Validity
            Not Before: Mar 29 07:01:47 2026 GMT
            Not After : Mar 30 07:01:47 2026 GMT
        Subject: CN=ace1f6605e217a523a0147bb3c61f2048920fb57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:57:51:9c:d0:3f:c0:44:94:2e:91:3e:2c:88:
                    44:6e:74:f2:9b:d3:9b:a3:bb:62:d2:c7:83:4d:19:
                    93:10:45:19:37:24:95:be:04:2d:7b:b3:a5:21:5e:
                    73:38:d3:56:4d:bb:87:18:3f:fb:23:90:6b:4b:56:
                    67:98:65:2a:34:38:be:d4:e6:9b:b5:dd:b1:81:f5:
                    03:4d:51:90:f1:9a:c6:33:f5:6e:b9:48:88:c9:aa:
                    70:1c:70:18:b0:59:a3:b1:ec:3c:81:9f:34:f7:a2:
                    f9:e1:90:42:56:1c:73:3f:4a:ac:31:d4:83:eb:e6:
                    24:8e:41:03:49:25:6b:f6:10:ae:97:08:8e:0f:08:
                    96:ae:ed:24:08:20:e2:6f:f3:7f:f0:d4:49:a5:54:
                    2d:0c:09:77:81:9c:08:c1:d0:b8:ad:59:6d:6a:50:
                    e5:1e:38:3b:76:21:da:c2:57:6b:f0:4d:e2:42:3a:
                    fe:97:a8:d3:dd:d9:aa:97:16:20:4f:d7:fa:fc:41:
                    0c:31:40:32:ea:67:e0:28:38:41:c2:16:4d:37:4f:
                    81:8f:84:78:3d:94:0a:8b:ff:54:f6:6e:fd:1c:21:
                    17:ae:ed:78:49:f3:c0:42:cd:2a:ff:7e:b9:ca:f6:
                    81:22:f4:56:54:61:a3:26:76:14:56:0e:d3:b3:c6:
                    25:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:E1:F6:60:5E:21:7A:52:3A:01:47:BB:3C:61:F2:04:89:20:FB:57
            X509v3 Authority Key Identifier:
                keyid:EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:89:f2:f4:b0:55:1a:f1:5a:80:87:36:b0:a8:e6:eb:c2:ef:
         3d:c2:b3:ef:ce:7b:1c:62:29:70:f6:43:a2:78:34:e7:e0:99:
         58:b0:c5:c1:7d:c1:e0:99:c9:e6:d1:af:8b:4e:4b:1b:cb:9f:
         15:f7:7b:e8:8e:45:3a:20:b7:42:54:e6:f3:0d:ca:d6:4e:b3:
         0c:87:2b:22:f3:5e:eb:62:08:06:59:f5:a0:94:a3:94:a2:22:
         7f:ac:d9:e9:f9:a5:be:32:b1:30:ff:56:41:59:d9:d8:58:be:
         48:8c:38:1a:cc:b4:39:02:a0:45:dd:dc:10:d9:68:05:db:bd:
         73:d6:7b:1e:d8:16:d6:21:c6:3b:53:74:85:69:9c:57:39:09:
         d1:f0:44:e5:21:35:6a:68:7e:99:cd:dc:ba:e3:ed:fc:00:a6:
         3c:bf:cc:96:f2:33:9a:b9:38:4e:1e:2c:f2:0b:ed:60:8a:7b:
         5a:5e:63:8d:ed:41:54:14:00:b6:1e:9e:bd:dd:20:7c:84:ab:
         c3:b2:df:b4:2c:2d:b7:aa:96:7b:bb:40:82:45:32:cf:9b:f7:
         1e:8e:28:80:3c:c0:73:0d:55:c3:cf:28:07:49:74:90:ee:04:
         03:23:35:a4:89:f9:b3:e1:fa:a0:d5:91:1d:e2:53:15:df:9d:
         c4:5c:c8:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhUR/oE50Lxi13Wd73HAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDFlODM5OGZmN2NlZmI1MjIxNjM2ZWIyMjgyMTI2ZWJm
ZTNiNzgwHhcNMjYwMzI5MDcwMTQ3WhcNMjYwMzMwMDcwMTQ3WjAzMTEwLwYDVQQD
EyhhY2UxZjY2MDVlMjE3YTUyM2EwMTQ3YmIzYzYxZjIwNDg5MjBmYjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxldRnNA/wESULpE+LIhEbnTym9Ob
o7ti0seDTRmTEEUZNySVvgQte7OlIV5zONNWTbuHGD/7I5BrS1ZnmGUqNDi+1Oab
td2xgfUDTVGQ8ZrGM/VuuUiIyapwHHAYsFmjsew8gZ8096L54ZBCVhxzP0qsMdSD
6+YkjkEDSSVr9hCulwiODwiWru0kCCDib/N/8NRJpVQtDAl3gZwIwdC4rVltalDl
Hjg7diHawldr8E3iQjr+l6jT3dmqlxYgT9f6/EEMMUAy6mfgKDhBwhZNN0+Bj4R4
PZQKi/9U9m79HCEXru14SfPAQs0q/365yvaBIvRWVGGjJnYUVg7Ts8Yl3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzh9mBeIXpSOgFHuzxh8gSJIPtXMB8GA1UdIwQY
MBaAFOpB6DmP9877UiFjbrIoISbr/jt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2Ut
NjI4YjQzOTRiODIyLzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2UtNjI4YjQzOTRiODIy
LzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALYny9LBV
GvFagIc2sKjm68LvPcKz7857HGIpcPZDong05+CZWLDFwX3B4JnJ5tGvi05LG8uf
Ffd76I5FOiC3QlTm8w3K1k6zDIcrIvNe62IIBln1oJSjlKIif6zZ6fmlvjKxMP9W
QVnZ2Fi+SIw4Gsy0OQKgRd3cENloBdu9c9Z7HtgW1iHGO1N0hWmcVzkJ0fBE5SE1
amh+mc3cuuPt/ACmPL/MlvIzmrk4Th4s8gvtYIp7Wl5jje1BVBQAth6evd0gfISr
w7LftCwtt6qWe7tAgkUyz5v3Ho4ogDzAcw1Vw88oB0l0kO4EAyM1pIn5s+H6oNWR
HeJTFd+dxFzIqA==
-----END CERTIFICATE-----