Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
File:                     435CoUa5C6fNMxrWoT7vHaL7pEA.mft (raw, json)
Hash identifier:          akvY8hcATYyB7y20IjJIPrVwkDF/JMny/9GLeVZtNCM=
Subject key identifier:   67:C2:8C:92:86:6D:BC:38:6C:3B:64:39:B9:FA:42:92:06:D4:FD:C4
Authority key identifier: E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40
Certificate issuer:       /CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
Certificate serial:       019D3909EB20D6946FF795C9328007A51261
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
Manifest number:          0A9C
Signing time:             Sun 29 Mar 2026 10:00:44 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:44 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:44 +0000
Files and hashes:         1: 435CoUa5C6fNMxrWoT7vHaL7pEA.crl (hash: Aw+oeET0TuVNBMHgP9Gb6gCJ1ncfDyvp9HIwENpT8Qk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:eb:20:d6:94:6f:f7:95:c9:32:80:07:a5:12:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
        Validity
            Not Before: Mar 29 10:00:44 2026 GMT
            Not After : Mar 30 10:00:44 2026 GMT
        Subject: CN=67c28c92866dbc386c3b6439b9fa429206d4fdc4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:c5:31:00:62:0c:6d:4e:d7:9f:df:cf:8e:c1:
                    2c:fb:0b:10:60:98:a5:c1:0e:60:45:d5:f5:d9:bd:
                    28:d6:f2:9a:29:ed:69:52:3b:8c:21:50:a3:08:72:
                    49:f9:1a:f6:9d:90:54:83:37:b6:4d:a6:7f:96:c7:
                    59:1e:bc:f8:09:b7:52:b4:0f:16:f3:1b:77:ef:d1:
                    2d:6d:58:9f:91:b3:5f:bf:ac:85:7e:ad:65:b5:22:
                    42:a4:40:94:ce:1d:30:9f:5c:df:c2:e9:74:95:11:
                    7c:7d:90:1f:ac:dc:87:5c:a4:b0:70:ee:cb:ae:4c:
                    53:09:d3:94:3d:c7:02:7f:74:4b:ca:3d:85:2f:07:
                    15:5c:06:3b:47:62:bb:7c:66:85:c3:db:5f:ad:1d:
                    39:ee:71:2c:83:b0:54:b9:70:2f:fa:30:4e:11:f8:
                    2f:47:37:14:56:8a:b8:4d:3e:dd:76:8f:a5:1e:eb:
                    45:aa:f9:78:00:fa:7e:c0:fa:64:aa:be:0a:c6:41:
                    9c:42:da:f1:ff:3d:2b:93:65:c5:30:99:93:7a:e7:
                    f4:4e:fe:cb:00:0f:d5:02:55:79:36:e2:19:97:e3:
                    32:48:8b:ae:64:32:0c:2d:0a:aa:b4:cc:88:80:bb:
                    be:b2:15:d5:b4:99:dd:b8:de:8f:f8:95:cd:86:6b:
                    96:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:C2:8C:92:86:6D:BC:38:6C:3B:64:39:B9:FA:42:92:06:D4:FD:C4
            X509v3 Authority Key Identifier:
                keyid:E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:af:3b:0f:d1:2a:34:54:d1:58:19:c9:d2:e9:4b:11:d0:31:
         40:21:96:92:6b:b3:bb:d1:c0:ec:9b:4d:a5:c8:4f:0b:bc:41:
         54:26:51:78:1c:e8:e9:0a:6f:67:f4:12:32:33:7a:f2:62:1c:
         c0:08:f4:1d:ed:08:52:5d:ca:10:ef:27:d0:ba:38:b3:83:93:
         3e:a9:d3:92:45:d7:86:5f:84:c4:41:eb:4d:14:62:65:74:08:
         bb:62:b1:2d:41:b9:a2:5a:a0:d9:97:b7:89:e7:90:56:fc:3a:
         f8:ad:6b:7e:95:76:14:3d:d1:81:af:5f:19:68:7d:d4:08:ac:
         b3:0e:f2:1d:b9:68:3c:20:c9:d3:aa:8a:42:f8:ad:ed:30:cc:
         cf:e6:34:5e:67:1c:d2:f5:4f:1e:d0:2c:34:d7:74:5c:75:54:
         73:33:6a:3a:0c:55:b5:d9:18:9e:99:bf:58:ec:59:67:59:bc:
         b4:8d:93:08:fa:db:09:a7:4d:cf:c5:c8:73:79:e8:60:ac:c6:
         20:c8:0e:6d:e2:76:4e:ee:9f:32:6f:90:2f:6b:2b:d6:3c:b1:
         1e:88:22:21:83:91:7f:1b:2c:d7:55:e6:33:b0:f2:24:7b:d7:
         59:ab:73:19:24:43:37:fb:19:6b:ab:67:53:aa:91:f0:bf:4a:
         cb:58:1c:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cesg1pRv95XJMoAHpRJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2U0MmExNDZiOTBiYTdjZDMzMWFkNmExM2VlZjFkYTJm
YmE0NDAwHhcNMjYwMzI5MTAwMDQ0WhcNMjYwMzMwMTAwMDQ0WjAzMTEwLwYDVQQD
Eyg2N2MyOGM5Mjg2NmRiYzM4NmMzYjY0MzliOWZhNDI5MjA2ZDRmZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcUxAGIMbU7Xn9/PjsEs+wsQYJil
wQ5gRdX12b0o1vKaKe1pUjuMIVCjCHJJ+Rr2nZBUgze2TaZ/lsdZHrz4CbdStA8W
8xt379EtbVifkbNfv6yFfq1ltSJCpECUzh0wn1zfwul0lRF8fZAfrNyHXKSwcO7L
rkxTCdOUPccCf3RLyj2FLwcVXAY7R2K7fGaFw9tfrR057nEsg7BUuXAv+jBOEfgv
RzcUVoq4TT7ddo+lHutFqvl4APp+wPpkqr4KxkGcQtrx/z0rk2XFMJmTeuf0Tv7L
AA/VAlV5NuIZl+MySIuuZDIMLQqqtMyIgLu+shXVtJnduN6P+JXNhmuW/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfCjJKGbbw4bDtkObn6QpIG1P3EMB8GA1UdIwQY
MBaAFON+QqFGuQunzTMa1qE+7x2i+6RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYt
MDYzMjlmNmUwNDc1LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYtMDYzMjlmNmUwNDc1
LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHq87D9Eq
NFTRWBnJ0ulLEdAxQCGWkmuzu9HA7JtNpchPC7xBVCZReBzo6QpvZ/QSMjN68mIc
wAj0He0IUl3KEO8n0Lo4s4OTPqnTkkXXhl+ExEHrTRRiZXQIu2KxLUG5olqg2Ze3
ieeQVvw6+K1rfpV2FD3Rga9fGWh91Aissw7yHbloPCDJ06qKQvit7TDMz+Y0Xmcc
0vVPHtAsNNd0XHVUczNqOgxVtdkYnpm/WOxZZ1m8tI2TCPrbCadNz8XIc3noYKzG
IMgObeJ2Tu6fMm+QL2sr1jyxHogiIYORfxss11XmM7DyJHvXWatzGSRDN/sZa6tn
U6qR8L9Ky1gceg==
-----END CERTIFICATE-----