Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          5hxd6u0DzM5bujdKHMV+Iz+w0Qoz5MHz5Ot96sZZJKQ=
Subject key identifier:   72:D3:3C:3F:5A:46:26:0E:8D:E7:DE:5D:07:CE:F8:6D:EC:95:67:05
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019F1943C850656517B90B1B7F36C481F13C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          1451
Signing time:             Tue 30 Jun 2026 16:01:40 +0000
Manifest this update:     Tue 30 Jun 2026 16:01:40 +0000
Manifest next update:     Wed 01 Jul 2026 16:01:40 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: GZ/+zC0kyrY3+A8DkCp1EUzu8HweJclxL21Okj7LGMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 14:31:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:19:43:c8:50:65:65:17:b9:0b:1b:7f:36:c4:81:f1:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Jun 30 16:01:40 2026 GMT
            Not After : Jul  1 16:01:40 2026 GMT
        Subject: CN=72d33c3f5a46260e8de7de5d07cef86dec956705
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:64:66:1d:2d:49:da:7c:7d:45:20:ad:b3:a8:
                    62:75:7d:13:6f:40:85:02:11:f6:92:4f:3f:c0:89:
                    b7:f1:51:d9:d2:57:7a:28:ce:d7:d4:46:e2:36:d5:
                    39:4a:65:03:5b:e7:b9:55:42:81:d0:30:80:c4:33:
                    d9:f0:69:9a:a4:5d:b6:f3:d7:e1:0a:87:e9:97:dd:
                    ff:aa:77:75:d7:5d:52:cd:51:c1:de:d4:db:4d:a6:
                    ad:57:3b:b6:ed:07:bf:02:6f:bf:cd:72:6c:c7:f1:
                    1e:8e:51:b6:87:ce:ea:8d:f7:f0:98:74:6d:94:98:
                    38:7f:d2:23:62:42:ab:c1:16:6a:4f:79:e0:9e:00:
                    f3:e2:7b:fc:41:ad:a9:81:af:2a:56:19:03:4b:4c:
                    04:6a:c0:3d:4f:cf:5e:9f:56:0f:fa:bc:38:22:79:
                    36:14:06:0c:a1:3d:6b:6d:ee:93:f8:63:f6:8b:92:
                    83:ac:1c:d0:c7:86:a5:ca:48:27:52:4a:cc:26:67:
                    2f:09:5f:d1:1c:b1:4e:a8:44:b8:83:25:97:7f:71:
                    9a:06:8b:7a:c7:21:80:5c:3e:dd:af:47:43:a7:b0:
                    2c:c8:22:f0:d4:d0:f9:34:60:c6:b1:19:7c:79:02:
                    dc:ac:88:f2:42:63:bb:68:ef:91:bc:36:05:ca:17:
                    1a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:D3:3C:3F:5A:46:26:0E:8D:E7:DE:5D:07:CE:F8:6D:EC:95:67:05
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         df:ba:97:39:c4:de:9e:e0:08:e3:cb:3a:64:c0:06:e7:b2:0c:
         56:73:40:69:c2:7b:62:e5:d5:32:df:61:c4:e4:11:3d:55:ae:
         08:ca:cf:bd:91:ac:86:86:ae:0e:e5:32:82:f7:6e:5b:70:09:
         83:af:43:95:da:2b:ba:01:97:05:fe:32:b1:37:ea:16:9b:70:
         fc:37:cd:82:5c:a3:86:2d:13:66:8f:09:35:3c:31:d2:35:e2:
         74:5a:3b:bb:dc:55:5e:ae:36:13:8c:5e:45:9d:c1:01:6e:84:
         3c:11:35:11:8a:cd:66:99:76:9f:b5:37:54:e9:8e:30:72:59:
         a3:a6:91:a0:d7:f2:70:da:93:02:37:79:8c:1b:20:46:cd:7a:
         cd:11:4b:36:8c:c2:50:5e:69:b5:d4:61:aa:da:20:2f:f2:5e:
         0a:5d:c8:f8:6a:67:f3:3e:be:29:55:8e:21:1a:4c:8f:b9:60:
         df:10:ac:b2:f5:14:21:2e:5a:32:82:8e:b0:d6:02:96:45:fa:
         d2:d1:6f:57:57:f8:e6:92:84:37:f7:46:22:29:4c:4b:09:20:
         e7:82:7f:6c:f7:4d:d0:8b:5c:b5:4f:24:38:23:53:04:05:28:
         76:24:67:bf:fe:dc:4b:bf:08:70:48:75:89:81:41:39:0b:29:
         84:bd:1e:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQ8hQZWUXuQsbfzbEgfE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjYwNjMwMTYwMTQwWhcNMjYwNzAxMTYwMTQwWjAzMTEwLwYDVQQD
Eyg3MmQzM2MzZjVhNDYyNjBlOGRlN2RlNWQwN2NlZjg2ZGVjOTU2NzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWRmHS1J2nx9RSCts6hidX0Tb0CF
AhH2kk8/wIm38VHZ0ld6KM7X1EbiNtU5SmUDW+e5VUKB0DCAxDPZ8GmapF2289fh
Cofpl93/qnd1111SzVHB3tTbTaatVzu27Qe/Am+/zXJsx/EejlG2h87qjffwmHRt
lJg4f9IjYkKrwRZqT3ngngDz4nv8Qa2pga8qVhkDS0wEasA9T89en1YP+rw4Ink2
FAYMoT1rbe6T+GP2i5KDrBzQx4alykgnUkrMJmcvCV/RHLFOqES4gyWXf3GaBot6
xyGAXD7dr0dDp7AsyCLw1ND5NGDGsRl8eQLcrIjyQmO7aO+RvDYFyhcagQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLTPD9aRiYOjefeXQfO+G3slWcFMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA37qXOcTe
nuAI48s6ZMAG57IMVnNAacJ7YuXVMt9hxOQRPVWuCMrPvZGshoauDuUygvduW3AJ
g69DldorugGXBf4ysTfqFptw/DfNglyjhi0TZo8JNTwx0jXidFo7u9xVXq42E4xe
RZ3BAW6EPBE1EYrNZpl2n7U3VOmOMHJZo6aRoNfycNqTAjd5jBsgRs16zRFLNozC
UF5ptdRhqtogL/JeCl3I+Gpn8z6+KVWOIRpMj7lg3xCssvUUIS5aMoKOsNYClkX6
0tFvV1f45pKEN/dGIilMSwkg54J/bPdN0ItctU8kOCNTBAUodiRnv/7cS78IcEh1
iYFBOQsphL0eJA==
-----END CERTIFICATE-----