Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          RFCjE9PpeEpHgW05dFBPopNuNwZAuetAIlek/R6Eiv8=
Subject key identifier:   AB:C4:0B:9E:8D:5F:6D:08:F3:6F:12:AB:82:4E:78:9D:BF:0A:F3:FD
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019D3865A85B10DDF817D92970C9DDC3CB90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          1358
Signing time:             Sun 29 Mar 2026 07:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:19 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: RJ/TdDqEzXkR1tLaGankOIJa26fycvAau14tGqix9oc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:a8:5b:10:dd:f8:17:d9:29:70:c9:dd:c3:cb:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Mar 29 07:01:19 2026 GMT
            Not After : Mar 30 07:01:19 2026 GMT
        Subject: CN=abc40b9e8d5f6d08f36f12ab824e789dbf0af3fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:9f:89:1f:97:12:cb:ed:86:49:4e:01:b7:8c:
                    51:ad:f6:76:46:65:8d:c9:24:8d:da:ee:df:2f:b9:
                    c8:6d:a0:09:f0:f7:86:39:ea:f7:b7:ec:b8:a0:73:
                    cd:bd:6e:83:38:2d:93:e0:a6:d9:95:56:b2:24:df:
                    52:64:96:b5:21:ef:05:76:29:2e:ad:7f:10:e7:39:
                    60:fc:57:46:29:a3:7b:96:61:ba:f4:c2:5b:57:ed:
                    0d:70:c7:c1:fd:00:a4:f6:f5:ed:9f:60:d2:bf:28:
                    8a:cf:e4:9f:19:94:23:33:ce:18:39:97:d3:97:e9:
                    13:a4:e3:da:70:62:93:77:49:18:4d:84:71:35:8b:
                    13:97:cb:58:31:81:8e:8e:de:22:46:c6:d1:a5:d4:
                    71:2b:83:d2:05:df:cd:01:93:6e:63:46:71:be:f5:
                    ac:19:90:fc:0f:7a:14:d2:df:58:76:11:64:4e:d6:
                    48:16:1f:60:80:ad:ca:c1:3c:fd:b0:2e:f3:bc:ed:
                    a2:0d:e2:41:d6:d2:99:57:7a:de:05:7d:ee:a1:95:
                    6d:d0:0b:ea:03:64:d1:67:3e:42:91:2e:83:50:21:
                    73:32:04:96:e2:12:54:2a:d5:2b:c3:6e:7c:72:a5:
                    00:6e:43:c5:8d:e9:2a:06:53:2a:78:d4:1b:60:19:
                    38:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:C4:0B:9E:8D:5F:6D:08:F3:6F:12:AB:82:4E:78:9D:BF:0A:F3:FD
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:da:da:28:b9:50:4b:e3:0a:a3:59:5b:38:b2:b2:5a:54:6a:
         15:ee:6c:f8:5b:4b:b6:b6:94:6e:48:84:95:2a:11:52:f9:4a:
         3a:dc:ff:02:b7:85:e7:dd:d4:a1:1d:a8:3a:8d:03:44:cd:c0:
         b8:6d:67:a4:a6:5a:f9:f9:d9:77:af:c8:f2:fa:9f:ed:1b:77:
         68:0b:91:db:75:76:f3:80:d0:01:4d:95:ee:63:c1:96:7e:73:
         d7:d2:e3:76:63:a0:16:6a:1c:dd:cb:a1:85:6e:1a:8d:57:7e:
         00:22:b0:82:c6:5d:a8:f9:00:1a:f7:35:c0:a1:6d:36:14:9a:
         d3:e9:37:4f:5c:f0:c3:6f:f9:87:8b:ea:3e:9a:8d:61:1c:4c:
         b6:dd:c0:1f:eb:cf:25:31:89:71:6f:65:6e:50:75:a7:2c:b0:
         10:73:83:ae:18:5c:d1:5f:bf:fc:9a:1d:91:ed:f6:1e:54:e3:
         da:7b:75:06:f1:aa:c8:34:fd:be:83:9e:d5:ed:50:fe:aa:35:
         3a:89:6c:a6:ed:76:61:64:b9:51:a9:d3:ec:c1:45:df:e9:fc:
         0c:6f:68:b4:35:01:ad:e7:2c:d8:c3:1c:42:60:01:05:ad:eb:
         ed:d5:f9:df:9c:3b:74:a8:b2:2f:3d:b1:28:99:8f:3c:c3:9a:
         da:43:78:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZahbEN34F9kpcMndw8uQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjYwMzI5MDcwMTE5WhcNMjYwMzMwMDcwMTE5WjAzMTEwLwYDVQQD
EyhhYmM0MGI5ZThkNWY2ZDA4ZjM2ZjEyYWI4MjRlNzg5ZGJmMGFmM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5+JH5cSy+2GSU4Bt4xRrfZ2RmWN
ySSN2u7fL7nIbaAJ8PeGOer3t+y4oHPNvW6DOC2T4KbZlVayJN9SZJa1Ie8Fdiku
rX8Q5zlg/FdGKaN7lmG69MJbV+0NcMfB/QCk9vXtn2DSvyiKz+SfGZQjM84YOZfT
l+kTpOPacGKTd0kYTYRxNYsTl8tYMYGOjt4iRsbRpdRxK4PSBd/NAZNuY0ZxvvWs
GZD8D3oU0t9YdhFkTtZIFh9ggK3KwTz9sC7zvO2iDeJB1tKZV3reBX3uoZVt0Avq
A2TRZz5CkS6DUCFzMgSW4hJUKtUrw258cqUAbkPFjekqBlMqeNQbYBk4qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvEC56NX20I828Sq4JOeJ2/CvP9MB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW9raKLlQ
S+MKo1lbOLKyWlRqFe5s+FtLtraUbkiElSoRUvlKOtz/AreF593UoR2oOo0DRM3A
uG1npKZa+fnZd6/I8vqf7Rt3aAuR23V284DQAU2V7mPBln5z19LjdmOgFmoc3cuh
hW4ajVd+ACKwgsZdqPkAGvc1wKFtNhSa0+k3T1zww2/5h4vqPpqNYRxMtt3AH+vP
JTGJcW9lblB1pyywEHODrhhc0V+//Jodke32HlTj2nt1BvGqyDT9voOe1e1Q/qo1
Oolspu12YWS5UanT7MFF3+n8DG9otDUBrecs2MMcQmABBa3r7dX535w7dKiyLz2x
KJmPPMOa2kN4Dw==
-----END CERTIFICATE-----