Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
File:                     pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json)
Hash identifier:          jGl0C4NZViQqMrpIQsYJZq82ltYzHRtHPQkIahxOyng=
Subject key identifier:   77:8A:C0:BC:2C:97:B1:D3:85:63:29:3B:0B:D8:6B:39:36:6C:B0:CA
Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA
Certificate issuer:       /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
Certificate serial:       019D3752232406822B95B4A02D74C2FF77C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
Manifest number:          1286
Signing time:             Sun 29 Mar 2026 02:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:22 +0000
Files and hashes:         1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: ztxfkWVfelhxlTvuegQWn5H/Wsm5WvzXvsI+75r7Png=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:23:24:06:82:2b:95:b4:a0:2d:74:c2:ff:77:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
        Validity
            Not Before: Mar 29 02:00:22 2026 GMT
            Not After : Mar 30 02:00:22 2026 GMT
        Subject: CN=778ac0bc2c97b1d38563293b0bd86b39366cb0ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a6:be:0f:41:5c:5f:72:fa:c1:df:ad:2e:6c:
                    40:5d:b6:52:c8:bc:f0:64:92:ed:0a:a1:a0:5e:db:
                    a4:56:a8:7c:82:ee:16:ae:99:ad:9b:20:6e:aa:45:
                    bf:14:b0:9f:bd:33:13:82:7d:14:04:d8:20:9f:2b:
                    99:0d:a2:4b:b3:7d:4b:61:a2:af:23:cb:13:e1:bd:
                    0b:bb:37:09:c8:7d:d1:ae:a6:36:52:fa:57:07:03:
                    79:26:c7:76:3a:9c:a8:c0:f0:06:1f:09:70:64:88:
                    01:a2:39:ca:07:a6:1e:13:3c:27:a2:fb:b8:9c:db:
                    98:3d:07:63:c5:2c:8b:91:38:77:d5:49:be:d5:bf:
                    ac:da:26:57:f3:e6:3c:71:7b:30:73:8f:65:35:7a:
                    bb:a0:0c:41:6b:ec:9f:78:1a:03:98:72:f3:8b:f1:
                    cc:94:cd:14:04:40:50:db:7d:41:46:6a:1e:dd:12:
                    c4:80:85:e1:a9:27:d0:da:ba:72:66:5b:63:44:89:
                    ef:94:24:f3:7c:d1:8f:d2:7f:dd:a1:2e:eb:af:28:
                    ca:f3:e6:59:f9:8f:ab:fd:af:85:a5:4c:3e:a1:b8:
                    ea:3b:cc:b2:e9:f4:f0:47:71:a1:5c:a5:21:33:3e:
                    2e:fe:84:0f:cf:15:50:24:93:b9:3c:f9:37:08:44:
                    f6:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:8A:C0:BC:2C:97:B1:D3:85:63:29:3B:0B:D8:6B:39:36:6C:B0:CA
            X509v3 Authority Key Identifier:
                keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:ae:3b:5c:48:bc:cb:9b:37:47:48:49:c3:51:53:2a:d9:d1:
         2f:94:ec:91:61:3e:a1:e8:a8:9e:df:09:f2:a5:da:e2:05:f0:
         a8:1c:c0:64:a2:83:6b:81:77:8a:55:c0:10:4f:d8:07:57:56:
         ba:f3:df:51:24:88:65:e0:6b:28:6c:27:64:08:83:1c:25:35:
         84:db:67:b0:7a:01:21:af:dc:82:c9:25:c8:7a:fb:d2:a3:d8:
         2b:0d:45:30:03:0b:4f:3f:35:cf:51:15:bc:a5:7a:c0:26:93:
         29:63:a2:ae:e3:ff:e4:71:b3:29:ef:e8:53:76:55:22:db:e2:
         90:86:7f:04:7e:ed:e3:e2:2a:4a:e8:05:6e:0b:4f:12:db:e9:
         80:84:eb:30:7e:3e:f8:52:a2:1e:f5:81:c0:72:ba:d2:27:1a:
         c3:49:d0:9c:66:e7:a2:d5:1b:98:f8:99:e8:cc:bd:17:b7:ae:
         f8:94:dc:48:5e:80:2d:ef:f7:5e:e0:d1:28:04:cc:8b:99:f4:
         fc:ff:9a:73:0b:70:95:b9:43:51:0b:06:de:b0:32:08:49:c6:
         25:15:1e:ee:d9:34:a8:c5:09:61:a9:b8:24:ab:82:ea:48:b2:
         e2:f3:72:b3:bc:f1:bc:f6:b2:16:07:1f:5d:c9:6b:08:55:4e:
         59:0d:24:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UiMkBoIrlbSgLXTC/3fIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx
NzBkZmEwHhcNMjYwMzI5MDIwMDIyWhcNMjYwMzMwMDIwMDIyWjAzMTEwLwYDVQQD
Eyg3NzhhYzBiYzJjOTdiMWQzODU2MzI5M2IwYmQ4NmIzOTM2NmNiMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaa+D0FcX3L6wd+tLmxAXbZSyLzw
ZJLtCqGgXtukVqh8gu4WrpmtmyBuqkW/FLCfvTMTgn0UBNggnyuZDaJLs31LYaKv
I8sT4b0LuzcJyH3RrqY2UvpXBwN5Jsd2OpyowPAGHwlwZIgBojnKB6YeEzwnovu4
nNuYPQdjxSyLkTh31Um+1b+s2iZX8+Y8cXswc49lNXq7oAxBa+yfeBoDmHLzi/HM
lM0UBEBQ231BRmoe3RLEgIXhqSfQ2rpyZltjRInvlCTzfNGP0n/doS7rryjK8+ZZ
+Y+r/a+FpUw+objqO8yy6fTwR3GhXKUhMz4u/oQPzxVQJJO5PPk3CET2WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHeKwLwsl7HThWMpOwvYazk2bLDKMB8GA1UdIwQY
MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt
NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz
LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoa47XEi8
y5s3R0hJw1FTKtnRL5TskWE+oeiont8J8qXa4gXwqBzAZKKDa4F3ilXAEE/YB1dW
uvPfUSSIZeBrKGwnZAiDHCU1hNtnsHoBIa/cgsklyHr70qPYKw1FMAMLTz81z1EV
vKV6wCaTKWOiruP/5HGzKe/oU3ZVItvikIZ/BH7t4+IqSugFbgtPEtvpgITrMH4+
+FKiHvWBwHK60icaw0nQnGbnotUbmPiZ6My9F7eu+JTcSF6ALe/3XuDRKATMi5n0
/P+acwtwlblDUQsG3rAyCEnGJRUe7tk0qMUJYam4JKuC6kiy4vNys7zxvPayFgcf
XclrCFVOWQ0kHg==
-----END CERTIFICATE-----