Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
File:                     maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json)
Hash identifier:          O4K+819YwU//H2irrxDjCUmbLRpQNhc04GKeDdgOwEw=
Subject key identifier:   E8:21:D4:59:4A:2F:75:C2:85:C3:6C:4F:94:39:1F:AB:31:F5:B2:BB
Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8
Certificate issuer:       /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
Certificate serial:       019D3941423B7FC668BAD71D8EC8E0397C83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
Manifest number:          144D
Signing time:             Sun 29 Mar 2026 11:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:11 +0000
Files and hashes:         1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: COaLr8M5iu+Bq4c4Mba9J1ZBMiJYAl8iv9b561kIKTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:42:3b:7f:c6:68:ba:d7:1d:8e:c8:e0:39:7c:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8
        Validity
            Not Before: Mar 29 11:01:11 2026 GMT
            Not After : Mar 30 11:01:11 2026 GMT
        Subject: CN=e821d4594a2f75c285c36c4f94391fab31f5b2bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:22:36:dd:51:36:02:78:74:89:68:c2:fa:41:
                    54:46:35:b9:44:7c:79:a5:2c:f5:96:b2:eb:6f:20:
                    d2:4d:64:55:3d:66:70:00:69:83:97:c1:92:06:96:
                    1d:cf:9b:0d:5d:ba:ab:c6:48:12:be:1c:0f:23:02:
                    2e:04:f4:75:f1:50:cd:b6:8e:47:76:c0:1c:dc:72:
                    35:b0:5a:56:1d:25:98:71:54:02:1a:1f:18:e9:28:
                    0c:0a:39:e1:5b:6e:10:2f:b4:d4:e8:9c:f8:2c:0d:
                    61:cc:75:72:4a:32:94:4a:1d:c7:81:30:16:1f:8f:
                    51:07:b2:48:4f:b7:0a:86:dc:59:76:62:ec:e8:17:
                    d4:8c:d3:68:62:90:fa:db:a3:70:95:1d:71:c4:9d:
                    cb:a2:0e:81:c8:46:ca:88:dc:d3:0b:9d:e9:8c:98:
                    c4:9f:71:2a:a8:26:ec:d7:41:b7:35:88:0f:be:6f:
                    d3:bc:1f:df:be:73:c9:44:fd:23:01:ae:00:8c:c7:
                    09:ca:77:81:81:39:79:ef:f8:a6:f2:e1:e8:f3:b0:
                    b2:15:e0:ae:42:cd:0f:1c:d7:b5:fa:60:36:9c:98:
                    81:a4:86:b2:be:e8:ec:dd:8a:74:de:76:b5:7a:cd:
                    d1:93:e6:c6:a9:7f:c5:ec:fd:22:d8:3e:2c:f0:ee:
                    a1:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:21:D4:59:4A:2F:75:C2:85:C3:6C:4F:94:39:1F:AB:31:F5:B2:BB
            X509v3 Authority Key Identifier:
                keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:3b:0b:67:58:2d:fa:38:91:6f:b4:ad:ce:4a:9b:f9:12:a0:
         3c:63:ac:ab:cc:d8:91:2e:e8:0d:65:30:04:8a:8e:6b:19:48:
         3f:08:e9:db:93:16:12:80:93:72:72:7c:74:af:f0:47:3e:15:
         5e:10:9a:d0:cc:39:e5:56:a9:af:a6:7d:7c:03:f5:e7:65:48:
         c8:4d:dd:ad:70:aa:ee:a8:09:c3:32:c0:27:6e:d6:97:f6:43:
         12:12:90:68:5a:35:c3:83:71:71:45:ac:28:e9:ef:75:5b:78:
         17:95:57:da:8a:32:50:a8:54:5a:93:85:64:87:5f:25:84:68:
         8e:3e:28:a0:6a:d3:1e:f3:ae:9a:e5:fe:d8:03:30:0d:69:78:
         32:f6:63:9c:71:19:a2:e2:a0:50:f2:b8:ee:43:75:f2:53:63:
         f1:1f:6e:e8:7d:b2:d2:f6:7e:bf:71:09:32:c6:5f:39:68:ac:
         6b:aa:fb:05:02:f7:bb:23:d7:35:b9:e0:2b:ba:4f:37:ba:04:
         3c:38:67:c7:79:af:0c:36:dd:b0:20:ee:5f:d1:23:41:3d:a3:
         be:b1:d3:d5:84:5e:c5:ee:ad:f0:1a:17:2c:06:a6:c4:e0:34:
         00:1b:3c:61:31:f3:b1:b9:99:04:9f:e1:94:7f:3b:ce:e5:a6:
         79:51:b4:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QUI7f8ZoutcdjsjgOXyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3
YzhjYzgwHhcNMjYwMzI5MTEwMTExWhcNMjYwMzMwMTEwMTExWjAzMTEwLwYDVQQD
EyhlODIxZDQ1OTRhMmY3NWMyODVjMzZjNGY5NDM5MWZhYjMxZjViMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyI23VE2Anh0iWjC+kFURjW5RHx5
pSz1lrLrbyDSTWRVPWZwAGmDl8GSBpYdz5sNXbqrxkgSvhwPIwIuBPR18VDNto5H
dsAc3HI1sFpWHSWYcVQCGh8Y6SgMCjnhW24QL7TU6Jz4LA1hzHVySjKUSh3HgTAW
H49RB7JIT7cKhtxZdmLs6BfUjNNoYpD626NwlR1xxJ3Log6ByEbKiNzTC53pjJjE
n3EqqCbs10G3NYgPvm/TvB/fvnPJRP0jAa4AjMcJyneBgTl57/im8uHo87CyFeCu
Qs0PHNe1+mA2nJiBpIayvujs3Yp03na1es3Rk+bGqX/F7P0i2D4s8O6h9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOgh1FlKL3XChcNsT5Q5H6sx9bK7MB8GA1UdIwQY
MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut
MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4
LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqDsLZ1gt
+jiRb7Stzkqb+RKgPGOsq8zYkS7oDWUwBIqOaxlIPwjp25MWEoCTcnJ8dK/wRz4V
XhCa0Mw55Vapr6Z9fAP152VIyE3drXCq7qgJwzLAJ27Wl/ZDEhKQaFo1w4NxcUWs
KOnvdVt4F5VX2ooyUKhUWpOFZIdfJYRojj4ooGrTHvOumuX+2AMwDWl4MvZjnHEZ
ouKgUPK47kN18lNj8R9u6H2y0vZ+v3EJMsZfOWisa6r7BQL3uyPXNbngK7pPN7oE
PDhnx3mvDDbdsCDuX9EjQT2jvrHT1YRexe6t8BoXLAamxOA0ABs8YTHzsbmZBJ/h
lH87zuWmeVG0gw==
-----END CERTIFICATE-----