Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
File:                     M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft (raw, json)
Hash identifier:          AfHDQAblRwEB9pvSZdaOLuXgInR9Yt8U1SXk6Ztw7vQ=
Subject key identifier:   58:E8:52:B3:1D:11:C9:60:D2:AC:1C:CD:5C:AA:63:22:63:3B:8D:29
Authority key identifier: 33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99
Certificate issuer:       /CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
Certificate serial:       019D2704181F31CA53998481708F009FC366
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
Manifest number:          146B
Signing time:             Wed 25 Mar 2026 22:01:12 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:12 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:12 +0000
Files and hashes:         1: M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl (hash: 14fzRzjRIhcjNc6GJScAXZY1yrAtJGZLODRUgCfEG8M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:18:1f:31:ca:53:99:84:81:70:8f:00:9f:c3:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
        Validity
            Not Before: Mar 25 22:01:12 2026 GMT
            Not After : Mar 26 22:01:12 2026 GMT
        Subject: CN=58e852b31d11c960d2ac1ccd5caa6322633b8d29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:4a:79:c9:91:34:ba:6f:ed:54:3e:c0:3f:32:
                    18:58:41:4b:a4:66:e6:f8:60:60:a2:a4:7e:54:32:
                    88:24:a7:64:79:58:88:25:47:ab:69:28:b6:33:34:
                    38:88:0d:0c:ae:88:20:c6:e8:7a:d9:14:dc:ec:d4:
                    5f:94:08:8a:51:26:51:76:ed:1e:56:fe:0c:8a:97:
                    15:02:10:1c:b5:f1:5b:b9:67:50:53:1f:72:cc:3e:
                    1e:2e:0a:50:30:61:99:68:1f:b6:89:97:a1:ea:60:
                    69:0a:34:63:c7:9e:4e:cc:27:36:21:88:5e:8f:99:
                    a0:7a:63:f6:20:bf:97:ad:07:2f:82:32:46:77:50:
                    a7:46:66:18:fc:3c:d2:a4:25:74:06:ac:55:6c:4e:
                    95:48:97:86:bc:5f:2b:9a:6a:58:0f:01:17:7f:7e:
                    71:c2:25:0e:a5:20:52:db:6d:12:06:5d:6e:18:bc:
                    55:7d:e9:14:fb:7a:14:b0:4b:62:c2:6b:dc:8e:d5:
                    c6:a5:dd:40:24:33:68:e1:11:17:24:26:69:d4:6d:
                    6d:21:4d:58:98:64:79:b4:c4:5f:09:28:7e:63:c1:
                    7a:b0:e9:8b:89:11:d9:c8:38:e8:20:10:4b:53:73:
                    da:ec:68:b7:8b:2d:a0:da:da:9f:4d:be:bf:82:20:
                    c8:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:E8:52:B3:1D:11:C9:60:D2:AC:1C:CD:5C:AA:63:22:63:3B:8D:29
            X509v3 Authority Key Identifier:
                keyid:33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:ca:f8:d6:aa:91:fd:82:e4:d0:47:0f:c4:4a:07:be:df:15:
         53:8d:99:26:dd:dd:5c:aa:5f:69:9f:6d:49:77:53:87:71:04:
         1f:82:81:42:d3:3a:c3:ac:7e:97:c5:64:e8:8b:16:19:7f:87:
         5d:83:59:7c:64:7e:35:2c:99:f6:bf:d6:c3:58:d7:7d:c3:20:
         56:45:ec:72:b6:33:78:22:ae:79:6d:1b:c9:7c:7d:2d:25:1d:
         e5:86:a0:3f:ae:1b:83:28:f7:f2:95:16:34:1f:40:30:b9:9a:
         2a:7b:25:83:22:eb:70:67:a7:f5:fa:7c:01:c4:89:26:a1:fd:
         bd:b8:6c:50:2f:02:12:5f:f5:98:25:6a:0f:86:ea:3a:c5:68:
         63:7a:07:98:24:d6:a6:19:8b:62:52:9e:17:28:f4:44:56:4b:
         16:1a:8b:02:d9:a4:3a:e6:59:81:eb:93:11:c8:c0:e2:53:8e:
         23:90:de:d6:d4:b4:b2:b0:fa:24:36:58:43:b3:cb:07:c8:8f:
         7f:a3:7d:ab:81:c5:08:2e:2c:08:0c:4b:12:69:88:65:b6:f0:
         4d:11:53:cc:d5:3f:b3:60:7e:d3:c1:b3:dc:b0:35:76:ee:46:
         c7:ab:d3:9f:20:d7:31:07:88:ff:fc:33:12:05:5a:bb:c4:2b:
         8d:8d:c8:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBgfMcpTmYSBcI8An8NmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNjNkNzJjZGQ5M2FiMDJmZTNmNzg4ZDYyMWQ3MTVkOWVm
ZDc2OTkwHhcNMjYwMzI1MjIwMTEyWhcNMjYwMzI2MjIwMTEyWjAzMTEwLwYDVQQD
Eyg1OGU4NTJiMzFkMTFjOTYwZDJhYzFjY2Q1Y2FhNjMyMjYzM2I4ZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEp5yZE0um/tVD7APzIYWEFLpGbm
+GBgoqR+VDKIJKdkeViIJUeraSi2MzQ4iA0Mroggxuh62RTc7NRflAiKUSZRdu0e
Vv4MipcVAhActfFbuWdQUx9yzD4eLgpQMGGZaB+2iZeh6mBpCjRjx55OzCc2IYhe
j5mgemP2IL+XrQcvgjJGd1CnRmYY/DzSpCV0BqxVbE6VSJeGvF8rmmpYDwEXf35x
wiUOpSBS220SBl1uGLxVfekU+3oUsEtiwmvcjtXGpd1AJDNo4REXJCZp1G1tIU1Y
mGR5tMRfCSh+Y8F6sOmLiRHZyDjoIBBLU3Pa7Gi3iy2g2tqfTb6/giDIoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjoUrMdEclg0qwczVyqYyJjO40pMB8GA1UdIwQY
MBaAFDNj1yzdk6sC/j94jWIdcV2e/XaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgt
NDM0ZjllMGQ3NTBjLzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgtNDM0ZjllMGQ3NTBj
LzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALcr41qqR
/YLk0EcPxEoHvt8VU42ZJt3dXKpfaZ9tSXdTh3EEH4KBQtM6w6x+l8Vk6IsWGX+H
XYNZfGR+NSyZ9r/Ww1jXfcMgVkXscrYzeCKueW0byXx9LSUd5YagP64bgyj38pUW
NB9AMLmaKnslgyLrcGen9fp8AcSJJqH9vbhsUC8CEl/1mCVqD4bqOsVoY3oHmCTW
phmLYlKeFyj0RFZLFhqLAtmkOuZZgeuTEcjA4lOOI5De1tS0srD6JDZYQ7PLB8iP
f6N9q4HFCC4sCAxLEmmIZbbwTRFTzNU/s2B+08Gz3LA1du5Gx6vTnyDXMQeI//wz
EgVau8QrjY3Idw==
-----END CERTIFICATE-----