Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft
File:                     pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft (raw, json)
Hash identifier:          WQVyfMymxVyfhbmc29xc2ttoJg5we8lOuLfoGOVDRvE=
Subject key identifier:   63:C0:D1:08:0A:9A:2E:E5:FE:29:3B:44:ED:5B:47:72:C9:4A:DD:A2
Authority key identifier: A5:4A:9E:27:5C:5C:17:80:9B:8F:CF:8C:0F:E0:B5:F6:32:9C:EE:EF
Certificate issuer:       /CN=a54a9e275c5c17809b8fcf8c0fe0b5f6329ceeef
Certificate serial:       019D2704DDC43D09BB2EB32B674B566A4287
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft
Manifest number:          11A3
Signing time:             Wed 25 Mar 2026 22:02:03 +0000
Manifest this update:     Wed 25 Mar 2026 22:02:03 +0000
Manifest next update:     Thu 26 Mar 2026 22:02:03 +0000
Files and hashes:         1: pUqeJ1xcF4Cbj8-MD-C19jKc7u8.crl (hash: JASmcfbqy66qXrZWiW6i+fT7kSS1wu2LSE2DFA6oRDE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:dd:c4:3d:09:bb:2e:b3:2b:67:4b:56:6a:42:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a54a9e275c5c17809b8fcf8c0fe0b5f6329ceeef
        Validity
            Not Before: Mar 25 22:02:03 2026 GMT
            Not After : Mar 26 22:02:03 2026 GMT
        Subject: CN=63c0d1080a9a2ee5fe293b44ed5b4772c94adda2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:75:7e:4b:29:2a:b7:04:65:36:f2:8c:e7:58:
                    df:1d:e6:bb:cc:b9:eb:f0:fa:90:bf:1a:5b:68:ec:
                    01:0f:24:b1:67:95:d5:0d:3f:40:cb:84:3b:8e:d5:
                    9c:6b:44:4b:c9:82:cd:30:0e:0b:76:e3:32:55:56:
                    fd:c2:3e:2e:23:b9:5e:3a:92:46:2e:fe:85:74:ea:
                    d5:9c:9d:61:86:9d:05:66:44:77:db:b7:99:52:fd:
                    8d:dc:45:64:e9:7f:ff:43:dd:d0:ce:4d:a3:5f:55:
                    b5:2f:e9:a2:da:58:1d:cf:9e:50:fe:65:9f:c1:28:
                    77:1e:b8:98:d1:0c:f8:2c:12:a1:3e:9a:b2:9e:5c:
                    5d:45:e6:99:7e:3b:94:78:2a:06:b1:c2:57:98:a5:
                    ab:88:68:94:a5:84:68:a2:72:86:69:a3:cc:ae:c9:
                    6b:0a:94:d1:74:a1:04:75:8a:b5:b1:ca:e4:1e:28:
                    e2:7c:95:e6:8c:13:31:01:aa:d1:ad:e5:98:26:68:
                    22:ef:0d:60:2e:f0:58:11:f2:78:0d:81:a8:4b:6c:
                    3c:d7:aa:17:a5:7a:e3:a4:8b:a2:be:49:53:62:61:
                    4c:a5:44:3d:53:6a:07:7a:40:53:43:4c:58:20:f0:
                    3a:68:f8:5e:30:7a:45:66:1b:7a:9f:12:fa:cc:a8:
                    ac:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:C0:D1:08:0A:9A:2E:E5:FE:29:3B:44:ED:5B:47:72:C9:4A:DD:A2
            X509v3 Authority Key Identifier:
                keyid:A5:4A:9E:27:5C:5C:17:80:9B:8F:CF:8C:0F:E0:B5:F6:32:9C:EE:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/4707ec-d3df-4470-92a9-69980eebc20c/1/pUqeJ1xcF4Cbj8-MD-C19jKc7u8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:07:a6:25:a4:47:79:89:e3:2d:a3:8d:0d:a5:e0:07:01:06:
         e0:1e:c4:e5:47:20:db:4f:a0:aa:9d:a4:a3:01:4b:23:97:83:
         41:da:f4:39:d3:60:80:e9:33:76:90:d6:db:77:68:6d:f1:b9:
         50:55:7c:16:b6:4a:95:ec:39:d2:47:6d:a7:b0:75:5f:c4:9e:
         ed:38:06:4a:63:6c:2b:ab:60:2d:a5:df:0f:0c:e2:c2:d7:f6:
         7b:de:2c:2c:db:50:a6:da:8b:72:4b:03:8c:ac:26:3d:66:ac:
         c7:94:87:10:2f:88:4a:07:92:77:27:36:d9:7b:a9:03:f1:1d:
         9b:79:40:0b:ef:b2:a3:70:ef:b2:66:5d:5c:1f:00:eb:ba:b1:
         97:63:2e:7c:34:bc:d0:c3:1a:58:33:a2:63:9c:67:17:62:fd:
         02:f0:51:b0:7e:a5:f1:7b:7d:d8:fb:ae:30:76:2d:c4:7c:c3:
         b0:d3:62:4c:c1:e3:ff:ad:9d:7b:79:2d:81:81:3f:8a:aa:0a:
         a9:01:6d:7f:dd:6c:c0:d9:00:ee:a6:ab:e5:b4:3e:a5:f8:b5:
         43:51:f5:51:de:80:16:eb:a1:16:84:59:16:f6:72:32:7b:0e:
         d4:aa:05:ae:70:b1:82:b3:b5:47:8d:c0:cf:e2:63:cd:ec:e6:
         5f:e5:02:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBN3EPQm7LrMrZ0tWakKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NGE5ZTI3NWM1YzE3ODA5YjhmY2Y4YzBmZTBiNWY2MzI5
Y2VlZWYwHhcNMjYwMzI1MjIwMjAzWhcNMjYwMzI2MjIwMjAzWjAzMTEwLwYDVQQD
Eyg2M2MwZDEwODBhOWEyZWU1ZmUyOTNiNDRlZDViNDc3MmM5NGFkZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHV+SykqtwRlNvKM51jfHea7zLnr
8PqQvxpbaOwBDySxZ5XVDT9Ay4Q7jtWca0RLyYLNMA4LduMyVVb9wj4uI7leOpJG
Lv6FdOrVnJ1hhp0FZkR327eZUv2N3EVk6X//Q93Qzk2jX1W1L+mi2lgdz55Q/mWf
wSh3HriY0Qz4LBKhPpqynlxdReaZfjuUeCoGscJXmKWriGiUpYRoonKGaaPMrslr
CpTRdKEEdYq1scrkHijifJXmjBMxAarRreWYJmgi7w1gLvBYEfJ4DYGoS2w816oX
pXrjpIuivklTYmFMpUQ9U2oHekBTQ0xYIPA6aPheMHpFZht6nxL6zKisDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPA0QgKmi7l/ik7RO1bR3LJSt2iMB8GA1UdIwQY
MBaAFKVKnidcXBeAm4/PjA/gtfYynO7vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFVxZUoxeGNGNENiajgtTUQtQzE5aktjN3U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC80NzA3ZWMtZDNkZi00NDcwLTkyYTkt
Njk5ODBlZWJjMjBjLzEvcFVxZUoxeGNGNENiajgtTUQtQzE5aktjN3U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC80NzA3ZWMtZDNkZi00NDcwLTkyYTktNjk5ODBlZWJjMjBj
LzEvcFVxZUoxeGNGNENiajgtTUQtQzE5aktjN3U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgQemJaRH
eYnjLaONDaXgBwEG4B7E5Ucg20+gqp2kowFLI5eDQdr0OdNggOkzdpDW23dobfG5
UFV8FrZKlew50kdtp7B1X8Se7TgGSmNsK6tgLaXfDwziwtf2e94sLNtQptqLcksD
jKwmPWasx5SHEC+ISgeSdyc22XupA/Edm3lAC++yo3DvsmZdXB8A67qxl2MufDS8
0MMaWDOiY5xnF2L9AvBRsH6l8Xt92PuuMHYtxHzDsNNiTMHj/62de3ktgYE/iqoK
qQFtf91swNkA7qar5bQ+pfi1Q1H1Ud6AFuuhFoRZFvZyMnsO1KoFrnCxgrO1R43A
z+JjzezmX+UCCg==
-----END CERTIFICATE-----