Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
File:                     d4LgCn_HYX2UJguB_SKjo_PcaG0.mft (raw, json)
Hash identifier:          xyCY3gHOgWqR/cX6ECvwvkGFHR1UHHN2cWl8B24q2ek=
Subject key identifier:   32:D9:DB:5D:28:CC:31:28:F8:B4:40:C6:DD:3A:4E:C9:6E:90:1E:54
Authority key identifier: 77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D
Certificate issuer:       /CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d
Certificate serial:       019D28F3030095FCEF4DF4F2275C043DCABE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
Manifest number:          0D15
Signing time:             Thu 26 Mar 2026 07:01:47 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:47 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:47 +0000
Files and hashes:         1: d4LgCn_HYX2UJguB_SKjo_PcaG0.crl (hash: +fPwPU/b9i3xjYAWyyuK8Ly7s2EQb519295re3QgiFY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:03:00:95:fc:ef:4d:f4:f2:27:5c:04:3d:ca:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7782e00a7fc7617d94260b81fd22a3a3f3dc686d
        Validity
            Not Before: Mar 26 07:01:47 2026 GMT
            Not After : Mar 27 07:01:47 2026 GMT
        Subject: CN=32d9db5d28cc3128f8b440c6dd3a4ec96e901e54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:35:9c:52:62:33:7a:ba:44:45:5e:df:ad:d2:
                    75:76:09:07:ea:03:c1:a6:f7:7c:26:ad:a3:7c:b0:
                    d2:f0:ff:a1:cd:bd:ad:5a:f4:98:8e:b1:6c:ad:26:
                    9e:26:d9:aa:c1:62:91:31:17:a9:1e:53:9e:87:e5:
                    f2:22:18:e5:c0:cb:dc:cc:60:7c:48:33:55:56:3e:
                    35:2b:25:64:0f:3d:ac:b6:89:57:77:34:8d:e1:32:
                    09:37:b3:39:da:91:b4:f5:04:03:24:d1:4c:a3:18:
                    19:80:63:47:66:9c:10:e5:49:35:6a:a1:8c:fb:79:
                    53:fb:cc:06:96:02:1b:31:1a:ed:85:c8:2d:ce:42:
                    66:87:f1:30:20:7b:ac:1d:f1:8d:9f:03:05:4c:a1:
                    c3:6b:31:00:27:5f:e7:38:57:1b:1d:69:42:55:3e:
                    57:19:19:ee:fe:6f:e4:f5:1d:97:df:ab:e3:c1:2d:
                    9c:9c:e2:24:23:9f:60:fe:a8:69:7a:92:14:84:a7:
                    cd:50:0d:44:57:75:2e:46:ef:18:f3:e7:42:1d:61:
                    78:03:52:c4:49:04:2a:c9:dc:65:f1:62:aa:89:04:
                    b9:7e:e7:8c:5b:51:b4:61:82:c4:74:7e:0d:19:28:
                    38:42:6f:3e:51:e9:0b:41:da:a3:08:05:76:f4:9b:
                    9c:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:D9:DB:5D:28:CC:31:28:F8:B4:40:C6:DD:3A:4E:C9:6E:90:1E:54
            X509v3 Authority Key Identifier:
                keyid:77:82:E0:0A:7F:C7:61:7D:94:26:0B:81:FD:22:A3:A3:F3:DC:68:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4LgCn_HYX2UJguB_SKjo_PcaG0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ade60a-fd8c-422e-bca8-9a0284b3adc1/1/d4LgCn_HYX2UJguB_SKjo_PcaG0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:bb:de:c6:05:16:b4:a4:4f:b1:94:6d:e7:c5:f3:76:05:04:
         70:02:29:a9:8e:9f:d5:98:9e:58:96:cf:af:66:51:42:18:51:
         03:16:24:db:c1:b0:49:dd:52:34:70:8d:94:27:48:03:3d:d5:
         ef:89:ff:1c:0b:4f:03:cd:3d:f8:65:a8:e9:36:d5:dd:e0:dc:
         cb:8a:c2:ca:d4:57:ed:d0:41:16:b9:88:84:b8:99:d8:14:94:
         97:53:9e:ff:42:e8:b9:c9:7b:e4:0c:85:3d:10:2a:9b:38:7c:
         e5:58:dc:86:cd:99:ab:f5:6c:ce:ac:1b:e1:41:59:22:b9:64:
         29:89:33:0c:3a:a3:4a:57:63:d6:dd:4b:66:d8:e0:49:76:7c:
         27:6d:47:35:53:12:a9:49:a5:3b:d9:62:d3:f0:c2:a3:6e:79:
         b7:62:83:3b:fe:a1:61:b8:90:33:10:47:7f:c7:26:9b:69:3e:
         47:89:55:cd:c9:b5:4b:13:90:b2:7f:51:b4:97:07:b9:2e:65:
         92:f2:e3:12:64:28:41:d9:10:30:9f:33:2d:31:e6:c6:50:13:
         ec:a6:38:f6:87:70:dc:21:b4:36:dd:47:9c:d9:da:63:b9:f2:
         4c:5f:44:5b:68:9a:5d:4e:07:25:37:49:e2:8e:4b:92:dc:c9:
         a8:94:ea:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8wMAlfzvTfTyJ1wEPcq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ODJlMDBhN2ZjNzYxN2Q5NDI2MGI4MWZkMjJhM2EzZjNk
YzY4NmQwHhcNMjYwMzI2MDcwMTQ3WhcNMjYwMzI3MDcwMTQ3WjAzMTEwLwYDVQQD
EygzMmQ5ZGI1ZDI4Y2MzMTI4ZjhiNDQwYzZkZDNhNGVjOTZlOTAxZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTWcUmIzerpERV7frdJ1dgkH6gPB
pvd8Jq2jfLDS8P+hzb2tWvSYjrFsrSaeJtmqwWKRMRepHlOeh+XyIhjlwMvczGB8
SDNVVj41KyVkDz2stolXdzSN4TIJN7M52pG09QQDJNFMoxgZgGNHZpwQ5Uk1aqGM
+3lT+8wGlgIbMRrthcgtzkJmh/EwIHusHfGNnwMFTKHDazEAJ1/nOFcbHWlCVT5X
GRnu/m/k9R2X36vjwS2cnOIkI59g/qhpepIUhKfNUA1EV3UuRu8Y8+dCHWF4A1LE
SQQqydxl8WKqiQS5fueMW1G0YYLEdH4NGSg4Qm8+UekLQdqjCAV29JucFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLZ210ozDEo+LRAxt06TslukB5UMB8GA1UdIwQY
MBaAFHeC4Ap/x2F9lCYLgf0io6Pz3GhtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hZGU2MGEtZmQ4Yy00MjJlLWJjYTgt
OWEwMjg0YjNhZGMxLzEvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hZGU2MGEtZmQ4Yy00MjJlLWJjYTgtOWEwMjg0YjNhZGMx
LzEvZDRMZ0NuX0hZWDJVSmd1Ql9TS2pvX1BjYUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnLvexgUW
tKRPsZRt58XzdgUEcAIpqY6f1ZieWJbPr2ZRQhhRAxYk28GwSd1SNHCNlCdIAz3V
74n/HAtPA809+GWo6TbV3eDcy4rCytRX7dBBFrmIhLiZ2BSUl1Oe/0Loucl75AyF
PRAqmzh85Vjchs2Zq/Vszqwb4UFZIrlkKYkzDDqjSldj1t1LZtjgSXZ8J21HNVMS
qUmlO9li0/DCo255t2KDO/6hYbiQMxBHf8cmm2k+R4lVzcm1SxOQsn9RtJcHuS5l
kvLjEmQoQdkQMJ8zLTHmxlAT7KY49odw3CG0Nt1HnNnaY7nyTF9EW2iaXU4HJTdJ
4o5LktzJqJTq3A==
-----END CERTIFICATE-----