Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          kIqhJljxMkfgK3SUisVyaXjJ9Iv3FIgUC2pYNFbv9ZM=
Subject key identifier:   D3:AC:F7:AB:01:B6:82:93:42:58:DF:2E:23:A3:DC:61:67:7E:1E:A1
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       019D2695EB1843DEECA3D1F27B226A3764E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          075F
Signing time:             Wed 25 Mar 2026 20:00:52 +0000
Manifest this update:     Wed 25 Mar 2026 20:00:52 +0000
Manifest next update:     Thu 26 Mar 2026 20:00:52 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: ngIbq4BRLlQEbTDYXrx4jge+PLIudiV4mDyDI2CHK5M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 20:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:95:eb:18:43:de:ec:a3:d1:f2:7b:22:6a:37:64:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Mar 25 20:00:52 2026 GMT
            Not After : Mar 26 20:00:52 2026 GMT
        Subject: CN=d3acf7ab01b682934258df2e23a3dc61677e1ea1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:6d:3a:7b:e2:7e:fc:5f:21:44:44:c1:79:fa:
                    20:7d:bc:f0:4e:b7:15:2d:d2:9e:6f:fc:66:7c:0c:
                    62:21:38:4c:b6:e1:96:1d:86:7d:0c:21:45:9d:0c:
                    5d:0e:de:74:26:39:06:2f:5e:e5:1c:30:03:f7:9c:
                    66:75:0f:2c:b6:37:b4:66:65:a6:f5:db:6b:b3:18:
                    eb:bd:d9:0a:75:70:9f:93:fd:9f:ed:e8:dd:ab:f5:
                    1e:5f:7c:61:de:2c:9b:25:06:05:8b:f5:00:79:1c:
                    ce:76:d7:29:d5:0b:37:42:8c:74:b4:f2:53:34:14:
                    93:07:51:0d:59:57:be:dc:9f:54:52:16:3a:82:c1:
                    d8:be:73:13:bb:1f:ba:71:04:57:c5:92:a9:41:c4:
                    f9:e2:b9:79:00:57:ee:e4:da:e2:ea:0f:ef:76:b6:
                    1a:1c:64:2f:ad:c4:76:70:8c:39:fb:96:92:48:05:
                    06:a2:41:e1:6d:94:96:a0:3f:ad:d4:79:b8:52:7b:
                    4b:97:bb:da:f3:82:bd:5c:a4:82:5c:63:32:a9:c2:
                    f4:36:08:d3:14:f0:b5:d8:3c:57:05:79:7f:96:e8:
                    5a:ce:b7:42:77:27:40:94:fc:36:a9:5d:e6:22:6c:
                    9d:7a:0d:a6:84:05:9a:1d:37:33:15:94:d1:34:b8:
                    62:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:AC:F7:AB:01:B6:82:93:42:58:DF:2E:23:A3:DC:61:67:7E:1E:A1
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:f4:62:12:67:fc:fa:8e:1a:2d:4c:27:6c:98:98:fe:59:1d:
         ec:29:8d:c7:9e:ee:0f:b2:c7:75:ae:05:ae:9f:46:a4:fa:67:
         ed:8e:95:84:b9:74:ca:8e:a2:60:f1:90:7d:0d:28:54:2a:17:
         67:1c:ff:b2:a4:1e:d7:67:9e:61:3a:28:96:46:e8:90:1d:7c:
         33:ad:ea:25:31:d2:05:d1:7f:84:20:34:b2:bd:b3:df:51:46:
         0f:51:1b:07:20:c0:c5:da:db:66:7d:71:b9:4f:64:d9:05:82:
         74:69:7b:0a:2c:9f:32:62:09:04:d6:24:86:40:e5:3f:78:77:
         03:9a:50:53:93:a3:e0:c8:58:ad:ec:a0:c7:80:e6:43:21:36:
         58:5d:ae:07:92:e7:9d:21:22:81:84:5b:84:48:a8:79:e5:6b:
         52:3b:91:1b:b1:71:a2:63:36:00:15:e7:d7:f0:a7:48:76:5d:
         b5:e0:c8:04:54:f2:32:d2:ab:a1:c0:88:36:c3:89:54:0e:8b:
         b9:cf:2b:04:15:e3:44:79:26:87:41:a6:99:d6:b5:fb:9d:b7:
         6e:4e:ce:57:55:d5:1b:07:71:8f:92:57:ed:8f:be:25:d5:c8:
         c2:33:73:b6:d6:be:ff:75:29:c5:59:12:ba:37:89:41:08:4a:
         dd:35:bd:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlesYQ97so9HyeyJqN2TpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjYwMzI1MjAwMDUyWhcNMjYwMzI2MjAwMDUyWjAzMTEwLwYDVQQD
EyhkM2FjZjdhYjAxYjY4MjkzNDI1OGRmMmUyM2EzZGM2MTY3N2UxZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW06e+J+/F8hRETBefogfbzwTrcV
LdKeb/xmfAxiIThMtuGWHYZ9DCFFnQxdDt50JjkGL17lHDAD95xmdQ8stje0ZmWm
9dtrsxjrvdkKdXCfk/2f7ejdq/UeX3xh3iybJQYFi/UAeRzOdtcp1Qs3Qox0tPJT
NBSTB1ENWVe+3J9UUhY6gsHYvnMTux+6cQRXxZKpQcT54rl5AFfu5Nri6g/vdrYa
HGQvrcR2cIw5+5aSSAUGokHhbZSWoD+t1Hm4UntLl7va84K9XKSCXGMyqcL0NgjT
FPC12DxXBXl/luhazrdCdydAlPw2qV3mImydeg2mhAWaHTczFZTRNLhiUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOs96sBtoKTQljfLiOj3GFnfh6hMB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHPRiEmf8
+o4aLUwnbJiY/lkd7CmNx57uD7LHda4Frp9GpPpn7Y6VhLl0yo6iYPGQfQ0oVCoX
Zxz/sqQe12eeYToolkbokB18M63qJTHSBdF/hCA0sr2z31FGD1EbByDAxdrbZn1x
uU9k2QWCdGl7CiyfMmIJBNYkhkDlP3h3A5pQU5Oj4MhYreygx4DmQyE2WF2uB5Ln
nSEigYRbhEioeeVrUjuRG7FxomM2ABXn1/CnSHZdteDIBFTyMtKrocCINsOJVA6L
uc8rBBXjRHkmh0Gmmda1+523bk7OV1XVGwdxj5JX7Y++JdXIwjNztta+/3UpxVkS
ujeJQQhK3TW9AQ==
-----END CERTIFICATE-----