Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
File:                     X765nwZBwgALrAWjJrQYpMApS3o.mft (raw, json)
Hash identifier:          aJ1m0HOvJc+0+K+w5tvTFmSMD4twAcFQyS4rffKYVT8=
Subject key identifier:   49:C3:24:5A:76:08:79:A5:74:6F:00:10:75:AE:20:A7:0E:4E:E8:94
Authority key identifier: 5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A
Certificate issuer:       /CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
Certificate serial:       019D28F24F318AB4B297F0E1F309617CEFB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
Manifest number:          0379
Signing time:             Thu 26 Mar 2026 07:01:01 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:01 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:01 +0000
Files and hashes:         1: X765nwZBwgALrAWjJrQYpMApS3o.crl (hash: 9GGv2zgy8OIk1xavSIACS8+kJLeQEJLxXxjzKFm26PM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:4f:31:8a:b4:b2:97:f0:e1:f3:09:61:7c:ef:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5fbeb99f0641c2000bac05a326b418a4c0294b7a
        Validity
            Not Before: Mar 26 07:01:01 2026 GMT
            Not After : Mar 27 07:01:01 2026 GMT
        Subject: CN=49c3245a760879a5746f001075ae20a70e4ee894
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:74:c4:9e:99:5f:99:cc:88:15:68:ff:2e:71:
                    f9:dc:f6:88:a4:49:9e:e3:af:61:29:69:56:63:80:
                    6c:d9:38:54:33:51:95:b8:13:50:f4:c4:25:30:a2:
                    8d:c1:d3:5b:e8:1f:ac:91:92:aa:4f:ac:5f:c8:0a:
                    0a:ee:d5:c9:22:fc:a2:ff:c2:d7:44:01:79:f0:f7:
                    96:0a:a2:9f:e0:c0:43:86:58:c8:e6:57:40:c8:84:
                    fa:1f:69:02:41:85:8b:cf:d1:d7:c4:fb:09:7c:cc:
                    55:64:bd:c0:a8:bc:15:6f:52:af:70:13:14:ad:df:
                    43:6a:90:7c:75:37:b3:19:60:19:11:25:e6:a8:89:
                    68:38:69:9a:44:69:35:71:58:c7:25:28:6c:86:cb:
                    84:ba:29:6b:c4:ab:ff:84:00:d1:ae:fb:5e:62:3e:
                    6c:cb:15:20:25:b0:52:d1:a0:99:e4:1f:71:be:fc:
                    c3:1b:af:ed:d9:04:99:83:32:03:84:55:28:a5:9c:
                    0c:84:a4:3c:c6:ca:4a:c5:77:0b:31:29:2e:6d:29:
                    16:32:7c:c9:a5:15:de:19:64:f0:d6:28:6e:df:29:
                    f5:55:09:db:44:66:a7:9a:47:ad:4a:8e:8c:6b:8d:
                    eb:22:f2:93:5e:a9:55:90:cb:26:b0:ec:c7:fe:e8:
                    1a:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:C3:24:5A:76:08:79:A5:74:6F:00:10:75:AE:20:A7:0E:4E:E8:94
            X509v3 Authority Key Identifier:
                keyid:5F:BE:B9:9F:06:41:C2:00:0B:AC:05:A3:26:B4:18:A4:C0:29:4B:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X765nwZBwgALrAWjJrQYpMApS3o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/653dac-a69c-48e5-b7c8-575a2080896a/1/X765nwZBwgALrAWjJrQYpMApS3o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:f7:2b:a2:6a:65:58:48:72:8c:c7:4c:28:78:3f:60:6a:4c:
         14:cf:70:64:2c:ef:df:66:7b:a6:e4:c3:3a:7f:64:09:3f:38:
         3c:65:95:b4:13:1c:df:b4:b0:75:1b:38:a1:13:b4:55:fd:7b:
         97:66:06:0c:19:bc:f0:6e:fe:0c:c4:be:1d:8b:96:17:fe:9a:
         00:4f:46:8b:b3:fb:eb:c4:7c:07:12:79:23:ef:57:bc:f4:b5:
         47:1d:fd:69:6d:f4:72:23:c0:0b:91:7e:a7:92:21:3a:65:d7:
         b5:2b:41:44:30:dd:ae:a9:0b:07:29:04:6a:d5:05:ea:bd:e1:
         88:9e:cf:cd:4f:05:c1:63:a6:19:71:1d:9f:f7:3f:c9:46:d1:
         e8:21:ed:a2:b4:21:f8:67:b8:c2:c1:a4:a9:48:f1:4b:a3:f2:
         05:34:be:89:db:f4:be:a3:23:39:0e:9a:9b:ef:32:27:4a:e4:
         17:3f:55:f2:c7:aa:c2:3f:64:61:68:6d:6f:ce:9f:2d:b2:1c:
         87:88:1b:18:08:91:a8:4a:ae:84:8b:6c:53:99:6a:ec:a3:e0:
         77:ad:1a:b6:3d:57:78:67:04:11:63:f5:a2:61:05:a0:82:d3:
         d2:94:7d:b7:89:69:5d:72:ad:e0:8d:8f:66:71:7a:6c:5b:06:
         71:59:2f:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8k8xirSyl/Dh8wlhfO+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmViOTlmMDY0MWMyMDAwYmFjMDVhMzI2YjQxOGE0YzAy
OTRiN2EwHhcNMjYwMzI2MDcwMTAxWhcNMjYwMzI3MDcwMTAxWjAzMTEwLwYDVQQD
Eyg0OWMzMjQ1YTc2MDg3OWE1NzQ2ZjAwMTA3NWFlMjBhNzBlNGVlODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXTEnplfmcyIFWj/LnH53PaIpEme
469hKWlWY4Bs2ThUM1GVuBNQ9MQlMKKNwdNb6B+skZKqT6xfyAoK7tXJIvyi/8LX
RAF58PeWCqKf4MBDhljI5ldAyIT6H2kCQYWLz9HXxPsJfMxVZL3AqLwVb1KvcBMU
rd9DapB8dTezGWAZESXmqIloOGmaRGk1cVjHJShshsuEuilrxKv/hADRrvteYj5s
yxUgJbBS0aCZ5B9xvvzDG6/t2QSZgzIDhFUopZwMhKQ8xspKxXcLMSkubSkWMnzJ
pRXeGWTw1ihu3yn1VQnbRGanmketSo6Ma43rIvKTXqlVkMsmsOzH/uga/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEnDJFp2CHmldG8AEHWuIKcOTuiUMB8GA1UdIwQY
MBaAFF++uZ8GQcIAC6wFoya0GKTAKUt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3Yzgt
NTc1YTIwODA4OTZhLzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS82NTNkYWMtYTY5Yy00OGU1LWI3YzgtNTc1YTIwODA4OTZh
LzEvWDc2NW53WkJ3Z0FMckFXakpyUVlwTUFwUzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACPcrompl
WEhyjMdMKHg/YGpMFM9wZCzv32Z7puTDOn9kCT84PGWVtBMc37SwdRs4oRO0Vf17
l2YGDBm88G7+DMS+HYuWF/6aAE9Gi7P768R8BxJ5I+9XvPS1Rx39aW30ciPAC5F+
p5IhOmXXtStBRDDdrqkLBykEatUF6r3hiJ7PzU8FwWOmGXEdn/c/yUbR6CHtorQh
+Ge4wsGkqUjxS6PyBTS+idv0vqMjOQ6am+8yJ0rkFz9V8seqwj9kYWhtb86fLbIc
h4gbGAiRqEquhItsU5lq7KPgd60atj1XeGcEEWP1omEFoILT0pR9t4lpXXKt4I2P
ZnF6bFsGcVkv/Q==
-----END CERTIFICATE-----