Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.mft
File:                     T7murXluvL6SUPqiksQOioWIx50.mft (raw, json)
Hash identifier:          2WAqQCuy+wIZigG5BIbipLG5LwbzQAxJczcUtNY4NJ0=
Subject key identifier:   D5:C8:48:B4:59:7C:EE:CD:7E:42:2C:FF:11:BA:1C:78:FF:A3:AA:1A
Authority key identifier: 4F:B9:AE:AD:79:6E:BC:BE:92:50:FA:A2:92:C4:0E:8A:85:88:C7:9D
Certificate issuer:       /CN=4fb9aead796ebcbe9250faa292c40e8a8588c79d
Certificate serial:       019D27041AEB80599E78B4386CD9A7D1A683
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T7murXluvL6SUPqiksQOioWIx50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.mft
Manifest number:          136A
Signing time:             Wed 25 Mar 2026 22:01:13 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:13 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:13 +0000
Files and hashes:         1: T7murXluvL6SUPqiksQOioWIx50.crl (hash: 1gEefx/gcCRQqoP0fA5DrU4/nwwUdokAn9hPdkWjzuc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T7murXluvL6SUPqiksQOioWIx50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:1a:eb:80:59:9e:78:b4:38:6c:d9:a7:d1:a6:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4fb9aead796ebcbe9250faa292c40e8a8588c79d
        Validity
            Not Before: Mar 25 22:01:13 2026 GMT
            Not After : Mar 26 22:01:13 2026 GMT
        Subject: CN=d5c848b4597ceecd7e422cff11ba1c78ffa3aa1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:93:29:4b:c2:1d:1f:a3:65:29:8a:b9:95:8c:
                    d0:1b:92:14:d2:02:02:99:98:ef:ef:c2:73:b9:7f:
                    83:fc:81:03:6b:ed:f7:cb:30:a1:fa:ed:48:ca:ab:
                    7d:a4:42:4e:e8:39:16:6b:84:89:3a:55:0d:62:29:
                    1c:bc:86:9b:68:19:78:73:2b:ee:bd:74:0e:40:70:
                    04:09:fc:c8:4e:ce:83:68:50:70:62:f0:25:20:25:
                    5f:54:80:fe:a4:01:df:6c:68:c2:db:6a:87:ca:da:
                    03:9c:0e:98:2d:8e:9b:a2:39:bc:f9:ea:63:86:84:
                    4f:b3:20:8f:cd:f3:62:be:d4:5f:7a:a3:31:f4:28:
                    d3:93:e3:f1:39:c9:19:3d:2c:9f:51:5d:84:64:8b:
                    e0:83:3e:73:88:5b:09:89:b1:46:24:38:7b:f2:88:
                    c6:0c:6e:3c:0e:aa:c9:57:68:c2:2a:20:11:c2:65:
                    54:b1:ef:a1:57:92:0b:df:b9:21:bb:7c:6b:26:4b:
                    d7:a8:63:30:a4:f4:ad:13:68:8e:a9:1b:ec:a2:74:
                    d0:d0:d6:91:59:12:6c:17:f1:6f:e8:05:2a:00:43:
                    f5:02:56:ef:f9:a3:47:1a:f8:d8:14:dc:3a:aa:c1:
                    2e:e1:4d:e3:92:ef:5c:95:fb:16:27:36:86:9f:6f:
                    35:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:C8:48:B4:59:7C:EE:CD:7E:42:2C:FF:11:BA:1C:78:FF:A3:AA:1A
            X509v3 Authority Key Identifier:
                keyid:4F:B9:AE:AD:79:6E:BC:BE:92:50:FA:A2:92:C4:0E:8A:85:88:C7:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7murXluvL6SUPqiksQOioWIx50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/11f004-441f-470d-8927-76a9109a62e7/1/T7murXluvL6SUPqiksQOioWIx50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:f9:a5:3c:85:4e:6f:96:e5:77:6e:2a:33:bb:53:7e:9b:2a:
         8d:8b:dd:9b:36:da:f9:bf:3b:50:4f:29:63:18:8b:05:56:83:
         bb:ec:e2:a1:01:5a:6b:7b:e2:cf:1e:69:9f:f5:d3:05:eb:11:
         11:c5:e2:77:4d:18:8c:a5:e4:73:c8:53:a5:e1:7d:a4:9b:66:
         a8:69:3e:7d:0d:ad:88:e7:8c:16:90:c0:62:4a:f2:6c:8d:33:
         46:76:07:15:90:4e:28:e8:68:a0:fb:ec:b2:57:79:db:d3:dc:
         81:e5:66:21:ef:c4:1e:d7:c3:1e:1c:41:ca:e0:ed:b6:80:9e:
         9b:b2:a7:4e:09:37:95:60:e1:e7:e2:95:11:99:51:df:de:bb:
         6c:2f:18:75:ac:5d:73:94:36:0e:7b:15:27:25:06:a9:d9:6e:
         82:03:5b:96:25:9d:b9:98:ce:ba:37:8b:d0:7c:34:63:bf:93:
         81:c1:06:2c:33:50:6d:e5:b4:cf:f7:b6:fc:75:47:0b:73:54:
         be:16:0c:8d:d0:74:58:bc:74:d5:a9:6d:77:ac:7c:78:58:02:
         22:f0:74:60:c5:4f:f5:0d:f3:90:ed:b3:32:b2:ee:93:a1:fb:
         ab:89:83:f3:04:6e:3b:86:a1:50:e5:a2:63:e2:6e:1f:83:72:
         4e:eb:42:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBrrgFmeeLQ4bNmn0aaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYjlhZWFkNzk2ZWJjYmU5MjUwZmFhMjkyYzQwZThhODU4
OGM3OWQwHhcNMjYwMzI1MjIwMTEzWhcNMjYwMzI2MjIwMTEzWjAzMTEwLwYDVQQD
EyhkNWM4NDhiNDU5N2NlZWNkN2U0MjJjZmYxMWJhMWM3OGZmYTNhYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspMpS8IdH6NlKYq5lYzQG5IU0gIC
mZjv78JzuX+D/IEDa+33yzCh+u1Iyqt9pEJO6DkWa4SJOlUNYikcvIabaBl4cyvu
vXQOQHAECfzITs6DaFBwYvAlICVfVID+pAHfbGjC22qHytoDnA6YLY6bojm8+epj
hoRPsyCPzfNivtRfeqMx9CjTk+PxOckZPSyfUV2EZIvggz5ziFsJibFGJDh78ojG
DG48DqrJV2jCKiARwmVUse+hV5IL37khu3xrJkvXqGMwpPStE2iOqRvsonTQ0NaR
WRJsF/Fv6AUqAEP1Albv+aNHGvjYFNw6qsEu4U3jku9clfsWJzaGn281EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXISLRZfO7NfkIs/xG6HHj/o6oaMB8GA1UdIwQY
MBaAFE+5rq15bry+klD6opLEDoqFiMedMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDdtdXJYbHV2TDZTVVBxaWtzUU9pb1dJeDUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8xMWYwMDQtNDQxZi00NzBkLTg5Mjct
NzZhOTEwOWE2MmU3LzEvVDdtdXJYbHV2TDZTVVBxaWtzUU9pb1dJeDUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8xMWYwMDQtNDQxZi00NzBkLTg5MjctNzZhOTEwOWE2MmU3
LzEvVDdtdXJYbHV2TDZTVVBxaWtzUU9pb1dJeDUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPfmlPIVO
b5bld24qM7tTfpsqjYvdmzba+b87UE8pYxiLBVaDu+zioQFaa3vizx5pn/XTBesR
EcXid00YjKXkc8hTpeF9pJtmqGk+fQ2tiOeMFpDAYkrybI0zRnYHFZBOKOhooPvs
sld529PcgeVmIe/EHtfDHhxByuDttoCem7KnTgk3lWDh5+KVEZlR3967bC8Ydaxd
c5Q2DnsVJyUGqdluggNbliWduZjOujeL0Hw0Y7+TgcEGLDNQbeW0z/e2/HVHC3NU
vhYMjdB0WLx01altd6x8eFgCIvB0YMVP9Q3zkO2zMrLuk6H7q4mD8wRuO4ahUOWi
Y+JuH4NyTutCPg==
-----END CERTIFICATE-----