Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
File:                     sxwNSGRgtxY3A-X_TYre2XiIx00.mft (raw, json)
Hash identifier:          7eCWurjt3pDtcIiuxji/OJDHrx9dbrqATJXYiEsR/1Q=
Subject key identifier:   09:28:1D:12:02:46:00:60:88:82:75:70:8E:82:8F:4B:5F:C6:F2:41
Authority key identifier: B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D
Certificate issuer:       /CN=b31c0d486460b7163703e5ff4d8aded97888c74d
Certificate serial:       019D284E0B3C6FCAE84362CAA27625967896
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
Manifest number:          0A3B
Signing time:             Thu 26 Mar 2026 04:01:36 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:36 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:36 +0000
Files and hashes:         1: sxwNSGRgtxY3A-X_TYre2XiIx00.crl (hash: 1WJD3033TIuiQ5eb15cW8WK15pZMbDdyG2yFaB0G7dE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:0b:3c:6f:ca:e8:43:62:ca:a2:76:25:96:78:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b31c0d486460b7163703e5ff4d8aded97888c74d
        Validity
            Not Before: Mar 26 04:01:36 2026 GMT
            Not After : Mar 27 04:01:36 2026 GMT
        Subject: CN=09281d1202460060888275708e828f4b5fc6f241
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:cf:b1:cf:ff:5c:2a:3f:89:69:a4:00:7c:b7:
                    16:9f:2c:c0:59:35:91:63:e2:c2:e1:08:a4:02:7a:
                    63:c1:23:e2:9e:a3:3c:2b:b1:5b:15:cd:d9:73:aa:
                    85:0d:57:58:65:09:22:e5:db:55:87:aa:05:c3:6f:
                    8d:ad:ad:e8:d3:36:b7:ab:43:16:21:c4:4b:9a:53:
                    12:0a:c5:c9:24:8c:b5:75:01:da:9c:21:58:30:ce:
                    96:d5:f1:4b:c7:86:87:0e:fa:15:bd:09:fd:1e:36:
                    19:34:8d:ff:e2:25:72:eb:75:b7:2f:1d:18:a7:b1:
                    11:47:dd:51:dc:f4:88:df:e9:88:a1:d8:26:d4:f3:
                    2f:72:00:14:ac:3c:c5:87:43:8f:5d:6f:8f:c8:e4:
                    9c:83:bd:12:b3:7a:ac:43:50:2e:86:87:cb:52:86:
                    fd:bf:97:87:c2:a6:91:bd:aa:87:85:05:88:f3:15:
                    1c:c0:52:6c:a0:3b:da:d9:af:a1:43:7d:70:07:2d:
                    1d:2c:b7:86:19:1d:ed:54:de:9b:60:f1:04:74:bd:
                    34:16:ad:e7:6c:a4:58:3a:bf:24:2e:b7:d4:4a:92:
                    0a:c4:74:df:0d:82:cd:18:86:a5:99:3b:38:c8:18:
                    72:25:21:bf:84:f2:5d:a1:5f:0e:d5:7d:8f:4c:32:
                    28:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:28:1D:12:02:46:00:60:88:82:75:70:8E:82:8F:4B:5F:C6:F2:41
            X509v3 Authority Key Identifier:
                keyid:B3:1C:0D:48:64:60:B7:16:37:03:E5:FF:4D:8A:DE:D9:78:88:C7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxwNSGRgtxY3A-X_TYre2XiIx00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29441c-281c-4e02-9a91-8243b7db105e/1/sxwNSGRgtxY3A-X_TYre2XiIx00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:85:d1:5c:55:46:2a:2d:db:45:98:6b:19:58:65:e6:41:3e:
         17:20:34:7e:c9:ad:52:3e:66:bf:c6:1b:4c:b4:a3:3f:e0:95:
         e9:d3:74:0a:bf:3a:51:26:95:58:22:16:f3:d2:62:21:0b:11:
         94:8a:a1:ae:3f:14:38:1a:ba:d8:57:4e:3c:cb:e9:7d:d7:6f:
         c8:09:d1:42:4d:5d:fb:3b:49:de:ea:e6:82:cb:d1:85:e5:50:
         74:8a:5e:a2:ff:25:16:37:78:0e:40:4c:e1:1b:53:02:c8:f5:
         56:b5:4e:e1:59:cb:58:23:0e:d7:24:b9:42:7b:e2:42:2e:a2:
         bc:a7:a9:4e:10:5c:b4:a3:60:86:01:b2:07:66:ce:39:03:c6:
         b5:d3:4d:2f:79:06:dd:90:af:91:b4:09:e7:f7:34:bd:99:3d:
         56:dc:43:b4:34:21:9b:c0:7d:db:ef:4b:09:05:6d:5f:a4:6d:
         eb:b6:98:29:04:1a:6f:74:5f:9a:b8:93:ef:bd:ee:56:aa:28:
         1e:92:38:57:52:75:cb:1f:b8:0f:82:cc:17:20:40:0b:e4:8d:
         6b:0a:eb:37:29:9d:d4:c3:62:64:60:f7:65:c3:db:8a:e3:1b:
         85:97:0b:90:4d:cc:16:25:ef:1c:bc:fb:87:64:71:3a:e5:1d:
         bb:ff:18:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTgs8b8roQ2LKonYllniWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWMwZDQ4NjQ2MGI3MTYzNzAzZTVmZjRkOGFkZWQ5Nzg4
OGM3NGQwHhcNMjYwMzI2MDQwMTM2WhcNMjYwMzI3MDQwMTM2WjAzMTEwLwYDVQQD
EygwOTI4MWQxMjAyNDYwMDYwODg4Mjc1NzA4ZTgyOGY0YjVmYzZmMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM+xz/9cKj+JaaQAfLcWnyzAWTWR
Y+LC4QikAnpjwSPinqM8K7FbFc3Zc6qFDVdYZQki5dtVh6oFw2+Nra3o0za3q0MW
IcRLmlMSCsXJJIy1dQHanCFYMM6W1fFLx4aHDvoVvQn9HjYZNI3/4iVy63W3Lx0Y
p7ERR91R3PSI3+mIodgm1PMvcgAUrDzFh0OPXW+PyOScg70Ss3qsQ1AuhofLUob9
v5eHwqaRvaqHhQWI8xUcwFJsoDva2a+hQ31wBy0dLLeGGR3tVN6bYPEEdL00Fq3n
bKRYOr8kLrfUSpIKxHTfDYLNGIalmTs4yBhyJSG/hPJdoV8O1X2PTDIoSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAkoHRICRgBgiIJ1cI6Cj0tfxvJBMB8GA1UdIwQY
MBaAFLMcDUhkYLcWNwPl/02K3tl4iMdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEt
ODI0M2I3ZGIxMDVlLzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOTQ0MWMtMjgxYy00ZTAyLTlhOTEtODI0M2I3ZGIxMDVl
LzEvc3h3TlNHUmd0eFkzQS1YX1RZcmUyWGlJeDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHIXRXFVG
Ki3bRZhrGVhl5kE+FyA0fsmtUj5mv8YbTLSjP+CV6dN0Cr86USaVWCIW89JiIQsR
lIqhrj8UOBq62FdOPMvpfddvyAnRQk1d+ztJ3urmgsvRheVQdIpeov8lFjd4DkBM
4RtTAsj1VrVO4VnLWCMO1yS5QnviQi6ivKepThBctKNghgGyB2bOOQPGtdNNL3kG
3ZCvkbQJ5/c0vZk9VtxDtDQhm8B92+9LCQVtX6Rt67aYKQQab3RfmriT773uVqoo
HpI4V1J1yx+4D4LMFyBAC+SNawrrNymd1MNiZGD3ZcPbiuMbhZcLkE3MFiXvHLz7
h2RxOuUdu/8YnQ==
-----END CERTIFICATE-----