Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft
File:                     E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft (raw, json)
Hash identifier:          CMbuCmOTK2g+jcePd1oG5TDDLq0Rg6vYS2Z73EaZe/w=
Subject key identifier:   A0:81:E4:10:CB:8E:C2:54:7E:27:17:D2:7A:B0:2F:D5:98:39:61:47
Authority key identifier: 13:B4:21:B8:2A:B7:BB:A6:E2:F5:5E:90:2A:9F:B8:1F:A3:AF:29:8F
Certificate issuer:       /CN=13b421b82ab7bba6e2f55e902a9fb81fa3af298f
Certificate serial:       019D29CDFFF5B1572EBA9ABAD787D30F0519
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/E7QhuCq3u6bi9V6QKp-4H6OvKY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft
Manifest number:          04D3
Signing time:             Thu 26 Mar 2026 11:00:59 +0000
Manifest this update:     Thu 26 Mar 2026 11:00:59 +0000
Manifest next update:     Fri 27 Mar 2026 11:00:59 +0000
Files and hashes:         1: E7QhuCq3u6bi9V6QKp-4H6OvKY8.crl (hash: nSOHi+PDKZGWFNkoYUNpKLdbEAa6DyAtbgAT2zUlGEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/E7QhuCq3u6bi9V6QKp-4H6OvKY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 11:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:cd:ff:f5:b1:57:2e:ba:9a:ba:d7:87:d3:0f:05:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=13b421b82ab7bba6e2f55e902a9fb81fa3af298f
        Validity
            Not Before: Mar 26 11:00:59 2026 GMT
            Not After : Mar 27 11:00:59 2026 GMT
        Subject: CN=a081e410cb8ec2547e2717d27ab02fd598396147
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a5:7d:48:3a:94:6c:98:5f:46:70:f5:42:39:
                    56:99:66:b9:b0:8d:a8:4a:c8:de:56:25:7e:c0:29:
                    17:98:9b:5e:6f:d3:c2:d5:19:19:35:61:07:eb:b2:
                    76:d4:b3:f3:2e:38:2b:4f:42:a1:d0:d5:cc:93:64:
                    f9:9e:de:fa:a9:c5:32:ec:68:53:13:6d:d2:e4:15:
                    08:d6:fc:bc:b6:ec:ca:0f:49:8a:57:27:5e:2a:16:
                    a8:4a:7a:17:2f:5b:dd:88:23:16:b3:f3:5e:58:17:
                    1c:77:a5:9e:48:f3:80:94:bd:f6:d6:98:8f:6c:1c:
                    71:9a:52:f1:7a:dd:90:86:39:2a:f0:70:69:de:ff:
                    54:3e:37:3d:7d:e6:bb:67:19:89:a5:3f:02:a1:8f:
                    6f:52:44:89:22:b2:f3:84:48:f5:7b:18:a7:c3:15:
                    cb:ef:c9:71:81:01:0b:bc:72:f8:ff:f6:14:06:df:
                    4b:29:47:a9:6e:0f:47:0c:6c:03:80:33:35:d5:31:
                    18:1e:80:3e:95:73:22:61:a0:55:ec:1f:b5:95:d4:
                    8c:f9:e2:43:f5:ee:07:55:16:06:f1:6a:7a:99:fb:
                    e6:26:c3:28:26:df:dd:17:50:f0:a0:48:32:e4:dc:
                    1e:09:0f:10:a0:ed:d2:f8:e9:5f:eb:7c:15:2b:ea:
                    ac:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:81:E4:10:CB:8E:C2:54:7E:27:17:D2:7A:B0:2F:D5:98:39:61:47
            X509v3 Authority Key Identifier:
                keyid:13:B4:21:B8:2A:B7:BB:A6:E2:F5:5E:90:2A:9F:B8:1F:A3:AF:29:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7QhuCq3u6bi9V6QKp-4H6OvKY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/053310-03af-4434-8307-dfa707940537/1/E7QhuCq3u6bi9V6QKp-4H6OvKY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:77:71:84:85:55:58:73:fa:e1:1f:8e:53:45:ab:b0:73:2f:
         7c:fe:a8:9a:93:f3:68:2c:d2:a4:2a:fe:ea:b0:30:69:ab:ef:
         ee:b6:ac:80:c8:91:ec:3b:3c:ed:3d:6e:c2:da:4f:f4:84:4a:
         31:ef:cb:d7:9f:c7:00:f7:c8:a5:92:6d:72:3c:e1:41:71:d5:
         3c:cd:0a:06:ed:1e:21:29:ed:03:31:f6:5e:59:fe:5b:8d:57:
         28:9b:4a:e5:95:df:7f:c4:5e:95:4a:cd:72:d9:1d:80:2b:88:
         ef:87:be:56:b7:75:14:08:d0:dc:a9:83:db:fc:32:0a:3e:4f:
         eb:e8:b1:5a:4b:5a:ec:8b:3f:8e:c7:09:d9:1f:49:ad:ea:20:
         ed:74:15:39:01:d0:fb:d9:97:b7:c4:14:a1:b3:67:5a:cc:a7:
         3e:f1:b9:97:9b:77:ca:1b:8a:4c:f4:f2:bd:ca:e6:10:9c:bc:
         c9:2a:42:32:9a:7e:b1:d5:a4:13:d6:5f:b6:8e:e8:4f:ac:39:
         84:f9:94:59:46:79:1f:c7:01:ac:78:52:6d:ac:77:f3:b4:27:
         cb:00:b4:ed:74:3d:a1:4d:5d:e4:16:3d:8e:a2:96:ca:d0:a4:
         af:c6:62:15:8d:1c:15:ff:3d:7e:13:c8:e6:03:9e:89:b4:4a:
         61:40:a5:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzf/1sVcuupq614fTDwUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjQyMWI4MmFiN2JiYTZlMmY1NWU5MDJhOWZiODFmYTNh
ZjI5OGYwHhcNMjYwMzI2MTEwMDU5WhcNMjYwMzI3MTEwMDU5WjAzMTEwLwYDVQQD
EyhhMDgxZTQxMGNiOGVjMjU0N2UyNzE3ZDI3YWIwMmZkNTk4Mzk2MTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaV9SDqUbJhfRnD1QjlWmWa5sI2o
SsjeViV+wCkXmJteb9PC1RkZNWEH67J21LPzLjgrT0Kh0NXMk2T5nt76qcUy7GhT
E23S5BUI1vy8tuzKD0mKVydeKhaoSnoXL1vdiCMWs/NeWBccd6WeSPOAlL321piP
bBxxmlLxet2Qhjkq8HBp3v9UPjc9fea7ZxmJpT8CoY9vUkSJIrLzhEj1exinwxXL
78lxgQELvHL4//YUBt9LKUepbg9HDGwDgDM11TEYHoA+lXMiYaBV7B+1ldSM+eJD
9e4HVRYG8Wp6mfvmJsMoJt/dF1DwoEgy5NweCQ8QoO3S+Olf63wVK+qsSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKCB5BDLjsJUficX0nqwL9WYOWFHMB8GA1UdIwQY
MBaAFBO0Ibgqt7um4vVekCqfuB+jrymPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdRaHVDcTN1NmJpOVY2UUtwLTRINk92S1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wNTMzMTAtMDNhZi00NDM0LTgzMDct
ZGZhNzA3OTQwNTM3LzEvRTdRaHVDcTN1NmJpOVY2UUtwLTRINk92S1k4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wNTMzMTAtMDNhZi00NDM0LTgzMDctZGZhNzA3OTQwNTM3
LzEvRTdRaHVDcTN1NmJpOVY2UUtwLTRINk92S1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKXdxhIVV
WHP64R+OU0WrsHMvfP6ompPzaCzSpCr+6rAwaavv7rasgMiR7Ds87T1uwtpP9IRK
Me/L15/HAPfIpZJtcjzhQXHVPM0KBu0eISntAzH2Xln+W41XKJtK5ZXff8RelUrN
ctkdgCuI74e+Vrd1FAjQ3KmD2/wyCj5P6+ixWkta7Is/jscJ2R9Jreog7XQVOQHQ
+9mXt8QUobNnWsynPvG5l5t3yhuKTPTyvcrmEJy8ySpCMpp+sdWkE9Zfto7oT6w5
hPmUWUZ5H8cBrHhSbax387QnywC07XQ9oU1d5BY9jqKWytCkr8ZiFY0cFf89fhPI
5gOeibRKYUClPw==
-----END CERTIFICATE-----