Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          BfZyK29GK1wvcjQ8dhSguOg1o10E/VhB+oNnosPXWkk=
Subject key identifier:   01:49:AC:6F:AC:99:26:44:63:0A:5C:AB:C4:FE:D4:4D:DD:92:A6:06
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       019D292908FE6E453F58E737D853A4EC3FF9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          1107
Signing time:             Thu 26 Mar 2026 08:00:48 +0000
Manifest this update:     Thu 26 Mar 2026 08:00:48 +0000
Manifest next update:     Fri 27 Mar 2026 08:00:48 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: cSXlff6mVEGUBYbRcpRxJCpPqJxkm/7nYVJD231701Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 08:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:29:08:fe:6e:45:3f:58:e7:37:d8:53:a4:ec:3f:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Mar 26 08:00:48 2026 GMT
            Not After : Mar 27 08:00:48 2026 GMT
        Subject: CN=0149ac6fac992644630a5cabc4fed44ddd92a606
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:df:83:43:cf:d4:70:f7:6d:ee:c7:44:1c:b9:
                    70:00:25:14:3a:4a:c9:b9:4a:50:dd:16:c2:40:0e:
                    42:8b:52:93:7f:5c:10:0e:c6:d4:56:e1:e1:03:ea:
                    98:1e:ac:be:15:54:d0:16:9e:79:f1:58:dd:b5:c2:
                    07:50:90:12:a9:70:f7:a9:2c:8a:2b:77:bb:e6:3c:
                    24:b4:eb:03:68:db:66:f7:52:4e:bf:1a:b6:ab:95:
                    15:20:41:54:1e:9a:11:ca:ab:03:8a:38:27:ab:37:
                    de:db:e4:94:a3:25:2b:b7:cb:c1:77:d8:1a:7b:35:
                    78:8a:61:b2:e4:7c:25:08:eb:da:47:d0:3c:32:eb:
                    5b:03:72:49:d4:3a:85:c6:c0:07:b2:9c:65:8a:78:
                    3d:1b:77:7b:32:51:ed:8f:1b:c7:2c:8a:59:b1:99:
                    c4:6a:8e:23:d9:1f:c5:29:f1:04:16:98:a9:9c:50:
                    6e:e3:cf:fd:44:0b:5c:bd:ff:7b:94:8b:40:fc:2f:
                    9d:45:27:81:8a:60:35:9c:dd:2e:82:35:fd:1e:5c:
                    32:d6:61:01:eb:b4:e2:fb:2a:6e:98:9e:aa:db:7f:
                    96:1c:ef:35:13:e1:28:d1:81:e9:87:7a:31:1d:fc:
                    b2:88:a7:ce:70:14:6b:38:13:89:e8:cf:4a:20:58:
                    49:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:49:AC:6F:AC:99:26:44:63:0A:5C:AB:C4:FE:D4:4D:DD:92:A6:06
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:99:5e:e3:f5:56:79:8e:17:d5:3c:98:1f:c0:88:da:15:7a:
         8b:61:a6:af:9a:99:ba:56:ee:c2:5a:8e:5a:9c:44:cf:2b:bf:
         50:ec:be:b7:4f:f3:05:7d:8a:88:54:3b:03:3a:79:26:53:15:
         53:ff:aa:72:e0:72:a4:5c:c3:4c:46:83:df:70:d0:6a:c9:e8:
         5a:66:23:2b:85:bc:25:7a:7f:77:5a:c4:1f:94:87:f4:93:1c:
         3c:84:a3:d8:4a:81:82:61:04:f6:d0:8f:e9:f2:6c:56:74:4a:
         8d:a5:ed:cd:d6:14:39:2e:55:5a:15:7c:dc:40:b9:62:1a:33:
         ec:77:36:2b:ac:af:f3:5b:22:c3:a7:5b:c3:0f:17:9e:a8:3f:
         4e:6d:e8:66:82:45:c5:f3:0a:9c:e8:f3:6e:1a:48:97:c5:54:
         66:81:94:51:a8:e0:67:c7:b0:f5:9c:cb:f7:36:bb:75:32:3c:
         10:36:3e:6f:80:47:98:5a:bd:ec:d9:4d:40:5a:ad:6e:f5:10:
         2a:7c:78:7f:a8:f1:79:97:b2:f0:92:98:51:eb:50:6a:09:47:
         c8:07:1a:f9:8b:84:84:87:92:d8:35:65:5c:38:21:5b:dd:7c:
         3d:32:0a:3d:83:c3:f0:f7:cc:5e:e1:ce:d9:18:c0:58:93:da:
         11:d2:8e:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKQj+bkU/WOc32FOk7D/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjYwMzI2MDgwMDQ4WhcNMjYwMzI3MDgwMDQ4WjAzMTEwLwYDVQQD
EygwMTQ5YWM2ZmFjOTkyNjQ0NjMwYTVjYWJjNGZlZDQ0ZGRkOTJhNjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN+DQ8/UcPdt7sdEHLlwACUUOkrJ
uUpQ3RbCQA5Ci1KTf1wQDsbUVuHhA+qYHqy+FVTQFp558VjdtcIHUJASqXD3qSyK
K3e75jwktOsDaNtm91JOvxq2q5UVIEFUHpoRyqsDijgnqzfe2+SUoyUrt8vBd9ga
ezV4imGy5HwlCOvaR9A8MutbA3JJ1DqFxsAHspxling9G3d7MlHtjxvHLIpZsZnE
ao4j2R/FKfEEFpipnFBu48/9RAtcvf97lItA/C+dRSeBimA1nN0ugjX9Hlwy1mEB
67Ti+ypumJ6q23+WHO81E+Eo0YHph3oxHfyyiKfOcBRrOBOJ6M9KIFhJNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFJrG+smSZEYwpcq8T+1E3dkqYGMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACJle4/VW
eY4X1TyYH8CI2hV6i2Gmr5qZulbuwlqOWpxEzyu/UOy+t0/zBX2KiFQ7Azp5JlMV
U/+qcuBypFzDTEaD33DQasnoWmYjK4W8JXp/d1rEH5SH9JMcPISj2EqBgmEE9tCP
6fJsVnRKjaXtzdYUOS5VWhV83EC5Yhoz7Hc2K6yv81siw6dbww8Xnqg/Tm3oZoJF
xfMKnOjzbhpIl8VUZoGUUajgZ8ew9ZzL9za7dTI8EDY+b4BHmFq97NlNQFqtbvUQ
Knx4f6jxeZey8JKYUetQaglHyAca+YuEhIeS2DVlXDghW918PTIKPYPD8PfMXuHO
2RjAWJPaEdKOhQ==
-----END CERTIFICATE-----