Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          b5EdzPjPk+xURvlcbjGuDkbMACOFr3b1bm6qpBC5Vaw=
Subject key identifier:   0A:A5:25:F6:32:14:F7:F5:39:5C:EC:10:8B:65:55:2A:1E:07:F1:7D
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       019D29CE4D5916F32B023A23ED2360DA6FDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          05C4
Signing time:             Thu 26 Mar 2026 11:01:19 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:19 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:19 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: 1pHQPTEpOKalRzXYYulStpI8MwOoLa5RMfaIljeJahE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:4d:59:16:f3:2b:02:3a:23:ed:23:60:da:6f:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: Mar 26 11:01:19 2026 GMT
            Not After : Mar 27 11:01:19 2026 GMT
        Subject: CN=0aa525f63214f7f5395cec108b65552a1e07f17d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:67:5f:6c:3d:70:a0:37:4f:71:98:ef:8f:7f:
                    81:97:42:6f:cb:5e:de:24:b8:4d:a4:29:41:63:13:
                    d1:d8:8b:86:8a:c7:52:e7:d5:25:ff:8b:fe:f9:c6:
                    f1:b9:82:d3:3a:a8:a3:c5:1e:b7:3f:95:5a:6d:77:
                    e3:09:e9:b2:8a:1b:c9:b2:2e:26:9e:a9:48:b3:4e:
                    43:99:a0:fb:27:b8:ac:06:ee:bd:96:a0:8b:ed:74:
                    af:ce:10:eb:c4:10:29:18:63:e6:74:36:c5:e4:80:
                    78:be:c7:b3:b7:c5:93:7a:54:1f:9a:0d:5c:a7:44:
                    d2:79:eb:7e:10:ac:fc:42:f6:e0:e7:3c:41:3b:bd:
                    51:0d:0a:6e:23:0b:dc:4a:a7:d4:19:9a:00:5d:cd:
                    3d:91:0e:16:7c:f9:91:2d:84:41:55:c3:b8:df:32:
                    f7:ca:c0:ac:5f:90:43:65:66:49:4f:77:da:f7:c0:
                    62:05:4e:d5:d2:21:7d:77:f8:ed:a4:cb:fa:26:7c:
                    19:61:41:87:4f:6a:7f:ac:ec:fd:ee:9c:86:5c:aa:
                    75:00:73:8c:9e:dc:bd:5c:38:d2:f7:d8:d4:7e:d4:
                    08:df:27:b4:1b:95:1a:a5:9c:25:fe:b5:1c:b8:b4:
                    e7:47:5a:b6:6f:c0:b9:03:91:9a:10:21:cb:96:e4:
                    aa:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:A5:25:F6:32:14:F7:F5:39:5C:EC:10:8B:65:55:2A:1E:07:F1:7D
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:3e:ee:b9:9c:2d:03:68:72:93:97:53:ca:5f:6e:56:7a:d8:
         8d:7b:e2:b5:96:49:38:d0:9d:bf:54:dc:73:d2:60:14:b6:c8:
         14:a0:43:e0:ba:36:4f:d5:83:63:52:62:40:ac:17:b3:6d:3a:
         b9:c8:ae:a8:57:3d:84:59:75:25:52:b1:0d:56:b5:e2:89:1f:
         05:64:96:f7:29:82:f1:a0:91:09:a7:19:74:86:9c:ae:8d:47:
         53:94:b1:77:ce:f3:64:0a:18:4b:97:ef:26:14:23:08:8f:55:
         37:3a:fa:6a:76:62:2e:00:0a:0e:06:e2:53:0e:87:94:94:23:
         5a:ed:d0:84:33:5b:34:6d:11:45:4f:e2:d6:49:8a:7d:88:a1:
         24:51:e9:2f:b0:0d:1c:c8:f3:0c:91:6e:4e:ac:8d:db:54:29:
         96:89:b8:8d:4a:44:49:14:77:8c:13:39:c7:9f:2f:c7:08:2e:
         5c:0b:76:b0:b8:ff:9f:7d:0f:47:de:e6:31:cd:47:fd:fc:95:
         95:49:d3:1f:00:94:2e:7b:51:3a:90:e9:f0:19:04:2d:c1:d4:
         6e:f2:fe:73:cf:59:4f:a8:c0:eb:ce:df:47:99:e7:9a:40:79:
         14:fd:4d:ac:6f:6b:17:d5:b2:56:70:eb:ec:33:0d:10:12:f0:
         eb:f4:90:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzk1ZFvMrAjoj7SNg2m/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjYwMzI2MTEwMTE5WhcNMjYwMzI3MTEwMTE5WjAzMTEwLwYDVQQD
EygwYWE1MjVmNjMyMTRmN2Y1Mzk1Y2VjMTA4YjY1NTUyYTFlMDdmMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmdfbD1woDdPcZjvj3+Bl0Jvy17e
JLhNpClBYxPR2IuGisdS59Ul/4v++cbxuYLTOqijxR63P5VabXfjCemyihvJsi4m
nqlIs05DmaD7J7isBu69lqCL7XSvzhDrxBApGGPmdDbF5IB4vsezt8WTelQfmg1c
p0TSeet+EKz8Qvbg5zxBO71RDQpuIwvcSqfUGZoAXc09kQ4WfPmRLYRBVcO43zL3
ysCsX5BDZWZJT3fa98BiBU7V0iF9d/jtpMv6JnwZYUGHT2p/rOz97pyGXKp1AHOM
nty9XDjS99jUftQI3ye0G5UapZwl/rUcuLTnR1q2b8C5A5GaECHLluSqbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqlJfYyFPf1OVzsEItlVSoeB/F9MB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVD7uuZwt
A2hyk5dTyl9uVnrYjXvitZZJONCdv1Tcc9JgFLbIFKBD4Lo2T9WDY1JiQKwXs206
uciuqFc9hFl1JVKxDVa14okfBWSW9ymC8aCRCacZdIacro1HU5Sxd87zZAoYS5fv
JhQjCI9VNzr6anZiLgAKDgbiUw6HlJQjWu3QhDNbNG0RRU/i1kmKfYihJFHpL7AN
HMjzDJFuTqyN21Qplom4jUpESRR3jBM5x58vxwguXAt2sLj/n30PR97mMc1H/fyV
lUnTHwCULntROpDp8BkELcHUbvL+c89ZT6jA687fR5nnmkB5FP1NrG9rF9WyVnDr
7DMNEBLw6/SQVQ==
-----END CERTIFICATE-----