Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          UaAVgFf5Fi31CLawLHmZx2j+HKzBnu2jvoXyQV+GRLI=
Subject key identifier:   52:4C:1E:62:C2:1A:0B:CB:67:25:24:61:89:B5:C8:23:E4:AA:6F:A5
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       019D2929AD83334EBC25FBB4B906D38B0CCB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          0696
Signing time:             Thu 26 Mar 2026 08:01:30 +0000
Manifest this update:     Thu 26 Mar 2026 08:01:30 +0000
Manifest next update:     Fri 27 Mar 2026 08:01:30 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: BTsD7E+CuU7byWQUoHF4bo71uw+9JATKi+6VTPO/y9s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 08:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:29:ad:83:33:4e:bc:25:fb:b4:b9:06:d3:8b:0c:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Mar 26 08:01:30 2026 GMT
            Not After : Mar 27 08:01:30 2026 GMT
        Subject: CN=524c1e62c21a0bcb6725246189b5c823e4aa6fa5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d4:18:21:df:05:6c:34:ba:17:99:22:9b:b5:
                    f3:5c:14:19:27:67:42:b3:79:a8:30:89:a4:bc:60:
                    8d:8b:81:76:78:41:70:71:9a:5b:27:1a:68:0e:91:
                    1c:fa:25:19:7f:a0:fe:e3:2c:9c:fc:ad:c0:1a:a9:
                    b2:0b:a0:8c:59:d3:e5:8e:fa:fb:ab:41:11:84:e1:
                    83:d8:72:98:77:13:79:49:9f:fb:65:23:da:b2:c0:
                    89:37:d0:c7:df:a4:8c:02:de:93:b7:f6:a3:d9:db:
                    fa:9d:f8:63:6d:ce:1c:68:52:d6:a8:77:04:db:7f:
                    d2:e2:2b:df:24:18:e1:86:9c:23:5a:dd:1f:b9:9c:
                    65:d0:d2:d2:89:cc:33:62:68:a3:06:5f:77:6d:5b:
                    76:32:7a:16:5e:2b:8b:09:6e:c0:46:6e:e6:24:ab:
                    7e:18:44:69:a4:ff:1e:e6:6b:07:89:39:7f:ec:3e:
                    33:be:bb:22:a8:19:44:72:12:82:ee:95:e2:5e:f2:
                    79:c8:89:bb:0c:6b:ff:7b:45:f4:89:1a:a3:ce:27:
                    4a:8a:b1:3f:eb:26:26:8c:51:df:99:e5:1c:f7:1b:
                    05:da:1d:5f:b4:8d:2c:7e:6d:1d:bc:f6:49:32:a7:
                    68:a3:04:26:15:f5:1f:b2:00:3e:f4:0d:b4:8c:38:
                    d6:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:4C:1E:62:C2:1A:0B:CB:67:25:24:61:89:B5:C8:23:E4:AA:6F:A5
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:b4:50:8a:cc:5a:c8:3d:94:ef:c9:b2:8b:13:4c:60:99:dd:
         d2:be:b0:9e:08:93:63:7a:fa:46:52:7c:73:0d:bc:fd:3f:7d:
         4a:3d:56:3d:d4:f8:38:db:29:41:e2:76:a0:a3:1d:6b:f5:84:
         2f:a9:f9:24:5d:1c:3d:25:f1:13:b8:2c:34:ce:f2:ef:0f:b3:
         95:81:82:be:67:5e:aa:59:4c:6e:b1:cb:49:44:75:29:bf:31:
         a3:39:64:af:de:6c:92:f1:4f:cb:20:0e:20:38:95:41:8c:3c:
         c1:b5:db:78:b5:b5:a0:92:db:cf:ce:70:f8:03:45:74:0f:47:
         fd:3d:ca:13:2d:6d:6b:0a:df:97:28:e3:87:fb:d6:73:b2:50:
         74:60:79:32:49:2c:6c:2a:0f:08:99:b7:19:4c:e0:f4:22:93:
         09:57:38:e8:d2:bd:63:12:ad:82:ed:c8:3d:7a:a4:91:a3:97:
         8c:10:e0:ad:b9:3e:44:82:d6:59:c0:1a:c3:a9:aa:c2:bd:15:
         97:f3:f4:17:98:44:f3:d1:29:36:c1:f7:ff:c3:b1:fa:82:58:
         3c:2d:c5:4c:58:a5:aa:70:0a:23:28:14:5f:2e:5b:8e:72:f3:
         31:fb:03:2b:8c:58:80:73:ff:f8:0e:ae:35:67:eb:e2:3f:40:
         c3:cc:b2:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKa2DM068Jfu0uQbTiwzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjYwMzI2MDgwMTMwWhcNMjYwMzI3MDgwMTMwWjAzMTEwLwYDVQQD
Eyg1MjRjMWU2MmMyMWEwYmNiNjcyNTI0NjE4OWI1YzgyM2U0YWE2ZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9QYId8FbDS6F5kim7XzXBQZJ2dC
s3moMImkvGCNi4F2eEFwcZpbJxpoDpEc+iUZf6D+4yyc/K3AGqmyC6CMWdPljvr7
q0ERhOGD2HKYdxN5SZ/7ZSPassCJN9DH36SMAt6Tt/aj2dv6nfhjbc4caFLWqHcE
23/S4ivfJBjhhpwjWt0fuZxl0NLSicwzYmijBl93bVt2MnoWXiuLCW7ARm7mJKt+
GERppP8e5msHiTl/7D4zvrsiqBlEchKC7pXiXvJ5yIm7DGv/e0X0iRqjzidKirE/
6yYmjFHfmeUc9xsF2h1ftI0sfm0dvPZJMqdoowQmFfUfsgA+9A20jDjWlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJMHmLCGgvLZyUkYYm1yCPkqm+lMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN7RQisxa
yD2U78myixNMYJnd0r6wngiTY3r6RlJ8cw28/T99Sj1WPdT4ONspQeJ2oKMda/WE
L6n5JF0cPSXxE7gsNM7y7w+zlYGCvmdeqllMbrHLSUR1Kb8xozlkr95skvFPyyAO
IDiVQYw8wbXbeLW1oJLbz85w+ANFdA9H/T3KEy1tawrflyjjh/vWc7JQdGB5Mkks
bCoPCJm3GUzg9CKTCVc46NK9YxKtgu3IPXqkkaOXjBDgrbk+RILWWcAaw6mqwr0V
l/P0F5hE89EpNsH3/8Ox+oJYPC3FTFilqnAKIygUXy5bjnLzMfsDK4xYgHP/+A6u
NWfr4j9Aw8yyBg==
-----END CERTIFICATE-----