Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft
File:                     d7tRRrULW8gaNXR6K75lKqC3Fnw.mft (raw, json)
Hash identifier:          gKSm/er928iNTTqaHIrdybEKf/8P5mLb6Og4o03U7YE=
Subject key identifier:   41:53:5E:78:1A:69:C3:B5:23:B1:79:A9:8F:AF:F9:24:09:33:52:DA
Authority key identifier: 77:BB:51:46:B5:0B:5B:C8:1A:35:74:7A:2B:BE:65:2A:A0:B7:16:7C
Certificate issuer:       /CN=77bb5146b50b5bc81a35747a2bbe652aa0b7167c
Certificate serial:       019D29CDC163BAD4EAC57BF6BC66FC0A373B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft
Manifest number:          152C
Signing time:             Thu 26 Mar 2026 11:00:43 +0000
Manifest this update:     Thu 26 Mar 2026 11:00:43 +0000
Manifest next update:     Fri 27 Mar 2026 11:00:43 +0000
Files and hashes:         1: d7tRRrULW8gaNXR6K75lKqC3Fnw.crl (hash: wNYN2spqCuUUmwEt+BHp5E3J5ptSl4+gQB5GkD2FKkg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:cd:c1:63:ba:d4:ea:c5:7b:f6:bc:66:fc:0a:37:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77bb5146b50b5bc81a35747a2bbe652aa0b7167c
        Validity
            Not Before: Mar 26 11:00:43 2026 GMT
            Not After : Mar 27 11:00:43 2026 GMT
        Subject: CN=41535e781a69c3b523b179a98faff924093352da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:25:99:5d:64:97:64:61:11:01:99:87:64:d7:
                    cd:ec:b5:01:c4:75:7a:90:6f:5b:06:92:b3:43:e0:
                    e1:98:9e:57:9e:40:63:f0:87:e0:9f:e7:76:ae:06:
                    21:51:ad:ae:97:2a:5d:b4:f2:0f:1a:78:f5:ec:54:
                    2f:02:93:31:95:0f:c2:92:21:17:0c:6c:92:d6:67:
                    59:e6:1b:65:26:2c:02:d7:28:7c:a2:d4:b3:47:1c:
                    69:e4:77:da:3a:05:65:e3:51:90:20:6f:43:40:26:
                    ca:e9:0b:fd:de:88:3a:be:68:78:4f:19:43:4c:dc:
                    f9:71:b8:56:a2:d8:71:fd:dd:b4:02:12:19:2a:2f:
                    9f:e9:0d:21:d7:cf:fe:69:42:c0:d8:59:f2:88:3d:
                    f3:5d:35:e4:d3:71:6d:70:10:f0:55:e6:28:2c:a1:
                    56:82:65:de:6b:25:b6:9b:6b:d5:e7:0f:0b:e4:23:
                    9e:4a:00:dc:00:37:c1:10:3d:7a:84:81:f9:d6:54:
                    92:85:92:30:ec:64:b5:8c:35:00:67:c6:6a:5d:93:
                    97:a6:a4:71:1e:75:8a:f5:4a:59:7e:66:0b:58:22:
                    d8:56:82:c6:4d:49:dc:fd:9a:27:02:8e:90:fb:62:
                    78:0f:3f:65:1a:b9:20:49:95:8f:2d:b3:e3:4d:23:
                    43:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:53:5E:78:1A:69:C3:B5:23:B1:79:A9:8F:AF:F9:24:09:33:52:DA
            X509v3 Authority Key Identifier:
                keyid:77:BB:51:46:B5:0B:5B:C8:1A:35:74:7A:2B:BE:65:2A:A0:B7:16:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7tRRrULW8gaNXR6K75lKqC3Fnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6199d4-3261-4e0a-ab46-f087e4f85e50/1/d7tRRrULW8gaNXR6K75lKqC3Fnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:80:57:be:fe:31:29:78:43:a8:4a:14:a5:97:74:e0:b7:a7:
         fb:f9:f0:31:10:c5:98:14:16:76:c7:01:ac:e9:69:41:4e:bf:
         8f:d8:fe:b4:25:2c:ad:4d:6b:17:59:78:f5:e0:bc:38:29:a0:
         18:54:26:8e:25:18:de:ba:f3:23:a2:59:32:05:99:7a:b4:1b:
         2e:e6:8d:99:a4:7e:66:8d:70:51:fd:93:0d:2f:54:e2:bc:b5:
         30:de:b4:bb:0f:f2:0e:7e:87:30:b8:22:e5:55:67:fa:82:77:
         5b:4d:eb:08:9e:d9:f7:7b:01:96:1e:ff:4f:74:38:ba:e1:c2:
         e9:60:9f:74:c2:4b:22:1f:fb:4e:43:6f:54:c0:a3:c3:98:c3:
         26:37:2f:be:8e:39:6b:d0:17:a3:22:5a:97:31:48:be:9b:78:
         8e:3d:28:f7:4f:4b:14:06:81:7f:63:fb:d7:0e:17:ec:c3:ac:
         03:3b:fe:8c:9f:31:08:a7:81:87:21:cb:fd:e8:59:f9:9b:6d:
         eb:56:18:9f:13:ea:13:14:79:30:b1:af:0e:6b:20:2e:9e:c8:
         c3:b3:37:88:52:22:aa:11:1d:32:65:f5:93:cf:16:2e:2e:e6:
         01:9e:c0:77:c3:24:64:63:bd:b5:37:af:21:e7:1b:f0:18:fb:
         fe:1f:11:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzcFjutTqxXv2vGb8Cjc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmI1MTQ2YjUwYjViYzgxYTM1NzQ3YTJiYmU2NTJhYTBi
NzE2N2MwHhcNMjYwMzI2MTEwMDQzWhcNMjYwMzI3MTEwMDQzWjAzMTEwLwYDVQQD
Eyg0MTUzNWU3ODFhNjljM2I1MjNiMTc5YTk4ZmFmZjkyNDA5MzM1MmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCWZXWSXZGERAZmHZNfN7LUBxHV6
kG9bBpKzQ+DhmJ5XnkBj8Ifgn+d2rgYhUa2ulypdtPIPGnj17FQvApMxlQ/CkiEX
DGyS1mdZ5htlJiwC1yh8otSzRxxp5HfaOgVl41GQIG9DQCbK6Qv93og6vmh4TxlD
TNz5cbhWothx/d20AhIZKi+f6Q0h18/+aULA2FnyiD3zXTXk03FtcBDwVeYoLKFW
gmXeayW2m2vV5w8L5COeSgDcADfBED16hIH51lSShZIw7GS1jDUAZ8ZqXZOXpqRx
HnWK9UpZfmYLWCLYVoLGTUnc/ZonAo6Q+2J4Dz9lGrkgSZWPLbPjTSNDIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFTXngaacO1I7F5qY+v+SQJM1LaMB8GA1UdIwQY
MBaAFHe7UUa1C1vIGjV0eiu+ZSqgtxZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82MTk5ZDQtMzI2MS00ZTBhLWFiNDYt
ZjA4N2U0Zjg1ZTUwLzEvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82MTk5ZDQtMzI2MS00ZTBhLWFiNDYtZjA4N2U0Zjg1ZTUw
LzEvZDd0UlJyVUxXOGdhTlhSNks3NWxLcUMzRm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj4BXvv4x
KXhDqEoUpZd04Len+/nwMRDFmBQWdscBrOlpQU6/j9j+tCUsrU1rF1l49eC8OCmg
GFQmjiUY3rrzI6JZMgWZerQbLuaNmaR+Zo1wUf2TDS9U4ry1MN60uw/yDn6HMLgi
5VVn+oJ3W03rCJ7Z93sBlh7/T3Q4uuHC6WCfdMJLIh/7TkNvVMCjw5jDJjcvvo45
a9AXoyJalzFIvpt4jj0o909LFAaBf2P71w4X7MOsAzv+jJ8xCKeBhyHL/ehZ+Ztt
61YYnxPqExR5MLGvDmsgLp7Iw7M3iFIiqhEdMmX1k88WLi7mAZ7Ad8MkZGO9tTev
Iecb8Bj7/h8R9A==
-----END CERTIFICATE-----