Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
File:                     dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json)
Hash identifier:          2SZc30Roi6wP8hUHaTfAB9eUMR81wEPRkT02IZN6MUQ=
Subject key identifier:   03:D9:35:1F:82:54:0C:D7:DA:D2:81:11:DC:67:74:D0:11:A0:4C:F3
Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84
Certificate issuer:       /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
Certificate serial:       019D2704B207859AA5E39DF05FF8AF8F45E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
Manifest number:          133B
Signing time:             Wed 25 Mar 2026 22:01:52 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:52 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:52 +0000
Files and hashes:         1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: GVwMnFlc+nMr7uB26X29O8uUh85pGwIIfTvWUY4SuXA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:b2:07:85:9a:a5:e3:9d:f0:5f:f8:af:8f:45:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
        Validity
            Not Before: Mar 25 22:01:52 2026 GMT
            Not After : Mar 26 22:01:52 2026 GMT
        Subject: CN=03d9351f82540cd7dad28111dc6774d011a04cf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:8e:c7:28:a2:96:35:e9:64:5d:a6:6b:a1:1d:
                    76:f1:7a:2b:68:f6:64:18:8e:19:aa:58:26:08:61:
                    85:d7:c3:f6:e4:7f:49:6e:7f:79:c9:96:91:e9:18:
                    f3:d0:e6:d7:dc:fd:21:de:cd:2a:f3:73:a6:e7:76:
                    38:47:2a:b7:df:c6:f7:17:19:a9:b3:00:4f:57:e7:
                    d5:99:99:49:ad:73:1e:5c:6d:75:6c:90:9f:08:76:
                    cf:e8:2e:d5:14:e4:c3:44:89:ba:92:50:20:ce:f3:
                    f2:61:02:be:94:14:4a:6d:87:3a:14:12:86:a7:cc:
                    2f:2d:c2:ed:46:d6:0c:a7:92:6c:21:61:b4:e8:63:
                    29:8c:fd:a6:0d:e4:4f:25:f5:92:1e:41:d4:84:d2:
                    98:4a:f7:4a:f1:4d:85:dd:f4:00:5f:f9:3f:4b:22:
                    26:de:ea:f6:93:91:52:e9:13:69:f7:54:9d:cd:fa:
                    59:7e:e1:73:4d:fd:da:b2:fc:5f:35:fb:b6:e8:ea:
                    7a:be:ec:26:e8:10:52:a0:f3:cc:72:f6:d8:d8:ab:
                    3a:da:82:96:ad:f6:96:f1:72:57:53:c3:2f:58:bf:
                    9e:4f:66:90:30:34:f7:33:97:38:65:78:09:71:53:
                    b5:24:80:40:96:47:0c:df:46:41:00:d7:d8:ef:25:
                    fe:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:D9:35:1F:82:54:0C:D7:DA:D2:81:11:DC:67:74:D0:11:A0:4C:F3
            X509v3 Authority Key Identifier:
                keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:a0:ca:9c:f4:28:c8:27:6a:b1:41:cf:a3:5a:da:ee:d8:70:
         7f:07:5b:8f:15:56:ad:54:2c:aa:e5:17:55:cd:ef:45:d2:97:
         54:49:6e:c3:52:ac:9c:3c:03:bf:4f:e7:65:6a:85:48:9f:ad:
         64:ea:d1:66:53:76:f7:13:9a:ac:fe:de:a2:a1:21:76:69:aa:
         ed:a7:75:d8:ca:98:43:13:72:60:fe:34:d3:ee:92:12:d9:23:
         57:ee:56:0a:09:51:25:3d:f2:c2:5b:f5:de:c9:2a:7d:1d:aa:
         33:c6:dd:07:c6:c3:9d:d8:d8:12:46:70:6a:2e:90:15:f7:c8:
         16:90:2f:35:9d:1f:58:0e:53:e6:5e:9c:23:ae:25:c2:09:90:
         08:32:f8:4e:a7:0e:59:93:c9:7c:62:d6:2c:14:b8:4f:75:ec:
         7c:6e:3c:09:80:fa:e5:c5:ba:53:5c:43:fa:4b:27:89:29:5e:
         5f:38:9b:bc:a3:b8:70:98:04:c0:c5:47:07:23:df:b7:84:b5:
         eb:8e:a0:96:47:c1:64:c2:9e:b5:38:a5:de:bd:8d:7c:5b:f2:
         8f:51:38:ea:1a:47:93:a2:40:de:c5:13:f8:ab:c0:1f:70:3e:
         4f:bd:bb:1d:66:f1:32:d6:3b:bf:94:51:f1:b3:69:1e:3a:3c:
         c8:cb:c8:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBLIHhZql453wX/ivj0XmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi
NTRjODQwHhcNMjYwMzI1MjIwMTUyWhcNMjYwMzI2MjIwMTUyWjAzMTEwLwYDVQQD
EygwM2Q5MzUxZjgyNTQwY2Q3ZGFkMjgxMTFkYzY3NzRkMDExYTA0Y2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY7HKKKWNelkXaZroR128XoraPZk
GI4ZqlgmCGGF18P25H9Jbn95yZaR6Rjz0ObX3P0h3s0q83Om53Y4Ryq338b3Fxmp
swBPV+fVmZlJrXMeXG11bJCfCHbP6C7VFOTDRIm6klAgzvPyYQK+lBRKbYc6FBKG
p8wvLcLtRtYMp5JsIWG06GMpjP2mDeRPJfWSHkHUhNKYSvdK8U2F3fQAX/k/SyIm
3ur2k5FS6RNp91SdzfpZfuFzTf3asvxfNfu26Op6vuwm6BBSoPPMcvbY2Ks62oKW
rfaW8XJXU8MvWL+eT2aQMDT3M5c4ZXgJcVO1JIBAlkcM30ZBANfY7yX+cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAPZNR+CVAzX2tKBEdxndNARoEzzMB8GA1UdIwQY
MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt
NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi
LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnKDKnPQo
yCdqsUHPo1ra7thwfwdbjxVWrVQsquUXVc3vRdKXVEluw1KsnDwDv0/nZWqFSJ+t
ZOrRZlN29xOarP7eoqEhdmmq7ad12MqYQxNyYP400+6SEtkjV+5WCglRJT3ywlv1
3skqfR2qM8bdB8bDndjYEkZwai6QFffIFpAvNZ0fWA5T5l6cI64lwgmQCDL4TqcO
WZPJfGLWLBS4T3XsfG48CYD65cW6U1xD+ksniSleXzibvKO4cJgEwMVHByPft4S1
646glkfBZMKetTil3r2NfFvyj1E46hpHk6JA3sUT+KvAH3A+T727HWbxMtY7v5RR
8bNpHjo8yMvICg==
-----END CERTIFICATE-----