Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft
File:                     SpR3QFKci4QPf4kzCXmshyyj-rg.mft (raw, json)
Hash identifier:          a+k7fXbnVESGrfKfv5OwB9KMH18lL9RDQswtN5owdno=
Subject key identifier:   41:4C:80:5A:B1:B1:E6:3C:27:CA:3E:38:AC:69:5D:91:B8:B5:41:90
Authority key identifier: 4A:94:77:40:52:9C:8B:84:0F:7F:89:33:09:79:AC:87:2C:A3:FA:B8
Certificate issuer:       /CN=4a947740529c8b840f7f89330979ac872ca3fab8
Certificate serial:       019D28F22F9C2D5FF10CF534E8F20585C20A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft
Manifest number:          0431
Signing time:             Thu 26 Mar 2026 07:00:53 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:53 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:53 +0000
Files and hashes:         1: SpR3QFKci4QPf4kzCXmshyyj-rg.crl (hash: a2cjhyjKmbtcUDR9PiYR9wRN0dc0EbA6KMGCX+lmNVI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:2f:9c:2d:5f:f1:0c:f5:34:e8:f2:05:85:c2:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a947740529c8b840f7f89330979ac872ca3fab8
        Validity
            Not Before: Mar 26 07:00:53 2026 GMT
            Not After : Mar 27 07:00:53 2026 GMT
        Subject: CN=414c805ab1b1e63c27ca3e38ac695d91b8b54190
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:24:e9:7f:52:f8:4e:12:5a:28:c2:6a:08:a3:
                    d4:2a:2a:b3:08:96:67:4a:30:a8:58:26:ca:dd:c6:
                    b0:66:a9:2d:50:fc:03:b9:34:7e:5d:7d:f4:7a:64:
                    c6:f8:33:77:7c:4e:0d:f5:ea:07:0c:80:44:d6:2e:
                    e4:e5:46:7e:70:30:f4:d8:0b:1c:04:aa:a3:5b:2e:
                    74:50:6e:23:a6:33:f7:c5:f4:5d:8d:bb:53:5b:fb:
                    54:d4:97:be:f4:d5:a1:06:28:bf:90:bb:1e:aa:6e:
                    93:a5:db:45:af:99:cf:d4:e9:0f:81:77:af:94:8b:
                    f7:12:30:8b:74:ec:2d:ca:f4:b1:97:03:59:40:b4:
                    7a:6a:8a:d1:7d:90:ba:02:80:b6:00:4a:bb:d7:ec:
                    11:71:c1:da:e7:ca:24:92:ae:2a:46:71:32:61:f7:
                    08:18:eb:40:0f:f5:59:00:d1:0e:7f:62:f7:3a:5b:
                    25:93:24:88:8c:b9:f0:3e:11:72:c0:ff:a5:89:d0:
                    2a:2f:8b:74:d6:f0:4f:68:40:10:da:68:b4:13:16:
                    1f:65:af:1d:f0:bb:3d:fe:e3:48:21:50:e6:bc:6f:
                    eb:d6:5c:38:0d:c0:17:30:c2:7a:c2:34:3b:47:fa:
                    d6:53:d6:3f:2c:17:ea:cc:0d:e1:f7:47:d3:b6:9f:
                    27:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:4C:80:5A:B1:B1:E6:3C:27:CA:3E:38:AC:69:5D:91:B8:B5:41:90
            X509v3 Authority Key Identifier:
                keyid:4A:94:77:40:52:9C:8B:84:0F:7F:89:33:09:79:AC:87:2C:A3:FA:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:1e:10:37:4a:e4:77:6a:59:3f:88:df:cf:76:cb:31:90:13:
         44:5b:cb:4c:68:ce:cf:2c:87:f8:99:5f:d8:1d:a6:a8:17:32:
         22:4f:6a:77:f9:a1:02:10:40:0d:d3:67:70:04:a6:f2:5a:4c:
         16:8a:1f:f5:59:33:55:eb:33:e2:93:cf:61:fd:51:24:29:bf:
         96:ea:17:a1:29:2e:05:ab:5f:ac:79:b4:a7:5b:28:73:81:f7:
         b0:bb:a2:51:0c:a1:f9:42:71:5f:e2:74:82:67:a3:34:c6:50:
         97:c7:22:77:fb:22:09:6d:e0:20:aa:91:80:05:0a:e4:ba:c2:
         d0:8f:c8:a0:2b:77:ba:11:82:64:5e:71:ba:ba:33:9c:23:8d:
         5b:68:bc:96:3c:7e:59:02:0b:2b:e2:1c:cd:0d:b1:12:ae:af:
         a8:51:8a:89:33:24:ab:ed:c5:02:82:0d:6d:e8:e4:2a:e4:a4:
         22:f6:56:3b:8b:93:29:22:3e:be:d5:3c:aa:8f:23:90:a7:63:
         f6:4d:58:b0:3e:51:9d:69:71:b2:d8:d2:21:ad:10:30:37:ff:
         1f:3a:58:a1:47:34:10:03:fb:de:2c:6e:7e:81:cf:82:61:43:
         8a:18:99:a7:d1:3c:2b:21:04:32:07:15:4c:01:f8:dd:0f:b8:
         16:81:21:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8i+cLV/xDPU06PIFhcIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOTQ3NzQwNTI5YzhiODQwZjdmODkzMzA5NzlhYzg3MmNh
M2ZhYjgwHhcNMjYwMzI2MDcwMDUzWhcNMjYwMzI3MDcwMDUzWjAzMTEwLwYDVQQD
Eyg0MTRjODA1YWIxYjFlNjNjMjdjYTNlMzhhYzY5NWQ5MWI4YjU0MTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5STpf1L4ThJaKMJqCKPUKiqzCJZn
SjCoWCbK3cawZqktUPwDuTR+XX30emTG+DN3fE4N9eoHDIBE1i7k5UZ+cDD02Asc
BKqjWy50UG4jpjP3xfRdjbtTW/tU1Je+9NWhBii/kLseqm6TpdtFr5nP1OkPgXev
lIv3EjCLdOwtyvSxlwNZQLR6aorRfZC6AoC2AEq71+wRccHa58okkq4qRnEyYfcI
GOtAD/VZANEOf2L3OlslkySIjLnwPhFywP+lidAqL4t01vBPaEAQ2mi0ExYfZa8d
8Ls9/uNIIVDmvG/r1lw4DcAXMMJ6wjQ7R/rWU9Y/LBfqzA3h90fTtp8njwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFMgFqxseY8J8o+OKxpXZG4tUGQMB8GA1UdIwQY
MBaAFEqUd0BSnIuED3+JMwl5rIcso/q4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9lOTBkNmItNTJlMC00MTk1LTg4YWYt
N2RiMjVhZDdjZDRjLzEvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9lOTBkNmItNTJlMC00MTk1LTg4YWYtN2RiMjVhZDdjZDRj
LzEvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkh4QN0rk
d2pZP4jfz3bLMZATRFvLTGjOzyyH+Jlf2B2mqBcyIk9qd/mhAhBADdNncASm8lpM
Foof9VkzVesz4pPPYf1RJCm/luoXoSkuBatfrHm0p1soc4H3sLuiUQyh+UJxX+J0
gmejNMZQl8cid/siCW3gIKqRgAUK5LrC0I/IoCt3uhGCZF5xuroznCONW2i8ljx+
WQILK+IczQ2xEq6vqFGKiTMkq+3FAoINbejkKuSkIvZWO4uTKSI+vtU8qo8jkKdj
9k1YsD5RnWlxstjSIa0QMDf/HzpYoUc0EAP73ixufoHPgmFDihiZp9E8KyEEMgcV
TAH43Q+4FoEhFg==
-----END CERTIFICATE-----