Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
File:                     rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft (raw, json)
Hash identifier:          WBx6/TijmH9DRH+x6vF/KWORa5SXDskIWrui1VtHkr0=
Subject key identifier:   38:8E:1F:20:B5:DF:1F:E1:6F:19:2C:4C:FD:38:7B:9A:1C:34:5F:B1
Authority key identifier: AD:30:FB:43:88:EE:67:14:4A:E0:4D:DC:86:81:2D:63:E0:28:F4:78
Certificate issuer:       /CN=ad30fb4388ee67144ae04ddc86812d63e028f478
Certificate serial:       019D28F282E51F0811F89F3AE6F21CFEEF2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 07:01:14 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:14 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:14 +0000
Files and hashes:         1: rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl (hash: JeieNBUMlUIyL+gxaa7mQlpXwMdzYHl2qyhpiVovY9w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:82:e5:1f:08:11:f8:9f:3a:e6:f2:1c:fe:ef:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad30fb4388ee67144ae04ddc86812d63e028f478
        Validity
            Not Before: Mar 26 07:01:14 2026 GMT
            Not After : Mar 27 07:01:14 2026 GMT
        Subject: CN=388e1f20b5df1fe16f192c4cfd387b9a1c345fb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e5:fa:ba:55:1a:10:14:64:b5:2b:ea:8a:91:
                    e3:28:ee:e2:e0:b4:81:c8:c8:89:41:73:60:02:37:
                    0b:3d:ef:16:a1:f2:e7:c4:61:ba:f4:21:be:07:8a:
                    91:89:0a:82:d6:5d:dd:09:f7:80:de:28:2b:ce:d4:
                    96:26:00:ea:10:19:7f:c6:34:3f:2b:01:c7:f2:18:
                    fc:29:da:09:c9:1e:3a:a1:9c:d5:5f:3d:ec:02:e5:
                    28:8c:8c:a7:4d:d6:ed:56:4c:6c:cd:bc:4e:dc:86:
                    85:fe:90:0f:8f:54:65:01:0e:5e:44:5b:d2:55:ad:
                    42:f3:d2:b2:48:1a:b7:32:ee:d1:36:99:f5:ff:db:
                    51:bf:88:d7:8b:db:f9:c9:d3:58:68:6e:3e:bb:e5:
                    0b:5e:a6:4f:5d:81:b6:07:8c:49:8b:5d:01:ab:a4:
                    b3:c2:bf:f1:8b:72:ee:7e:97:3d:68:b8:82:96:db:
                    63:52:2e:2c:bb:80:33:e6:25:4e:1e:00:ef:e1:69:
                    f6:2c:cc:77:5d:9b:99:42:bb:8b:ef:19:a0:b8:a2:
                    da:b4:fe:c8:e3:b8:d2:36:80:fa:30:21:f9:b5:fd:
                    0e:b8:38:bc:3e:69:25:51:54:f2:0a:54:88:c9:55:
                    69:30:c4:49:5b:75:9e:29:20:24:44:ec:98:47:1f:
                    1f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:8E:1F:20:B5:DF:1F:E1:6F:19:2C:4C:FD:38:7B:9A:1C:34:5F:B1
            X509v3 Authority Key Identifier:
                keyid:AD:30:FB:43:88:EE:67:14:4A:E0:4D:DC:86:81:2D:63:E0:28:F4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTD7Q4juZxRK4E3choEtY-Ao9Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d341a6-98a2-4b1e-9ba4-b66044adbcb1/1/rTD7Q4juZxRK4E3choEtY-Ao9Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:8b:40:55:56:45:be:53:2c:fc:04:13:4a:09:fc:81:3b:c7:
         49:67:7f:d7:d6:1d:1e:7d:d3:75:ce:50:41:3b:ba:c7:07:da:
         5a:23:05:56:c5:ee:52:34:56:cb:e5:ef:a1:47:71:19:72:ad:
         7f:e6:54:94:39:e5:e0:0d:70:6e:d7:97:50:42:56:d1:87:f7:
         7d:be:e9:cd:2b:20:86:02:33:43:77:1b:f4:84:4e:ad:e4:83:
         08:3a:d8:a9:0f:80:bd:ee:e0:33:21:49:81:6c:e1:40:89:5c:
         1f:22:bd:51:0a:58:5a:d9:f8:c0:0d:9b:ec:74:fa:01:12:66:
         4d:11:44:a3:61:5e:9b:6e:b0:b3:4d:6a:b8:47:fc:2e:fc:13:
         26:5b:2f:9d:88:ae:03:2e:37:09:8a:e0:f2:de:bf:b6:00:b2:
         0e:a0:81:54:51:c2:92:04:f9:56:57:00:80:00:ed:e2:47:5b:
         17:65:84:38:e4:84:64:a9:59:d9:e0:0a:51:e4:e6:13:7b:0b:
         f2:5d:75:18:29:e0:0b:dc:8d:62:f5:41:5b:58:4e:b9:cc:e5:
         b8:fb:36:6b:de:82:55:28:82:c5:86:43:86:44:b9:5a:6f:9e:
         36:2c:40:68:8e:f6:bf:07:3d:53:a8:82:98:fe:36:7a:9f:e8:
         d6:44:77:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8oLlHwgR+J865vIc/u8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzBmYjQzODhlZTY3MTQ0YWUwNGRkYzg2ODEyZDYzZTAy
OGY0NzgwHhcNMjYwMzI2MDcwMTE0WhcNMjYwMzI3MDcwMTE0WjAzMTEwLwYDVQQD
EygzODhlMWYyMGI1ZGYxZmUxNmYxOTJjNGNmZDM4N2I5YTFjMzQ1ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOX6ulUaEBRktSvqipHjKO7i4LSB
yMiJQXNgAjcLPe8WofLnxGG69CG+B4qRiQqC1l3dCfeA3igrztSWJgDqEBl/xjQ/
KwHH8hj8KdoJyR46oZzVXz3sAuUojIynTdbtVkxszbxO3IaF/pAPj1RlAQ5eRFvS
Va1C89KySBq3Mu7RNpn1/9tRv4jXi9v5ydNYaG4+u+ULXqZPXYG2B4xJi10Bq6Sz
wr/xi3Lufpc9aLiClttjUi4su4Az5iVOHgDv4Wn2LMx3XZuZQruL7xmguKLatP7I
47jSNoD6MCH5tf0OuDi8PmklUVTyClSIyVVpMMRJW3WeKSAkROyYRx8fTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiOHyC13x/hbxksTP04e5ocNF+xMB8GA1UdIwQY
MBaAFK0w+0OI7mcUSuBN3IaBLWPgKPR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kMzQxYTYtOThhMi00YjFlLTliYTQt
YjY2MDQ0YWRiY2IxLzEvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kMzQxYTYtOThhMi00YjFlLTliYTQtYjY2MDQ0YWRiY2Ix
LzEvclREN1E0anVaeFJLNEUzY2hvRXRZLUFvOUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaYtAVVZF
vlMs/AQTSgn8gTvHSWd/19YdHn3Tdc5QQTu6xwfaWiMFVsXuUjRWy+XvoUdxGXKt
f+ZUlDnl4A1wbteXUEJW0Yf3fb7pzSsghgIzQ3cb9IROreSDCDrYqQ+Ave7gMyFJ
gWzhQIlcHyK9UQpYWtn4wA2b7HT6ARJmTRFEo2Fem26ws01quEf8LvwTJlsvnYiu
Ay43CYrg8t6/tgCyDqCBVFHCkgT5VlcAgADt4kdbF2WEOOSEZKlZ2eAKUeTmE3sL
8l11GCngC9yNYvVBW1hOuczluPs2a96CVSiCxYZDhkS5Wm+eNixAaI72vwc9U6iC
mP42ep/o1kR31A==
-----END CERTIFICATE-----