Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          U0DOwqagNKhlCBnBn1Jo7nwI9QABK/Q8hh0ixbmlLkA=
Subject key identifier:   C2:53:47:03:28:91:A0:15:19:7E:C1:D1:02:8A:93:49:05:2F:89:04
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019D265F1EC2DCA5C305EDB07E0849EB2F9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          11B7
Signing time:             Wed 25 Mar 2026 19:01:01 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:01 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:01 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: X7XjbAfYsqX+FcxmMDcOvzFXLhsTQNJJZZmlMyHmLCk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:1e:c2:dc:a5:c3:05:ed:b0:7e:08:49:eb:2f:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Mar 25 19:01:01 2026 GMT
            Not After : Mar 26 19:01:01 2026 GMT
        Subject: CN=c25347032891a015197ec1d1028a9349052f8904
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:3b:41:96:7a:4b:d5:69:39:8c:3e:03:9f:e4:
                    57:6c:f7:3d:1c:2e:ab:b7:cb:34:a8:9d:6b:d0:e1:
                    ff:e2:5a:cf:2e:53:e7:a5:17:e3:f4:66:ba:43:b2:
                    c8:48:a7:8d:49:b9:d3:f9:2d:d5:00:13:42:53:c5:
                    f4:64:42:84:4f:d1:c2:77:91:1f:c7:3a:61:98:b2:
                    5c:98:d0:7a:e0:c8:88:43:98:bc:1e:a9:24:f8:ff:
                    c5:a6:2a:7a:47:a8:50:c1:a7:b3:b2:2a:bb:a2:19:
                    54:89:c4:ee:e7:27:6e:2e:1b:00:bd:44:3d:d8:89:
                    f2:a2:1c:65:6a:21:d7:95:e4:6f:4c:95:65:cd:dd:
                    b0:cf:35:4a:b9:7d:97:8d:4d:33:e7:2f:a3:06:43:
                    7d:cb:93:c9:ef:2f:0c:3b:46:42:86:dc:a6:2e:52:
                    4c:46:2f:59:24:b8:58:78:a7:59:fb:23:c7:1b:36:
                    b0:ac:ee:ac:80:97:78:87:01:8c:9a:bc:b6:6b:4e:
                    36:41:26:ee:6e:9e:d3:0e:03:6c:bb:a4:52:29:5f:
                    05:ab:69:21:42:db:a6:3e:c4:94:c5:46:86:cc:a4:
                    0e:66:03:e6:29:a6:a5:cd:50:5a:4c:1f:aa:2c:e4:
                    67:c9:6f:fd:ee:aa:73:94:19:d4:02:a0:3b:3e:ea:
                    13:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:53:47:03:28:91:A0:15:19:7E:C1:D1:02:8A:93:49:05:2F:89:04
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:2a:9c:5c:d8:23:3f:e0:a8:77:e5:57:cc:04:be:a0:4f:75:
         09:a8:e3:e5:3f:98:1b:be:e4:9f:3b:71:4c:30:57:bc:f4:89:
         12:df:00:89:43:cc:53:0d:74:53:21:6b:9e:ae:55:a4:6c:39:
         73:fe:ac:5d:87:1e:2e:22:30:34:34:f0:df:0b:6b:5e:da:c8:
         32:c0:5f:f7:4b:2c:95:8c:5d:56:0b:b9:fa:ff:2e:83:fe:53:
         20:3b:ea:4b:80:7b:f3:87:1a:e8:54:51:80:ee:08:cf:b2:24:
         3b:3b:89:da:e7:70:57:de:44:ff:32:ed:92:1f:8d:21:5f:9a:
         45:c0:35:b4:ec:82:80:c0:6f:90:ba:e0:a0:e1:68:40:1d:e5:
         42:d2:06:f9:39:49:c7:d4:df:a4:2a:7c:9c:a7:64:68:10:a6:
         9c:e2:b5:c1:59:87:57:16:2d:4d:07:ba:89:64:7e:32:f7:67:
         4c:9c:d0:43:cc:75:66:78:22:d7:69:e1:76:97:2e:40:34:c1:
         fc:19:c9:97:e5:a4:10:0d:9f:cc:61:c1:f9:89:0f:1e:db:b8:
         1c:a1:27:90:ba:dc:e8:cd:04:f1:3c:ac:c2:68:0d:2c:7b:2d:
         93:78:d0:1c:0c:8d:74:11:45:14:55:0f:66:6a:0a:15:74:97:
         fc:d9:e5:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXx7C3KXDBe2wfghJ6y+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjYwMzI1MTkwMTAxWhcNMjYwMzI2MTkwMTAxWjAzMTEwLwYDVQQD
EyhjMjUzNDcwMzI4OTFhMDE1MTk3ZWMxZDEwMjhhOTM0OTA1MmY4OTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDtBlnpL1Wk5jD4Dn+RXbPc9HC6r
t8s0qJ1r0OH/4lrPLlPnpRfj9Ga6Q7LISKeNSbnT+S3VABNCU8X0ZEKET9HCd5Ef
xzphmLJcmNB64MiIQ5i8Hqkk+P/Fpip6R6hQwaezsiq7ohlUicTu5yduLhsAvUQ9
2InyohxlaiHXleRvTJVlzd2wzzVKuX2XjU0z5y+jBkN9y5PJ7y8MO0ZChtymLlJM
Ri9ZJLhYeKdZ+yPHGzawrO6sgJd4hwGMmry2a042QSbubp7TDgNsu6RSKV8Fq2kh
QtumPsSUxUaGzKQOZgPmKaalzVBaTB+qLORnyW/97qpzlBnUAqA7PuoTQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJTRwMokaAVGX7B0QKKk0kFL4kEMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALyqcXNgj
P+Cod+VXzAS+oE91Cajj5T+YG77knztxTDBXvPSJEt8AiUPMUw10UyFrnq5VpGw5
c/6sXYceLiIwNDTw3wtrXtrIMsBf90sslYxdVgu5+v8ug/5TIDvqS4B784ca6FRR
gO4Iz7IkOzuJ2udwV95E/zLtkh+NIV+aRcA1tOyCgMBvkLrgoOFoQB3lQtIG+TlJ
x9TfpCp8nKdkaBCmnOK1wVmHVxYtTQe6iWR+MvdnTJzQQ8x1Zngi12nhdpcuQDTB
/BnJl+WkEA2fzGHB+YkPHtu4HKEnkLrc6M0E8TyswmgNLHstk3jQHAyNdBFFFFUP
ZmoKFXSX/Nnlww==
-----END CERTIFICATE-----