Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          WywFxAVH4puNwwrHSrBoGXRPWNIme+iyz+rCMPCtTVo=
Subject key identifier:   90:14:7C:FF:8B:E3:9E:32:EA:A2:05:8E:43:DF:99:72:D9:F9:6E:00
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       019D2703A49CD6586971F037B1F9D640B9D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          0A3D
Signing time:             Wed 25 Mar 2026 22:00:43 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:43 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:43 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: K1aQe4063lFmr16u+MYmx+hjR8IOttW1VDM3RG1AROU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:a4:9c:d6:58:69:71:f0:37:b1:f9:d6:40:b9:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Mar 25 22:00:43 2026 GMT
            Not After : Mar 26 22:00:43 2026 GMT
        Subject: CN=90147cff8be39e32eaa2058e43df9972d9f96e00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:79:0e:81:7c:60:89:11:72:29:f2:11:ad:f9:
                    1a:04:f4:e6:f1:bb:e1:69:60:4a:90:00:77:f7:c0:
                    d8:6d:be:94:be:c1:21:30:8e:d8:f6:34:33:f7:5b:
                    ea:f0:77:0c:e0:94:4c:a2:6d:ff:a3:22:0c:b2:d7:
                    ca:1f:82:53:a2:3f:3e:da:e7:c4:c7:33:b4:4f:36:
                    5f:7a:d0:59:cb:fb:c3:b2:98:6f:4e:6d:d4:2f:d3:
                    b2:e8:a6:86:b3:4d:fc:9c:59:d3:3c:0f:cc:9f:21:
                    cf:ec:4d:18:a9:7c:7c:0a:55:0b:ce:91:8e:ce:5c:
                    ea:03:16:a0:76:97:40:cf:63:0f:7d:ff:23:d3:3d:
                    ae:4b:20:b9:d1:15:ad:91:03:36:74:14:60:b7:3f:
                    00:da:87:62:c6:f2:4a:ed:ba:75:ba:a1:e7:0b:ad:
                    de:f0:89:d3:37:13:bf:9d:31:ed:d8:af:b8:3b:43:
                    21:30:ed:d2:1c:30:cd:5f:dc:3e:63:2c:7f:84:5c:
                    5c:b4:e6:1b:2f:30:29:76:78:dc:8c:04:e9:8b:60:
                    1f:a0:74:e8:6c:4d:9a:e6:ad:01:6e:41:2a:cd:7f:
                    42:6e:76:fc:c8:0d:d5:07:b8:33:df:2e:96:85:3c:
                    b2:e4:cb:b1:b7:f5:c4:30:29:82:93:b8:51:b0:71:
                    4a:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:14:7C:FF:8B:E3:9E:32:EA:A2:05:8E:43:DF:99:72:D9:F9:6E:00
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:dc:05:17:6c:41:f0:72:33:fe:77:aa:ac:02:56:88:d8:32:
         57:38:45:ed:5f:61:eb:78:1e:35:e1:0a:b7:e1:df:da:87:ac:
         cb:d8:1a:0b:95:30:bb:e7:07:2a:dd:0f:0d:c4:19:55:cd:c4:
         d1:70:4c:9c:c5:88:96:3b:af:ec:c2:12:6b:8b:bd:86:e3:e8:
         c7:24:1b:e8:c1:18:d0:1f:2a:fa:40:8e:2c:14:f4:6b:a8:a8:
         58:72:fd:01:74:f3:f9:dd:28:bf:95:74:15:2f:b7:5b:c4:31:
         f1:79:75:c0:ca:db:9c:10:d0:b2:52:0a:60:fd:c8:db:ef:28:
         4f:4c:3b:17:f2:ae:19:e9:96:f7:fa:8b:c1:b7:01:b8:a7:33:
         9a:8a:fc:da:d1:71:7d:9b:72:73:9d:73:a6:53:e1:76:db:07:
         ce:b6:47:01:42:51:96:9f:f0:60:77:f7:e2:a6:b2:f6:77:91:
         d1:dc:4f:cb:cd:1e:45:be:ee:c9:ac:c1:83:f3:72:ad:34:b4:
         90:1f:39:7f:84:19:23:f9:12:39:a1:e0:db:97:0a:b6:47:f7:
         c9:05:8b:77:e4:48:3d:31:6b:c9:31:92:53:97:87:8f:8d:34:
         f7:53:e0:7d:6c:f2:37:ac:51:d0:5e:f1:9f:e1:95:e2:e7:c3:
         b5:b1:b7:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA6Sc1lhpcfA3sfnWQLnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjYwMzI1MjIwMDQzWhcNMjYwMzI2MjIwMDQzWjAzMTEwLwYDVQQD
Eyg5MDE0N2NmZjhiZTM5ZTMyZWFhMjA1OGU0M2RmOTk3MmQ5Zjk2ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XkOgXxgiRFyKfIRrfkaBPTm8bvh
aWBKkAB398DYbb6UvsEhMI7Y9jQz91vq8HcM4JRMom3/oyIMstfKH4JToj8+2ufE
xzO0TzZfetBZy/vDsphvTm3UL9Oy6KaGs038nFnTPA/MnyHP7E0YqXx8ClULzpGO
zlzqAxagdpdAz2MPff8j0z2uSyC50RWtkQM2dBRgtz8A2odixvJK7bp1uqHnC63e
8InTNxO/nTHt2K+4O0MhMO3SHDDNX9w+Yyx/hFxctOYbLzApdnjcjATpi2AfoHTo
bE2a5q0BbkEqzX9Cbnb8yA3VB7gz3y6WhTyy5Muxt/XEMCmCk7hRsHFKjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJAUfP+L454y6qIFjkPfmXLZ+W4AMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAedwFF2xB
8HIz/neqrAJWiNgyVzhF7V9h63geNeEKt+Hf2oesy9gaC5Uwu+cHKt0PDcQZVc3E
0XBMnMWIljuv7MISa4u9huPoxyQb6MEY0B8q+kCOLBT0a6ioWHL9AXTz+d0ov5V0
FS+3W8Qx8Xl1wMrbnBDQslIKYP3I2+8oT0w7F/KuGemW9/qLwbcBuKczmor82tFx
fZtyc51zplPhdtsHzrZHAUJRlp/wYHf34qay9neR0dxPy80eRb7uyazBg/NyrTS0
kB85f4QZI/kSOaHg25cKtkf3yQWLd+RIPTFryTGSU5eHj40091PgfWzyN6xR0F7x
n+GV4ufDtbG3hQ==
-----END CERTIFICATE-----