Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          mw6eCm/CFGtu5zzErt1BfXoZu2tLqQ6PScBQKmnmZuk=
Subject key identifier:   04:77:31:AF:93:1A:54:7D:9B:92:9F:9F:8D:36:48:46:81:A0:88:A6
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       019D273AF7C98B79B54ACAF3471EBAE9186B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          07D2
Signing time:             Wed 25 Mar 2026 23:01:09 +0000
Manifest this update:     Wed 25 Mar 2026 23:01:09 +0000
Manifest next update:     Thu 26 Mar 2026 23:01:09 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: MbXy5Ud3Vh54/l9mWshSNVjPo+nyM+aw7yuh5s8V9oc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 23:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:3a:f7:c9:8b:79:b5:4a:ca:f3:47:1e:ba:e9:18:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: Mar 25 23:01:09 2026 GMT
            Not After : Mar 26 23:01:09 2026 GMT
        Subject: CN=047731af931a547d9b929f9f8d36484681a088a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:cf:eb:50:34:08:14:0a:37:42:e6:52:32:ef:
                    2e:07:1f:d8:0e:5e:73:13:45:2c:1a:ad:8e:c1:62:
                    7f:1d:e8:46:9e:22:3c:48:47:a0:31:f3:8b:ed:7d:
                    86:4b:c7:98:76:83:51:27:68:bc:0d:9f:ec:d8:8e:
                    b1:9b:5f:88:63:72:ec:bd:45:d5:fc:03:02:f8:6f:
                    2c:ee:7a:a7:91:b8:5e:3a:b2:3e:b8:4d:06:86:b8:
                    d2:34:a0:d4:f7:95:d2:f9:7a:d3:00:14:14:4d:55:
                    a8:6d:e6:fe:89:8d:bd:53:3f:0e:df:87:0e:93:cc:
                    b3:41:8a:87:7e:a1:a0:cf:b3:fc:38:5f:f5:25:bf:
                    50:ed:83:bc:7b:37:15:93:3a:5a:d3:c7:d9:18:87:
                    7b:65:e0:50:20:39:45:90:d4:96:86:7f:55:a7:0e:
                    af:3a:12:e3:c0:a8:92:3d:7a:0e:cb:ab:41:4e:48:
                    d4:fa:87:9b:2a:27:a0:45:53:36:e1:a8:3d:ca:fc:
                    97:d6:29:66:44:04:60:f5:6a:41:fb:6f:a6:1d:fb:
                    9e:75:b7:02:58:ab:c0:61:78:eb:5c:b1:70:19:a6:
                    ba:46:80:fa:3d:b3:4c:bf:df:06:8b:a5:2a:c5:04:
                    15:9a:2c:3e:7c:78:d9:86:a7:cd:27:64:d0:70:9a:
                    da:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:77:31:AF:93:1A:54:7D:9B:92:9F:9F:8D:36:48:46:81:A0:88:A6
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:73:ba:38:af:21:74:22:81:47:27:15:b1:43:a1:57:15:96:
         09:4c:94:3b:2b:83:21:91:fb:4e:b3:4d:b1:f5:0b:34:42:da:
         8e:a9:06:2a:a6:b0:55:e2:6b:b3:01:78:94:0c:21:c6:50:b5:
         b7:1a:60:d7:5c:d3:27:4f:03:7e:7c:89:af:5e:b5:32:55:6f:
         13:8a:3c:1c:7f:d6:5e:8f:52:41:6a:25:4f:ed:34:d0:63:61:
         ed:81:51:8c:68:b4:a9:52:32:1e:40:2c:ec:b9:3a:b3:5e:d2:
         d4:82:b3:01:61:fb:51:8d:0a:11:41:f3:33:fc:d7:17:dd:6c:
         59:c3:2c:4a:17:dc:a4:38:2e:41:7a:a0:e1:32:e4:a2:be:52:
         fc:69:b6:f1:74:98:5f:52:e3:d9:b8:b8:09:2b:5f:f0:08:bf:
         bd:a8:36:93:0f:4f:3d:2b:f5:f5:41:f4:99:05:74:51:c4:49:
         55:a9:b6:69:13:a7:13:82:a7:39:bc:c5:f9:ad:2f:3d:68:7c:
         75:50:79:49:a7:5e:98:c1:07:23:bc:8a:eb:7f:d3:fa:50:71:
         b2:75:0e:ab:7d:c4:60:51:ba:59:ba:be:fb:ee:73:3c:d6:47:
         ca:be:21:14:81:af:75:2d:ee:5a:b7:ef:db:a3:b2:fa:03:93:
         e8:72:d4:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOvfJi3m1SsrzRx666RhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjYwMzI1MjMwMTA5WhcNMjYwMzI2MjMwMTA5WjAzMTEwLwYDVQQD
EygwNDc3MzFhZjkzMWE1NDdkOWI5MjlmOWY4ZDM2NDg0NjgxYTA4OGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8/rUDQIFAo3QuZSMu8uBx/YDl5z
E0UsGq2OwWJ/HehGniI8SEegMfOL7X2GS8eYdoNRJ2i8DZ/s2I6xm1+IY3LsvUXV
/AMC+G8s7nqnkbheOrI+uE0GhrjSNKDU95XS+XrTABQUTVWobeb+iY29Uz8O34cO
k8yzQYqHfqGgz7P8OF/1Jb9Q7YO8ezcVkzpa08fZGId7ZeBQIDlFkNSWhn9Vpw6v
OhLjwKiSPXoOy6tBTkjU+oebKiegRVM24ag9yvyX1ilmRARg9WpB+2+mHfuedbcC
WKvAYXjrXLFwGaa6RoD6PbNMv98Gi6UqxQQVmiw+fHjZhqfNJ2TQcJrahwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAR3Ma+TGlR9m5Kfn402SEaBoIimMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZHO6OK8h
dCKBRycVsUOhVxWWCUyUOyuDIZH7TrNNsfULNELajqkGKqawVeJrswF4lAwhxlC1
txpg11zTJ08DfnyJr161MlVvE4o8HH/WXo9SQWolT+000GNh7YFRjGi0qVIyHkAs
7Lk6s17S1IKzAWH7UY0KEUHzM/zXF91sWcMsShfcpDguQXqg4TLkor5S/Gm28XSY
X1Lj2bi4CStf8Ai/vag2kw9PPSv19UH0mQV0UcRJVam2aROnE4KnObzF+a0vPWh8
dVB5SademMEHI7yK63/T+lBxsnUOq33EYFG6Wbq+++5zPNZHyr4hFIGvdS3uWrfv
26Oy+gOT6HLUnw==
-----END CERTIFICATE-----