Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/23b835-53b3-4037-863c-b6b74ad7522a/1/bdxuUU9PYurbPicQ6snJ8vBkX3g.mft
File:                     bdxuUU9PYurbPicQ6snJ8vBkX3g.mft (raw, json)
Hash identifier:          2xGmhNNggEMYzNau0wOhy+RVpbUocbVxm0HUSh20WqA=
Subject key identifier:   5D:77:BE:35:40:17:C6:45:97:D8:49:D9:0C:C6:45:9E:17:D5:A1:B5
Authority key identifier: 6D:DC:6E:51:4F:4F:62:EA:DB:3E:27:10:EA:C9:C9:F2:F0:64:5F:78
Certificate issuer:       /CN=6ddc6e514f4f62eadb3e2710eac9c9f2f0645f78
Certificate serial:       019D29CE4B372EABFB4B3D0445CDD688E35C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdxuUU9PYurbPicQ6snJ8vBkX3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/23b835-53b3-4037-863c-b6b74ad7522a/1/bdxuUU9PYurbPicQ6snJ8vBkX3g.mft
Manifest number:          0135
Signing time:             Thu 26 Mar 2026 11:01:18 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:18 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:18 +0000
Files and hashes:         1: bdxuUU9PYurbPicQ6snJ8vBkX3g.crl (hash: vu5ktc1wHmN3U32/k3qc1OEIzqHTZG+1tEuAUcU5Y3c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/77/23b835-53b3-4037-863c-b6b74ad7522a/1/bdxuUU9PYurbPicQ6snJ8vBkX3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/77/23b835-53b3-4037-863c-b6b74ad7522a/1/bdxuUU9PYurbPicQ6snJ8vBkX3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdxuUU9PYurbPicQ6snJ8vBkX3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:4b:37:2e:ab:fb:4b:3d:04:45:cd:d6:88:e3:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ddc6e514f4f62eadb3e2710eac9c9f2f0645f78
        Validity
            Not Before: Mar 26 11:01:18 2026 GMT
            Not After : Mar 27 11:01:18 2026 GMT
        Subject: CN=5d77be354017c64597d849d90cc6459e17d5a1b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:77:a4:4f:58:41:1b:3d:1e:b7:c0:5b:4c:4c:
                    92:0c:c2:37:a7:0b:c2:07:ba:d9:64:ff:47:fb:ce:
                    68:45:a8:37:13:db:e3:dd:64:64:ba:e9:2f:9e:7b:
                    71:ce:46:bb:fd:6a:c0:4a:b4:7b:ba:06:67:60:f7:
                    f9:7f:05:38:81:08:e0:a6:b0:84:37:bc:4c:9c:eb:
                    9b:f7:5c:4d:dd:2e:86:8b:02:01:fa:71:7f:d8:00:
                    4a:78:bf:9d:83:52:6d:f0:95:2d:22:96:aa:fd:0c:
                    7c:d4:f8:5c:24:f7:e1:a7:60:47:b7:a2:38:d7:db:
                    a1:63:bc:b1:d5:0a:89:4a:12:5b:7f:98:ed:a5:bb:
                    0f:32:31:3f:22:82:9a:98:29:f3:98:27:4e:f9:66:
                    83:ab:d3:d1:26:04:b0:79:50:91:b1:a7:a2:fd:db:
                    8f:1e:74:87:f4:7d:e9:d7:a5:a5:61:08:ed:f1:83:
                    5b:a8:bc:43:a1:6e:90:d4:00:9f:23:7d:ce:64:3b:
                    cc:c8:db:13:c4:b8:65:ad:1f:1e:e5:2b:6b:34:61:
                    f4:81:d6:5e:23:2b:03:db:4e:f0:de:c0:17:c8:12:
                    13:ba:13:93:82:90:61:39:53:6b:ae:4c:fe:2b:d2:
                    ce:b4:08:82:03:51:da:ea:ce:ae:66:c0:a0:0b:50:
                    7b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:77:BE:35:40:17:C6:45:97:D8:49:D9:0C:C6:45:9E:17:D5:A1:B5
            X509v3 Authority Key Identifier:
                keyid:6D:DC:6E:51:4F:4F:62:EA:DB:3E:27:10:EA:C9:C9:F2:F0:64:5F:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdxuUU9PYurbPicQ6snJ8vBkX3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/23b835-53b3-4037-863c-b6b74ad7522a/1/bdxuUU9PYurbPicQ6snJ8vBkX3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/23b835-53b3-4037-863c-b6b74ad7522a/1/bdxuUU9PYurbPicQ6snJ8vBkX3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:b1:ca:97:0a:ad:3d:aa:e5:2d:5f:01:cf:98:cd:18:1f:60:
         63:4d:37:5d:a1:b3:ed:92:c9:49:2c:d2:68:a8:c3:e1:95:ad:
         19:ec:5f:c4:db:e0:4e:b8:70:0a:8e:00:cb:77:d7:bb:cd:f1:
         70:c7:f4:9b:41:8d:b2:a8:ba:50:85:42:4b:00:e9:56:61:96:
         a3:86:35:6c:8f:73:44:fc:b7:07:41:13:2b:24:ec:e0:28:1e:
         8a:9f:b6:af:b2:15:b8:33:c2:1d:fa:99:0f:2d:48:a2:3e:e9:
         05:ec:ed:3f:5e:50:5b:f2:5e:fe:55:b1:83:6a:69:09:48:e7:
         6d:bc:0f:09:6f:6a:e0:6d:51:05:27:ab:36:85:ea:a3:26:da:
         f0:80:c1:18:20:ef:da:ac:ee:47:f2:74:d4:94:c9:75:c8:7f:
         b1:3f:4c:80:c0:79:4f:dc:dd:43:a8:18:b2:ba:11:ee:6b:fa:
         15:55:ab:52:70:2c:cd:d7:5a:7f:8c:21:70:ef:dd:10:ff:4b:
         86:7a:cf:39:eb:cd:d0:a6:b6:e3:41:d4:d1:c9:dd:2a:a8:bf:
         b0:e8:a4:03:f8:7b:64:0d:e1:63:47:74:55:2a:b1:36:af:33:
         20:c5:b2:2e:f7:6c:fc:5a:95:63:57:0f:73:9c:6f:8b:64:43:
         f5:d9:94:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzks3Lqv7Sz0ERc3WiONcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGM2ZTUxNGY0ZjYyZWFkYjNlMjcxMGVhYzljOWYyZjA2
NDVmNzgwHhcNMjYwMzI2MTEwMTE4WhcNMjYwMzI3MTEwMTE4WjAzMTEwLwYDVQQD
Eyg1ZDc3YmUzNTQwMTdjNjQ1OTdkODQ5ZDkwY2M2NDU5ZTE3ZDVhMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnekT1hBGz0et8BbTEySDMI3pwvC
B7rZZP9H+85oRag3E9vj3WRkuukvnntxzka7/WrASrR7ugZnYPf5fwU4gQjgprCE
N7xMnOub91xN3S6GiwIB+nF/2ABKeL+dg1Jt8JUtIpaq/Qx81PhcJPfhp2BHt6I4
19uhY7yx1QqJShJbf5jtpbsPMjE/IoKamCnzmCdO+WaDq9PRJgSweVCRsaei/duP
HnSH9H3p16WlYQjt8YNbqLxDoW6Q1ACfI33OZDvMyNsTxLhlrR8e5StrNGH0gdZe
IysD207w3sAXyBITuhOTgpBhOVNrrkz+K9LOtAiCA1Ha6s6uZsCgC1B7BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF13vjVAF8ZFl9hJ2QzGRZ4X1aG1MB8GA1UdIwQY
MBaAFG3cblFPT2Lq2z4nEOrJyfLwZF94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmR4dVVVOVBZdXJiUGljUTZzbko4dkJrWDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yM2I4MzUtNTNiMy00MDM3LTg2M2Mt
YjZiNzRhZDc1MjJhLzEvYmR4dVVVOVBZdXJiUGljUTZzbko4dkJrWDNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yM2I4MzUtNTNiMy00MDM3LTg2M2MtYjZiNzRhZDc1MjJh
LzEvYmR4dVVVOVBZdXJiUGljUTZzbko4dkJrWDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIrHKlwqt
ParlLV8Bz5jNGB9gY003XaGz7ZLJSSzSaKjD4ZWtGexfxNvgTrhwCo4Ay3fXu83x
cMf0m0GNsqi6UIVCSwDpVmGWo4Y1bI9zRPy3B0ETKyTs4Cgeip+2r7IVuDPCHfqZ
Dy1Ioj7pBeztP15QW/Je/lWxg2ppCUjnbbwPCW9q4G1RBSerNoXqoyba8IDBGCDv
2qzuR/J01JTJdch/sT9MgMB5T9zdQ6gYsroR7mv6FVWrUnAszddaf4whcO/dEP9L
hnrPOevN0Ka240HU0cndKqi/sOikA/h7ZA3hY0d0VSqxNq8zIMWyLvds/FqVY1cP
c5xvi2RD9dmUQg==
-----END CERTIFICATE-----