Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.mft
File:                     13j4yccHK3MEiPnjISjdiVveMtM.mft (raw, json)
Hash identifier:          6Zrv/VovcoYlgjmdbNO5q5lnoZSZM9VGjIMpgsX+fQg=
Subject key identifier:   C0:61:67:20:B1:B0:B9:07:AE:EF:8E:31:99:39:F1:F1:6D:91:8C:D6
Authority key identifier: D7:78:F8:C9:C7:07:2B:73:04:88:F9:E3:21:28:DD:89:5B:DE:32:D3
Certificate issuer:       /CN=d778f8c9c7072b730488f9e32128dd895bde32d3
Certificate serial:       019D28164E4A5D00ACA14C2D345CF5C7B16F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/13j4yccHK3MEiPnjISjdiVveMtM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.mft
Manifest number:          08A0
Signing time:             Thu 26 Mar 2026 03:00:43 +0000
Manifest this update:     Thu 26 Mar 2026 03:00:43 +0000
Manifest next update:     Fri 27 Mar 2026 03:00:43 +0000
Files and hashes:         1: 13j4yccHK3MEiPnjISjdiVveMtM.crl (hash: 2cnYIP2384ZTq/dX4klS20Mrud57RSUaEYSgH6/r/MA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/13j4yccHK3MEiPnjISjdiVveMtM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:4e:4a:5d:00:ac:a1:4c:2d:34:5c:f5:c7:b1:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d778f8c9c7072b730488f9e32128dd895bde32d3
        Validity
            Not Before: Mar 26 03:00:43 2026 GMT
            Not After : Mar 27 03:00:43 2026 GMT
        Subject: CN=c0616720b1b0b907aeef8e319939f1f16d918cd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:3e:11:02:14:a6:e7:28:d7:5f:85:17:d0:84:
                    e4:66:cf:43:b0:7f:87:76:46:17:f6:26:1b:1d:d4:
                    1f:76:ff:37:39:06:f0:42:ce:d9:55:40:d8:42:65:
                    fb:62:6f:5c:be:97:35:0c:76:cb:70:0b:e0:70:5e:
                    2c:c0:60:02:03:3b:e7:c3:1b:01:58:b0:86:89:5f:
                    28:96:a3:8b:08:e9:42:7a:e2:2f:52:b3:bc:4d:c5:
                    af:10:50:67:f1:c5:41:56:3b:ff:a3:7a:2f:d6:54:
                    d0:18:e4:18:7d:63:c4:c1:f4:25:df:bc:39:27:a2:
                    69:82:56:99:a7:41:63:fd:fa:46:55:87:c9:81:d0:
                    7a:f6:40:98:df:8b:8c:73:80:46:6d:34:90:e8:88:
                    77:e1:b2:e5:9f:c5:90:4f:42:0b:a8:92:7d:58:ab:
                    a3:f9:68:a6:1e:b4:79:f6:87:be:e2:81:84:cd:b8:
                    25:84:7d:82:18:cc:fb:12:4b:e4:ad:ff:c6:78:b7:
                    4e:a0:7a:b3:05:1e:f6:82:fd:1a:a7:57:27:5f:13:
                    76:1b:05:49:0a:e1:6f:39:ab:ab:83:51:d4:d1:66:
                    a2:7d:26:2e:db:71:cd:fd:08:78:02:c5:03:19:3b:
                    1a:1f:29:10:29:dd:ce:ba:1f:c5:f1:19:aa:9c:34:
                    e8:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:61:67:20:B1:B0:B9:07:AE:EF:8E:31:99:39:F1:F1:6D:91:8C:D6
            X509v3 Authority Key Identifier:
                keyid:D7:78:F8:C9:C7:07:2B:73:04:88:F9:E3:21:28:DD:89:5B:DE:32:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13j4yccHK3MEiPnjISjdiVveMtM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/a284f7-aade-4168-a9d0-58be927f42e9/1/13j4yccHK3MEiPnjISjdiVveMtM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:0f:73:2b:53:38:1c:5a:33:1e:d3:4a:2e:78:c9:b0:db:c7:
         15:a2:13:b7:ff:3f:26:9e:55:ed:fc:38:62:90:b2:56:e2:47:
         3a:1b:34:6e:c4:a7:04:c2:f1:56:9a:ba:db:7e:2b:00:b0:c8:
         dc:38:4d:7b:50:d1:bb:98:04:4a:c2:e1:4f:c6:c2:e4:15:e0:
         1f:b9:8b:cb:a0:6f:e7:dd:54:42:cf:8a:58:6c:aa:d1:4d:6e:
         36:d9:13:1b:9f:33:52:52:6b:97:d9:fd:e1:fb:1c:ee:10:0e:
         ba:41:27:19:46:4c:f7:2b:aa:bb:f7:bf:0c:c3:06:d6:24:f2:
         28:c5:be:e7:65:7e:f2:7b:b6:6d:3d:6b:8b:18:6e:6f:2d:61:
         e0:ab:73:87:da:f5:ff:4b:cb:5d:a7:91:ea:88:b8:5d:d7:46:
         8d:dc:cf:90:ab:d0:81:58:f7:45:26:a4:26:d8:eb:6e:05:e3:
         c3:45:2e:8b:47:23:49:f7:b9:a7:a3:a8:1a:c8:c5:f1:fc:2a:
         37:f0:4f:d0:8b:c4:99:7e:af:a6:af:31:fc:dd:c8:70:c5:4f:
         ab:15:c6:54:3d:9d:de:43:8b:d9:89:47:c1:d8:2a:41:8b:a8:
         45:ab:f7:d8:7b:5d:a0:92:21:5e:6d:b4:83:9c:03:b7:e6:53:
         45:8d:26:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFk5KXQCsoUwtNFz1x7FvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NzhmOGM5YzcwNzJiNzMwNDg4ZjllMzIxMjhkZDg5NWJk
ZTMyZDMwHhcNMjYwMzI2MDMwMDQzWhcNMjYwMzI3MDMwMDQzWjAzMTEwLwYDVQQD
EyhjMDYxNjcyMGIxYjBiOTA3YWVlZjhlMzE5OTM5ZjFmMTZkOTE4Y2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT4RAhSm5yjXX4UX0ITkZs9DsH+H
dkYX9iYbHdQfdv83OQbwQs7ZVUDYQmX7Ym9cvpc1DHbLcAvgcF4swGACAzvnwxsB
WLCGiV8olqOLCOlCeuIvUrO8TcWvEFBn8cVBVjv/o3ov1lTQGOQYfWPEwfQl37w5
J6JpglaZp0Fj/fpGVYfJgdB69kCY34uMc4BGbTSQ6Ih34bLln8WQT0ILqJJ9WKuj
+WimHrR59oe+4oGEzbglhH2CGMz7Ekvkrf/GeLdOoHqzBR72gv0ap1cnXxN2GwVJ
CuFvOaurg1HU0WaifSYu23HN/Qh4AsUDGTsaHykQKd3Ouh/F8RmqnDTo1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBhZyCxsLkHru+OMZk58fFtkYzWMB8GA1UdIwQY
MBaAFNd4+MnHBytzBIj54yEo3Ylb3jLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNqNHljY0hLM01FaVBuaklTamRpVnZlTXRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9hMjg0ZjctYWFkZS00MTY4LWE5ZDAt
NThiZTkyN2Y0MmU5LzEvMTNqNHljY0hLM01FaVBuaklTamRpVnZlTXRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9hMjg0ZjctYWFkZS00MTY4LWE5ZDAtNThiZTkyN2Y0MmU5
LzEvMTNqNHljY0hLM01FaVBuaklTamRpVnZlTXRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmA9zK1M4
HFozHtNKLnjJsNvHFaITt/8/Jp5V7fw4YpCyVuJHOhs0bsSnBMLxVpq6234rALDI
3DhNe1DRu5gESsLhT8bC5BXgH7mLy6Bv591UQs+KWGyq0U1uNtkTG58zUlJrl9n9
4fsc7hAOukEnGUZM9yuqu/e/DMMG1iTyKMW+52V+8nu2bT1rixhuby1h4Ktzh9r1
/0vLXaeR6oi4XddGjdzPkKvQgVj3RSakJtjrbgXjw0Uui0cjSfe5p6OoGsjF8fwq
N/BP0IvEmX6vpq8x/N3IcMVPqxXGVD2d3kOL2YlHwdgqQYuoRav32HtdoJIhXm20
g5wDt+ZTRY0m6A==
-----END CERTIFICATE-----