Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          vnwjjF2JWJ1ey7oCLySp5H0r/JmBCYUNe9K/O7zJQFI=
Subject key identifier:   49:1A:11:9A:BE:52:C6:E8:69:FC:E2:03:70:7A:08:25:58:34:76:B0
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       019D27DFD71B5743BA3C0F12DBC2E284C3C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          05AD
Signing time:             Thu 26 Mar 2026 02:01:14 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:14 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:14 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: AYeo8yJQroIMD1GgUtUF+nLgsUjEpRADWvGfvgDwx94=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:d7:1b:57:43:ba:3c:0f:12:db:c2:e2:84:c3:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Mar 26 02:01:14 2026 GMT
            Not After : Mar 27 02:01:14 2026 GMT
        Subject: CN=491a119abe52c6e869fce203707a0825583476b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ba:48:5b:6d:a8:c7:b3:e8:23:68:bb:49:c1:
                    8f:63:18:eb:56:2b:c3:83:7b:e5:a6:d3:3c:38:4b:
                    b1:fd:d3:06:71:2a:9c:05:ef:a0:59:6a:63:11:ae:
                    5f:f1:d5:a4:cd:7d:eb:92:1d:05:34:b1:50:24:0f:
                    a7:9d:ce:28:a1:4f:f0:a8:c4:ae:63:73:6a:8c:41:
                    dc:a4:2c:f4:48:93:8b:f4:eb:93:a3:b6:fb:9a:47:
                    fc:88:39:ec:03:86:e4:e9:06:16:06:36:84:7c:f0:
                    a3:86:8d:85:ab:0f:96:0b:26:5b:55:e3:ea:d3:a3:
                    00:51:7e:e0:aa:91:44:5d:ad:34:92:41:7c:71:dc:
                    e5:68:63:22:0d:55:80:8f:95:ec:f0:44:4c:ec:6f:
                    08:3f:f3:95:0a:a8:b5:2a:80:72:74:be:ef:ee:63:
                    06:7b:1b:1f:06:49:cb:99:ec:ae:2f:e3:e4:2c:4b:
                    7e:95:ea:b4:2e:4a:c9:88:7f:0f:1f:51:f3:45:05:
                    bc:e5:01:7c:01:3a:11:20:5c:18:f2:cb:78:64:c4:
                    4c:62:78:19:3c:a8:0f:94:14:be:10:64:ea:f3:82:
                    a5:8c:c1:2a:12:25:d2:50:ec:82:e4:b0:5c:50:6b:
                    4c:37:7b:ce:50:a7:2a:36:6a:b5:9c:d7:ac:cf:af:
                    0f:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:1A:11:9A:BE:52:C6:E8:69:FC:E2:03:70:7A:08:25:58:34:76:B0
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:fa:e6:5d:1c:fe:91:6f:18:1b:96:a1:e6:77:00:82:81:0a:
         b2:b9:d3:50:cc:56:8a:5e:72:4b:13:8f:ce:c7:d3:b7:a2:17:
         a1:f1:6a:30:77:58:75:21:47:ad:66:a8:ee:06:94:1f:9d:2a:
         d3:9d:71:72:6d:98:0f:89:d6:e6:57:f1:63:72:49:9c:71:81:
         13:1e:56:f4:7c:52:1d:3f:ed:d9:38:06:a8:7f:2c:5d:13:93:
         f8:bf:83:a4:aa:ae:df:ad:8e:06:d6:d1:6e:1a:a4:f5:29:4f:
         30:47:08:69:15:2f:e1:fc:b4:72:61:80:92:e6:88:8d:4a:b5:
         7b:a0:62:a4:5f:68:0d:59:f3:80:e5:cb:14:38:b5:54:e5:2d:
         11:1b:52:ac:6c:6d:35:95:97:94:6c:5d:fe:2e:6b:ed:c0:f6:
         0d:cd:d2:3b:9a:6c:13:d9:07:f2:e4:ff:7d:6c:1e:28:d1:3b:
         96:18:bf:00:6b:c3:9f:5f:05:4a:05:fb:f8:4c:82:56:a6:c4:
         7c:45:b7:d3:51:b0:b7:09:3f:5e:6c:d0:e4:ac:b9:00:12:05:
         0b:84:af:75:b6:e1:f5:94:f9:07:90:26:95:c2:09:ea:0f:1c:
         7c:6e:b6:c5:0d:69:85:51:05:20:98:ac:55:36:8e:48:a2:92:
         fd:25:ee:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n39cbV0O6PA8S28LihMPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjYwMzI2MDIwMTE0WhcNMjYwMzI3MDIwMTE0WjAzMTEwLwYDVQQD
Eyg0OTFhMTE5YWJlNTJjNmU4NjlmY2UyMDM3MDdhMDgyNTU4MzQ3NmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7pIW22ox7PoI2i7ScGPYxjrVivD
g3vlptM8OEux/dMGcSqcBe+gWWpjEa5f8dWkzX3rkh0FNLFQJA+nnc4ooU/wqMSu
Y3NqjEHcpCz0SJOL9OuTo7b7mkf8iDnsA4bk6QYWBjaEfPCjho2Fqw+WCyZbVePq
06MAUX7gqpFEXa00kkF8cdzlaGMiDVWAj5Xs8ERM7G8IP/OVCqi1KoBydL7v7mMG
exsfBknLmeyuL+PkLEt+leq0LkrJiH8PH1HzRQW85QF8AToRIFwY8st4ZMRMYngZ
PKgPlBS+EGTq84KljMEqEiXSUOyC5LBcUGtMN3vOUKcqNmq1nNesz68PlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkaEZq+UsboafziA3B6CCVYNHawMB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvPrmXRz+
kW8YG5ah5ncAgoEKsrnTUMxWil5ySxOPzsfTt6IXofFqMHdYdSFHrWao7gaUH50q
051xcm2YD4nW5lfxY3JJnHGBEx5W9HxSHT/t2TgGqH8sXROT+L+DpKqu362OBtbR
bhqk9SlPMEcIaRUv4fy0cmGAkuaIjUq1e6BipF9oDVnzgOXLFDi1VOUtERtSrGxt
NZWXlGxd/i5r7cD2Dc3SO5psE9kH8uT/fWweKNE7lhi/AGvDn18FSgX7+EyCVqbE
fEW301Gwtwk/XmzQ5Ky5ABIFC4Svdbbh9ZT5B5AmlcIJ6g8cfG62xQ1phVEFIJis
VTaOSKKS/SXuRQ==
-----END CERTIFICATE-----