Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
File:                     sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json)
Hash identifier:          AD04nhzGf22EgmisaXvItHpVxvJMqXvicgLzUJ5Yy7g=
Subject key identifier:   73:B4:0F:2F:D3:AE:BF:F0:4F:8F:93:EF:B1:5A:B1:3C:FC:FC:08:9A
Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9
Certificate issuer:       /CN=b13236c4d068931e0b44c98b290a8faa554a03b9
Certificate serial:       019D3307FE38DDB02AE3FC24B5306E3351BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
Manifest number:          0653
Signing time:             Sat 28 Mar 2026 06:00:54 +0000
Manifest this update:     Sat 28 Mar 2026 06:00:54 +0000
Manifest next update:     Sun 29 Mar 2026 06:00:54 +0000
Files and hashes:         1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: 3R05CGLnvAnLfh3bXM8tEu4yE4vMboyiCr+woAcCbIc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:07:fe:38:dd:b0:2a:e3:fc:24:b5:30:6e:33:51:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9
        Validity
            Not Before: Mar 28 06:00:54 2026 GMT
            Not After : Mar 29 06:00:54 2026 GMT
        Subject: CN=73b40f2fd3aebff04f8f93efb15ab13cfcfc089a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:31:81:fa:2b:cc:84:9d:2c:1a:95:20:21:1e:
                    94:39:96:a6:61:b7:6a:4c:01:4e:1d:cc:59:6d:c1:
                    14:56:89:92:f6:32:b5:8f:4f:3a:ec:b6:2f:62:87:
                    79:df:e3:7c:cb:17:76:42:6a:ea:3b:ab:9b:83:5f:
                    8d:28:d7:f8:6a:d4:4e:32:b7:04:ca:30:7c:79:8a:
                    4a:3c:fc:64:19:e8:84:e5:12:f5:33:a6:fe:64:db:
                    58:a6:f2:1c:49:18:fa:98:fd:a7:08:a4:60:d9:59:
                    f6:f2:bf:7f:3c:7d:a5:19:2a:af:08:19:3c:d2:8b:
                    96:ae:8f:36:82:97:45:60:c4:1c:30:95:3b:79:9f:
                    95:66:84:16:f9:99:2e:99:03:b5:c5:48:a0:54:34:
                    d6:12:27:cb:eb:bc:5e:40:8d:83:2f:8d:a2:0c:eb:
                    26:c5:35:10:66:5d:c6:16:76:a2:4a:00:53:0e:1c:
                    94:d7:d8:4e:73:1f:56:5d:bf:e0:fe:da:52:12:0f:
                    9a:57:38:cb:b0:fd:42:5d:41:58:f5:a3:9c:f5:16:
                    49:a1:05:dd:5b:9b:21:a8:05:91:ee:36:e1:b0:ee:
                    33:16:5d:ae:62:f8:19:88:13:f5:d6:dc:f1:33:09:
                    51:72:db:d3:10:99:3d:6a:49:83:d2:1b:14:77:76:
                    eb:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:B4:0F:2F:D3:AE:BF:F0:4F:8F:93:EF:B1:5A:B1:3C:FC:FC:08:9A
            X509v3 Authority Key Identifier:
                keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:ac:51:72:f9:d6:34:43:08:33:8f:77:d8:b6:ac:99:43:37:
         4a:82:e6:ed:03:76:36:29:8f:aa:67:6c:ec:dc:76:22:d6:ae:
         ce:90:4f:a3:cd:52:f6:4a:77:5d:e2:6e:2c:43:d0:20:b3:e9:
         45:44:26:46:fa:d5:82:8e:b4:cd:38:93:26:02:92:e4:cf:4f:
         2b:10:7f:67:98:c8:5b:70:40:71:a2:af:bd:ac:38:c9:a9:f6:
         a3:4d:0d:ad:ed:2c:59:78:91:c0:ee:c7:a8:4c:1f:f5:f2:43:
         76:0e:73:40:70:31:ac:77:1c:9d:e6:56:b7:c4:ae:6d:a8:13:
         5d:64:4d:66:e1:3b:f9:a7:5b:8a:7a:05:d0:65:8a:90:d2:88:
         bc:90:8e:42:a2:47:21:92:87:af:ba:37:68:9a:4e:c3:3d:95:
         d9:ef:f3:63:f3:18:95:44:f3:48:da:e3:bc:68:58:97:9d:c2:
         90:e8:6c:14:fc:9a:f2:4d:44:71:1f:dc:5d:01:9f:f7:ba:66:
         e7:01:db:2d:fe:46:28:74:d1:2e:5d:81:90:2e:81:c8:fe:80:
         26:15:74:f3:d7:bc:53:5b:5d:95:4f:80:f3:60:0f:8e:5d:f9:
         ae:08:65:86:bc:6c:ca:71:92:8c:89:f5:e0:bf:35:34:3e:09:
         08:0e:b0:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zB/443bAq4/wktTBuM1G+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0
YTAzYjkwHhcNMjYwMzI4MDYwMDU0WhcNMjYwMzI5MDYwMDU0WjAzMTEwLwYDVQQD
Eyg3M2I0MGYyZmQzYWViZmYwNGY4ZjkzZWZiMTVhYjEzY2ZjZmMwODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjGB+ivMhJ0sGpUgIR6UOZamYbdq
TAFOHcxZbcEUVomS9jK1j0867LYvYod53+N8yxd2QmrqO6ubg1+NKNf4atROMrcE
yjB8eYpKPPxkGeiE5RL1M6b+ZNtYpvIcSRj6mP2nCKRg2Vn28r9/PH2lGSqvCBk8
0ouWro82gpdFYMQcMJU7eZ+VZoQW+ZkumQO1xUigVDTWEifL67xeQI2DL42iDOsm
xTUQZl3GFnaiSgBTDhyU19hOcx9WXb/g/tpSEg+aVzjLsP1CXUFY9aOc9RZJoQXd
W5shqAWR7jbhsO4zFl2uYvgZiBP11tzxMwlRctvTEJk9akmD0hsUd3brFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHO0Dy/Trr/wT4+T77FasTz8/AiaMB8GA1UdIwQY
MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt
MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm
LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQaxRcvnW
NEMIM4932LasmUM3SoLm7QN2NimPqmds7Nx2ItauzpBPo81S9kp3XeJuLEPQILPp
RUQmRvrVgo60zTiTJgKS5M9PKxB/Z5jIW3BAcaKvvaw4yan2o00Nre0sWXiRwO7H
qEwf9fJDdg5zQHAxrHccneZWt8SubagTXWRNZuE7+adbinoF0GWKkNKIvJCOQqJH
IZKHr7o3aJpOwz2V2e/zY/MYlUTzSNrjvGhYl53CkOhsFPya8k1EcR/cXQGf97pm
5wHbLf5GKHTRLl2BkC6ByP6AJhV089e8U1tdlU+A82APjl35rghlhrxsynGSjIn1
4L81ND4JCA6wvQ==
-----END CERTIFICATE-----