Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
File:                     PQJjyVdcvQESY66Ig5p4iLdPoHY.mft (raw, json)
Hash identifier:          OtMccO3v/xswEr6s2pkRuFWqR+cQ8bxRHU/Pt8ekImM=
Subject key identifier:   AA:02:D4:E6:19:15:F8:36:31:E1:3C:AE:C2:7F:A8:37:C8:94:4E:FD
Authority key identifier: 3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76
Certificate issuer:       /CN=3d0263c9575cbd011263ae88839a7888b74fa076
Certificate serial:       019D28F20DB5BE745B02DC9F10F562A411BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
Manifest number:          13B2
Signing time:             Thu 26 Mar 2026 07:00:44 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:44 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:44 +0000
Files and hashes:         1: PQJjyVdcvQESY66Ig5p4iLdPoHY.crl (hash: eXzJThmTB8UJi/Mj1tyx4Xyz0rQb6eXWD0uQ2hJ+QoE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:0d:b5:be:74:5b:02:dc:9f:10:f5:62:a4:11:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d0263c9575cbd011263ae88839a7888b74fa076
        Validity
            Not Before: Mar 26 07:00:44 2026 GMT
            Not After : Mar 27 07:00:44 2026 GMT
        Subject: CN=aa02d4e61915f83631e13caec27fa837c8944efd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:c0:03:12:88:2e:51:c7:85:81:13:e8:78:e7:
                    70:35:e4:78:11:4f:74:65:b0:e4:92:c3:c6:b7:c1:
                    eb:8e:42:3a:1c:f1:8a:2b:58:0f:1a:94:c2:a7:a0:
                    93:26:47:cf:09:6e:4c:71:d5:bf:1d:70:2a:18:1a:
                    84:28:58:9e:46:77:78:44:fb:09:a1:fe:84:0c:1d:
                    03:57:b2:65:47:29:a5:a5:9c:c7:ea:63:6b:e4:ed:
                    8b:ef:f6:bd:cc:00:21:b6:82:46:52:a4:f3:74:fe:
                    72:26:6b:2a:9b:30:ed:1f:87:c7:70:6b:f7:53:4f:
                    cc:a3:0b:8a:f8:fd:a4:d5:f9:7f:54:9b:f9:1c:81:
                    fa:cc:15:f7:0a:59:68:3f:66:a2:7a:e7:04:25:02:
                    42:7b:72:87:ba:f3:17:59:d9:60:c3:90:62:5f:18:
                    ca:4a:8b:79:78:29:86:8c:74:44:33:96:f6:5a:4a:
                    97:98:1a:63:e8:df:16:de:3a:0b:5f:ca:d4:67:cd:
                    05:12:bf:e9:d7:d4:7f:7b:bd:8d:41:3f:9f:b7:29:
                    89:3c:59:0e:c7:96:d2:b8:40:cc:1d:35:36:cb:bd:
                    e0:3c:35:00:b2:19:b1:be:bd:f3:3b:0b:60:e4:a9:
                    08:fb:08:d2:02:f7:48:1a:4e:2c:a3:26:65:ee:53:
                    0f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:02:D4:E6:19:15:F8:36:31:E1:3C:AE:C2:7F:A8:37:C8:94:4E:FD
            X509v3 Authority Key Identifier:
                keyid:3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:4b:12:3c:98:46:05:00:94:72:2f:8a:d7:d9:67:b9:d0:45:
         d4:4a:6a:b1:b5:83:70:84:66:a0:4d:53:7a:b5:84:0d:9c:5d:
         ba:67:60:b0:1f:05:bb:d3:8f:4f:77:cb:e5:cf:2c:ab:f3:01:
         14:d3:e4:0b:9b:2a:52:ff:bd:c3:98:c7:ef:3f:fa:95:23:3b:
         a8:07:40:62:3e:50:66:82:29:10:56:63:88:b4:c3:79:4d:76:
         5c:1e:48:be:d6:13:a0:24:0b:7d:37:ec:9a:9c:e6:98:63:70:
         80:cf:c1:79:c3:59:55:c1:b4:87:39:dd:8a:5f:b3:24:22:7c:
         bc:7c:d6:81:0e:e4:dc:67:d2:5a:b2:90:42:0a:60:fd:78:65:
         f0:0a:7e:1c:c9:9c:40:2c:6b:07:e1:30:7a:41:11:73:fb:c1:
         ab:34:d1:cf:a2:12:4c:ef:37:96:7d:24:53:dc:de:62:c8:7b:
         f1:2f:a4:9e:c1:f5:d4:b2:f5:43:64:60:16:08:19:ba:b5:6d:
         91:a9:21:7b:90:6b:72:b9:9d:72:6d:ee:60:0d:49:2d:f5:d6:
         cb:81:56:d8:3a:65:20:b9:38:2c:18:15:06:8c:13:f1:fa:b5:
         de:46:c3:9b:24:da:c5:a5:c8:fa:2e:27:67:7f:b6:e5:45:fe:
         8c:59:e0:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8g21vnRbAtyfEPVipBG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDI2M2M5NTc1Y2JkMDExMjYzYWU4ODgzOWE3ODg4Yjc0
ZmEwNzYwHhcNMjYwMzI2MDcwMDQ0WhcNMjYwMzI3MDcwMDQ0WjAzMTEwLwYDVQQD
EyhhYTAyZDRlNjE5MTVmODM2MzFlMTNjYWVjMjdmYTgzN2M4OTQ0ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8ADEoguUceFgRPoeOdwNeR4EU90
ZbDkksPGt8HrjkI6HPGKK1gPGpTCp6CTJkfPCW5McdW/HXAqGBqEKFieRnd4RPsJ
of6EDB0DV7JlRymlpZzH6mNr5O2L7/a9zAAhtoJGUqTzdP5yJmsqmzDtH4fHcGv3
U0/MowuK+P2k1fl/VJv5HIH6zBX3ClloP2aieucEJQJCe3KHuvMXWdlgw5BiXxjK
Sot5eCmGjHREM5b2WkqXmBpj6N8W3joLX8rUZ80FEr/p19R/e72NQT+ftymJPFkO
x5bSuEDMHTU2y73gPDUAshmxvr3zOwtg5KkI+wjSAvdIGk4soyZl7lMP/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoC1OYZFfg2MeE8rsJ/qDfIlE79MB8GA1UdIwQY
MBaAFD0CY8lXXL0BEmOuiIOaeIi3T6B2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUt
MTJmNGU2MjczODc3LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUtMTJmNGU2MjczODc3
LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFksSPJhG
BQCUci+K19lnudBF1EpqsbWDcIRmoE1TerWEDZxdumdgsB8Fu9OPT3fL5c8sq/MB
FNPkC5sqUv+9w5jH7z/6lSM7qAdAYj5QZoIpEFZjiLTDeU12XB5IvtYToCQLfTfs
mpzmmGNwgM/BecNZVcG0hzndil+zJCJ8vHzWgQ7k3GfSWrKQQgpg/Xhl8Ap+HMmc
QCxrB+EwekERc/vBqzTRz6ISTO83ln0kU9zeYsh78S+knsH11LL1Q2RgFggZurVt
kakhe5Brcrmdcm3uYA1JLfXWy4FW2DplILk4LBgVBowT8fq13kbDmyTaxaXI+i4n
Z3+25UX+jFng7Q==
-----END CERTIFICATE-----