Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          p3jpMBWMK7ai3fuaFb0zGT/pkFt+NcmR4aPPFawXj8M=
Subject key identifier:   BC:09:A8:EC:1E:D0:60:4D:CB:62:17:A3:05:28:99:3D:84:80:AD:67
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       019D27A8A4A3BB18331CED8D65850DF9E409
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          0553
Signing time:             Thu 26 Mar 2026 01:00:56 +0000
Manifest this update:     Thu 26 Mar 2026 01:00:56 +0000
Manifest next update:     Fri 27 Mar 2026 01:00:56 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: LFIUaibfKKb79/qm6ooWUjuRys3YsriqOFMH5qJLi1E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:a4:a3:bb:18:33:1c:ed:8d:65:85:0d:f9:e4:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Mar 26 01:00:56 2026 GMT
            Not After : Mar 27 01:00:56 2026 GMT
        Subject: CN=bc09a8ec1ed0604dcb6217a30528993d8480ad67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:be:66:4b:eb:05:50:61:65:5b:60:48:d2:9f:
                    44:7b:8d:5d:0a:82:6c:08:9b:e9:11:14:f6:de:99:
                    ac:a7:8b:ef:a8:b8:f5:07:df:3a:8e:aa:e0:8b:38:
                    8c:ea:ef:88:e3:90:d5:02:6a:e3:22:96:5d:25:c2:
                    89:b9:8e:3d:2f:d6:35:25:5a:88:18:94:21:bd:a5:
                    af:5f:97:fe:a7:54:a2:7a:c1:76:c6:bb:38:89:91:
                    60:6b:de:24:61:f7:8a:32:2a:09:9a:63:2d:97:1b:
                    03:ad:44:d2:b6:9d:8f:fd:cf:68:c2:4e:cb:f5:1a:
                    33:99:18:25:4b:0b:fe:76:92:f7:d9:c4:83:19:54:
                    a2:9a:9e:df:93:3d:d3:06:34:9c:75:08:fb:ae:0f:
                    5a:76:7e:e4:d7:be:2c:26:f9:59:bd:c2:1f:b8:d4:
                    d4:48:82:19:e4:66:62:e3:c4:ea:f8:42:f7:31:28:
                    df:b1:72:97:69:95:67:1e:c0:02:eb:eb:50:97:46:
                    8f:6b:b2:97:03:9e:74:67:f9:66:bb:5d:ea:ce:6e:
                    d8:9a:e6:92:b2:62:89:d5:07:67:bf:5b:0f:e7:29:
                    34:f0:79:95:ec:ef:f4:b9:c1:68:6f:0e:63:d4:74:
                    86:74:15:60:ad:8f:63:35:08:2e:f9:bf:de:60:6f:
                    c0:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:09:A8:EC:1E:D0:60:4D:CB:62:17:A3:05:28:99:3D:84:80:AD:67
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:0d:5e:4d:a5:a3:e4:e5:74:f9:c7:e9:6a:19:c1:93:3e:f6:
         52:0e:ef:f9:be:9f:79:48:57:76:5b:7f:ab:60:68:17:0e:f0:
         03:6f:e4:b5:03:37:09:27:66:ed:a9:f5:3f:fb:2c:ee:75:94:
         04:08:0a:e5:cb:5b:17:b1:66:c0:18:c0:2c:4a:69:db:c8:47:
         03:15:1b:7d:68:05:20:08:29:29:6d:eb:c7:23:3a:28:20:a5:
         24:1d:2e:b8:2a:8d:ee:7d:3b:55:87:ba:7f:47:bc:ee:53:e6:
         de:e1:92:8c:03:db:77:10:fc:73:ce:fe:4e:76:3b:3a:c3:ac:
         02:4c:85:58:36:ba:83:c3:b9:7d:f9:f8:23:95:b3:7a:59:c3:
         3d:e3:52:8e:88:7a:03:53:23:ea:50:8b:fa:e1:3b:6f:db:a5:
         59:32:f6:c3:1e:1f:58:90:b3:ea:9d:c2:9e:41:01:c3:59:8d:
         28:2d:fe:9a:7c:ed:8b:6f:84:04:a5:64:e0:9f:14:37:de:e9:
         f1:7c:c7:19:43:5d:76:33:29:de:ed:99:d0:f8:1e:02:bb:99:
         48:52:2b:4e:46:68:dd:1f:74:0d:2f:4e:24:3c:56:89:0e:4a:
         d8:84:04:6e:81:73:b4:28:b8:08:3f:16:f3:e6:2a:f9:c6:91:
         8e:41:42:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqKSjuxgzHO2NZYUN+eQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjYwMzI2MDEwMDU2WhcNMjYwMzI3MDEwMDU2WjAzMTEwLwYDVQQD
EyhiYzA5YThlYzFlZDA2MDRkY2I2MjE3YTMwNTI4OTkzZDg0ODBhZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq75mS+sFUGFlW2BI0p9Ee41dCoJs
CJvpERT23pmsp4vvqLj1B986jqrgiziM6u+I45DVAmrjIpZdJcKJuY49L9Y1JVqI
GJQhvaWvX5f+p1SiesF2xrs4iZFga94kYfeKMioJmmMtlxsDrUTStp2P/c9owk7L
9RozmRglSwv+dpL32cSDGVSimp7fkz3TBjScdQj7rg9adn7k174sJvlZvcIfuNTU
SIIZ5GZi48Tq+EL3MSjfsXKXaZVnHsAC6+tQl0aPa7KXA550Z/lmu13qzm7YmuaS
smKJ1Qdnv1sP5yk08HmV7O/0ucFobw5j1HSGdBVgrY9jNQgu+b/eYG/AewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwJqOwe0GBNy2IXowUomT2EgK1nMB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGQ1eTaWj
5OV0+cfpahnBkz72Ug7v+b6feUhXdlt/q2BoFw7wA2/ktQM3CSdm7an1P/ss7nWU
BAgK5ctbF7FmwBjALEpp28hHAxUbfWgFIAgpKW3rxyM6KCClJB0uuCqN7n07VYe6
f0e87lPm3uGSjAPbdxD8c87+TnY7OsOsAkyFWDa6g8O5ffn4I5WzelnDPeNSjoh6
A1Mj6lCL+uE7b9ulWTL2wx4fWJCz6p3CnkEBw1mNKC3+mnzti2+EBKVk4J8UN97p
8XzHGUNddjMp3u2Z0PgeAruZSFIrTkZo3R90DS9OJDxWiQ5K2IQEboFztCi4CD8W
8+Yq+caRjkFC1Q==
-----END CERTIFICATE-----