Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          owdNWV46vmB4X3I8+fnqoBUpHKMwi38BRRrMibMW/IA=
Subject key identifier:   44:4B:59:03:80:B6:44:8D:41:86:5F:0B:4C:9F:AC:21:70:8A:C5:C5
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       019D2996FEC324BDB01A11810C9E404848F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          0631
Signing time:             Thu 26 Mar 2026 10:00:54 +0000
Manifest this update:     Thu 26 Mar 2026 10:00:54 +0000
Manifest next update:     Fri 27 Mar 2026 10:00:54 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: PwgGgjlVAImrinIS3OX9r6fSRt4Ziw3t8jpWAcIbKnM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:96:fe:c3:24:bd:b0:1a:11:81:0c:9e:40:48:48:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Mar 26 10:00:54 2026 GMT
            Not After : Mar 27 10:00:54 2026 GMT
        Subject: CN=444b590380b6448d41865f0b4c9fac21708ac5c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:c2:e6:41:5b:4e:ad:ab:18:cb:f3:43:b4:3a:
                    67:a2:21:2f:29:7c:c1:62:eb:87:98:39:59:b9:8a:
                    67:6e:bf:84:2c:24:44:0f:cc:95:3e:b3:1a:3a:af:
                    3c:4a:6a:08:dc:c8:5b:c3:e4:e1:4d:24:7b:60:87:
                    ae:35:db:f5:79:50:27:9d:4a:81:d6:ec:d8:14:cf:
                    c1:ed:72:44:c7:b5:6c:8f:9f:fa:54:25:82:78:c5:
                    29:5a:82:fa:94:32:fb:bd:b0:d2:45:56:a1:86:85:
                    58:3f:41:aa:9a:59:03:e2:17:70:00:ab:87:0b:a5:
                    2e:d0:44:e2:e7:d7:60:aa:85:65:ca:cf:63:06:1c:
                    6f:f6:be:e5:f7:1a:86:57:fc:8b:40:67:32:91:35:
                    ae:ff:b6:e0:0b:94:04:76:03:e4:f0:cc:ee:c7:4a:
                    67:7b:fe:1d:a1:48:70:b0:41:87:98:ca:c0:16:79:
                    ae:38:99:4f:ab:b0:14:3f:47:ce:c1:a4:0c:6a:9a:
                    6e:ac:12:5d:aa:a7:8e:fb:86:f0:20:c9:c6:5b:36:
                    22:27:a8:36:19:bc:01:a2:9d:22:c2:ba:74:16:65:
                    73:53:1e:3f:9e:d6:71:95:ad:b5:6c:60:5a:6a:75:
                    42:f7:c8:35:6a:f5:18:d8:d6:d6:6b:60:f9:f7:8d:
                    68:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:4B:59:03:80:B6:44:8D:41:86:5F:0B:4C:9F:AC:21:70:8A:C5:C5
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:8d:c8:23:74:af:e3:98:f7:0b:40:e6:18:99:33:04:4e:eb:
         d0:60:53:d8:fa:bf:c5:a6:12:b0:18:b8:c8:4c:c6:e2:73:97:
         3b:9f:50:34:76:b0:15:2d:27:65:3e:d8:30:0a:3e:25:58:10:
         de:81:4b:f6:71:95:35:74:cf:19:74:45:d1:58:5d:d0:1e:7d:
         4f:11:9b:f9:ce:33:d3:9e:1e:eb:28:1a:1b:89:4d:e8:1b:98:
         91:76:30:54:18:c9:3d:fa:9b:46:be:2c:72:ee:62:99:3c:cb:
         71:aa:a9:45:37:e0:15:35:d4:de:39:f8:37:99:33:2d:8f:55:
         5c:67:f6:fd:30:34:37:14:6b:c3:b6:6a:f7:ee:4d:dc:a5:b9:
         b3:ea:e6:78:a9:17:2e:a3:32:0f:b1:12:6b:c0:cc:cc:d0:b7:
         41:50:66:1c:55:87:39:96:35:88:29:1a:fa:45:e5:4b:ef:7e:
         ee:da:60:93:ef:e2:63:21:76:cc:c9:ca:3f:1e:eb:ba:b1:27:
         08:58:fb:ab:3c:51:12:59:eb:5a:b2:6b:37:04:24:4f:62:bd:
         22:70:9f:0a:7c:6b:06:81:3e:8c:e3:19:e6:a7:fd:27:97:c3:
         ed:1d:bc:36:88:49:4c:09:aa:ec:c3:88:05:c6:0a:48:8d:13:
         c8:88:ea:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plv7DJL2wGhGBDJ5ASEj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjYwMzI2MTAwMDU0WhcNMjYwMzI3MTAwMDU0WjAzMTEwLwYDVQQD
Eyg0NDRiNTkwMzgwYjY0NDhkNDE4NjVmMGI0YzlmYWMyMTcwOGFjNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9MLmQVtOrasYy/NDtDpnoiEvKXzB
YuuHmDlZuYpnbr+ELCRED8yVPrMaOq88SmoI3Mhbw+ThTSR7YIeuNdv1eVAnnUqB
1uzYFM/B7XJEx7Vsj5/6VCWCeMUpWoL6lDL7vbDSRVahhoVYP0GqmlkD4hdwAKuH
C6Uu0ETi59dgqoVlys9jBhxv9r7l9xqGV/yLQGcykTWu/7bgC5QEdgPk8Mzux0pn
e/4doUhwsEGHmMrAFnmuOJlPq7AUP0fOwaQMappurBJdqqeO+4bwIMnGWzYiJ6g2
GbwBop0iwrp0FmVzUx4/ntZxla21bGBaanVC98g1avUY2NbWa2D5941oVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERLWQOAtkSNQYZfC0yfrCFwisXFMB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgY3II3Sv
45j3C0DmGJkzBE7r0GBT2Pq/xaYSsBi4yEzG4nOXO59QNHawFS0nZT7YMAo+JVgQ
3oFL9nGVNXTPGXRF0Vhd0B59TxGb+c4z054e6ygaG4lN6BuYkXYwVBjJPfqbRr4s
cu5imTzLcaqpRTfgFTXU3jn4N5kzLY9VXGf2/TA0NxRrw7Zq9+5N3KW5s+rmeKkX
LqMyD7ESa8DMzNC3QVBmHFWHOZY1iCka+kXlS+9+7tpgk+/iYyF2zMnKPx7rurEn
CFj7qzxRElnrWrJrNwQkT2K9InCfCnxrBoE+jOMZ5qf9J5fD7R28NohJTAmq7MOI
BcYKSI0TyIjqaA==
-----END CERTIFICATE-----