Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          anwW7NnjxAZhSLniqRFaNMJA8tnSxYLRMmO7T9avF8c=
Subject key identifier:   97:E5:98:94:14:A6:F8:87:1A:96:77:A8:9E:61:1F:42:E8:CE:29:F2
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019D2704C70D0BE6ACFB8A916110BE3AF1DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          134F
Signing time:             Wed 25 Mar 2026 22:01:57 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:57 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:57 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: bdcWGy44P9FLWH9GIAtAzWFp89mXFxN0GRBCBGxH2GA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:c7:0d:0b:e6:ac:fb:8a:91:61:10:be:3a:f1:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Mar 25 22:01:57 2026 GMT
            Not After : Mar 26 22:01:57 2026 GMT
        Subject: CN=97e5989414a6f8871a9677a89e611f42e8ce29f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:30:2a:42:1f:5e:98:fc:dd:94:48:58:a3:27:
                    e0:28:37:8a:e9:ba:1d:96:23:e8:29:6e:f4:2d:1b:
                    64:74:14:6c:cb:15:fb:9e:91:95:c3:55:f8:59:c5:
                    53:9c:fa:62:82:14:99:b7:09:4d:35:73:0e:2b:42:
                    00:ba:d4:aa:26:6b:94:44:ae:62:e8:73:77:9b:a0:
                    25:da:56:e4:4f:5e:d0:4a:8c:c5:4f:98:43:11:71:
                    09:0f:e0:a7:f9:a5:57:aa:fe:12:b7:ef:50:62:bc:
                    0e:b3:3a:c1:3e:48:b9:8f:5e:32:6d:82:2f:83:90:
                    30:61:3a:56:3c:4a:f7:a1:66:b9:09:e4:9e:f3:9f:
                    5f:82:15:5c:f1:e7:58:50:64:51:55:d2:27:78:b0:
                    84:63:ca:6e:3e:b8:d6:da:8e:77:62:b5:7c:ea:30:
                    ab:98:bd:5b:45:7d:09:3e:8c:43:76:c5:a9:5f:4a:
                    77:d9:56:27:6b:00:b4:dc:df:6d:36:58:1c:bb:f1:
                    b8:fd:2c:f6:72:01:5f:2e:90:9d:7b:13:66:d4:c0:
                    5d:3f:14:39:ae:8a:db:5a:a0:96:49:43:ab:38:9d:
                    c9:88:11:12:84:04:38:55:07:ca:8f:2e:c6:b9:b7:
                    c4:fc:83:b1:ef:f7:e6:70:fa:d8:b1:8a:5a:f8:05:
                    6e:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:E5:98:94:14:A6:F8:87:1A:96:77:A8:9E:61:1F:42:E8:CE:29:F2
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:44:93:55:54:ed:84:7f:3a:4f:3f:6c:ca:91:99:52:3a:c6:
         95:23:ec:2d:f1:2f:c7:3d:aa:62:2b:e2:c7:dc:0a:1e:8d:75:
         dc:6a:61:e0:0d:67:f4:b0:ec:74:eb:17:75:32:9d:a6:57:99:
         96:1b:bc:19:bd:60:1a:c5:f0:99:91:9a:0d:be:77:52:ec:1d:
         c1:9b:12:1d:8b:5e:9e:e7:dd:9d:02:d6:72:7b:85:84:bf:99:
         18:14:97:7e:44:ac:01:92:09:ad:9c:62:bd:71:7c:1f:a6:66:
         af:0b:e4:08:37:c1:cf:22:d2:99:21:ba:c3:00:74:91:02:da:
         93:15:c4:d5:cf:ad:83:ef:05:17:b6:7a:3e:44:38:0b:6a:9e:
         5c:0e:fa:cf:96:38:17:63:fb:b4:3e:37:88:09:f2:06:7e:d0:
         d4:9b:7d:08:6e:7e:3c:91:b3:f0:21:be:ba:a3:dc:38:b1:d6:
         c2:f1:26:95:f6:79:70:6c:0a:93:0b:16:cc:bc:4c:ce:d3:89:
         6d:6f:69:e0:66:68:1a:75:8b:96:25:55:6b:6d:02:5b:e4:c9:
         26:cc:ef:ed:ff:8d:c9:0b:50:e1:2f:3f:6a:59:81:ab:9d:98:
         0c:46:c6:fc:14:8f:21:23:3e:2f:a1:a0:80:de:39:87:c4:16:
         2d:0b:19:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBMcNC+as+4qRYRC+OvHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjYwMzI1MjIwMTU3WhcNMjYwMzI2MjIwMTU3WjAzMTEwLwYDVQQD
Eyg5N2U1OTg5NDE0YTZmODg3MWE5Njc3YTg5ZTYxMWY0MmU4Y2UyOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTAqQh9emPzdlEhYoyfgKDeK6bod
liPoKW70LRtkdBRsyxX7npGVw1X4WcVTnPpighSZtwlNNXMOK0IAutSqJmuURK5i
6HN3m6Al2lbkT17QSozFT5hDEXEJD+Cn+aVXqv4St+9QYrwOszrBPki5j14ybYIv
g5AwYTpWPEr3oWa5CeSe859fghVc8edYUGRRVdIneLCEY8puPrjW2o53YrV86jCr
mL1bRX0JPoxDdsWpX0p32VYnawC03N9tNlgcu/G4/Sz2cgFfLpCdexNm1MBdPxQ5
rorbWqCWSUOrOJ3JiBEShAQ4VQfKjy7GubfE/IOx7/fmcPrYsYpa+AVuEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJflmJQUpviHGpZ3qJ5hH0LozinyMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWUSTVVTt
hH86Tz9sypGZUjrGlSPsLfEvxz2qYivix9wKHo113Gph4A1n9LDsdOsXdTKdpleZ
lhu8Gb1gGsXwmZGaDb53UuwdwZsSHYtenufdnQLWcnuFhL+ZGBSXfkSsAZIJrZxi
vXF8H6ZmrwvkCDfBzyLSmSG6wwB0kQLakxXE1c+tg+8FF7Z6PkQ4C2qeXA76z5Y4
F2P7tD43iAnyBn7Q1Jt9CG5+PJGz8CG+uqPcOLHWwvEmlfZ5cGwKkwsWzLxMztOJ
bW9p4GZoGnWLliVVa20CW+TJJszv7f+NyQtQ4S8/almBq52YDEbG/BSPISM+L6Gg
gN45h8QWLQsZjQ==
-----END CERTIFICATE-----