Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          lUS8mnNO9/93gunI94RXrej2+/FpsfkxopHif4q+MwI=
Subject key identifier:   C3:98:1C:23:C6:1F:22:DA:43:6D:C2:F1:CC:B5:D9:63:89:78:F4:4E
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019E1C469BFE981D5A36A4AEB882EC128011
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          13CE
Signing time:             Tue 12 May 2026 13:00:49 +0000
Manifest this update:     Tue 12 May 2026 13:00:49 +0000
Manifest next update:     Wed 13 May 2026 13:00:49 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: /GxKUBHkni53MtETAZXrudV73v5OklChVy1fgps1AtU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:46:9b:fe:98:1d:5a:36:a4:ae:b8:82:ec:12:80:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: May 12 13:00:49 2026 GMT
            Not After : May 13 13:00:49 2026 GMT
        Subject: CN=c3981c23c61f22da436dc2f1ccb5d9638978f44e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:9d:d2:18:12:aa:c1:08:66:7b:5b:85:27:1f:
                    e8:fb:fa:03:2c:1d:00:2a:4a:7a:3b:6a:cf:58:60:
                    0a:77:e3:6a:5b:43:c8:a8:46:cd:31:20:7e:05:8a:
                    b0:c7:04:f9:bc:cf:bf:ad:80:f0:df:f5:16:95:82:
                    47:0c:fa:94:ec:5a:20:d1:51:9c:ab:1d:f7:62:a3:
                    1d:5b:c5:28:3d:b3:db:33:f5:56:06:de:98:99:21:
                    63:1d:14:17:12:3e:a0:9c:48:ac:e7:84:26:63:6a:
                    0e:93:f6:57:8c:c1:44:51:7c:15:dc:f3:1d:f5:cf:
                    94:51:f7:8a:eb:a5:97:09:e6:91:58:e6:04:02:93:
                    1b:cf:b6:14:7a:42:ca:8d:d7:a7:02:ee:2d:38:52:
                    14:17:64:ce:04:43:4c:a5:19:04:19:11:58:e5:8a:
                    9c:58:50:07:a4:3a:08:57:82:12:aa:e2:d9:d3:6e:
                    05:2b:50:c5:ac:b5:58:1b:2a:2d:61:21:ba:21:85:
                    b7:c0:32:30:ab:70:6c:5b:49:4a:a9:2f:8c:7d:10:
                    8d:a8:ce:96:4a:5d:f1:20:6a:00:8e:e9:d1:6f:74:
                    ef:4e:c0:92:3b:9d:a2:0d:87:18:4d:8c:42:2c:a9:
                    ec:d4:ea:aa:7c:33:77:77:6a:48:02:90:84:c7:07:
                    72:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:98:1C:23:C6:1F:22:DA:43:6D:C2:F1:CC:B5:D9:63:89:78:F4:4E
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:6c:d8:58:75:de:6d:27:11:cc:da:56:e8:e2:e7:2f:5c:52:
         ad:f4:1f:11:9a:ea:f2:ca:3c:d6:e9:a6:fd:a3:a1:15:e8:08:
         e6:b4:b7:50:1d:55:67:1d:63:60:c6:6d:50:34:91:77:1a:5e:
         20:bb:d7:c0:f5:92:05:7e:cb:d1:38:cc:b1:e1:d5:8b:3a:1f:
         e9:fe:74:1b:68:05:3f:f8:2f:4e:5f:f8:3f:21:9c:8c:c0:c6:
         85:1e:d8:af:85:3b:d6:67:f5:33:3a:82:31:5a:1e:56:f0:50:
         92:cb:e7:0f:a8:b8:c0:40:c7:4d:81:0f:37:98:9f:8c:23:06:
         cd:27:16:0b:29:d5:68:0b:80:c3:c1:df:b2:ab:72:ef:05:f4:
         42:54:d8:88:0a:da:f7:78:15:52:69:8a:b2:12:85:47:98:e5:
         80:d3:52:2d:41:34:03:a5:74:e1:bd:95:95:43:da:39:95:87:
         98:38:49:5e:29:62:dd:ce:8c:2b:32:2f:75:5a:59:62:23:0e:
         85:37:e9:83:b9:4a:a2:f4:31:4e:5c:5e:3f:4c:dd:54:2b:18:
         c7:50:3c:5c:08:5a:ad:35:de:8e:c5:61:2d:d1:4a:37:55:9f:
         57:d3:a1:0e:42:ae:bf:5f:60:a1:0c:88:49:ca:f4:53:71:90:
         79:01:36:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRpv+mB1aNqSuuILsEoARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjYwNTEyMTMwMDQ5WhcNMjYwNTEzMTMwMDQ5WjAzMTEwLwYDVQQD
EyhjMzk4MWMyM2M2MWYyMmRhNDM2ZGMyZjFjY2I1ZDk2Mzg5NzhmNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup3SGBKqwQhme1uFJx/o+/oDLB0A
Kkp6O2rPWGAKd+NqW0PIqEbNMSB+BYqwxwT5vM+/rYDw3/UWlYJHDPqU7Fog0VGc
qx33YqMdW8UoPbPbM/VWBt6YmSFjHRQXEj6gnEis54QmY2oOk/ZXjMFEUXwV3PMd
9c+UUfeK66WXCeaRWOYEApMbz7YUekLKjdenAu4tOFIUF2TOBENMpRkEGRFY5Yqc
WFAHpDoIV4ISquLZ024FK1DFrLVYGyotYSG6IYW3wDIwq3BsW0lKqS+MfRCNqM6W
Sl3xIGoAjunRb3TvTsCSO52iDYcYTYxCLKns1OqqfDN3d2pIApCExwdytQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMOYHCPGHyLaQ23C8cy12WOJePROMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi2zYWHXe
bScRzNpW6OLnL1xSrfQfEZrq8so81umm/aOhFegI5rS3UB1VZx1jYMZtUDSRdxpe
ILvXwPWSBX7L0TjMseHVizof6f50G2gFP/gvTl/4PyGcjMDGhR7Yr4U71mf1MzqC
MVoeVvBQksvnD6i4wEDHTYEPN5ifjCMGzScWCynVaAuAw8Hfsqty7wX0QlTYiAra
93gVUmmKshKFR5jlgNNSLUE0A6V04b2VlUPaOZWHmDhJXili3c6MKzIvdVpZYiMO
hTfpg7lKovQxTlxeP0zdVCsYx1A8XAharTXejsVhLdFKN1WfV9OhDkKuv19goQyI
Scr0U3GQeQE21Q==
-----END CERTIFICATE-----