Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          9KRSPIfFPl7t4MrXWSHCisCZhcRZI5Eqls+5sSoYoH0=
Subject key identifier:   B4:FE:8D:0B:58:EB:DB:64:29:DB:E1:AD:8F:29:FC:7C:A1:B9:1C:D2
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       019CAA59013F06DDE6C6310C612C071295D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          0582
Signing time:             Sun 01 Mar 2026 17:01:25 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:25 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:25 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: D7C8MtnnRv91p453T8ieLIdaNwxCEALjKnCE2MPM6sQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:59:01:3f:06:dd:e6:c6:31:0c:61:2c:07:12:95:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: Mar  1 17:01:25 2026 GMT
            Not After : Mar  2 17:01:25 2026 GMT
        Subject: CN=b4fe8d0b58ebdb6429dbe1ad8f29fc7ca1b91cd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:0d:6b:54:ae:61:a3:a4:d1:2e:12:36:fd:fe:
                    9d:81:20:c6:0a:5a:e3:79:49:10:78:0e:c3:76:b8:
                    b0:14:d6:09:de:49:cd:67:de:75:66:b2:88:73:27:
                    43:d2:1e:7f:c9:da:a8:d0:74:ab:a8:07:aa:47:c7:
                    e7:db:45:b9:26:7d:24:29:48:cf:f3:06:27:de:5b:
                    10:53:55:30:e6:61:c2:c9:22:28:e6:2d:66:2f:f2:
                    b3:e0:63:d1:5d:2c:8a:f8:9f:1a:2d:70:3f:fe:03:
                    59:df:6c:c3:c2:61:05:cc:75:a2:99:9f:6b:4e:35:
                    ac:6c:4c:5e:b5:44:0d:3c:35:b3:49:f9:45:b8:13:
                    a8:f6:0b:23:26:54:e4:53:f7:c5:28:5f:98:7c:ca:
                    de:8b:00:15:eb:fe:a4:97:fa:e9:8a:69:47:01:e9:
                    3f:dd:37:be:4a:c8:99:96:cd:66:d7:9d:66:97:08:
                    4e:a1:ef:db:04:03:c8:be:b7:91:57:79:9e:7c:15:
                    41:bf:d9:62:11:1e:2c:1b:a1:e3:fd:7a:54:df:d1:
                    b6:4e:ed:3c:4b:2b:03:c0:91:7a:ab:02:e5:b9:2f:
                    a5:94:06:a0:fb:d0:d0:d4:11:74:5b:67:ef:1b:60:
                    12:57:58:a2:41:f1:e5:e0:d4:0e:a2:e5:7f:90:a4:
                    14:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:FE:8D:0B:58:EB:DB:64:29:DB:E1:AD:8F:29:FC:7C:A1:B9:1C:D2
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:db:56:a5:24:4f:f4:17:ab:a2:fa:5a:e7:4c:32:8b:28:84:
         ee:69:10:af:d9:7f:0d:ac:ec:9d:2b:0f:78:26:2b:ce:3b:01:
         51:f3:ba:03:62:6b:ba:61:42:c5:da:a3:7f:8e:e1:a2:c2:a8:
         23:c0:2c:79:87:72:c4:7d:4a:17:a5:1e:54:03:ed:ca:ea:54:
         cb:4a:b2:51:90:59:50:46:bb:e1:d1:45:99:c1:14:b9:8e:04:
         8c:f8:91:fe:f0:d5:96:d3:26:3c:f4:e3:23:81:79:59:95:24:
         10:5d:18:4a:3a:bb:ec:90:52:69:7f:ea:a0:bc:c8:26:60:a7:
         35:1b:81:bb:7a:ac:84:36:75:48:63:e2:09:a0:06:52:11:cf:
         ad:73:fc:db:1a:95:37:62:b9:84:e9:a7:6d:a2:2f:ba:09:3c:
         27:05:7d:12:a9:b1:db:88:c1:04:67:fe:23:b4:16:fc:bd:9d:
         b1:d7:4e:6c:b0:e2:4b:18:a1:b9:2e:13:95:5c:4c:b2:b5:4d:
         45:25:a8:e4:83:b8:2d:5b:12:47:5f:f3:84:ba:9e:a5:e8:e9:
         c0:ad:2a:aa:ba:47:39:70:d0:24:d7:d3:3d:fe:45:d5:98:c8:
         e5:69:09:0a:48:06:34:66:2f:a0:11:a2:28:0e:14:89:01:ba:
         54:bc:c1:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWQE/Bt3mxjEMYSwHEpXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjYwMzAxMTcwMTI1WhcNMjYwMzAyMTcwMTI1WjAzMTEwLwYDVQQD
EyhiNGZlOGQwYjU4ZWJkYjY0MjlkYmUxYWQ4ZjI5ZmM3Y2ExYjkxY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA1rVK5ho6TRLhI2/f6dgSDGClrj
eUkQeA7DdriwFNYJ3knNZ951ZrKIcydD0h5/ydqo0HSrqAeqR8fn20W5Jn0kKUjP
8wYn3lsQU1Uw5mHCySIo5i1mL/Kz4GPRXSyK+J8aLXA//gNZ32zDwmEFzHWimZ9r
TjWsbExetUQNPDWzSflFuBOo9gsjJlTkU/fFKF+YfMreiwAV6/6kl/rpimlHAek/
3Te+SsiZls1m151mlwhOoe/bBAPIvreRV3mefBVBv9liER4sG6Hj/XpU39G2Tu08
SysDwJF6qwLluS+llAag+9DQ1BF0W2fvG2ASV1iiQfHl4NQOouV/kKQURQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLT+jQtY69tkKdvhrY8p/HyhuRzSMB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAndtWpSRP
9Berovpa50wyiyiE7mkQr9l/DazsnSsPeCYrzjsBUfO6A2JrumFCxdqjf47hosKo
I8AseYdyxH1KF6UeVAPtyupUy0qyUZBZUEa74dFFmcEUuY4EjPiR/vDVltMmPPTj
I4F5WZUkEF0YSjq77JBSaX/qoLzIJmCnNRuBu3qshDZ1SGPiCaAGUhHPrXP82xqV
N2K5hOmnbaIvugk8JwV9Eqmx24jBBGf+I7QW/L2dsddObLDiSxihuS4TlVxMsrVN
RSWo5IO4LVsSR1/zhLqepejpwK0qqrpHOXDQJNfTPf5F1ZjI5WkJCkgGNGYvoBGi
KA4UiQG6VLzBjQ==
-----END CERTIFICATE-----