Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          xz6cmox2ouOkYtujdX6paZ4bNqREpjZypbsQ/EN57+4=
Subject key identifier:   7D:42:7E:5E:08:53:FF:1F:BB:DD:E2:EE:20:35:A2:9A:10:DA:DD:93
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019D9AE31536E30B29D30665EC6736E0A3C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          138B
Signing time:             Fri 17 Apr 2026 10:01:06 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:06 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:06 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: mzOhTglZlb0pv3hww9I0U321L3WU9Y6/9tCjN9E6Hvw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:15:36:e3:0b:29:d3:06:65:ec:67:36:e0:a3:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Apr 17 10:01:06 2026 GMT
            Not After : Apr 18 10:01:06 2026 GMT
        Subject: CN=7d427e5e0853ff1fbbdde2ee2035a29a10dadd93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:df:bd:4d:fc:04:5b:89:15:29:b5:a5:3e:ad:
                    dc:4c:22:90:de:50:1a:a1:b9:96:e7:97:91:af:fa:
                    a3:02:9c:8d:2e:10:27:28:8c:7a:43:52:21:47:bc:
                    f9:a8:6a:18:b6:85:f7:ef:9d:5b:d4:74:54:72:02:
                    aa:7a:7c:01:63:53:85:1a:6e:ea:43:30:b5:9c:3e:
                    46:98:a4:3c:e5:c6:a8:57:62:43:37:2c:d1:ba:16:
                    24:1f:60:cd:39:16:c5:31:cb:71:b4:18:13:10:54:
                    2d:5d:53:4d:38:ac:d0:0c:31:39:5d:02:b0:a9:77:
                    c8:56:44:12:f1:df:3c:f1:46:3f:83:fe:b3:31:12:
                    00:76:20:d0:72:a2:b2:47:58:fe:6b:7a:a8:fa:e0:
                    71:4e:0d:f0:eb:45:ea:8f:45:c5:c2:79:f9:ec:ce:
                    c7:cc:cc:9c:f9:81:ab:55:b6:8d:e1:b7:bf:10:ca:
                    c2:5f:62:52:e8:2e:9b:c6:25:6b:6f:a6:b8:93:a6:
                    48:96:0f:8d:80:cc:01:f3:e1:b4:6b:79:55:4d:c2:
                    b1:47:6d:e8:98:2a:24:64:2e:10:bc:e4:8a:fa:9d:
                    f0:5e:6b:02:69:20:bc:d4:03:6a:eb:9d:6d:27:ef:
                    88:dd:a1:c0:e8:15:e8:c8:c3:bb:70:d2:68:b2:dc:
                    38:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:42:7E:5E:08:53:FF:1F:BB:DD:E2:EE:20:35:A2:9A:10:DA:DD:93
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:f0:f3:1c:8f:eb:d9:52:63:e1:2f:d9:8a:d9:1e:72:9a:27:
         09:95:8c:3c:5a:4a:40:16:55:ef:92:3b:23:51:a0:6f:41:61:
         3b:2e:08:56:39:cf:ae:0e:f3:a6:2c:ce:e4:e7:c7:58:18:92:
         dd:8b:96:9b:ae:3a:38:60:85:f4:b3:ea:e9:fc:c6:c7:1e:cb:
         28:c3:c4:13:8d:b5:37:83:53:9c:33:a5:e3:9a:ef:6d:90:58:
         01:4e:5f:eb:db:df:d4:62:dd:33:bd:dc:92:ce:9d:e1:26:62:
         19:7d:4b:75:b1:a3:d9:ae:94:37:68:12:7f:d5:5b:c5:88:2f:
         33:6a:d4:01:ab:c3:3f:6b:aa:55:ad:82:be:13:6f:25:51:42:
         1c:5f:59:41:5d:f2:5c:99:59:d4:55:50:0e:1c:66:e1:3b:f4:
         6f:b2:14:c9:71:6a:62:09:6e:1f:14:5b:b9:1e:ac:d2:50:44:
         a1:c0:38:88:9b:29:69:d2:4e:f7:13:17:12:f3:68:cb:dd:6a:
         8d:33:30:1a:cd:7c:5f:17:2b:6e:41:1e:ed:19:02:47:e4:01:
         df:ab:e7:82:cb:10:a9:76:9c:11:0f:bd:8c:1a:08:d5:6b:02:
         67:8b:10:8b:47:d9:ea:a5:ee:94:08:34:46:f5:0a:67:3f:12:
         4f:0d:53:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4xU24wsp0wZl7Gc24KPIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjYwNDE3MTAwMTA2WhcNMjYwNDE4MTAwMTA2WjAzMTEwLwYDVQQD
Eyg3ZDQyN2U1ZTA4NTNmZjFmYmJkZGUyZWUyMDM1YTI5YTEwZGFkZDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN+9TfwEW4kVKbWlPq3cTCKQ3lAa
obmW55eRr/qjApyNLhAnKIx6Q1IhR7z5qGoYtoX3751b1HRUcgKqenwBY1OFGm7q
QzC1nD5GmKQ85caoV2JDNyzRuhYkH2DNORbFMctxtBgTEFQtXVNNOKzQDDE5XQKw
qXfIVkQS8d888UY/g/6zMRIAdiDQcqKyR1j+a3qo+uBxTg3w60Xqj0XFwnn57M7H
zMyc+YGrVbaN4be/EMrCX2JS6C6bxiVrb6a4k6ZIlg+NgMwB8+G0a3lVTcKxR23o
mCokZC4QvOSK+p3wXmsCaSC81ANq651tJ++I3aHA6BXoyMO7cNJostw4twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1Cfl4IU/8fu93i7iA1opoQ2t2TMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt/DzHI/r
2VJj4S/ZitkecponCZWMPFpKQBZV75I7I1Ggb0FhOy4IVjnPrg7zpizO5OfHWBiS
3YuWm646OGCF9LPq6fzGxx7LKMPEE421N4NTnDOl45rvbZBYAU5f69vf1GLdM73c
ks6d4SZiGX1LdbGj2a6UN2gSf9VbxYgvM2rUAavDP2uqVa2CvhNvJVFCHF9ZQV3y
XJlZ1FVQDhxm4Tv0b7IUyXFqYgluHxRbuR6s0lBEocA4iJspadJO9xMXEvNoy91q
jTMwGs18XxcrbkEe7RkCR+QB36vngssQqXacEQ+9jBoI1WsCZ4sQi0fZ6qXulAg0
RvUKZz8STw1T0w==
-----END CERTIFICATE-----