Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          xt6PvayfDm7z5JAHTgfvNcmqS16yibLqPaWvKduDlcs=
Subject key identifier:   E3:BB:36:17:99:BD:B0:96:D2:06:26:B2:C8:C7:EB:7E:72:01:8F:38
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019CAB6BA2367611A5B294AC3F2F56037447
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          130F
Signing time:             Sun 01 Mar 2026 22:01:23 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:23 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:23 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: n2Hl6uQ8fVftgnY5LLywwsoti6tl+5rIa0lmoKkGPk0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:a2:36:76:11:a5:b2:94:ac:3f:2f:56:03:74:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Mar  1 22:01:23 2026 GMT
            Not After : Mar  2 22:01:23 2026 GMT
        Subject: CN=e3bb361799bdb096d20626b2c8c7eb7e72018f38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:9e:5f:e0:15:36:c4:ae:00:ec:dc:de:9b:42:
                    e7:f0:3f:14:a5:af:fb:1e:4d:ee:64:ec:60:63:1b:
                    2d:fa:79:9c:e7:6c:56:f6:67:c3:15:8c:96:a6:fa:
                    05:ea:cc:35:57:9e:a6:7d:75:4c:0b:a2:f2:f3:fb:
                    c8:3b:13:45:df:ec:ad:be:53:e0:43:42:86:78:85:
                    3d:12:34:62:c4:8e:eb:47:d7:6b:36:4e:68:81:89:
                    87:00:57:32:ae:2e:76:dd:6b:bf:fd:6e:cd:8d:17:
                    37:eb:5c:b0:20:f8:71:6c:cd:6b:ab:b4:29:14:18:
                    f8:0a:f8:bf:ec:83:16:56:e9:e4:e9:2f:c9:d4:a3:
                    bb:26:54:11:2c:5c:38:76:24:5d:e7:07:8e:cf:0c:
                    e4:00:9d:4a:5f:7e:f4:8d:23:d2:0d:c6:d0:5d:ea:
                    a0:3f:e6:85:c6:f7:c6:71:77:d2:33:7e:db:db:b8:
                    f2:c1:a5:ab:40:f1:75:09:64:71:07:7d:b0:9c:54:
                    13:5e:bb:bf:d0:aa:30:36:b9:4d:f6:3b:15:d2:e3:
                    ae:2f:7e:56:e2:cc:1f:9c:22:28:f5:4a:95:ca:1c:
                    47:ea:d7:d4:35:1b:08:0d:83:9a:59:e4:09:8a:13:
                    ce:9b:89:14:ec:ef:67:83:3d:04:cb:4c:a6:b1:19:
                    27:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:BB:36:17:99:BD:B0:96:D2:06:26:B2:C8:C7:EB:7E:72:01:8F:38
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:3e:a8:25:fe:0e:20:8e:43:b4:16:3e:2e:53:74:da:4d:a9:
         53:dc:f5:3d:ed:c0:fa:75:86:5f:2d:85:bd:b4:68:8d:f3:a2:
         6c:78:ff:dd:34:da:1b:ef:76:46:e3:d7:5f:00:de:e5:34:2c:
         dd:2e:55:05:d8:de:37:06:33:a9:e0:09:67:99:1a:13:ee:91:
         45:9c:38:40:aa:47:c5:6d:6f:83:c7:6a:9b:3d:93:fe:36:d6:
         0e:22:21:eb:60:f7:3a:14:63:4a:0a:ea:e2:88:57:f1:db:5a:
         dd:42:09:c5:a0:5f:b8:ea:c5:87:10:92:fd:aa:b1:b8:f3:fc:
         da:07:46:5e:54:ed:46:58:f2:84:1d:18:3c:15:c4:9a:fd:c8:
         0d:84:b8:56:a1:16:e3:ac:10:4e:14:3b:ce:9b:c5:e6:d8:37:
         1d:0f:4e:49:85:7f:34:66:71:7f:8f:56:d5:c9:48:32:92:03:
         05:cb:d0:f4:a6:b6:01:1c:94:4a:b2:9f:16:7d:af:44:c6:93:
         1c:82:2c:cc:04:c0:91:b7:64:95:09:af:9e:97:a5:e3:be:04:
         9e:10:23:2f:b9:d9:9b:ae:9c:2a:a5:b2:4e:54:b3:f4:2f:04:
         e6:6d:a1:30:a7:4a:17:0d:64:04:2b:4e:5c:15:8b:cb:21:63:
         bc:8c:eb:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra6I2dhGlspSsPy9WA3RHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjYwMzAxMjIwMTIzWhcNMjYwMzAyMjIwMTIzWjAzMTEwLwYDVQQD
EyhlM2JiMzYxNzk5YmRiMDk2ZDIwNjI2YjJjOGM3ZWI3ZTcyMDE4ZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv55f4BU2xK4A7Nzem0Ln8D8Upa/7
Hk3uZOxgYxst+nmc52xW9mfDFYyWpvoF6sw1V56mfXVMC6Ly8/vIOxNF3+ytvlPg
Q0KGeIU9EjRixI7rR9drNk5ogYmHAFcyri523Wu//W7NjRc361ywIPhxbM1rq7Qp
FBj4Cvi/7IMWVunk6S/J1KO7JlQRLFw4diRd5weOzwzkAJ1KX370jSPSDcbQXeqg
P+aFxvfGcXfSM37b27jywaWrQPF1CWRxB32wnFQTXru/0KowNrlN9jsV0uOuL35W
4swfnCIo9UqVyhxH6tfUNRsIDYOaWeQJihPOm4kU7O9ngz0Ey0ymsRknHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOO7NheZvbCW0gYmssjH635yAY84MB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlz6oJf4O
II5DtBY+LlN02k2pU9z1Pe3A+nWGXy2FvbRojfOibHj/3TTaG+92RuPXXwDe5TQs
3S5VBdjeNwYzqeAJZ5kaE+6RRZw4QKpHxW1vg8dqmz2T/jbWDiIh62D3OhRjSgrq
4ohX8dta3UIJxaBfuOrFhxCS/aqxuPP82gdGXlTtRljyhB0YPBXEmv3IDYS4VqEW
46wQThQ7zpvF5tg3HQ9OSYV/NGZxf49W1clIMpIDBcvQ9Ka2ARyUSrKfFn2vRMaT
HIIszATAkbdklQmvnpel474EnhAjL7nZm66cKqWyTlSz9C8E5m2hMKdKFw1kBCtO
XBWLyyFjvIzrJA==
-----END CERTIFICATE-----