Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/f666de-77b5-4480-9242-b254b994dcdc/1/SwzK47EZgtZx464payKbCvw1mwc.mft
File:                     SwzK47EZgtZx464payKbCvw1mwc.mft (raw, json)
Hash identifier:          1cTMcBGMmMGuC6KMuaupvOL4iKVePzEl8yH/apjrrPg=
Subject key identifier:   45:4E:0F:23:77:9C:B3:39:CA:F6:B7:29:B7:10:50:72:2D:45:21:13
Authority key identifier: 4B:0C:CA:E3:B1:19:82:D6:71:E3:AE:29:6B:22:9B:0A:FC:35:9B:07
Certificate issuer:       /CN=4b0ccae3b11982d671e3ae296b229b0afc359b07
Certificate serial:       019CAAC6DAF94CA544FB1A1B009EEB576F1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SwzK47EZgtZx464payKbCvw1mwc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/f666de-77b5-4480-9242-b254b994dcdc/1/SwzK47EZgtZx464payKbCvw1mwc.mft
Manifest number:          123E
Signing time:             Sun 01 Mar 2026 19:01:24 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:24 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:24 +0000
Files and hashes:         1: SwzK47EZgtZx464payKbCvw1mwc.crl (hash: 7PFUO0bFkdLzrY7f2p0swRyPWWULVHiDN5fdxD3pkLM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/f666de-77b5-4480-9242-b254b994dcdc/1/SwzK47EZgtZx464payKbCvw1mwc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/f666de-77b5-4480-9242-b254b994dcdc/1/SwzK47EZgtZx464payKbCvw1mwc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SwzK47EZgtZx464payKbCvw1mwc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:da:f9:4c:a5:44:fb:1a:1b:00:9e:eb:57:6f:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b0ccae3b11982d671e3ae296b229b0afc359b07
        Validity
            Not Before: Mar  1 19:01:24 2026 GMT
            Not After : Mar  2 19:01:24 2026 GMT
        Subject: CN=454e0f23779cb339caf6b729b71050722d452113
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c1:cc:18:12:cd:c6:4c:63:49:a5:cc:c8:a0:
                    0c:18:45:3c:80:cc:c6:6d:9c:b9:e8:0c:40:ae:10:
                    8c:7c:fa:0d:b5:56:80:79:12:01:a7:df:c4:6c:ca:
                    92:89:51:64:c3:ca:74:db:66:ca:2f:1a:d5:22:eb:
                    ed:f9:cc:67:97:c5:8d:3c:16:14:f4:57:07:cd:0b:
                    09:a1:cb:42:30:1a:f5:ed:dc:1f:cf:b3:7c:1e:2d:
                    33:e3:76:a5:3d:2b:1d:72:c3:a7:51:53:50:95:c4:
                    96:1c:82:3f:a5:9f:cf:fe:e1:e2:3a:3b:c0:27:f0:
                    3a:f9:33:ec:dd:31:7b:e8:66:88:aa:12:44:82:b6:
                    bf:de:ed:dd:6b:cb:ec:fb:1e:73:42:8d:88:57:b4:
                    3d:1c:15:1b:70:de:ae:d3:e7:1f:7d:36:84:3b:ed:
                    8f:7e:10:9b:c0:fc:80:40:7f:fa:15:7a:1a:f3:07:
                    de:95:3f:11:50:9a:c9:11:d0:b2:e6:e0:b1:a5:0c:
                    b8:ce:52:d5:67:ea:3f:8a:ab:e9:88:f0:27:65:4b:
                    4d:5b:94:69:fd:35:c3:8e:36:9f:53:04:64:43:33:
                    0a:6a:53:f9:f2:94:20:49:a3:63:e8:dc:34:96:da:
                    60:e0:a3:42:e2:42:a0:cf:c5:1d:a9:e5:18:2e:1e:
                    40:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:4E:0F:23:77:9C:B3:39:CA:F6:B7:29:B7:10:50:72:2D:45:21:13
            X509v3 Authority Key Identifier:
                keyid:4B:0C:CA:E3:B1:19:82:D6:71:E3:AE:29:6B:22:9B:0A:FC:35:9B:07

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SwzK47EZgtZx464payKbCvw1mwc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/f666de-77b5-4480-9242-b254b994dcdc/1/SwzK47EZgtZx464payKbCvw1mwc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/f666de-77b5-4480-9242-b254b994dcdc/1/SwzK47EZgtZx464payKbCvw1mwc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:6f:da:bf:ea:87:a3:58:1e:f2:99:4b:69:3a:b9:6d:9e:86:
         19:32:b0:71:cf:dd:99:03:14:41:d3:07:de:b5:37:7c:83:7d:
         cc:77:35:7a:e1:4d:9b:7b:5d:81:f4:7c:9e:21:82:48:54:46:
         83:c1:59:85:3c:c4:33:4c:f8:0e:b3:98:d9:8f:9e:37:a9:88:
         28:d2:59:71:4c:87:70:4b:cd:89:b6:91:2b:38:78:84:3c:26:
         93:78:9f:c7:3e:5d:94:32:7e:48:29:b0:a0:56:3b:16:21:0b:
         50:b1:f5:24:5d:ef:3d:f3:31:18:df:c2:f1:ad:fc:48:89:f1:
         63:7b:5d:1b:2e:d7:bb:6e:25:4e:83:dc:53:4f:a5:6a:f3:c9:
         17:f4:05:6a:ca:ff:d4:2a:d1:23:89:71:41:b4:6d:54:22:63:
         5e:56:a7:f6:99:78:46:5b:fc:50:e4:d3:6a:f1:0f:57:53:83:
         ab:83:68:2c:db:69:ad:30:5b:7d:59:8d:1c:af:49:e2:89:bf:
         9c:e8:82:ee:1a:86:42:96:66:5d:15:67:bf:31:19:29:4a:40:
         ab:98:ad:5a:e2:5d:77:4b:0d:b6:ce:56:24:84:a4:be:98:b1:
         1f:c8:ee:71:fd:ff:6f:57:22:d7:84:e6:b3:a9:18:9a:aa:2f:
         3e:85:23:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxtr5TKVE+xobAJ7rV28bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMGNjYWUzYjExOTgyZDY3MWUzYWUyOTZiMjI5YjBhZmMz
NTliMDcwHhcNMjYwMzAxMTkwMTI0WhcNMjYwMzAyMTkwMTI0WjAzMTEwLwYDVQQD
Eyg0NTRlMGYyMzc3OWNiMzM5Y2FmNmI3MjliNzEwNTA3MjJkNDUyMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncHMGBLNxkxjSaXMyKAMGEU8gMzG
bZy56AxArhCMfPoNtVaAeRIBp9/EbMqSiVFkw8p022bKLxrVIuvt+cxnl8WNPBYU
9FcHzQsJoctCMBr17dwfz7N8Hi0z43alPSsdcsOnUVNQlcSWHII/pZ/P/uHiOjvA
J/A6+TPs3TF76GaIqhJEgra/3u3da8vs+x5zQo2IV7Q9HBUbcN6u0+cffTaEO+2P
fhCbwPyAQH/6FXoa8wfelT8RUJrJEdCy5uCxpQy4zlLVZ+o/iqvpiPAnZUtNW5Rp
/TXDjjafUwRkQzMKalP58pQgSaNj6Nw0ltpg4KNC4kKgz8UdqeUYLh5AEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVODyN3nLM5yva3KbcQUHItRSETMB8GA1UdIwQY
MBaAFEsMyuOxGYLWceOuKWsimwr8NZsHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3d6SzQ3RVpndFp4NDY0cGF5S2JDdncxbXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9mNjY2ZGUtNzdiNS00NDgwLTkyNDIt
YjI1NGI5OTRkY2RjLzEvU3d6SzQ3RVpndFp4NDY0cGF5S2JDdncxbXdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9mNjY2ZGUtNzdiNS00NDgwLTkyNDItYjI1NGI5OTRkY2Rj
LzEvU3d6SzQ3RVpndFp4NDY0cGF5S2JDdncxbXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATm/av+qH
o1ge8plLaTq5bZ6GGTKwcc/dmQMUQdMH3rU3fIN9zHc1euFNm3tdgfR8niGCSFRG
g8FZhTzEM0z4DrOY2Y+eN6mIKNJZcUyHcEvNibaRKzh4hDwmk3ifxz5dlDJ+SCmw
oFY7FiELULH1JF3vPfMxGN/C8a38SInxY3tdGy7Xu24lToPcU0+lavPJF/QFasr/
1CrRI4lxQbRtVCJjXlan9pl4Rlv8UOTTavEPV1ODq4NoLNtprTBbfVmNHK9J4om/
nOiC7hqGQpZmXRVnvzEZKUpAq5itWuJdd0sNts5WJISkvpixH8jucf3/b1ci14Tm
s6kYmqovPoUjsg==
-----END CERTIFICATE-----