Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft
File:                     fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft (raw, json)
Hash identifier:          mnlJPmMyztF7DOimt/jwGn6k8S8V29ipbDKHapd+9mA=
Subject key identifier:   66:ED:3A:4B:D7:4D:18:C7:37:99:39:48:5E:08:83:F3:C0:FD:68:4F
Authority key identifier: 7D:0B:CA:BE:C4:37:9F:2D:3B:94:18:74:10:D2:E6:E0:31:A7:41:71
Certificate issuer:       /CN=7d0bcabec4379f2d3b94187410d2e6e031a74171
Certificate serial:       019CAC475B23094B839A6440708D213FBE66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft
Manifest number:          17D6
Signing time:             Mon 02 Mar 2026 02:01:23 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:23 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:23 +0000
Files and hashes:         1: fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl (hash: jJI28L5QzeMDVqux0SZWHGQbsmk/pQ9DTzA1YlvAphk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:5b:23:09:4b:83:9a:64:40:70:8d:21:3f:be:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d0bcabec4379f2d3b94187410d2e6e031a74171
        Validity
            Not Before: Mar  2 02:01:23 2026 GMT
            Not After : Mar  3 02:01:23 2026 GMT
        Subject: CN=66ed3a4bd74d18c7379939485e0883f3c0fd684f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:57:52:eb:cd:40:6e:65:f2:3b:49:59:5b:96:
                    bc:c1:9f:f0:8f:37:cf:08:f1:a9:a3:8a:7f:ff:bc:
                    2d:c2:5b:08:bd:6d:54:46:65:09:d8:63:38:43:12:
                    d7:cd:8f:f8:c1:a9:b3:e3:fe:fc:06:44:9a:39:9b:
                    9b:28:3f:ff:2b:cc:41:9e:a6:8b:cf:25:1a:77:87:
                    3b:34:c0:bd:76:81:fe:67:e0:ba:34:c4:90:76:ad:
                    2a:f9:7a:bf:b7:77:1f:0b:12:2b:c3:46:2c:b9:15:
                    de:83:7a:35:75:f3:1f:f7:b2:43:de:a6:82:e2:96:
                    d7:24:d4:3b:0a:02:24:a0:66:72:6b:fa:21:65:f1:
                    70:ed:b5:b6:43:e3:35:55:0c:45:a5:db:b7:17:4e:
                    9d:9d:87:af:4e:00:86:ef:3b:00:85:f7:f3:3a:f7:
                    72:90:dc:ec:2e:ba:8d:6b:79:ce:99:e1:0d:9b:d4:
                    2b:4b:04:5f:54:d6:c1:13:b1:49:f1:23:9d:63:3d:
                    40:b7:fd:b0:29:5f:3d:47:8c:77:dd:b4:53:31:5a:
                    9a:d4:f0:86:64:f6:2a:0e:f4:a8:76:7e:88:d7:b4:
                    de:1a:b7:f3:ae:ab:3a:9f:74:49:e9:b4:20:76:fe:
                    bb:87:3a:71:30:b7:54:6a:e3:bd:1d:45:55:53:0e:
                    ef:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:ED:3A:4B:D7:4D:18:C7:37:99:39:48:5E:08:83:F3:C0:FD:68:4F
            X509v3 Authority Key Identifier:
                keyid:7D:0B:CA:BE:C4:37:9F:2D:3B:94:18:74:10:D2:E6:E0:31:A7:41:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQvKvsQ3ny07lBh0ENLm4DGnQXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/741dc3-226d-47fb-8ff2-9715cd698e32/1/fQvKvsQ3ny07lBh0ENLm4DGnQXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:ca:68:02:10:f1:0f:fe:1e:e7:98:67:50:87:56:a3:ad:95:
         f1:35:64:6f:95:eb:57:cf:24:49:79:84:da:10:87:1e:8b:d1:
         52:fc:d7:74:ce:06:00:6a:e7:e8:3a:d2:a2:69:cd:9e:f5:e9:
         9a:69:50:9e:8c:c6:0b:31:25:c3:4e:2f:b4:98:84:cd:de:7f:
         51:ed:7a:cf:8a:ec:60:52:89:86:32:b4:df:f6:28:66:95:5b:
         f1:8f:46:48:23:63:09:29:ba:0f:c4:60:6a:08:e6:8d:5c:24:
         01:2e:40:15:bb:6c:b0:66:4d:1e:b7:fc:52:3a:01:58:1f:59:
         8d:d3:b3:d5:fa:5b:77:c0:10:53:bb:75:59:e1:23:9f:74:0c:
         8f:e3:06:54:df:45:36:ea:e4:c0:68:48:a7:a9:3c:71:92:6c:
         3a:61:59:ed:fc:e4:ee:f1:49:92:40:03:3d:88:ce:7d:0f:e8:
         da:4c:f2:53:cf:8e:51:79:6a:89:ea:e7:4d:d4:ca:f8:d1:2c:
         a0:a6:59:e4:8c:63:c6:f3:5b:a2:e2:c3:a5:9a:75:41:68:15:
         15:86:44:41:e7:7c:7a:66:9c:f2:c8:76:01:49:39:83:5d:92:
         04:51:25:97:3e:f7:81:7c:f5:63:ca:4e:83:b2:f2:f6:06:7c:
         32:e0:6f:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR1sjCUuDmmRAcI0hP75mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMGJjYWJlYzQzNzlmMmQzYjk0MTg3NDEwZDJlNmUwMzFh
NzQxNzEwHhcNMjYwMzAyMDIwMTIzWhcNMjYwMzAzMDIwMTIzWjAzMTEwLwYDVQQD
Eyg2NmVkM2E0YmQ3NGQxOGM3Mzc5OTM5NDg1ZTA4ODNmM2MwZmQ2ODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ldS681AbmXyO0lZW5a8wZ/wjzfP
CPGpo4p//7wtwlsIvW1URmUJ2GM4QxLXzY/4wamz4/78BkSaOZubKD//K8xBnqaL
zyUad4c7NMC9doH+Z+C6NMSQdq0q+Xq/t3cfCxIrw0YsuRXeg3o1dfMf97JD3qaC
4pbXJNQ7CgIkoGZya/ohZfFw7bW2Q+M1VQxFpdu3F06dnYevTgCG7zsAhffzOvdy
kNzsLrqNa3nOmeENm9QrSwRfVNbBE7FJ8SOdYz1At/2wKV89R4x33bRTMVqa1PCG
ZPYqDvSodn6I17TeGrfzrqs6n3RJ6bQgdv67hzpxMLdUauO9HUVVUw7vqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbtOkvXTRjHN5k5SF4Ig/PA/WhPMB8GA1UdIwQY
MBaAFH0Lyr7EN58tO5QYdBDS5uAxp0FxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83NDFkYzMtMjI2ZC00N2ZiLThmZjIt
OTcxNWNkNjk4ZTMyLzEvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83NDFkYzMtMjI2ZC00N2ZiLThmZjItOTcxNWNkNjk4ZTMy
LzEvZlF2S3ZzUTNueTA3bEJoMEVOTG00REduUVhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAacpoAhDx
D/4e55hnUIdWo62V8TVkb5XrV88kSXmE2hCHHovRUvzXdM4GAGrn6DrSomnNnvXp
mmlQnozGCzElw04vtJiEzd5/Ue16z4rsYFKJhjK03/YoZpVb8Y9GSCNjCSm6D8Rg
agjmjVwkAS5AFbtssGZNHrf8UjoBWB9ZjdOz1fpbd8AQU7t1WeEjn3QMj+MGVN9F
NurkwGhIp6k8cZJsOmFZ7fzk7vFJkkADPYjOfQ/o2kzyU8+OUXlqiernTdTK+NEs
oKZZ5IxjxvNbouLDpZp1QWgVFYZEQed8emac8sh2AUk5g12SBFEllz73gXz1Y8pO
g7Ly9gZ8MuBvDw==
-----END CERTIFICATE-----