Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
File:                     2-DL9NZpKl5OHgHSsRL-pru_90w.mft (raw, json)
Hash identifier:          o7GhI4yIKBDbv7Fi+ZMKTeK3HSvzO8Um2+NB6lCg8GM=
Subject key identifier:   B1:D4:5C:84:39:B0:14:97:CB:78:3A:5D:42:FE:2D:E1:C8:78:4C:6A
Authority key identifier: DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C
Certificate issuer:       /CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
Certificate serial:       019CACEBFB95534BC9E0625967E4A5E46686
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
Manifest number:          04CD
Signing time:             Mon 02 Mar 2026 05:01:12 +0000
Manifest this update:     Mon 02 Mar 2026 05:01:12 +0000
Manifest next update:     Tue 03 Mar 2026 05:01:12 +0000
Files and hashes:         1: 2-DL9NZpKl5OHgHSsRL-pru_90w.crl (hash: zsXD04jVlGfWFlTQGfig8qJsE62nT0niiBJhTbxWCW8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:eb:fb:95:53:4b:c9:e0:62:59:67:e4:a5:e4:66:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbe0cbf4d6692a5e4e1e01d2b112fea6bbbff74c
        Validity
            Not Before: Mar  2 05:01:12 2026 GMT
            Not After : Mar  3 05:01:12 2026 GMT
        Subject: CN=b1d45c8439b01497cb783a5d42fe2de1c8784c6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:62:93:b1:10:39:ff:17:cd:fa:49:9a:37:c5:
                    ec:8f:da:3f:be:88:45:04:1d:b3:61:08:45:51:75:
                    07:86:bc:9d:f2:8b:67:43:36:06:e9:6c:54:7a:a1:
                    f3:4a:ed:23:b2:ae:fb:95:2f:06:10:00:4d:53:84:
                    c8:3c:b6:fc:45:98:6f:a2:43:46:68:98:eb:a3:ba:
                    47:71:d3:10:55:e0:9d:88:06:13:0f:db:54:89:c8:
                    43:76:c5:ba:7f:69:b2:ab:11:57:6d:1e:4e:2d:19:
                    70:24:80:b7:cd:1c:06:68:47:0c:d4:09:08:d2:21:
                    c5:ff:70:d1:43:94:c7:13:d3:ca:5d:df:e0:3b:ce:
                    27:2a:c3:97:64:c1:2a:c0:38:ba:8b:c5:e0:07:4c:
                    03:1e:07:b5:f8:55:97:d8:91:9e:9c:87:37:02:14:
                    2a:52:50:d9:06:32:52:5d:59:65:cc:19:39:a6:92:
                    f1:fe:94:e0:d9:56:8e:f5:49:5c:99:90:99:1c:fb:
                    2e:8a:62:27:57:32:f1:a3:2f:05:4c:a1:19:b2:ab:
                    ec:5c:cd:cc:f4:44:f3:a9:09:ba:0c:27:06:87:5a:
                    b4:0d:a3:17:0b:96:4d:3c:61:f3:2b:f3:4d:ce:a6:
                    03:97:44:78:63:5a:66:7b:69:5c:47:02:d6:1b:84:
                    f5:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:D4:5C:84:39:B0:14:97:CB:78:3A:5D:42:FE:2D:E1:C8:78:4C:6A
            X509v3 Authority Key Identifier:
                keyid:DB:E0:CB:F4:D6:69:2A:5E:4E:1E:01:D2:B1:12:FE:A6:BB:BF:F7:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DL9NZpKl5OHgHSsRL-pru_90w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ae519c-1690-40bc-b671-927e9cf7b025/1/2-DL9NZpKl5OHgHSsRL-pru_90w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:77:1b:59:c0:9c:e7:d3:7d:9c:4e:00:da:0f:11:41:62:b9:
         1f:ce:fb:29:35:6d:05:01:f0:ac:d8:f1:da:f6:07:af:2f:57:
         f5:59:ec:73:d6:7a:e7:f6:cf:78:47:f8:64:33:bd:a9:1a:1f:
         2a:b8:60:3b:de:53:7d:04:16:fc:de:2e:be:5f:cc:2c:4d:44:
         f3:ca:f3:65:79:ed:29:79:db:09:ee:a8:29:8e:d5:89:aa:54:
         5f:85:90:80:84:3b:1e:71:2c:d1:6b:8a:75:0d:bc:84:5e:ea:
         f9:db:aa:0f:81:fc:0c:4f:a1:e4:af:04:11:f3:0f:5f:63:48:
         46:ce:5c:0d:9c:84:47:db:33:ab:55:13:d4:5d:bc:97:bc:e8:
         e8:ba:ba:19:0c:78:10:1b:46:db:52:1e:7a:f4:70:ee:92:75:
         51:1c:66:85:e0:c7:32:70:a2:4a:12:8d:19:e4:94:d9:c2:69:
         cb:5a:01:38:1b:f9:65:f6:e9:32:4a:24:cc:da:2e:d2:f3:52:
         c1:46:96:fc:35:69:b2:f3:e9:7a:ab:57:5a:1c:a4:dc:64:6d:
         06:68:a2:56:0c:47:97:17:39:f7:3f:b8:22:32:e0:36:ce:fb:
         65:d5:11:61:9f:50:fb:09:c1:bd:f4:f4:f8:0e:51:6e:77:c9:
         42:74:e6:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys6/uVU0vJ4GJZZ+Sl5GaGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYmY0ZDY2OTJhNWU0ZTFlMDFkMmIxMTJmZWE2YmJi
ZmY3NGMwHhcNMjYwMzAyMDUwMTEyWhcNMjYwMzAzMDUwMTEyWjAzMTEwLwYDVQQD
EyhiMWQ0NWM4NDM5YjAxNDk3Y2I3ODNhNWQ0MmZlMmRlMWM4Nzg0YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2KTsRA5/xfN+kmaN8Xsj9o/vohF
BB2zYQhFUXUHhryd8otnQzYG6WxUeqHzSu0jsq77lS8GEABNU4TIPLb8RZhvokNG
aJjro7pHcdMQVeCdiAYTD9tUichDdsW6f2myqxFXbR5OLRlwJIC3zRwGaEcM1AkI
0iHF/3DRQ5THE9PKXd/gO84nKsOXZMEqwDi6i8XgB0wDHge1+FWX2JGenIc3AhQq
UlDZBjJSXVllzBk5ppLx/pTg2VaO9UlcmZCZHPsuimInVzLxoy8FTKEZsqvsXM3M
9ETzqQm6DCcGh1q0DaMXC5ZNPGHzK/NNzqYDl0R4Y1pme2lcRwLWG4T1gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHUXIQ5sBSXy3g6XUL+LeHIeExqMB8GA1UdIwQY
MBaAFNvgy/TWaSpeTh4B0rES/qa7v/dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEt
OTI3ZTljZjdiMDI1LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZTUxOWMtMTY5MC00MGJjLWI2NzEtOTI3ZTljZjdiMDI1
LzEvMi1ETDlOWnBLbDVPSGdIU3NSTC1wcnVfOTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtHcbWcCc
59N9nE4A2g8RQWK5H877KTVtBQHwrNjx2vYHry9X9Vnsc9Z65/bPeEf4ZDO9qRof
KrhgO95TfQQW/N4uvl/MLE1E88rzZXntKXnbCe6oKY7ViapUX4WQgIQ7HnEs0WuK
dQ28hF7q+duqD4H8DE+h5K8EEfMPX2NIRs5cDZyER9szq1UT1F28l7zo6Lq6GQx4
EBtG21IeevRw7pJ1URxmheDHMnCiShKNGeSU2cJpy1oBOBv5ZfbpMkokzNou0vNS
wUaW/DVpsvPpeqtXWhyk3GRtBmiiVgxHlxc59z+4IjLgNs77ZdURYZ9Q+wnBvfT0
+A5RbnfJQnTmLA==
-----END CERTIFICATE-----