Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
File:                     Th1cISsoF0fIw-xuhm4Vs5TFu98.mft (raw, json)
Hash identifier:          ZRa6stIwujDKfElDa5VjL1ACP0pg8+650ZCm5PbMwlo=
Subject key identifier:   9A:7D:86:60:0B:71:93:9A:F2:11:C8:33:55:8C:3B:36:B3:4E:B6:E1
Authority key identifier: 4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF
Certificate issuer:       /CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
Certificate serial:       019CADFE038E21B1AF7437E0DFF72111356A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
Manifest number:          0F7F
Signing time:             Mon 02 Mar 2026 10:00:31 +0000
Manifest this update:     Mon 02 Mar 2026 10:00:31 +0000
Manifest next update:     Tue 03 Mar 2026 10:00:31 +0000
Files and hashes:         1: Th1cISsoF0fIw-xuhm4Vs5TFu98.crl (hash: hkfeCoQ2Y6fTX01BbSmhKB2q4SBAHevBQAof545fRsA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:03:8e:21:b1:af:74:37:e0:df:f7:21:11:35:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
        Validity
            Not Before: Mar  2 10:00:31 2026 GMT
            Not After : Mar  3 10:00:31 2026 GMT
        Subject: CN=9a7d86600b71939af211c833558c3b36b34eb6e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:93:45:15:29:23:16:d7:f1:09:3d:e8:bd:c9:
                    6d:ca:2a:65:b3:58:bf:4d:aa:96:a1:45:d7:43:43:
                    01:56:9c:92:6c:dd:08:d9:d8:40:7b:db:e9:37:2d:
                    48:fe:94:b0:25:86:88:8a:da:c6:c7:ad:12:22:ba:
                    52:cb:cc:3d:c4:01:82:54:4f:97:c9:e9:e1:08:0f:
                    a7:9e:78:e7:cb:47:a6:6b:cb:c8:0c:dc:aa:99:3a:
                    d3:54:e8:77:92:81:01:78:8f:f2:0e:93:a9:63:de:
                    2d:a7:02:fe:70:11:ed:5b:a8:0c:0e:33:a8:fe:e9:
                    ef:fb:d5:f4:31:79:84:7b:10:44:b3:2c:b2:26:28:
                    2e:c9:53:de:42:6d:2d:b9:55:35:32:e4:f7:73:87:
                    b3:f5:d4:c8:c2:a1:17:33:56:a8:28:66:27:ee:49:
                    5f:6e:a2:d2:5a:3c:dd:eb:59:f1:dc:55:f8:dc:12:
                    69:23:ce:4b:42:f2:f9:77:ed:a2:4c:a9:8c:2d:72:
                    bd:eb:ba:19:99:c8:96:29:b9:13:1e:a9:6e:84:ce:
                    a5:d9:45:3d:25:8a:ce:e3:bc:cd:e7:ac:cb:ae:b5:
                    d2:6e:96:02:06:fe:bc:5b:21:d2:3d:19:68:f1:6b:
                    e2:eb:9a:36:0c:8e:62:1c:c7:c5:7a:e1:a9:e3:a3:
                    50:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:7D:86:60:0B:71:93:9A:F2:11:C8:33:55:8C:3B:36:B3:4E:B6:E1
            X509v3 Authority Key Identifier:
                keyid:4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:d5:e5:de:47:a7:e3:14:61:56:4f:1c:c5:62:cc:eb:34:fe:
         5a:07:10:8a:4e:6f:5f:5f:6b:b6:ec:19:09:4d:df:72:7a:7c:
         09:20:a8:57:16:66:5f:ff:97:0e:20:ec:2b:ba:81:ab:dd:e7:
         ad:d2:2c:04:9a:15:a0:df:7e:1c:41:99:92:55:55:e8:e8:cb:
         20:f1:5e:ef:07:fc:ac:aa:a4:45:38:06:22:9e:57:5d:6c:e3:
         ba:83:88:e1:6d:1d:9a:99:ce:74:49:d1:ca:74:3d:f4:ce:f5:
         ff:35:80:0a:b9:78:a1:32:6e:ec:7b:fe:05:06:29:14:c8:9e:
         ad:81:f6:04:7a:86:0c:41:9d:71:be:fb:3a:32:d8:cd:2a:80:
         41:19:42:d0:1d:3d:d5:14:65:fd:0b:39:5f:f2:70:b7:1c:e6:
         04:dd:ce:74:d2:f5:94:59:c4:a2:eb:9b:e3:72:26:9c:e3:2e:
         9c:33:6d:bf:bf:e7:ff:01:66:e9:3a:f4:e9:c2:c2:a8:1f:03:
         d7:f7:8b:46:a8:93:45:9f:ea:30:28:7e:72:41:c5:8e:3b:f6:
         8e:f4:59:69:53:22:37:69:ee:99:9c:80:83:5e:a1:6d:20:44:
         fc:62:ee:02:4c:28:7d:bd:5d:df:51:41:eb:b4:08:5a:4f:31:
         72:6c:f9:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/gOOIbGvdDfg3/chETVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMWQ1YzIxMmIyODE3NDdjOGMzZWM2ZTg2NmUxNWIzOTRj
NWJiZGYwHhcNMjYwMzAyMTAwMDMxWhcNMjYwMzAzMTAwMDMxWjAzMTEwLwYDVQQD
Eyg5YTdkODY2MDBiNzE5MzlhZjIxMWM4MzM1NThjM2IzNmIzNGViNmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5NFFSkjFtfxCT3ovcltyipls1i/
TaqWoUXXQ0MBVpySbN0I2dhAe9vpNy1I/pSwJYaIitrGx60SIrpSy8w9xAGCVE+X
yenhCA+nnnjny0ema8vIDNyqmTrTVOh3koEBeI/yDpOpY94tpwL+cBHtW6gMDjOo
/unv+9X0MXmEexBEsyyyJiguyVPeQm0tuVU1MuT3c4ez9dTIwqEXM1aoKGYn7klf
bqLSWjzd61nx3FX43BJpI85LQvL5d+2iTKmMLXK967oZmciWKbkTHqluhM6l2UU9
JYrO47zN56zLrrXSbpYCBv68WyHSPRlo8Wvi65o2DI5iHMfFeuGp46NQaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJp9hmALcZOa8hHIM1WMOzazTrbhMB8GA1UdIwQY
MBaAFE4dXCErKBdHyMPsboZuFbOUxbvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTkt
NzEyZTI3NjFkYWY1LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTktNzEyZTI3NjFkYWY1
LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAotXl3ken
4xRhVk8cxWLM6zT+WgcQik5vX19rtuwZCU3fcnp8CSCoVxZmX/+XDiDsK7qBq93n
rdIsBJoVoN9+HEGZklVV6OjLIPFe7wf8rKqkRTgGIp5XXWzjuoOI4W0dmpnOdEnR
ynQ99M71/zWACrl4oTJu7Hv+BQYpFMierYH2BHqGDEGdcb77OjLYzSqAQRlC0B09
1RRl/Qs5X/JwtxzmBN3OdNL1lFnEouub43ImnOMunDNtv7/n/wFm6Tr06cLCqB8D
1/eLRqiTRZ/qMCh+ckHFjjv2jvRZaVMiN2numZyAg16hbSBE/GLuAkwofb1d31FB
67QIWk8xcmz5yA==
-----END CERTIFICATE-----