Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
File:                     2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft (raw, json)
Hash identifier:          C2VY86qHR2tbtFRR8YZNfoTAJBRwARVpLtbKnOJsBws=
Subject key identifier:   26:6C:0E:60:5B:47:7B:1C:8A:FF:69:E5:E8:33:5F:1F:93:78:52:5A
Authority key identifier: DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
Certificate issuer:       /CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Certificate serial:       019CAA58AC06E61CAC24C8B44E2D20275692
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
Manifest number:          0687
Signing time:             Sun 01 Mar 2026 17:01:03 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:03 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:03 +0000
Files and hashes:         1: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl (hash: ZUEvtsR7p6KBVqGfFYZuZNUMsrn6ayS11uIPjWNVBS8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:ac:06:e6:1c:ac:24:c8:b4:4e:2d:20:27:56:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
        Validity
            Not Before: Mar  1 17:01:03 2026 GMT
            Not After : Mar  2 17:01:03 2026 GMT
        Subject: CN=266c0e605b477b1c8aff69e5e8335f1f9378525a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:82:5e:1c:0e:3c:d5:e3:e5:28:97:5b:a4:4e:
                    3d:0d:9e:b6:30:e0:78:0d:1f:8b:8d:1e:5e:05:6d:
                    ec:5d:34:6c:d0:6c:eb:87:f6:5a:72:34:3f:aa:e3:
                    a1:69:86:bb:a9:cf:0d:c4:79:ae:9c:9e:a9:b2:78:
                    db:8f:7b:a1:90:97:38:d2:3c:67:39:bf:fd:25:a1:
                    b4:fd:65:68:e9:ff:78:60:32:ce:d2:39:1a:5f:a9:
                    87:a0:4e:94:62:31:40:fd:37:23:c4:2c:bd:c7:02:
                    43:bf:81:ab:2b:15:f6:cb:36:48:95:65:34:35:2d:
                    cb:0b:9b:b5:47:63:fe:c2:59:fc:28:ff:89:50:b3:
                    85:fa:fe:2b:9e:01:eb:68:81:08:82:31:d9:ca:cb:
                    c7:a5:d0:e5:57:27:77:e9:1b:29:ad:6c:b6:c0:12:
                    0a:ba:27:a8:c2:5f:b8:9b:39:50:15:9b:d6:2f:c7:
                    02:90:9e:19:a5:b3:b0:8a:b8:30:b1:98:ed:f1:b0:
                    40:57:2b:18:6e:74:c8:49:41:00:f2:a9:ad:37:05:
                    54:23:db:bf:0b:8c:ba:87:55:9d:57:2f:4c:40:f6:
                    cb:ab:bf:26:24:2a:41:72:53:55:15:e8:23:a4:e6:
                    87:37:4a:3f:c3:ce:65:db:fa:3c:3e:09:50:91:40:
                    dc:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:6C:0E:60:5B:47:7B:1C:8A:FF:69:E5:E8:33:5F:1F:93:78:52:5A
            X509v3 Authority Key Identifier:
                keyid:DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:58:ea:29:6a:b2:73:17:c3:69:cd:01:03:a4:2e:32:ba:68:
         51:83:44:73:cf:25:53:3f:70:a2:66:d9:e5:3d:a6:48:f9:58:
         5b:9b:ad:c2:2e:b8:7f:10:52:c6:72:e1:52:0a:21:1e:47:74:
         ea:16:3e:d1:68:fb:7d:38:9e:8b:79:15:a2:11:ca:67:dd:61:
         e8:30:12:e6:2b:e3:8f:a6:3d:b1:2c:6d:99:a1:48:12:cb:98:
         95:c6:b8:15:95:c3:bb:cd:c1:d2:99:98:25:94:bd:33:44:4b:
         bc:88:8b:7a:84:c7:2b:1c:03:2f:eb:92:25:a8:28:bc:1e:ff:
         83:bb:b2:97:92:d0:48:5f:71:ef:51:fd:e7:b4:e0:cd:91:c0:
         76:48:54:da:c2:46:10:ce:8c:3e:6a:ac:ae:8b:7d:d5:27:c6:
         b4:3e:4c:58:95:de:64:78:53:27:3d:b4:f6:28:29:03:05:ba:
         12:81:f0:5f:0e:a4:71:6d:68:8e:a3:bd:fe:20:c5:95:94:82:
         7a:c2:24:e5:a8:56:ff:67:cb:2c:51:c8:d1:47:2c:2f:1c:95:
         e2:62:32:d3:9d:0d:ff:85:4a:02:8a:36:ca:58:68:16:55:b4:
         c4:5b:a3:e2:da:74:1c:80:68:5e:eb:0c:c9:68:87:7a:bc:63:
         be:cb:92:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWKwG5hysJMi0Ti0gJ1aSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTY3YzU4YjRhNmZlMjEyZmMyMGZiNzU2OTQ5YWRkYzFh
OWE2MmMwHhcNMjYwMzAxMTcwMTAzWhcNMjYwMzAyMTcwMTAzWjAzMTEwLwYDVQQD
EygyNjZjMGU2MDViNDc3YjFjOGFmZjY5ZTVlODMzNWYxZjkzNzg1MjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYJeHA481ePlKJdbpE49DZ62MOB4
DR+LjR5eBW3sXTRs0Gzrh/ZacjQ/quOhaYa7qc8NxHmunJ6psnjbj3uhkJc40jxn
Ob/9JaG0/WVo6f94YDLO0jkaX6mHoE6UYjFA/TcjxCy9xwJDv4GrKxX2yzZIlWU0
NS3LC5u1R2P+wln8KP+JULOF+v4rngHraIEIgjHZysvHpdDlVyd36RsprWy2wBIK
uieowl+4mzlQFZvWL8cCkJ4ZpbOwirgwsZjt8bBAVysYbnTISUEA8qmtNwVUI9u/
C4y6h1WdVy9MQPbLq78mJCpBclNVFegjpOaHN0o/w85l2/o8PglQkUDcmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZsDmBbR3sciv9p5egzXx+TeFJaMB8GA1UdIwQY
MBaAFNqmfFi0pv4hL8IPt1aUmt3BqaYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYt
NTBmMzRmNDM1ZjAzLzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYtNTBmMzRmNDM1ZjAz
LzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAFjqKWqy
cxfDac0BA6QuMrpoUYNEc88lUz9wombZ5T2mSPlYW5utwi64fxBSxnLhUgohHkd0
6hY+0Wj7fTiei3kVohHKZ91h6DAS5ivjj6Y9sSxtmaFIEsuYlca4FZXDu83B0pmY
JZS9M0RLvIiLeoTHKxwDL+uSJagovB7/g7uyl5LQSF9x71H957TgzZHAdkhU2sJG
EM6MPmqsrot91SfGtD5MWJXeZHhTJz209igpAwW6EoHwXw6kcW1ojqO9/iDFlZSC
esIk5ahW/2fLLFHI0UcsLxyV4mIy050N/4VKAoo2ylhoFlW0xFuj4tp0HIBoXusM
yWiHerxjvsuS/Q==
-----END CERTIFICATE-----