Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
File:                     Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft (raw, json)
Hash identifier:          1wfxE+dS0fkOuEGfuemOSJxX/QYGTuuqg21zhorNTVE=
Subject key identifier:   3B:E1:23:BE:97:93:BD:BC:F5:AD:FB:0C:34:26:17:19:23:F5:3C:DE
Authority key identifier: 16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56
Certificate issuer:       /CN=1686f7be9ba171c32746ab4ed20be882bd304356
Certificate serial:       019CAC7DFCADA217A97BC25ED3378ACA6886
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
Manifest number:          05D6
Signing time:             Mon 02 Mar 2026 03:01:03 +0000
Manifest this update:     Mon 02 Mar 2026 03:01:03 +0000
Manifest next update:     Tue 03 Mar 2026 03:01:03 +0000
Files and hashes:         1: Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl (hash: dJ29KQ4XzqFgOjB4N0QqGSnz7b4PFok9bSTXaTGWDV4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:7d:fc:ad:a2:17:a9:7b:c2:5e:d3:37:8a:ca:68:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1686f7be9ba171c32746ab4ed20be882bd304356
        Validity
            Not Before: Mar  2 03:01:03 2026 GMT
            Not After : Mar  3 03:01:03 2026 GMT
        Subject: CN=3be123be9793bdbcf5adfb0c3426171923f53cde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b4:1b:11:e0:5c:45:5c:87:74:6c:14:4c:1b:
                    25:c7:af:29:05:f4:15:17:20:9b:2e:25:67:71:30:
                    45:c6:3c:b2:5e:d7:22:2c:e3:83:61:55:39:e5:5a:
                    82:79:9a:64:58:9f:4c:00:9a:df:17:a2:ab:f4:a8:
                    7d:70:b8:b9:37:f1:78:11:96:ba:77:80:e7:7f:9b:
                    31:84:93:09:c3:0c:36:14:4f:f9:a1:82:31:4a:08:
                    d7:ee:9a:18:01:6d:c0:42:72:55:7b:0b:58:07:3b:
                    cf:96:9f:80:d6:65:21:81:d9:4e:0f:28:83:d4:00:
                    70:46:12:53:39:36:aa:6b:82:e3:d8:48:be:6c:e5:
                    f2:69:1b:12:fa:a4:79:4e:0c:f4:4c:7f:b9:fa:5c:
                    b2:51:f0:1d:17:ee:58:cd:31:f9:ba:d4:d3:06:a6:
                    e2:4a:25:92:6c:8b:16:61:40:0f:a7:04:5f:f2:f4:
                    c3:16:f6:bb:da:28:24:2c:6f:81:88:12:2a:f8:36:
                    c0:df:96:56:91:04:0e:c2:1a:20:88:de:84:ef:45:
                    a4:2b:ec:e6:b9:04:e8:72:04:55:98:93:6a:b7:07:
                    95:12:0c:d2:c2:89:cc:23:db:2a:25:18:89:ed:c9:
                    2a:d3:6d:32:3f:e6:7a:06:46:db:96:ba:a4:d4:45:
                    d5:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:E1:23:BE:97:93:BD:BC:F5:AD:FB:0C:34:26:17:19:23:F5:3C:DE
            X509v3 Authority Key Identifier:
                keyid:16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:11:2b:02:4d:e7:27:20:75:44:75:70:74:41:03:ba:3f:7e:
         1d:20:18:ae:10:b1:e2:ed:96:5b:a3:cb:a8:1d:17:44:1a:aa:
         87:18:03:94:ea:8f:c9:d9:fc:32:84:e2:0f:11:10:ce:3b:0c:
         21:65:87:bf:4d:53:df:08:95:f7:b0:09:d7:bc:7c:39:98:3b:
         16:9d:6e:e7:c9:ba:ee:12:17:ef:58:6a:26:b8:f3:e3:ea:b3:
         4c:1a:44:42:15:25:ea:fe:4c:91:91:57:e6:d2:46:a7:0b:4c:
         d1:e8:f9:d7:ce:2e:0e:9f:40:30:4b:e3:f0:77:04:e8:b2:83:
         8f:8c:2b:d9:8c:61:e6:be:11:4f:d8:0f:50:f6:33:f5:de:cf:
         46:2d:9c:c3:71:37:ed:55:aa:1f:a5:fe:24:9e:27:ae:21:9f:
         4a:9d:6e:ce:9b:c0:f8:2c:84:ea:bf:d1:a5:29:fe:05:c9:42:
         a6:5f:37:3d:15:85:37:ab:b8:61:2a:fc:7f:47:86:fa:bc:5b:
         8e:27:fb:77:ba:90:ff:c7:e0:56:77:85:05:68:bd:d0:73:1c:
         c8:0d:49:f9:33:57:10:db:05:3c:8b:7c:42:72:d6:48:09:cf:
         53:7a:dc:9d:02:4c:31:c2:b3:42:26:86:56:b7:ee:32:93:28:
         0b:85:90:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysffytohepe8Je0zeKymiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODZmN2JlOWJhMTcxYzMyNzQ2YWI0ZWQyMGJlODgyYmQz
MDQzNTYwHhcNMjYwMzAyMDMwMTAzWhcNMjYwMzAzMDMwMTAzWjAzMTEwLwYDVQQD
EygzYmUxMjNiZTk3OTNiZGJjZjVhZGZiMGMzNDI2MTcxOTIzZjUzY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrQbEeBcRVyHdGwUTBslx68pBfQV
FyCbLiVncTBFxjyyXtciLOODYVU55VqCeZpkWJ9MAJrfF6Kr9Kh9cLi5N/F4EZa6
d4Dnf5sxhJMJwww2FE/5oYIxSgjX7poYAW3AQnJVewtYBzvPlp+A1mUhgdlODyiD
1ABwRhJTOTaqa4Lj2Ei+bOXyaRsS+qR5Tgz0TH+5+lyyUfAdF+5YzTH5utTTBqbi
SiWSbIsWYUAPpwRf8vTDFva72igkLG+BiBIq+DbA35ZWkQQOwhogiN6E70WkK+zm
uQTocgRVmJNqtweVEgzSwonMI9sqJRiJ7ckq020yP+Z6Bkbblrqk1EXVpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvhI76Xk7289a37DDQmFxkj9TzeMB8GA1UdIwQY
MBaAFBaG976boXHDJ0arTtIL6IK9MENWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDkt
NzRhOThjYjY2ZmZmLzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDktNzRhOThjYjY2ZmZm
LzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAABErAk3n
JyB1RHVwdEEDuj9+HSAYrhCx4u2WW6PLqB0XRBqqhxgDlOqPydn8MoTiDxEQzjsM
IWWHv01T3wiV97AJ17x8OZg7Fp1u58m67hIX71hqJrjz4+qzTBpEQhUl6v5MkZFX
5tJGpwtM0ej5184uDp9AMEvj8HcE6LKDj4wr2Yxh5r4RT9gPUPYz9d7PRi2cw3E3
7VWqH6X+JJ4nriGfSp1uzpvA+CyE6r/RpSn+BclCpl83PRWFN6u4YSr8f0eG+rxb
jif7d7qQ/8fgVneFBWi90HMcyA1J+TNXENsFPIt8QnLWSAnPU3rcnQJMMcKzQiaG
VrfuMpMoC4WQOw==
-----END CERTIFICATE-----