Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft
File:                     MptRPmVwb8qlQ6EaDkLSixCd87Y.mft (raw, json)
Hash identifier:          /pfY7L+uMscboTLSySm9VVnBo5AaZYz5/fUUnByqMWQ=
Subject key identifier:   FC:4D:ED:B9:C8:E6:A7:EF:AE:EE:A9:CA:72:3D:7D:F5:B3:E6:BB:2D
Authority key identifier: 32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6
Certificate issuer:       /CN=329b513e65706fcaa543a11a0e42d28b109df3b6
Certificate serial:       019CA9B35357E51B88CDD1D4FDC372712180
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft
Manifest number:          1553
Signing time:             Sun 01 Mar 2026 14:00:27 +0000
Manifest this update:     Sun 01 Mar 2026 14:00:27 +0000
Manifest next update:     Mon 02 Mar 2026 14:00:27 +0000
Files and hashes:         1: MptRPmVwb8qlQ6EaDkLSixCd87Y.crl (hash: YC1rldriLcqqKv42u39yYoiLK3fFcrYA4qQ8D0wrX/0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 14:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:b3:53:57:e5:1b:88:cd:d1:d4:fd:c3:72:71:21:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=329b513e65706fcaa543a11a0e42d28b109df3b6
        Validity
            Not Before: Mar  1 14:00:27 2026 GMT
            Not After : Mar  2 14:00:27 2026 GMT
        Subject: CN=fc4dedb9c8e6a7efaeeea9ca723d7df5b3e6bb2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:2e:af:ff:d6:aa:5e:62:1b:f1:ce:af:b4:f9:
                    c7:79:ae:26:23:c8:b9:bb:ae:0e:7f:a9:b6:59:ea:
                    5d:a0:73:bd:26:58:47:78:4e:0d:57:34:ab:c0:ea:
                    de:ae:05:2a:91:77:39:1a:c1:b6:6e:0c:b7:b2:f5:
                    39:c9:4a:aa:12:be:d7:28:c3:28:62:9b:16:52:0c:
                    be:a4:8b:4a:13:1c:86:45:75:64:d5:55:e7:86:4e:
                    54:d6:db:5b:d6:8d:29:65:45:fc:1b:45:59:5e:0b:
                    bc:8d:8d:4c:51:91:c3:6e:5e:0c:2f:81:1e:1e:c5:
                    28:aa:b0:58:8f:ae:83:72:60:9f:e3:ef:00:14:9c:
                    da:f1:36:d1:2d:33:26:43:e8:d7:af:d5:c5:f2:19:
                    40:be:df:70:1d:ce:5c:e3:8b:da:09:59:b9:b2:ed:
                    1d:c7:d2:26:b8:59:09:db:57:1e:4e:5a:3a:a0:9b:
                    da:72:5c:a1:42:24:c9:07:27:54:fa:69:26:0d:2a:
                    a6:9d:87:6a:96:cb:b6:a8:da:06:d1:a5:14:53:1b:
                    03:4f:22:b0:b6:eb:38:59:a0:74:49:ec:de:25:56:
                    51:b8:8b:55:6c:ca:01:a9:20:34:e3:df:fd:ce:86:
                    1d:31:eb:a1:09:ab:bc:9b:df:f3:dc:4a:3c:8a:a1:
                    3d:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:4D:ED:B9:C8:E6:A7:EF:AE:EE:A9:CA:72:3D:7D:F5:B3:E6:BB:2D
            X509v3 Authority Key Identifier:
                keyid:32:9B:51:3E:65:70:6F:CA:A5:43:A1:1A:0E:42:D2:8B:10:9D:F3:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MptRPmVwb8qlQ6EaDkLSixCd87Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0adcd8-8a4b-4923-bf36-814a611eca60/1/MptRPmVwb8qlQ6EaDkLSixCd87Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:c1:dd:85:15:d3:e3:f0:3d:79:19:69:3b:63:a9:c4:79:16:
         c3:44:c5:c7:59:46:aa:7b:aa:fc:87:ef:a4:49:c4:ea:db:ce:
         a4:3f:d7:7d:86:dc:a9:ec:03:7d:69:02:02:a0:ba:3c:47:85:
         2f:73:13:9a:0a:a1:ce:39:52:21:63:4a:e0:03:92:d4:10:72:
         57:4b:5f:ab:6a:2b:ae:c9:92:b5:bd:cc:90:7a:07:7c:1f:2b:
         48:6e:be:eb:ad:51:85:a7:6a:7c:88:c3:11:8b:bb:d2:20:63:
         7a:bd:85:98:e8:28:d5:07:0d:6f:93:54:ee:85:ff:34:b1:8d:
         f9:49:52:f6:05:c5:d1:a6:49:21:56:b3:d2:7a:cb:03:ae:bb:
         30:c2:0d:d8:53:19:63:7e:64:de:cc:6c:60:bc:e9:9e:37:65:
         0b:75:34:6e:c0:eb:b4:a7:8f:9c:57:b9:7b:b2:8b:5f:e9:d6:
         e8:98:06:78:93:39:cf:91:04:0c:85:12:9c:80:49:1e:6a:98:
         de:0f:42:46:9d:b7:1f:d6:a0:44:5c:3e:f3:b0:3c:98:48:0d:
         d7:ee:68:51:c2:51:ec:6e:8a:cb:c7:9f:56:32:fb:74:ee:48:
         57:49:3a:2c:c6:5b:d5:80:82:60:27:f6:90:68:79:3b:f1:ed:
         e3:ff:a6:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyps1NX5RuIzdHU/cNycSGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyOWI1MTNlNjU3MDZmY2FhNTQzYTExYTBlNDJkMjhiMTA5
ZGYzYjYwHhcNMjYwMzAxMTQwMDI3WhcNMjYwMzAyMTQwMDI3WjAzMTEwLwYDVQQD
EyhmYzRkZWRiOWM4ZTZhN2VmYWVlZWE5Y2E3MjNkN2RmNWIzZTZiYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1C6v/9aqXmIb8c6vtPnHea4mI8i5
u64Of6m2WepdoHO9JlhHeE4NVzSrwOrergUqkXc5GsG2bgy3svU5yUqqEr7XKMMo
YpsWUgy+pItKExyGRXVk1VXnhk5U1ttb1o0pZUX8G0VZXgu8jY1MUZHDbl4ML4Ee
HsUoqrBYj66DcmCf4+8AFJza8TbRLTMmQ+jXr9XF8hlAvt9wHc5c44vaCVm5su0d
x9ImuFkJ21ceTlo6oJvaclyhQiTJBydU+mkmDSqmnYdqlsu2qNoG0aUUUxsDTyKw
tus4WaB0SezeJVZRuItVbMoBqSA049/9zoYdMeuhCau8m9/z3Eo8iqE9FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPxN7bnI5qfvru6pynI9ffWz5rstMB8GA1UdIwQY
MBaAFDKbUT5lcG/KpUOhGg5C0osQnfO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wYWRjZDgtOGE0Yi00OTIzLWJmMzYt
ODE0YTYxMWVjYTYwLzEvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wYWRjZDgtOGE0Yi00OTIzLWJmMzYtODE0YTYxMWVjYTYw
LzEvTXB0UlBtVndiOHFsUTZFYURrTFNpeENkODdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACMHdhRXT
4/A9eRlpO2OpxHkWw0TFx1lGqnuq/IfvpEnE6tvOpD/XfYbcqewDfWkCAqC6PEeF
L3MTmgqhzjlSIWNK4AOS1BByV0tfq2orrsmStb3MkHoHfB8rSG6+661RhadqfIjD
EYu70iBjer2FmOgo1QcNb5NU7oX/NLGN+UlS9gXF0aZJIVaz0nrLA667MMIN2FMZ
Y35k3sxsYLzpnjdlC3U0bsDrtKePnFe5e7KLX+nW6JgGeJM5z5EEDIUSnIBJHmqY
3g9CRp23H9agRFw+87A8mEgN1+5oUcJR7G6Ky8efVjL7dO5IV0k6LMZb1YCCYCf2
kGh5O/Ht4/+m3A==
-----END CERTIFICATE-----