Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
File:                     97KiPZsF9XV53i8CRJtmYD4-Vzo.mft (raw, json)
Hash identifier:          roslQ/41RMb2ZBd6fvtkP+E3t/TfrBWJQIXS4iWzuW0=
Subject key identifier:   D9:9A:E9:CB:20:C9:C6:BF:C4:65:A5:27:B8:FA:C0:66:B7:7D:70:9A
Authority key identifier: F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A
Certificate issuer:       /CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
Certificate serial:       019CAAC63FDD171198D3B6F05D3A3AB0792D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
Manifest number:          13F9
Signing time:             Sun 01 Mar 2026 19:00:45 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:45 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:45 +0000
Files and hashes:         1: 97KiPZsF9XV53i8CRJtmYD4-Vzo.crl (hash: p9sH521yi5wZbMnlsZX2oFiqg1SgIPJg9E0biDzTgEA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:3f:dd:17:11:98:d3:b6:f0:5d:3a:3a:b0:79:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
        Validity
            Not Before: Mar  1 19:00:45 2026 GMT
            Not After : Mar  2 19:00:45 2026 GMT
        Subject: CN=d99ae9cb20c9c6bfc465a527b8fac066b77d709a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:17:c2:f2:c4:a7:42:a1:7e:0c:fd:e8:88:00:
                    46:09:b1:8c:b2:7b:dc:96:90:45:ae:63:67:4a:9d:
                    82:30:ef:b4:f2:3f:ec:56:54:3d:eb:8d:8a:81:37:
                    3d:67:30:89:be:2d:f4:9a:7c:be:19:f9:22:43:c0:
                    54:56:7e:ff:30:13:68:7a:ec:6e:82:de:d9:4c:dc:
                    ce:6b:99:4e:40:26:53:67:63:e9:51:23:e8:e8:b3:
                    bb:db:32:b5:7d:8b:1f:cc:69:8e:59:e7:fe:2b:b0:
                    08:31:3d:fe:62:33:12:f9:f9:a1:0c:ba:3d:ec:8f:
                    81:85:22:4f:d5:47:05:ad:29:a6:c6:19:de:fb:97:
                    c6:ee:6e:b1:cc:24:09:e1:6a:6c:45:3e:05:46:43:
                    82:cf:b1:9e:27:0a:af:03:6f:98:c7:bd:03:b9:ec:
                    bc:84:ba:47:07:eb:0b:90:d7:d9:83:28:a0:fc:5f:
                    fc:bb:7b:3c:89:3a:d4:d8:cd:cb:98:41:46:a0:f0:
                    5d:b9:98:5a:e9:07:f8:e5:c5:71:ec:39:b7:21:56:
                    e8:a3:ed:83:a0:93:bf:62:c7:79:57:6b:f8:51:23:
                    89:19:8e:10:ba:f7:56:1b:bf:9c:7f:42:76:5c:7d:
                    00:32:7d:f4:d0:5a:e8:0b:a7:4b:27:52:e8:d6:a5:
                    11:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:9A:E9:CB:20:C9:C6:BF:C4:65:A5:27:B8:FA:C0:66:B7:7D:70:9A
            X509v3 Authority Key Identifier:
                keyid:F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:76:43:12:cc:43:61:17:87:b5:39:85:44:5f:ec:2f:61:be:
         3d:a3:f4:43:b6:d9:b2:a6:5b:f4:b1:3a:60:3a:3d:b0:df:37:
         5f:dd:eb:e4:dd:b9:69:4d:1e:22:7d:84:41:6f:82:9a:10:59:
         e0:47:fb:fe:e8:f7:ea:a9:91:6f:82:b7:33:a4:b0:32:95:03:
         78:32:8c:49:ef:d3:d7:8a:a2:20:69:6b:1c:f1:34:44:bd:01:
         7e:df:80:7d:3d:cb:db:34:08:28:49:81:31:2a:94:99:ad:60:
         85:55:17:f7:f6:13:0f:62:b0:2b:f9:92:6f:4c:19:3f:ed:40:
         5c:02:c0:b0:30:36:7a:0a:96:18:94:f8:c6:fe:04:bc:1f:a4:
         19:d8:a8:ab:14:01:1a:23:f9:fc:23:b8:43:a2:6a:b5:d5:03:
         04:b5:a1:6e:15:56:62:f3:dc:a4:51:d6:9a:ba:be:73:6f:91:
         7c:05:1d:9a:d9:8e:72:90:55:c7:c6:31:85:a3:6e:f6:fe:a8:
         6a:f0:c7:60:28:0a:1b:b6:90:62:52:91:f1:de:92:b0:c2:0e:
         b7:f2:ed:12:8c:9c:52:4a:91:14:d3:ea:6e:df:a4:26:f4:b9:
         40:8b:75:bf:a4:be:16:2c:db:ab:ae:2f:61:02:19:58:5a:d1:
         e7:a7:61:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxj/dFxGY07bwXTo6sHktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjJhMjNkOWIwNWY1NzU3OWRlMmYwMjQ0OWI2NjYwM2Uz
ZTU3M2EwHhcNMjYwMzAxMTkwMDQ1WhcNMjYwMzAyMTkwMDQ1WjAzMTEwLwYDVQQD
EyhkOTlhZTljYjIwYzljNmJmYzQ2NWE1MjdiOGZhYzA2NmI3N2Q3MDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxfC8sSnQqF+DP3oiABGCbGMsnvc
lpBFrmNnSp2CMO+08j/sVlQ9642KgTc9ZzCJvi30mny+GfkiQ8BUVn7/MBNoeuxu
gt7ZTNzOa5lOQCZTZ2PpUSPo6LO72zK1fYsfzGmOWef+K7AIMT3+YjMS+fmhDLo9
7I+BhSJP1UcFrSmmxhne+5fG7m6xzCQJ4WpsRT4FRkOCz7GeJwqvA2+Yx70Duey8
hLpHB+sLkNfZgyig/F/8u3s8iTrU2M3LmEFGoPBduZha6Qf45cVx7Dm3IVboo+2D
oJO/Ysd5V2v4USOJGY4QuvdWG7+cf0J2XH0AMn300FroC6dLJ1Lo1qURyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNma6csgyca/xGWlJ7j6wGa3fXCaMB8GA1UdIwQY
MBaAFPeyoj2bBfV1ed4vAkSbZmA+Plc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMt
NWJlNmE3NTlmMzE4LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMtNWJlNmE3NTlmMzE4
LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQHZDEsxD
YReHtTmFRF/sL2G+PaP0Q7bZsqZb9LE6YDo9sN83X93r5N25aU0eIn2EQW+CmhBZ
4Ef7/uj36qmRb4K3M6SwMpUDeDKMSe/T14qiIGlrHPE0RL0Bft+AfT3L2zQIKEmB
MSqUma1ghVUX9/YTD2KwK/mSb0wZP+1AXALAsDA2egqWGJT4xv4EvB+kGdioqxQB
GiP5/CO4Q6JqtdUDBLWhbhVWYvPcpFHWmrq+c2+RfAUdmtmOcpBVx8YxhaNu9v6o
avDHYCgKG7aQYlKR8d6SsMIOt/LtEoycUkqRFNPqbt+kJvS5QIt1v6S+Fizbq64v
YQIZWFrR56dhrA==
-----END CERTIFICATE-----