Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
File:                     8QMX8k1xpRbXUEO-kPWr4_ocklk.mft (raw, json)
Hash identifier:          loLTD/EgRBOuVSpCuKc9UC1R4JMQy/vnXdjZx+CtZSM=
Subject key identifier:   73:90:1B:42:5F:15:24:57:C6:CE:5A:70:30:13:38:BC:78:DF:B2:64
Authority key identifier: F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59
Certificate issuer:       /CN=f10317f24d71a516d75043be90f5abe3fa1c9259
Certificate serial:       019CABD98C4D76B54F4AD4E45C3E1D5C9174
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
Manifest number:          13FA
Signing time:             Mon 02 Mar 2026 00:01:26 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:26 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:26 +0000
Files and hashes:         1: 8QMX8k1xpRbXUEO-kPWr4_ocklk.crl (hash: 4D1pVDVZWBz7bxmysdAFbqlF9yz+sRB9ahCPvFtKplg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:8c:4d:76:b5:4f:4a:d4:e4:5c:3e:1d:5c:91:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f10317f24d71a516d75043be90f5abe3fa1c9259
        Validity
            Not Before: Mar  2 00:01:26 2026 GMT
            Not After : Mar  3 00:01:26 2026 GMT
        Subject: CN=73901b425f152457c6ce5a70301338bc78dfb264
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:75:23:91:96:09:9b:c6:a2:7b:01:f3:4c:a5:
                    9e:a0:9b:b4:b4:e2:48:b7:48:3f:4c:08:6a:3d:38:
                    3a:f1:8f:1c:e7:48:f4:a9:fc:6a:3b:18:c5:e0:8e:
                    ce:b7:f2:b9:c7:18:cd:f7:79:82:54:cb:f2:55:a3:
                    ce:68:7d:81:c0:af:43:5c:ce:9a:1f:64:a6:59:0e:
                    18:2d:26:90:14:84:a3:f1:3e:c5:b7:e7:ff:59:8a:
                    14:32:19:2d:06:aa:b9:44:44:57:c1:7a:1e:ef:e4:
                    54:27:4e:12:e3:7c:7b:ca:27:c2:fd:19:2b:58:a5:
                    98:0f:b9:fd:7c:e9:ec:aa:47:b5:ae:9a:f8:d4:44:
                    3a:70:3b:50:d4:7f:77:69:fc:bc:81:ec:e6:e3:75:
                    da:5f:fc:d2:a1:5a:5f:46:29:d1:2d:ad:5d:48:37:
                    39:e0:6a:0d:db:39:66:04:00:52:79:41:08:14:8c:
                    93:7d:f6:d8:b2:8b:fe:5a:5a:49:cc:0a:2a:b0:f9:
                    39:24:9f:49:0b:d8:78:0e:a2:3a:8b:3d:25:e5:2c:
                    88:76:ba:d2:f9:b6:df:15:bb:f2:ac:37:5b:94:32:
                    a3:11:13:2e:94:4f:2f:0e:86:22:dc:bf:ab:5a:d2:
                    19:2e:36:30:b5:34:1f:e0:4c:40:c1:67:5e:b2:dc:
                    88:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:90:1B:42:5F:15:24:57:C6:CE:5A:70:30:13:38:BC:78:DF:B2:64
            X509v3 Authority Key Identifier:
                keyid:F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:15:e1:a3:73:a1:65:3e:e1:78:e1:8b:5c:9e:c2:fc:a1:2d:
         2c:2c:f5:cd:66:d4:ef:d8:2d:11:4d:28:6b:cc:a0:5e:88:3a:
         09:41:a8:65:1b:5b:12:0b:cf:a9:58:41:10:1c:ef:30:f1:67:
         b3:2f:eb:69:44:1a:0d:62:ec:94:a8:33:54:81:48:20:1a:ca:
         90:8b:89:cb:3f:b6:97:0c:6d:69:87:1e:8d:26:e5:07:7b:f9:
         62:13:68:54:a5:f0:8e:3f:17:cf:33:40:d1:0b:ed:9f:82:86:
         c2:28:56:a2:4f:7b:c1:4a:64:c3:c2:a3:a2:6a:42:9e:be:b9:
         04:bd:a0:57:ac:ca:32:ba:f2:0e:b8:64:43:34:7c:48:4d:d9:
         bb:31:0b:8f:52:61:e8:bc:87:38:2f:a3:93:2e:b9:fb:d1:d6:
         15:8b:4a:9f:b0:aa:9c:9c:bc:7b:ac:e8:c0:3f:05:79:53:98:
         64:e7:d4:9b:13:1a:c1:a7:01:24:0c:2c:aa:19:be:8b:d0:30:
         95:74:c6:4e:8e:de:5b:21:8f:77:37:9b:18:e3:b4:7b:71:74:
         e8:9c:8d:ed:dd:72:0a:d6:57:70:09:5f:52:df:6c:6e:91:09:
         0e:c3:f2:e6:54:e2:09:9e:17:c0:58:03:2c:e3:00:8d:a2:92:
         d9:66:62:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2YxNdrVPStTkXD4dXJF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMDMxN2YyNGQ3MWE1MTZkNzUwNDNiZTkwZjVhYmUzZmEx
YzkyNTkwHhcNMjYwMzAyMDAwMTI2WhcNMjYwMzAzMDAwMTI2WjAzMTEwLwYDVQQD
Eyg3MzkwMWI0MjVmMTUyNDU3YzZjZTVhNzAzMDEzMzhiYzc4ZGZiMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3UjkZYJm8aiewHzTKWeoJu0tOJI
t0g/TAhqPTg68Y8c50j0qfxqOxjF4I7Ot/K5xxjN93mCVMvyVaPOaH2BwK9DXM6a
H2SmWQ4YLSaQFISj8T7Ft+f/WYoUMhktBqq5RERXwXoe7+RUJ04S43x7yifC/Rkr
WKWYD7n9fOnsqke1rpr41EQ6cDtQ1H93afy8gezm43XaX/zSoVpfRinRLa1dSDc5
4GoN2zlmBABSeUEIFIyTffbYsov+WlpJzAoqsPk5JJ9JC9h4DqI6iz0l5SyIdrrS
+bbfFbvyrDdblDKjERMulE8vDoYi3L+rWtIZLjYwtTQf4ExAwWdestyI6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOQG0JfFSRXxs5acDATOLx437JkMB8GA1UdIwQY
MBaAFPEDF/JNcaUW11BDvpD1q+P6HJJZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMt
NjZkNDlkZjUzZWYxLzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMtNjZkNDlkZjUzZWYx
LzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoRXho3Oh
ZT7heOGLXJ7C/KEtLCz1zWbU79gtEU0oa8ygXog6CUGoZRtbEgvPqVhBEBzvMPFn
sy/raUQaDWLslKgzVIFIIBrKkIuJyz+2lwxtaYcejSblB3v5YhNoVKXwjj8XzzNA
0Qvtn4KGwihWok97wUpkw8KjompCnr65BL2gV6zKMrryDrhkQzR8SE3ZuzELj1Jh
6LyHOC+jky65+9HWFYtKn7CqnJy8e6zowD8FeVOYZOfUmxMawacBJAwsqhm+i9Aw
lXTGTo7eWyGPdzebGOO0e3F06JyN7d1yCtZXcAlfUt9sbpEJDsPy5lTiCZ4XwFgD
LOMAjaKS2WZizQ==
-----END CERTIFICATE-----