Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
File:                     j39d3CK0NKz6QNZ-5QsEKQxw27M.mft (raw, json)
Hash identifier:          Wv7SARjz6SbqTrl104y05SqBL53vxaFrgKM9W6K12og=
Subject key identifier:   58:B3:05:A9:02:48:AC:25:70:03:B3:7E:9D:87:30:1E:A2:EF:04:73
Authority key identifier: 8F:7F:5D:DC:22:B4:34:AC:FA:40:D6:7E:E5:0B:04:29:0C:70:DB:B3
Certificate issuer:       /CN=8f7f5ddc22b434acfa40d67ee50b04290c70dbb3
Certificate serial:       019CAD5968D639B47A342BD3B485ADDB8E9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
Manifest number:          09DD
Signing time:             Mon 02 Mar 2026 07:00:43 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:43 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:43 +0000
Files and hashes:         1: j39d3CK0NKz6QNZ-5QsEKQxw27M.crl (hash: /XdA1ymWAFnmywRf8zmElQjoq87mT4qTaG1qUtbVXDs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:68:d6:39:b4:7a:34:2b:d3:b4:85:ad:db:8e:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7f5ddc22b434acfa40d67ee50b04290c70dbb3
        Validity
            Not Before: Mar  2 07:00:43 2026 GMT
            Not After : Mar  3 07:00:43 2026 GMT
        Subject: CN=58b305a90248ac257003b37e9d87301ea2ef0473
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7e:86:40:2b:fe:e3:84:02:a3:2f:d1:e0:44:
                    3b:b3:85:4d:99:77:f8:9d:8f:04:e0:d5:ce:e9:16:
                    dd:30:e2:7c:9d:5c:ba:d0:1b:83:09:bc:b8:41:3e:
                    05:20:df:91:07:fc:08:11:4a:5a:98:82:43:b6:47:
                    99:af:6a:98:e3:06:df:b6:bb:36:94:c5:b8:e6:d8:
                    d4:ba:55:16:25:c8:cc:02:52:52:04:63:d4:80:c1:
                    83:22:12:2d:0b:6f:33:1b:2b:b8:ac:e7:30:e5:f9:
                    1d:d9:0b:74:32:41:15:c7:bc:40:78:47:0f:78:64:
                    d9:f7:b2:43:7f:f8:e7:7b:cb:08:89:c0:40:4e:be:
                    26:1d:c3:b0:45:80:3f:b2:77:03:b4:fd:61:5b:af:
                    1a:a5:67:39:fe:60:ca:be:ed:82:f8:a2:0d:92:3e:
                    74:5a:a6:7e:f1:f7:70:c2:21:dc:39:1a:4b:48:f0:
                    49:7e:9b:2f:26:02:41:11:3f:0c:41:b8:6e:25:2c:
                    77:39:99:df:1f:bd:e4:e0:6c:58:ad:34:39:f2:bc:
                    11:57:12:ce:ec:d4:f5:10:96:0f:b5:77:3a:78:cc:
                    31:bf:8f:58:3c:7e:0c:e0:b2:73:94:2b:71:99:04:
                    d5:e5:1d:1c:f6:da:60:48:b7:67:48:8b:4b:97:0b:
                    6a:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:B3:05:A9:02:48:AC:25:70:03:B3:7E:9D:87:30:1E:A2:EF:04:73
            X509v3 Authority Key Identifier:
                keyid:8F:7F:5D:DC:22:B4:34:AC:FA:40:D6:7E:E5:0B:04:29:0C:70:DB:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j39d3CK0NKz6QNZ-5QsEKQxw27M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/69fd69-2c27-4870-9cc9-32dac4b140ed/1/j39d3CK0NKz6QNZ-5QsEKQxw27M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:8a:c3:37:22:d6:0c:20:cc:0a:f0:9a:52:ad:fd:a5:9b:36:
         b0:21:6f:c5:1c:f9:17:49:dc:fe:64:d2:8f:b4:24:76:0d:ae:
         c5:1c:ee:a8:85:0b:0d:cc:96:bf:7e:fe:4c:3f:4b:ef:95:a3:
         ea:20:a8:c8:03:0f:9b:dc:fc:3f:57:ab:d8:7a:d9:47:d7:0a:
         e0:0e:e2:a9:c4:54:10:3b:1b:dd:7a:ff:ad:a5:bd:d4:73:d1:
         0a:c4:ff:2e:7a:46:9d:24:99:50:dc:59:f1:cc:db:43:83:f4:
         14:e9:1b:c0:3c:2a:a0:85:69:26:58:60:6a:c5:72:21:60:dd:
         b8:db:26:cf:04:2f:4d:78:cf:55:aa:0c:73:60:10:3e:91:ef:
         d3:fb:40:b6:60:df:88:4d:2b:86:36:91:5c:05:f4:53:23:07:
         94:f0:50:e0:ce:18:31:a4:22:bc:4a:6d:13:2c:ec:d2:42:8a:
         69:87:51:e9:9e:c0:ad:14:73:a5:b5:94:cb:12:58:c3:0d:6e:
         03:68:42:ee:79:4c:6a:d1:40:e0:0b:68:a0:90:aa:58:1c:c4:
         01:b4:70:f8:3b:8f:c6:6e:f4:02:c6:37:07:92:01:f1:62:ec:
         37:ed:9b:18:3b:fd:58:e0:4d:41:44:75:9b:29:46:0c:f7:a7:
         46:59:f9:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWWjWObR6NCvTtIWt246dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Y1ZGRjMjJiNDM0YWNmYTQwZDY3ZWU1MGIwNDI5MGM3
MGRiYjMwHhcNMjYwMzAyMDcwMDQzWhcNMjYwMzAzMDcwMDQzWjAzMTEwLwYDVQQD
Eyg1OGIzMDVhOTAyNDhhYzI1NzAwM2IzN2U5ZDg3MzAxZWEyZWYwNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy36GQCv+44QCoy/R4EQ7s4VNmXf4
nY8E4NXO6RbdMOJ8nVy60BuDCby4QT4FIN+RB/wIEUpamIJDtkeZr2qY4wbftrs2
lMW45tjUulUWJcjMAlJSBGPUgMGDIhItC28zGyu4rOcw5fkd2Qt0MkEVx7xAeEcP
eGTZ97JDf/jne8sIicBATr4mHcOwRYA/sncDtP1hW68apWc5/mDKvu2C+KINkj50
WqZ+8fdwwiHcORpLSPBJfpsvJgJBET8MQbhuJSx3OZnfH73k4GxYrTQ58rwRVxLO
7NT1EJYPtXc6eMwxv49YPH4M4LJzlCtxmQTV5R0c9tpgSLdnSItLlwtqkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFizBakCSKwlcAOzfp2HMB6i7wRzMB8GA1UdIwQY
MBaAFI9/XdwitDSs+kDWfuULBCkMcNuzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82OWZkNjktMmMyNy00ODcwLTljYzkt
MzJkYWM0YjE0MGVkLzEvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82OWZkNjktMmMyNy00ODcwLTljYzktMzJkYWM0YjE0MGVk
LzEvajM5ZDNDSzBOS3o2UU5aLTVRc0VLUXh3MjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVorDNyLW
DCDMCvCaUq39pZs2sCFvxRz5F0nc/mTSj7Qkdg2uxRzuqIULDcyWv37+TD9L75Wj
6iCoyAMPm9z8P1er2HrZR9cK4A7iqcRUEDsb3Xr/raW91HPRCsT/LnpGnSSZUNxZ
8czbQ4P0FOkbwDwqoIVpJlhgasVyIWDduNsmzwQvTXjPVaoMc2AQPpHv0/tAtmDf
iE0rhjaRXAX0UyMHlPBQ4M4YMaQivEptEyzs0kKKaYdR6Z7ArRRzpbWUyxJYww1u
A2hC7nlMatFA4AtooJCqWBzEAbRw+DuPxm70AsY3B5IB8WLsN+2bGDv9WOBNQUR1
mylGDPenRln5eg==
-----END CERTIFICATE-----