Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
File:                     D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft (raw, json)
Hash identifier:          iJFcjRuqsxdrCSRnQ1RJGdb916BTIm58vdPV9H2hGtY=
Subject key identifier:   89:AD:19:3D:94:A8:19:53:32:41:38:E6:60:0F:A2:16:23:A9:A2:67
Authority key identifier: 0F:49:C4:9A:75:CF:6E:24:8C:9B:51:C7:05:4D:B2:F8:D9:DC:ED:CB
Certificate issuer:       /CN=0f49c49a75cf6e248c9b51c7054db2f8d9dcedcb
Certificate serial:       019CAD2248EF0FE6B4FBDD199B405C36D775
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
Manifest number:          0D52
Signing time:             Mon 02 Mar 2026 06:00:31 +0000
Manifest this update:     Mon 02 Mar 2026 06:00:31 +0000
Manifest next update:     Tue 03 Mar 2026 06:00:31 +0000
Files and hashes:         1: D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl (hash: NoeF2NZ/A5eWInxZaZBzBbt8zERaNDQRxMqf1xVRq14=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:22:48:ef:0f:e6:b4:fb:dd:19:9b:40:5c:36:d7:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f49c49a75cf6e248c9b51c7054db2f8d9dcedcb
        Validity
            Not Before: Mar  2 06:00:31 2026 GMT
            Not After : Mar  3 06:00:31 2026 GMT
        Subject: CN=89ad193d94a81953324138e6600fa21623a9a267
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:35:09:9c:e7:37:72:82:31:43:40:74:4c:4a:
                    42:a3:5c:c3:cd:9c:b2:db:89:d8:9b:87:1b:d5:b4:
                    60:63:96:e1:92:e9:d4:70:2e:a5:d1:34:7f:cc:aa:
                    9e:b5:24:f4:95:50:97:8c:0a:85:a6:12:a5:85:91:
                    04:5b:23:7e:8a:b3:5e:50:af:94:fa:92:54:b9:20:
                    4e:cd:60:fd:c6:1d:32:31:20:d0:61:bb:6a:b5:f3:
                    92:96:1b:78:b1:4c:79:c0:dd:31:ec:a4:68:3f:68:
                    50:2e:f7:93:39:cc:6f:a4:41:42:5a:e3:53:f9:de:
                    4f:ce:6e:b2:13:db:77:f0:e7:cd:32:b8:51:d9:7e:
                    79:3b:e0:de:14:c0:87:89:ae:bc:cb:25:1f:fc:22:
                    17:53:ef:4c:4d:18:b3:62:c9:3a:c8:e5:dc:bd:42:
                    5a:6b:16:8e:72:6a:b5:44:30:8c:89:13:36:72:96:
                    44:26:53:73:1d:c8:41:25:f9:46:15:6c:f8:13:d9:
                    ac:d7:26:2b:7f:eb:ae:1a:9f:a1:d9:8e:80:c8:db:
                    b3:ec:3d:55:76:a9:59:00:a2:d0:b8:e5:33:cd:93:
                    ae:fb:c4:4b:fb:2f:26:e1:b0:d2:7e:d8:bf:1f:db:
                    fa:19:17:05:9b:88:35:63:da:9b:ac:94:1e:5f:85:
                    59:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:AD:19:3D:94:A8:19:53:32:41:38:E6:60:0F:A2:16:23:A9:A2:67
            X509v3 Authority Key Identifier:
                keyid:0F:49:C4:9A:75:CF:6E:24:8C:9B:51:C7:05:4D:B2:F8:D9:DC:ED:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:e3:59:97:a4:b3:b6:5f:16:09:4b:2e:43:e7:a6:ca:59:b5:
         45:5e:8e:0b:ef:37:0d:9e:71:b4:d5:e8:e5:96:94:8e:21:e7:
         47:d1:f3:3f:82:98:70:0a:a3:43:14:08:47:28:d1:3a:00:3d:
         d5:15:b3:da:2b:dc:b2:e8:05:b1:92:88:1a:84:54:3c:81:fa:
         d1:ef:68:e1:fd:34:16:5b:36:d7:77:80:f8:a5:04:c5:90:8d:
         13:75:9f:83:46:f2:8e:40:33:a0:ef:27:57:9b:52:f9:d7:49:
         2a:9f:31:fe:37:81:6c:f6:81:52:61:aa:27:2e:de:d1:8c:b8:
         fb:68:52:d2:90:b0:d0:01:fa:24:4f:65:31:23:0b:b2:90:8d:
         61:56:39:bf:7d:54:1c:ca:67:8e:09:ca:9b:d4:67:55:96:29:
         1c:00:35:bb:fa:bd:db:b3:10:82:43:d3:97:49:51:81:a9:98:
         81:21:3d:31:2f:cf:fd:58:74:df:a7:29:d1:cc:cd:5b:17:16:
         81:7b:6c:1c:ed:fb:c6:4b:80:87:27:d0:e1:01:17:fd:2c:0a:
         3f:02:17:2e:7b:82:93:3d:e5:1b:3f:14:4e:1d:66:01:07:ab:
         b4:cb:1e:10:6e:c8:90:01:a4:62:12:cb:f1:4b:a3:02:31:42:
         ed:a4:a3:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIkjvD+a0+90Zm0BcNtd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDljNDlhNzVjZjZlMjQ4YzliNTFjNzA1NGRiMmY4ZDlk
Y2VkY2IwHhcNMjYwMzAyMDYwMDMxWhcNMjYwMzAzMDYwMDMxWjAzMTEwLwYDVQQD
Eyg4OWFkMTkzZDk0YTgxOTUzMzI0MTM4ZTY2MDBmYTIxNjIzYTlhMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTUJnOc3coIxQ0B0TEpCo1zDzZyy
24nYm4cb1bRgY5bhkunUcC6l0TR/zKqetST0lVCXjAqFphKlhZEEWyN+irNeUK+U
+pJUuSBOzWD9xh0yMSDQYbtqtfOSlht4sUx5wN0x7KRoP2hQLveTOcxvpEFCWuNT
+d5Pzm6yE9t38OfNMrhR2X55O+DeFMCHia68yyUf/CIXU+9MTRizYsk6yOXcvUJa
axaOcmq1RDCMiRM2cpZEJlNzHchBJflGFWz4E9ms1yYrf+uuGp+h2Y6AyNuz7D1V
dqlZAKLQuOUzzZOu+8RL+y8m4bDSfti/H9v6GRcFm4g1Y9qbrJQeX4VZNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImtGT2UqBlTMkE45mAPohYjqaJnMB8GA1UdIwQY
MBaAFA9JxJp1z24kjJtRxwVNsvjZ3O3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9jZWExNjEtY2I1Yy00ZTQxLWI4MzYt
ZDgwMDc3ZTEyYjVkLzEvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9jZWExNjEtY2I1Yy00ZTQxLWI4MzYtZDgwMDc3ZTEyYjVk
LzEvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYeNZl6Sz
tl8WCUsuQ+emylm1RV6OC+83DZ5xtNXo5ZaUjiHnR9HzP4KYcAqjQxQIRyjROgA9
1RWz2ivcsugFsZKIGoRUPIH60e9o4f00Fls213eA+KUExZCNE3Wfg0byjkAzoO8n
V5tS+ddJKp8x/jeBbPaBUmGqJy7e0Yy4+2hS0pCw0AH6JE9lMSMLspCNYVY5v31U
HMpnjgnKm9RnVZYpHAA1u/q927MQgkPTl0lRgamYgSE9MS/P/Vh036cp0czNWxcW
gXtsHO37xkuAhyfQ4QEX/SwKPwIXLnuCkz3lGz8UTh1mAQertMseEG7IkAGkYhLL
8UujAjFC7aSjcQ==
-----END CERTIFICATE-----