Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          I9h8y9CeCfjnVtKT5RwFRLrlXuJQ4PvxTcWMPMo9L8g=
Subject key identifier:   F6:1E:96:91:9A:6B:57:3B:56:D1:58:44:EA:F4:53:F6:D8:44:47:D8
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       019CAAFD2C284D34006459889A9C76AA57A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          071F
Signing time:             Sun 01 Mar 2026 20:00:44 +0000
Manifest this update:     Sun 01 Mar 2026 20:00:44 +0000
Manifest next update:     Mon 02 Mar 2026 20:00:44 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: hsVSheOIkngK+njNexKKFvKWRVpATNXibHW0VmLoE9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:fd:2c:28:4d:34:00:64:59:88:9a:9c:76:aa:57:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Mar  1 20:00:44 2026 GMT
            Not After : Mar  2 20:00:44 2026 GMT
        Subject: CN=f61e96919a6b573b56d15844eaf453f6d84447d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:bf:e9:79:72:99:1b:35:c6:de:c0:aa:30:1b:
                    aa:32:df:08:b6:c4:1d:25:b2:15:c5:ac:9b:97:f1:
                    f5:ea:55:60:ea:c5:84:ad:6b:42:80:00:77:2d:d4:
                    96:1e:2b:f0:24:31:e5:cb:68:e2:f4:37:df:d4:86:
                    95:bf:5c:8c:d2:8a:85:ad:80:a8:b0:d1:49:7a:59:
                    b5:62:9c:2e:d0:d2:5e:fd:c8:f4:a8:e8:99:be:72:
                    30:e2:ce:a1:b5:ae:76:39:5e:d0:3b:f0:83:fe:44:
                    a3:98:0f:1a:22:4e:5d:fd:78:06:bf:1a:38:1d:74:
                    93:ad:4b:04:40:38:ba:7c:41:5d:fb:dc:a4:bc:a4:
                    a3:bf:4c:0a:e5:53:d5:cc:8c:ec:b7:28:ab:10:f2:
                    5a:9d:92:ab:67:58:55:3c:d3:97:16:e9:8b:6d:fe:
                    81:a6:58:13:b9:50:53:39:e4:b9:35:36:38:b3:77:
                    a0:d7:2e:b3:51:a3:c6:ee:c2:0b:b6:c0:c0:d1:c3:
                    14:a1:57:59:6e:40:2d:f2:ab:76:1f:4b:5e:6a:5a:
                    4b:03:b0:8a:76:bf:04:b5:06:21:dd:1b:25:7e:e8:
                    30:9b:f4:39:5b:96:ab:db:d1:56:3a:3c:2c:ee:ae:
                    ee:2c:93:5d:09:09:98:32:07:1d:bf:8f:52:64:e2:
                    c7:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:1E:96:91:9A:6B:57:3B:56:D1:58:44:EA:F4:53:F6:D8:44:47:D8
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:4d:92:49:89:50:45:3a:36:55:d5:65:0b:de:b6:70:23:d9:
         47:18:7c:b6:59:42:67:07:93:71:31:d5:f3:60:ee:21:bf:7a:
         f1:58:20:e1:4b:61:15:d8:06:6c:b4:f9:6e:89:d4:7a:30:5a:
         72:7e:a2:65:1d:39:e0:98:aa:14:37:f9:d5:21:d5:3d:25:92:
         df:d8:ac:54:9a:42:82:20:60:12:eb:ec:10:0c:14:7e:12:bc:
         f4:a1:e4:3b:af:e6:51:33:81:59:1f:ad:51:9e:bf:22:2b:2a:
         86:0f:3f:09:b2:b4:02:26:aa:b3:be:93:2f:a6:b9:8c:27:74:
         f6:2e:0a:02:ec:35:33:99:f4:b0:1b:26:c1:74:7d:fe:98:fd:
         7b:6a:69:36:88:8a:1d:58:66:07:c9:16:16:08:a4:c1:59:b4:
         d2:6a:60:bf:1b:06:50:d4:bf:13:f5:58:b6:e4:fa:23:69:57:
         f2:89:31:3e:3b:63:c8:ff:11:49:15:c9:16:77:41:42:3e:43:
         a7:9e:64:21:ee:95:a1:ce:14:1e:ca:76:90:c3:61:e6:b6:18:
         01:32:0e:57:ab:20:2a:75:11:9f:92:32:48:71:51:31:5c:d0:
         4d:cd:ed:6b:a5:d1:25:b7:6a:c7:7d:8b:c6:c9:38:29:2d:bf:
         b7:21:e1:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/SwoTTQAZFmImpx2qlejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjYwMzAxMjAwMDQ0WhcNMjYwMzAyMjAwMDQ0WjAzMTEwLwYDVQQD
EyhmNjFlOTY5MTlhNmI1NzNiNTZkMTU4NDRlYWY0NTNmNmQ4NDQ0N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0b/peXKZGzXG3sCqMBuqMt8ItsQd
JbIVxaybl/H16lVg6sWErWtCgAB3LdSWHivwJDHly2ji9Dff1IaVv1yM0oqFrYCo
sNFJelm1Ypwu0NJe/cj0qOiZvnIw4s6hta52OV7QO/CD/kSjmA8aIk5d/XgGvxo4
HXSTrUsEQDi6fEFd+9ykvKSjv0wK5VPVzIzstyirEPJanZKrZ1hVPNOXFumLbf6B
plgTuVBTOeS5NTY4s3eg1y6zUaPG7sILtsDA0cMUoVdZbkAt8qt2H0tealpLA7CK
dr8EtQYh3Rslfugwm/Q5W5ar29FWOjws7q7uLJNdCQmYMgcdv49SZOLHYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPYelpGaa1c7VtFYROr0U/bYREfYMB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgU2SSYlQ
RTo2VdVlC962cCPZRxh8tllCZweTcTHV82DuIb968Vgg4UthFdgGbLT5bonUejBa
cn6iZR054JiqFDf51SHVPSWS39isVJpCgiBgEuvsEAwUfhK89KHkO6/mUTOBWR+t
UZ6/Iisqhg8/CbK0Aiaqs76TL6a5jCd09i4KAuw1M5n0sBsmwXR9/pj9e2ppNoiK
HVhmB8kWFgikwVm00mpgvxsGUNS/E/VYtuT6I2lX8okxPjtjyP8RSRXJFndBQj5D
p55kIe6Voc4UHsp2kMNh5rYYATIOV6sgKnURn5IySHFRMVzQTc3ta6XRJbdqx32L
xsk4KS2/tyHhJQ==
-----END CERTIFICATE-----