Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          RiluvNMMgX2s4rHSHal7DBwVV2pa2jSFcy29MlV7awM=
Subject key identifier:   FB:F7:6A:69:E2:94:C7:24:BC:3A:13:DD:1E:6D:6A:B8:51:AC:8B:85
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       019CAD5A39821815C5985B506F101459B505
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          0A70
Signing time:             Mon 02 Mar 2026 07:01:37 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:37 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:37 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: khcgonZH/9/nR3g19/0ihVy7y1DEYOO+DitxUaphJyk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:39:82:18:15:c5:98:5b:50:6f:10:14:59:b5:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Mar  2 07:01:37 2026 GMT
            Not After : Mar  3 07:01:37 2026 GMT
        Subject: CN=fbf76a69e294c724bc3a13dd1e6d6ab851ac8b85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:be:7e:65:dd:38:74:8b:f8:97:db:eb:7b:94:
                    2c:44:ca:5d:6e:09:8e:36:50:b8:4f:b6:7c:d0:33:
                    02:f2:77:62:c1:5c:99:c1:c6:82:34:76:81:e9:20:
                    b9:1a:07:fa:6e:70:5b:db:b4:fe:fc:09:7b:16:62:
                    28:3d:7d:52:b9:d2:65:ba:55:53:64:47:b2:e7:03:
                    d1:d9:aa:df:50:df:f7:24:04:96:2a:7e:15:6a:08:
                    d6:3c:a7:74:2d:71:2c:3d:00:c9:c7:c8:94:fa:2a:
                    2d:a6:a3:ea:2f:da:d8:fb:2f:2c:f3:f3:58:bc:e9:
                    70:24:d8:94:f0:a7:42:c5:7a:4d:c1:16:b5:67:27:
                    7b:09:cf:fd:d0:ed:89:63:c3:a9:a5:8b:23:9b:14:
                    5b:71:3c:67:10:93:03:a6:2c:75:92:8d:7f:7e:da:
                    ba:72:7c:a9:26:0c:02:f8:3f:be:ac:56:db:2b:37:
                    4f:bc:8f:1f:83:fc:23:bb:c1:3a:d9:d5:2a:0c:0c:
                    68:27:2b:89:d1:70:b6:36:d3:6d:f7:d4:92:14:ba:
                    76:46:46:27:09:7e:7a:36:1b:2b:7f:b0:3d:f4:ba:
                    b4:c3:8a:9e:3f:6a:63:af:a1:2d:c0:17:8a:ad:e4:
                    0a:3b:5b:01:6b:1a:70:25:82:08:18:90:4a:5f:ec:
                    92:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:F7:6A:69:E2:94:C7:24:BC:3A:13:DD:1E:6D:6A:B8:51:AC:8B:85
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:4b:00:f9:fd:c1:d2:00:b8:34:3b:a1:ce:0b:d6:e6:fe:53:
         61:a2:b6:22:46:12:52:ff:b1:a3:8d:e2:e9:ee:f3:d3:94:4e:
         e0:f1:21:c3:d6:c7:a9:a5:69:25:30:db:00:16:e1:f3:34:a9:
         d4:f7:27:4f:41:ec:6f:f3:df:52:52:95:bf:6f:f4:30:5c:6b:
         62:c9:da:ad:c4:2d:03:98:27:e7:75:4f:1a:c7:b1:b3:d1:d1:
         14:6d:18:9c:b0:06:83:fe:ad:34:5b:35:cf:7d:e1:09:c5:0e:
         9d:d4:3e:70:5a:56:cd:4a:e9:25:34:d0:4e:b8:b1:cf:1e:d0:
         9c:4a:fc:06:42:cd:11:51:7d:eb:83:26:1b:3f:d6:0b:02:77:
         09:4b:fe:06:54:de:18:38:1a:02:be:0b:4d:60:8e:b9:fd:8a:
         e3:a9:14:31:dd:dd:e5:6e:e0:25:55:10:3c:8f:b0:c6:b3:1e:
         1e:5b:47:ff:ef:b1:5e:04:57:bb:58:7a:75:6f:b7:1c:e8:d5:
         7e:31:18:03:0c:06:27:2b:76:20:eb:0d:05:03:79:e1:aa:f4:
         36:59:d3:cb:62:b7:ec:df:32:60:42:b0:8f:97:0f:e6:cf:b7:
         2a:8f:54:4e:8d:8c:88:70:f7:00:b1:b9:fc:f0:94:83:07:41:
         d2:7b:d0:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWjmCGBXFmFtQbxAUWbUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjYwMzAyMDcwMTM3WhcNMjYwMzAzMDcwMTM3WjAzMTEwLwYDVQQD
EyhmYmY3NmE2OWUyOTRjNzI0YmMzYTEzZGQxZTZkNmFiODUxYWM4Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb5+Zd04dIv4l9vre5QsRMpdbgmO
NlC4T7Z80DMC8ndiwVyZwcaCNHaB6SC5Ggf6bnBb27T+/Al7FmIoPX1SudJlulVT
ZEey5wPR2arfUN/3JASWKn4VagjWPKd0LXEsPQDJx8iU+iotpqPqL9rY+y8s8/NY
vOlwJNiU8KdCxXpNwRa1Zyd7Cc/90O2JY8OppYsjmxRbcTxnEJMDpix1ko1/ftq6
cnypJgwC+D++rFbbKzdPvI8fg/wju8E62dUqDAxoJyuJ0XC2NtNt99SSFLp2RkYn
CX56Nhsrf7A99Lq0w4qeP2pjr6EtwBeKreQKO1sBaxpwJYIIGJBKX+ySRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPv3amnilMckvDoT3R5tarhRrIuFMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmksA+f3B
0gC4NDuhzgvW5v5TYaK2IkYSUv+xo43i6e7z05RO4PEhw9bHqaVpJTDbABbh8zSp
1PcnT0Hsb/PfUlKVv2/0MFxrYsnarcQtA5gn53VPGsexs9HRFG0YnLAGg/6tNFs1
z33hCcUOndQ+cFpWzUrpJTTQTrixzx7QnEr8BkLNEVF964MmGz/WCwJ3CUv+BlTe
GDgaAr4LTWCOuf2K46kUMd3d5W7gJVUQPI+wxrMeHltH/++xXgRXu1h6dW+3HOjV
fjEYAwwGJyt2IOsNBQN54ar0NlnTy2K37N8yYEKwj5cP5s+3Ko9UTo2MiHD3ALG5
/PCUgwdB0nvQXg==
-----END CERTIFICATE-----