Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
File:                     FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft (raw, json)
Hash identifier:          0vyTyTgt3kRKi7BzRvj0TDT8YGQ/Exqt59jP6Dyaa2I=
Subject key identifier:   68:5D:63:64:0C:DF:B1:BD:52:59:F1:E6:16:85:18:3E:C2:56:B5:0F
Authority key identifier: 14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A
Certificate issuer:       /CN=14c2eab6a2960506046a1da4312773d98e97cd5a
Certificate serial:       019CA97CC9EC768FF4497B3D27380F7151B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
Manifest number:          0CE7
Signing time:             Sun 01 Mar 2026 13:00:53 +0000
Manifest this update:     Sun 01 Mar 2026 13:00:53 +0000
Manifest next update:     Mon 02 Mar 2026 13:00:53 +0000
Files and hashes:         1: FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl (hash: DTnAiiRKz81zYgVb0T3bK/p0RKYX/Bks6nWgxYpqclY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7c:c9:ec:76:8f:f4:49:7b:3d:27:38:0f:71:51:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c2eab6a2960506046a1da4312773d98e97cd5a
        Validity
            Not Before: Mar  1 13:00:53 2026 GMT
            Not After : Mar  2 13:00:53 2026 GMT
        Subject: CN=685d63640cdfb1bd5259f1e61685183ec256b50f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:12:45:d1:31:ad:ff:f9:66:41:1b:9a:a2:72:
                    94:de:1f:d6:d9:a5:a3:5d:53:e5:1b:29:12:ac:cb:
                    ec:7e:27:d5:d7:9d:d0:a7:74:48:90:7d:d0:fc:3a:
                    55:22:66:4e:c4:70:8c:e2:14:5c:15:7e:d1:b5:6c:
                    ad:7d:99:5f:96:12:8f:aa:56:9a:a6:09:2f:ad:c1:
                    5d:07:2c:81:b4:2e:1d:19:5d:50:c0:b1:80:f7:46:
                    77:b7:45:17:61:9f:bb:2d:b5:bc:4a:79:21:4e:8f:
                    ba:2b:27:a9:f1:c2:1d:57:e5:fa:37:bb:32:3d:08:
                    78:33:e7:c8:f1:49:4d:0c:59:1f:51:c6:d3:58:78:
                    4e:00:c7:e0:02:f5:fe:ff:ab:60:e3:37:71:98:68:
                    61:24:43:41:a0:06:71:68:d1:47:29:d4:e4:fe:56:
                    85:b4:01:b9:68:cf:ea:29:1c:92:f6:78:d2:90:31:
                    0d:9c:a7:2d:1c:64:d8:ed:f1:85:f7:ea:6e:e7:bd:
                    a3:fa:43:5f:71:03:66:33:c4:cb:9f:ff:d8:81:e5:
                    de:63:e1:5d:3c:1e:9e:c9:f6:a2:c4:f8:8e:a9:41:
                    94:47:54:fc:a0:c5:27:00:f1:ab:09:eb:14:0c:e2:
                    5e:f3:51:50:59:a9:64:24:fc:c6:e9:64:fc:3b:e8:
                    94:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:5D:63:64:0C:DF:B1:BD:52:59:F1:E6:16:85:18:3E:C2:56:B5:0F
            X509v3 Authority Key Identifier:
                keyid:14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:8d:e3:84:78:b9:20:02:c9:38:b8:bf:8a:bf:24:87:c6:d8:
         af:28:c9:ba:a6:9c:6f:36:a8:38:38:07:8d:1b:4a:7b:4b:d7:
         f8:67:bc:d3:13:76:b0:8d:f1:6d:6c:ec:57:38:60:bf:98:ba:
         31:21:4e:45:3a:6d:4b:31:a4:88:21:9d:cb:0d:a1:a9:b7:ef:
         a7:b6:0d:98:c7:d3:d6:a5:06:ae:90:b2:fb:c4:40:29:55:00:
         61:33:43:ba:d0:8f:eb:a8:b2:c1:20:3e:c4:f6:47:3c:5b:27:
         6c:c9:fb:2e:bc:f4:56:65:e4:47:c4:16:d9:dd:dc:bf:35:03:
         14:73:ec:19:21:80:e8:f0:21:71:0f:5a:49:a9:b0:f6:c2:48:
         8f:fb:f9:dc:23:4b:42:45:a8:36:6f:6a:db:45:c1:6d:e0:4b:
         d3:31:4a:6b:4e:57:a9:4c:c4:c0:8c:18:4a:6f:a0:ea:91:9d:
         03:d7:32:05:fa:ac:7a:ea:c2:19:69:2c:6a:a8:d4:47:a2:ba:
         e7:47:88:f9:03:d0:99:39:23:02:3c:10:d1:ee:e4:4e:cf:72:
         27:0a:c2:23:ec:24:90:64:8b:b0:d3:bf:ef:e5:6d:17:e2:ac:
         f7:e7:ff:24:45:e9:37:30:ae:ac:5c:17:c9:be:88:6f:59:97:
         6e:dc:00:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfMnsdo/0SXs9JzgPcVGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzJlYWI2YTI5NjA1MDYwNDZhMWRhNDMxMjc3M2Q5OGU5
N2NkNWEwHhcNMjYwMzAxMTMwMDUzWhcNMjYwMzAyMTMwMDUzWjAzMTEwLwYDVQQD
Eyg2ODVkNjM2NDBjZGZiMWJkNTI1OWYxZTYxNjg1MTgzZWMyNTZiNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BJF0TGt//lmQRuaonKU3h/W2aWj
XVPlGykSrMvsfifV153Qp3RIkH3Q/DpVImZOxHCM4hRcFX7RtWytfZlflhKPqlaa
pgkvrcFdByyBtC4dGV1QwLGA90Z3t0UXYZ+7LbW8SnkhTo+6Kyep8cIdV+X6N7sy
PQh4M+fI8UlNDFkfUcbTWHhOAMfgAvX+/6tg4zdxmGhhJENBoAZxaNFHKdTk/laF
tAG5aM/qKRyS9njSkDENnKctHGTY7fGF9+pu572j+kNfcQNmM8TLn//YgeXeY+Fd
PB6eyfaixPiOqUGUR1T8oMUnAPGrCesUDOJe81FQWalkJPzG6WT8O+iUvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhdY2QM37G9Ulnx5haFGD7CVrUPMB8GA1UdIwQY
MBaAFBTC6railgUGBGodpDEnc9mOl81aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQt
NjExZTU3ZGE5NWMwLzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQtNjExZTU3ZGE5NWMw
LzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOY3jhHi5
IALJOLi/ir8kh8bYryjJuqacbzaoODgHjRtKe0vX+Ge80xN2sI3xbWzsVzhgv5i6
MSFORTptSzGkiCGdyw2hqbfvp7YNmMfT1qUGrpCy+8RAKVUAYTNDutCP66iywSA+
xPZHPFsnbMn7Lrz0VmXkR8QW2d3cvzUDFHPsGSGA6PAhcQ9aSamw9sJIj/v53CNL
QkWoNm9q20XBbeBL0zFKa05XqUzEwIwYSm+g6pGdA9cyBfqseurCGWksaqjUR6K6
50eI+QPQmTkjAjwQ0e7kTs9yJwrCI+wkkGSLsNO/7+VtF+Ks9+f/JEXpNzCurFwX
yb6Ib1mXbtwApw==
-----END CERTIFICATE-----