Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.mft
File:                     8E3LHKHUaLwERw8dtKRuz1uCeEg.mft (raw, json)
Hash identifier:          74kEIcqdtBGE3T2Dg1LICi8bjgiLiSUjyg86PDXzblQ=
Subject key identifier:   67:3E:95:10:88:8E:F8:F7:8C:0F:48:87:3A:78:FB:91:84:16:41:D2
Authority key identifier: F0:4D:CB:1C:A1:D4:68:BC:04:47:0F:1D:B4:A4:6E:CF:5B:82:78:48
Certificate issuer:       /CN=f04dcb1ca1d468bc04470f1db4a46ecf5b827848
Certificate serial:       019CAC0FA2036AC9A596DC1085B290456DE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8E3LHKHUaLwERw8dtKRuz1uCeEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.mft
Manifest number:          04C5
Signing time:             Mon 02 Mar 2026 01:00:31 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:31 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:31 +0000
Files and hashes:         1: 8E3LHKHUaLwERw8dtKRuz1uCeEg.crl (hash: FBL3RfMFNi1VKmPjTMdIE/TQHAW60Tp+dQmQdvyXbiE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8E3LHKHUaLwERw8dtKRuz1uCeEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:a2:03:6a:c9:a5:96:dc:10:85:b2:90:45:6d:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f04dcb1ca1d468bc04470f1db4a46ecf5b827848
        Validity
            Not Before: Mar  2 01:00:31 2026 GMT
            Not After : Mar  3 01:00:31 2026 GMT
        Subject: CN=673e9510888ef8f78c0f48873a78fb91841641d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:90:c2:ce:c8:9d:05:78:1b:0a:23:5f:94:4b:
                    43:6f:6b:79:41:4e:76:be:ab:ba:7d:74:cf:ee:9f:
                    a6:77:2a:50:8b:16:09:cb:cd:99:e7:36:dd:ab:c9:
                    46:b4:ed:a9:d7:14:c8:00:c6:8e:13:32:6f:93:11:
                    52:a5:a0:a9:f6:ff:53:97:e4:3d:a4:1d:dd:12:52:
                    28:21:41:0a:15:c8:5f:f3:9f:cc:b1:3e:30:43:c4:
                    4a:8c:5e:d0:4d:0a:8a:5c:00:db:1e:ea:61:d4:b3:
                    28:f5:c5:25:01:cf:7d:29:95:53:62:54:8b:91:d0:
                    f6:44:13:f6:87:fc:1c:f4:c4:7d:83:1b:48:d0:3e:
                    93:58:2d:9b:f3:21:87:ba:48:af:e2:b2:2f:df:bd:
                    e4:06:2d:7e:09:9c:26:6e:e9:35:c0:ad:45:c8:4d:
                    33:cd:70:42:c6:da:9b:c3:a4:76:ee:5f:db:8c:72:
                    75:99:33:e0:4a:a6:c7:33:fa:c5:47:46:3d:10:ee:
                    af:f6:11:47:70:1e:95:48:03:8b:4f:d0:f7:9a:a1:
                    5e:74:82:91:5a:c0:ec:43:c3:16:f0:be:cc:1b:f5:
                    30:3a:3a:62:84:21:51:32:eb:74:28:69:f1:5c:9e:
                    01:40:81:e3:d3:58:8c:a3:d3:ce:1a:0d:2f:ce:55:
                    1b:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:3E:95:10:88:8E:F8:F7:8C:0F:48:87:3A:78:FB:91:84:16:41:D2
            X509v3 Authority Key Identifier:
                keyid:F0:4D:CB:1C:A1:D4:68:BC:04:47:0F:1D:B4:A4:6E:CF:5B:82:78:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E3LHKHUaLwERw8dtKRuz1uCeEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c56b1b-4b10-41dc-9ffa-db5160ee74e7/1/8E3LHKHUaLwERw8dtKRuz1uCeEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:63:22:a1:bf:65:f4:e6:fb:59:53:b8:b2:4d:2c:48:ee:68:
         7f:26:b2:31:5c:48:07:4d:ba:86:80:e2:32:42:56:df:f8:a8:
         18:89:71:05:88:2e:7b:1c:21:27:cf:8d:ce:4d:d3:45:86:7c:
         1d:81:01:80:1e:f7:f4:31:a4:14:35:f1:3c:8a:4a:4d:bc:0f:
         03:5a:35:9a:5c:ed:41:80:b3:25:27:3c:1a:b7:4d:ed:7b:e3:
         2e:3a:ee:51:4e:ae:3d:84:ab:04:b5:81:ee:2c:05:c1:78:fc:
         66:f5:86:61:47:03:95:37:8f:9a:89:28:3e:c7:0c:cd:e8:a9:
         31:38:be:70:f9:a1:7e:fb:87:66:82:50:8b:1c:ad:ad:a1:1d:
         9a:1b:11:ec:d0:20:07:61:10:57:bb:be:63:5c:79:bc:ff:86:
         0a:fd:7a:d7:a2:79:1f:b2:a7:5e:43:4e:0d:f8:b1:b9:2c:f0:
         52:21:06:5c:7d:12:07:c6:70:74:ec:a3:68:aa:05:f9:7f:8d:
         7e:d4:60:df:87:e2:11:16:af:bf:8d:39:0b:5c:db:34:41:c0:
         8f:b7:71:18:53:e3:82:9c:52:d0:15:52:1f:dc:3d:77:3c:d3:
         ba:b0:6c:b3:aa:ff:13:17:3f:6e:8e:ac:8a:6d:38:d1:ed:37:
         01:4b:39:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD6IDasmlltwQhbKQRW3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGRjYjFjYTFkNDY4YmMwNDQ3MGYxZGI0YTQ2ZWNmNWI4
Mjc4NDgwHhcNMjYwMzAyMDEwMDMxWhcNMjYwMzAzMDEwMDMxWjAzMTEwLwYDVQQD
Eyg2NzNlOTUxMDg4OGVmOGY3OGMwZjQ4ODczYTc4ZmI5MTg0MTY0MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppDCzsidBXgbCiNflEtDb2t5QU52
vqu6fXTP7p+mdypQixYJy82Z5zbdq8lGtO2p1xTIAMaOEzJvkxFSpaCp9v9Tl+Q9
pB3dElIoIUEKFchf85/MsT4wQ8RKjF7QTQqKXADbHuph1LMo9cUlAc99KZVTYlSL
kdD2RBP2h/wc9MR9gxtI0D6TWC2b8yGHukiv4rIv373kBi1+CZwmbuk1wK1FyE0z
zXBCxtqbw6R27l/bjHJ1mTPgSqbHM/rFR0Y9EO6v9hFHcB6VSAOLT9D3mqFedIKR
WsDsQ8MW8L7MG/UwOjpihCFRMut0KGnxXJ4BQIHj01iMo9POGg0vzlUbGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGc+lRCIjvj3jA9Ihzp4+5GEFkHSMB8GA1UdIwQY
MBaAFPBNyxyh1Gi8BEcPHbSkbs9bgnhIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEUzTEhLSFVhTHdFUnc4ZHRLUnV6MXVDZUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9jNTZiMWItNGIxMC00MWRjLTlmZmEt
ZGI1MTYwZWU3NGU3LzEvOEUzTEhLSFVhTHdFUnc4ZHRLUnV6MXVDZUVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9jNTZiMWItNGIxMC00MWRjLTlmZmEtZGI1MTYwZWU3NGU3
LzEvOEUzTEhLSFVhTHdFUnc4ZHRLUnV6MXVDZUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxmMiob9l
9Ob7WVO4sk0sSO5ofyayMVxIB026hoDiMkJW3/ioGIlxBYguexwhJ8+Nzk3TRYZ8
HYEBgB739DGkFDXxPIpKTbwPA1o1mlztQYCzJSc8GrdN7XvjLjruUU6uPYSrBLWB
7iwFwXj8ZvWGYUcDlTePmokoPscMzeipMTi+cPmhfvuHZoJQixytraEdmhsR7NAg
B2EQV7u+Y1x5vP+GCv1616J5H7KnXkNODfixuSzwUiEGXH0SB8ZwdOyjaKoF+X+N
ftRg34fiERavv405C1zbNEHAj7dxGFPjgpxS0BVSH9w9dzzTurBss6r/Exc/bo6s
im040e03AUs5uw==
-----END CERTIFICATE-----