Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
File:                     IM56QQse-G8hrSE9PXNmhvdwjrk.mft (raw, json)
Hash identifier:          FMi3cUhh4+SMdHpl6q8CY9Vwq6as2t2hTnqFFm2j574=
Subject key identifier:   AF:93:EB:F0:C2:C7:3F:A8:AC:DB:BA:1E:83:04:69:4B:53:51:62:14
Authority key identifier: 20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9
Certificate issuer:       /CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
Certificate serial:       019CAA8FFB26AEA8ED0C57D456AF15E75C2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
Manifest number:          07D7
Signing time:             Sun 01 Mar 2026 18:01:28 +0000
Manifest this update:     Sun 01 Mar 2026 18:01:28 +0000
Manifest next update:     Mon 02 Mar 2026 18:01:28 +0000
Files and hashes:         1: IM56QQse-G8hrSE9PXNmhvdwjrk.crl (hash: q0/aC7G8sp1K0ntpWzFWVOhcLJ8OqzO8AWi/KTioSZ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:8f:fb:26:ae:a8:ed:0c:57:d4:56:af:15:e7:5c:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20ce7a410b1ef86f21ad213d3d736686f7708eb9
        Validity
            Not Before: Mar  1 18:01:28 2026 GMT
            Not After : Mar  2 18:01:28 2026 GMT
        Subject: CN=af93ebf0c2c73fa8acdbba1e8304694b53516214
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:27:c7:d2:69:43:c3:92:78:8f:66:c4:20:73:
                    3c:e9:40:bf:97:91:74:04:c5:89:85:97:90:cc:91:
                    1e:25:e1:2d:4c:eb:ce:18:38:8f:29:6c:a7:d5:d1:
                    bf:81:4c:46:f0:08:23:28:6d:cf:3a:30:79:f3:12:
                    78:4c:d7:0b:f1:89:41:da:2f:11:6d:fa:a7:de:dd:
                    5d:76:1b:ad:51:b0:89:88:4e:1a:42:d0:0c:1f:40:
                    6e:62:45:da:32:eb:69:c0:a3:7b:22:da:c8:1b:8f:
                    59:e2:28:6e:24:da:0b:70:92:b2:a9:bb:41:d3:12:
                    8f:a9:53:2d:f1:b6:a4:81:9b:65:5b:1a:b1:82:ee:
                    2f:ec:b7:2d:56:21:c5:ac:3b:ab:5f:71:f5:98:0e:
                    2f:b9:aa:ea:0d:e1:e4:a7:b4:03:9e:ba:37:6c:61:
                    6c:ce:aa:cb:c7:c7:50:82:91:cd:35:3b:85:fa:50:
                    42:b0:f6:65:16:5b:d4:56:2a:db:15:f8:c9:4e:62:
                    4c:6b:fa:47:10:17:e9:e9:c3:f7:1c:fb:0c:b4:3f:
                    84:c6:2d:f6:f4:e6:d1:f2:09:18:b3:4d:9a:0c:ff:
                    19:f5:f4:bd:3d:e3:ca:e4:c2:35:d3:69:cc:b5:d3:
                    db:93:72:51:3c:8a:f1:3b:c3:54:cf:1c:e0:84:56:
                    0f:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:93:EB:F0:C2:C7:3F:A8:AC:DB:BA:1E:83:04:69:4B:53:51:62:14
            X509v3 Authority Key Identifier:
                keyid:20:CE:7A:41:0B:1E:F8:6F:21:AD:21:3D:3D:73:66:86:F7:70:8E:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM56QQse-G8hrSE9PXNmhvdwjrk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/d74b3a-d1f1-430d-b502-a8d031aa143f/1/IM56QQse-G8hrSE9PXNmhvdwjrk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:bb:82:db:24:93:ac:be:cc:ac:94:88:44:4d:bf:77:2c:a9:
         5d:0c:e2:72:77:27:31:fe:f8:fa:b3:c1:40:c2:22:b7:a5:f1:
         da:53:a9:ad:15:49:05:e3:5c:c2:b6:0f:7c:ef:83:57:b4:15:
         2f:b8:5c:c8:aa:6b:75:97:62:12:7e:ca:42:ed:c0:dd:16:65:
         f7:d8:3e:3e:33:ee:84:d1:3a:d2:89:3d:be:b3:a3:55:d2:af:
         35:75:90:a6:80:78:22:ad:a2:2e:97:ab:b5:45:d6:12:7b:ef:
         cb:2a:e3:fe:c3:dd:14:b6:a6:b8:62:7a:81:5b:77:d9:50:08:
         f6:f7:1f:89:56:ae:5b:fe:89:95:2b:05:0a:98:b8:29:ff:0b:
         34:8f:fa:80:f4:f7:85:9c:b0:37:13:8d:d7:15:fa:c1:b4:bd:
         86:5b:32:55:c1:e7:03:e7:37:6d:35:15:39:1d:d0:ba:9e:ae:
         70:c7:29:58:c4:62:27:44:50:6f:4b:99:10:4c:b0:15:9b:e8:
         71:a5:2b:43:76:06:00:49:72:af:2e:c6:d1:54:d8:bb:d9:2e:
         be:82:29:1a:91:31:ff:76:f2:2f:32:35:c6:c4:cb:46:4c:2c:
         2f:47:f1:1d:0a:40:1c:0f:5b:ef:43:0d:0c:b5:bd:2e:de:bb:
         52:91:82:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj/smrqjtDFfUVq8V51wsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2U3YTQxMGIxZWY4NmYyMWFkMjEzZDNkNzM2Njg2Zjc3
MDhlYjkwHhcNMjYwMzAxMTgwMTI4WhcNMjYwMzAyMTgwMTI4WjAzMTEwLwYDVQQD
EyhhZjkzZWJmMGMyYzczZmE4YWNkYmJhMWU4MzA0Njk0YjUzNTE2MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CfH0mlDw5J4j2bEIHM86UC/l5F0
BMWJhZeQzJEeJeEtTOvOGDiPKWyn1dG/gUxG8AgjKG3POjB58xJ4TNcL8YlB2i8R
bfqn3t1ddhutUbCJiE4aQtAMH0BuYkXaMutpwKN7ItrIG49Z4ihuJNoLcJKyqbtB
0xKPqVMt8bakgZtlWxqxgu4v7LctViHFrDurX3H1mA4vuarqDeHkp7QDnro3bGFs
zqrLx8dQgpHNNTuF+lBCsPZlFlvUVirbFfjJTmJMa/pHEBfp6cP3HPsMtD+Exi32
9ObR8gkYs02aDP8Z9fS9PePK5MI102nMtdPbk3JRPIrxO8NUzxzghFYPdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+T6/DCxz+orNu6HoMEaUtTUWIUMB8GA1UdIwQY
MBaAFCDOekELHvhvIa0hPT1zZob3cI65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDIt
YThkMDMxYWExNDNmLzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kNzRiM2EtZDFmMS00MzBkLWI1MDItYThkMDMxYWExNDNm
LzEvSU01NlFRc2UtRzhoclNFOVBYTm1odmR3anJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ7uC2yST
rL7MrJSIRE2/dyypXQzicncnMf74+rPBQMIit6Xx2lOprRVJBeNcwrYPfO+DV7QV
L7hcyKprdZdiEn7KQu3A3RZl99g+PjPuhNE60ok9vrOjVdKvNXWQpoB4Iq2iLper
tUXWEnvvyyrj/sPdFLamuGJ6gVt32VAI9vcfiVauW/6JlSsFCpi4Kf8LNI/6gPT3
hZywNxON1xX6wbS9hlsyVcHnA+c3bTUVOR3Qup6ucMcpWMRiJ0RQb0uZEEywFZvo
caUrQ3YGAElyry7G0VTYu9kuvoIpGpEx/3byLzI1xsTLRkwsL0fxHQpAHA9b70MN
DLW9Lt67UpGC+w==
-----END CERTIFICATE-----