Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
File:                     76psy3hXNGAC5rvEmPiLnobfGAY.mft (raw, json)
Hash identifier:          67OJEfOmotVf2+pYCxAiW36gB+nxs2kBvZNHzPFOs4I=
Subject key identifier:   38:3A:FB:01:65:9A:3E:63:6A:C9:1C:E5:E5:D4:B9:CF:27:D5:8E:A9
Authority key identifier: EF:AA:6C:CB:78:57:34:60:02:E6:BB:C4:98:F8:8B:9E:86:DF:18:06
Certificate issuer:       /CN=efaa6ccb7857346002e6bbc498f88b9e86df1806
Certificate serial:       019CABA205D77B91FCC763A996E04A9ED784
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
Manifest number:          0608
Signing time:             Sun 01 Mar 2026 23:00:48 +0000
Manifest this update:     Sun 01 Mar 2026 23:00:48 +0000
Manifest next update:     Mon 02 Mar 2026 23:00:48 +0000
Files and hashes:         1: 76psy3hXNGAC5rvEmPiLnobfGAY.crl (hash: E9/d4uayOEQjTniISd9CqEQ6dF3+HdbQBzptc7VKxK8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 23:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:a2:05:d7:7b:91:fc:c7:63:a9:96:e0:4a:9e:d7:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=efaa6ccb7857346002e6bbc498f88b9e86df1806
        Validity
            Not Before: Mar  1 23:00:48 2026 GMT
            Not After : Mar  2 23:00:48 2026 GMT
        Subject: CN=383afb01659a3e636ac91ce5e5d4b9cf27d58ea9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:b8:b5:c1:0a:72:02:c4:d6:ee:c0:7f:73:20:
                    2f:1e:60:11:d9:76:92:9b:28:45:ec:ad:be:ac:2f:
                    59:ed:5e:2e:94:13:cb:31:87:e2:a6:00:91:03:d6:
                    4c:1c:1c:2e:98:66:dc:de:66:80:eb:25:b7:ac:56:
                    70:da:f7:00:ef:29:24:7d:e5:08:fa:95:93:97:42:
                    59:f3:8d:6f:3e:3a:05:6a:7f:5b:c7:38:59:20:a1:
                    9e:13:a8:cb:49:38:e8:1d:f0:58:dc:0f:a2:c7:c6:
                    1f:df:f6:ab:fe:b4:e9:af:65:a3:1e:ee:de:82:f1:
                    6e:ce:91:8b:84:19:d3:2b:0e:d7:9a:ad:60:66:a0:
                    bd:6e:dc:8a:e1:0b:48:fb:36:a5:a9:cb:bf:d5:8e:
                    d8:f3:eb:9a:9d:33:cc:72:00:cf:db:80:ad:ce:d8:
                    0b:14:78:62:84:dc:0b:40:96:28:d6:a6:45:83:a0:
                    19:f7:ff:dd:85:79:fb:2c:0e:b5:e9:2e:95:68:e4:
                    fc:7c:86:cd:2e:8a:04:22:a4:f4:00:f3:61:25:21:
                    cd:b6:83:a8:fb:6e:5f:0d:1a:22:11:6e:79:21:d0:
                    13:be:0c:03:e8:de:c9:d0:8b:a2:83:c0:9c:e0:3d:
                    d3:c0:46:a5:9b:11:76:93:c2:eb:26:89:92:3d:5f:
                    5f:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:3A:FB:01:65:9A:3E:63:6A:C9:1C:E5:E5:D4:B9:CF:27:D5:8E:A9
            X509v3 Authority Key Identifier:
                keyid:EF:AA:6C:CB:78:57:34:60:02:E6:BB:C4:98:F8:8B:9E:86:DF:18:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:8c:b4:01:77:b5:cc:de:87:3e:71:2a:2a:9b:3b:4a:7e:f7:
         7c:ce:7f:5e:83:73:73:95:4d:29:63:70:4c:9f:d0:d7:01:d4:
         62:8d:84:34:e3:73:8c:94:4f:31:b4:b8:5e:9d:04:11:9e:00:
         af:26:94:26:87:59:21:ed:a3:df:17:26:84:6d:ed:5a:c6:fb:
         c6:d5:7f:4d:9e:55:a7:5a:b8:cf:68:13:4f:cd:ef:2a:f4:a5:
         04:0d:4b:62:51:be:0e:86:24:60:24:96:fd:a8:be:35:4f:7f:
         1e:85:fa:be:4d:de:cb:af:6f:71:44:6a:0d:a0:4d:e5:2d:1c:
         36:d1:23:20:95:30:0c:62:d0:61:c4:35:c1:45:fe:24:26:96:
         8e:b5:eb:f2:c4:4d:65:ed:ce:9f:fa:97:b8:af:c0:1f:c9:a8:
         30:a6:04:c9:a2:8b:3a:ae:80:b1:51:e4:33:68:54:01:ad:7f:
         96:3d:37:41:36:c5:e4:c8:e8:d6:9d:c7:0a:be:23:85:60:59:
         b0:9f:3e:f3:7b:29:6f:53:f4:28:2a:c8:21:b8:96:90:c0:7f:
         3a:c1:4d:69:c0:8e:41:6e:28:b6:9a:14:04:97:17:fc:ed:00:
         8d:76:14:83:43:1a:b7:cd:cf:40:71:b7:13:fa:70:cc:83:54:
         a6:74:5f:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrogXXe5H8x2OpluBKnteEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYWE2Y2NiNzg1NzM0NjAwMmU2YmJjNDk4Zjg4YjllODZk
ZjE4MDYwHhcNMjYwMzAxMjMwMDQ4WhcNMjYwMzAyMjMwMDQ4WjAzMTEwLwYDVQQD
EygzODNhZmIwMTY1OWEzZTYzNmFjOTFjZTVlNWQ0YjljZjI3ZDU4ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbi1wQpyAsTW7sB/cyAvHmAR2XaS
myhF7K2+rC9Z7V4ulBPLMYfipgCRA9ZMHBwumGbc3maA6yW3rFZw2vcA7ykkfeUI
+pWTl0JZ841vPjoFan9bxzhZIKGeE6jLSTjoHfBY3A+ix8Yf3/ar/rTpr2WjHu7e
gvFuzpGLhBnTKw7Xmq1gZqC9btyK4QtI+zalqcu/1Y7Y8+uanTPMcgDP24CtztgL
FHhihNwLQJYo1qZFg6AZ9//dhXn7LA616S6VaOT8fIbNLooEIqT0APNhJSHNtoOo
+25fDRoiEW55IdATvgwD6N7J0Iuig8Cc4D3TwEalmxF2k8LrJomSPV9fiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDg6+wFlmj5jaskc5eXUuc8n1Y6pMB8GA1UdIwQY
MBaAFO+qbMt4VzRgAua7xJj4i56G3xgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9hYTk2MTQtZjZkNy00YzMzLWI5NGIt
ZDgyMGY2NWNlZDgxLzEvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9hYTk2MTQtZjZkNy00YzMzLWI5NGItZDgyMGY2NWNlZDgx
LzEvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcoy0AXe1
zN6HPnEqKps7Sn73fM5/XoNzc5VNKWNwTJ/Q1wHUYo2ENONzjJRPMbS4Xp0EEZ4A
ryaUJodZIe2j3xcmhG3tWsb7xtV/TZ5Vp1q4z2gTT83vKvSlBA1LYlG+DoYkYCSW
/ai+NU9/HoX6vk3ey69vcURqDaBN5S0cNtEjIJUwDGLQYcQ1wUX+JCaWjrXr8sRN
Ze3On/qXuK/AH8moMKYEyaKLOq6AsVHkM2hUAa1/lj03QTbF5Mjo1p3HCr4jhWBZ
sJ8+83spb1P0KCrIIbiWkMB/OsFNacCOQW4otpoUBJcX/O0AjXYUg0Mat83PQHG3
E/pwzINUpnRfmQ==
-----END CERTIFICATE-----