Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          19FkK8dW7OQjIQRqoULG+hfFxlccqq1DnGZA5aR1qP8=
Subject key identifier:   05:DC:2A:12:73:3A:B1:77:F2:70:C7:0D:33:B2:A3:93:81:A2:03:63
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       019CAA8F4CD75B27D900921BD9AEAE4ED890
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          0504
Signing time:             Sun 01 Mar 2026 18:00:43 +0000
Manifest this update:     Sun 01 Mar 2026 18:00:43 +0000
Manifest next update:     Mon 02 Mar 2026 18:00:43 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: KZdMdXuRKq2JklfWsBqYOltLW1H4kiMrfEKn+kJHC7k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:8f:4c:d7:5b:27:d9:00:92:1b:d9:ae:ae:4e:d8:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Mar  1 18:00:43 2026 GMT
            Not After : Mar  2 18:00:43 2026 GMT
        Subject: CN=05dc2a12733ab177f270c70d33b2a39381a20363
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:95:8b:14:6c:e2:d0:2f:9e:31:d2:32:b5:8a:
                    56:ec:3e:71:48:c9:41:db:c7:e4:f1:3f:ff:4f:43:
                    e6:68:6f:a2:a0:cc:dc:c6:be:3f:4a:ea:79:0c:9c:
                    71:16:ca:7f:dc:82:c4:9c:fe:93:c9:ae:9c:6e:d3:
                    e6:4d:06:7d:01:94:5a:8e:5c:f9:62:7a:05:d6:d6:
                    63:a6:60:96:c6:45:0e:a0:86:7b:71:72:db:40:61:
                    24:ac:99:83:7d:c2:3a:48:4e:d0:bc:e7:b2:41:86:
                    72:cf:38:d8:65:42:a5:3d:85:05:46:54:0d:eb:3d:
                    01:3b:66:d1:3b:33:2b:13:74:f4:3c:7d:ba:c6:61:
                    14:4b:34:12:ec:38:ea:fb:04:0f:cc:74:6d:e0:48:
                    0b:28:5a:88:95:1f:45:a6:31:c6:13:f4:3e:1f:d4:
                    3d:07:6e:44:1e:19:38:09:4b:62:4c:ed:42:5a:91:
                    83:d9:7a:8b:e0:ca:ac:71:14:9b:b6:4e:0b:5b:e5:
                    df:78:7e:fe:10:76:aa:c5:73:cd:b9:94:1e:b8:37:
                    98:62:53:89:3b:01:2f:1e:32:83:ce:6d:28:d8:fc:
                    3e:8f:1c:10:73:ee:89:42:62:b8:1e:fb:94:f6:f5:
                    35:69:98:39:eb:1a:3b:cb:7f:e1:c3:62:fe:af:0d:
                    ee:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:DC:2A:12:73:3A:B1:77:F2:70:C7:0D:33:B2:A3:93:81:A2:03:63
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:14:f7:aa:67:1e:d4:fc:06:6f:81:19:70:fc:e2:a4:96:2b:
         af:e7:80:71:bf:6c:55:08:0c:bb:97:4a:73:c8:e5:c4:07:c2:
         a8:2b:b7:f0:70:8d:90:fb:5e:be:13:4d:e6:30:27:de:27:7d:
         cc:bf:46:58:10:0e:09:64:8a:a9:db:1d:23:f0:7a:13:52:b9:
         11:b6:25:ff:b0:f3:46:1b:7b:58:9e:d4:68:a4:a1:f8:39:bd:
         9d:fa:c9:ab:f2:fc:92:bf:b2:51:cc:80:4a:ce:d0:b9:5f:e6:
         62:5f:5f:be:bd:43:e1:0e:26:3f:6a:e8:b9:cb:cb:e9:4e:34:
         2c:30:42:00:a7:a9:9e:1d:0d:48:b1:49:07:4a:04:ad:4c:42:
         1c:b4:c8:a2:65:72:eb:0c:9c:d9:de:c8:1e:cb:c6:78:86:e4:
         82:cf:4b:89:98:54:f9:2c:ce:3e:76:d4:16:50:77:46:6f:78:
         f6:22:46:5a:99:b8:80:14:9b:d5:a8:89:52:31:51:74:67:56:
         6d:82:59:92:cd:7a:50:0c:e6:99:a7:92:c4:a1:b3:9b:9d:07:
         0f:e9:77:e1:06:61:6c:a9:84:19:1d:e5:70:d5:9b:98:0e:85:
         4d:04:e6:e0:2f:b1:7e:b4:5a:93:e0:e6:dd:43:79:4b:f9:2b:
         0e:5b:36:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj0zXWyfZAJIb2a6uTtiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjYwMzAxMTgwMDQzWhcNMjYwMzAyMTgwMDQzWjAzMTEwLwYDVQQD
EygwNWRjMmExMjczM2FiMTc3ZjI3MGM3MGQzM2IyYTM5MzgxYTIwMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JWLFGzi0C+eMdIytYpW7D5xSMlB
28fk8T//T0PmaG+ioMzcxr4/Sup5DJxxFsp/3ILEnP6Tya6cbtPmTQZ9AZRajlz5
YnoF1tZjpmCWxkUOoIZ7cXLbQGEkrJmDfcI6SE7QvOeyQYZyzzjYZUKlPYUFRlQN
6z0BO2bROzMrE3T0PH26xmEUSzQS7Djq+wQPzHRt4EgLKFqIlR9FpjHGE/Q+H9Q9
B25EHhk4CUtiTO1CWpGD2XqL4MqscRSbtk4LW+XfeH7+EHaqxXPNuZQeuDeYYlOJ
OwEvHjKDzm0o2Pw+jxwQc+6JQmK4HvuU9vU1aZg56xo7y3/hw2L+rw3uXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAXcKhJzOrF38nDHDTOyo5OBogNjMB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAohT3qmce
1PwGb4EZcPzipJYrr+eAcb9sVQgMu5dKc8jlxAfCqCu38HCNkPtevhNN5jAn3id9
zL9GWBAOCWSKqdsdI/B6E1K5EbYl/7DzRht7WJ7UaKSh+Dm9nfrJq/L8kr+yUcyA
Ss7QuV/mYl9fvr1D4Q4mP2roucvL6U40LDBCAKepnh0NSLFJB0oErUxCHLTIomVy
6wyc2d7IHsvGeIbkgs9LiZhU+SzOPnbUFlB3Rm949iJGWpm4gBSb1aiJUjFRdGdW
bYJZks16UAzmmaeSxKGzm50HD+l34QZhbKmEGR3lcNWbmA6FTQTm4C+xfrRak+Dm
3UN5S/krDls2Hg==
-----END CERTIFICATE-----