Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          7e5XF9daimoPh4R/MSAGDMLhAAgW2cmPTyKEIroTsT4=
Subject key identifier:   CE:7A:EF:81:1F:19:2F:70:E2:8D:64:CF:6F:C6:E5:A7:E8:74:26:BB
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       019CAD902C7A0FEE860FB64D005608657C78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          10C7
Signing time:             Mon 02 Mar 2026 08:00:32 +0000
Manifest this update:     Mon 02 Mar 2026 08:00:32 +0000
Manifest next update:     Tue 03 Mar 2026 08:00:32 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: Z+sL6BdYy8VLTEGQnJZeC06lgV5E5ommwxfQ6VCYyhE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 08:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:90:2c:7a:0f:ee:86:0f:b6:4d:00:56:08:65:7c:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Mar  2 08:00:32 2026 GMT
            Not After : Mar  3 08:00:32 2026 GMT
        Subject: CN=ce7aef811f192f70e28d64cf6fc6e5a7e87426bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:58:5b:2c:46:7f:40:01:23:5c:fb:41:f8:7e:
                    70:17:0d:26:03:6c:eb:ab:2d:fc:38:e3:a3:74:63:
                    97:67:07:5e:26:0e:f6:16:57:af:47:5c:07:10:31:
                    d5:38:37:a8:ff:5f:ee:c3:c8:8a:ee:4e:bc:dd:71:
                    08:85:8a:04:95:37:ac:3c:af:39:1a:27:d8:09:16:
                    53:4a:31:c8:09:84:45:dc:68:fa:82:a7:57:12:f0:
                    ae:e5:41:53:65:5e:3d:77:e4:a3:47:28:2e:52:62:
                    25:1f:9c:f7:1f:fb:b8:9c:78:c6:9c:cf:a6:25:bb:
                    03:6a:7c:63:08:6c:10:6e:7e:4f:14:50:f4:d1:7d:
                    08:61:ed:0e:15:cb:97:53:f3:1d:4f:a1:c9:49:8d:
                    28:d8:ff:c2:af:6c:39:20:8e:27:04:c8:52:b9:a7:
                    a3:18:9a:95:a6:47:74:15:f8:24:db:9a:f4:a6:46:
                    67:7e:c6:40:a1:6b:04:d4:51:f5:9b:e1:ba:2d:7c:
                    40:e7:f9:fd:ed:66:e0:30:7e:d4:2a:98:4a:75:4b:
                    d3:d8:e0:bd:b8:4f:57:58:03:ac:74:c5:6b:e8:c2:
                    37:84:99:36:17:31:13:c6:42:a8:a0:f4:68:fa:a9:
                    e5:14:a1:5b:7d:f9:56:06:39:f7:56:bd:df:eb:0b:
                    73:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:7A:EF:81:1F:19:2F:70:E2:8D:64:CF:6F:C6:E5:A7:E8:74:26:BB
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:44:22:b6:a5:ef:52:94:d3:f6:fc:f0:de:04:d7:9c:8a:33:
         5b:2e:da:d7:22:9e:2d:3c:af:92:3f:41:6f:66:71:d0:98:b0:
         2e:1a:1b:61:4b:37:99:9e:6b:2d:cf:47:d5:6c:b6:0a:36:70:
         33:aa:af:17:3f:88:33:1c:5b:bd:2e:02:e5:fd:20:45:24:7a:
         91:06:c5:e9:08:96:0d:5e:c5:d6:61:cc:a3:26:73:74:bf:06:
         b4:7a:55:0e:7a:27:30:dd:1e:81:5b:9d:24:2a:41:a5:4b:1d:
         eb:bb:f3:81:45:ae:12:50:d4:41:27:23:58:e3:f0:f1:53:7d:
         4e:e5:7c:0e:6d:7a:20:86:37:c4:d8:d0:fc:45:2a:4e:9a:b5:
         f6:b9:40:11:eb:13:df:72:7d:07:13:38:4b:e9:5b:8d:e2:7f:
         59:84:63:f0:14:db:e2:34:f6:0d:68:84:d2:e3:26:09:a1:09:
         5b:12:9a:1f:b7:cc:7d:98:4a:bc:d3:b2:06:9b:85:c1:d5:23:
         43:8a:08:c6:08:47:6d:de:57:79:6d:b6:be:68:1e:f3:8b:76:
         ee:44:d8:29:6c:d3:e9:ae:f5:cd:13:f3:cc:06:c4:65:aa:1f:
         4e:a5:fa:26:65:32:b1:6c:78:f4:45:cf:ef:7e:76:64:74:da:
         21:2b:5e:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkCx6D+6GD7ZNAFYIZXx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjYwMzAyMDgwMDMyWhcNMjYwMzAzMDgwMDMyWjAzMTEwLwYDVQQD
EyhjZTdhZWY4MTFmMTkyZjcwZTI4ZDY0Y2Y2ZmM2ZTVhN2U4NzQyNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFhbLEZ/QAEjXPtB+H5wFw0mA2zr
qy38OOOjdGOXZwdeJg72FlevR1wHEDHVODeo/1/uw8iK7k683XEIhYoElTesPK85
GifYCRZTSjHICYRF3Gj6gqdXEvCu5UFTZV49d+SjRyguUmIlH5z3H/u4nHjGnM+m
JbsDanxjCGwQbn5PFFD00X0IYe0OFcuXU/MdT6HJSY0o2P/Cr2w5II4nBMhSuaej
GJqVpkd0Ffgk25r0pkZnfsZAoWsE1FH1m+G6LXxA5/n97WbgMH7UKphKdUvT2OC9
uE9XWAOsdMVr6MI3hJk2FzETxkKooPRo+qnlFKFbfflWBjn3Vr3f6wtzjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5674EfGS9w4o1kz2/G5afodCa7MB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALEQitqXv
UpTT9vzw3gTXnIozWy7a1yKeLTyvkj9Bb2Zx0JiwLhobYUs3mZ5rLc9H1Wy2CjZw
M6qvFz+IMxxbvS4C5f0gRSR6kQbF6QiWDV7F1mHMoyZzdL8GtHpVDnonMN0egVud
JCpBpUsd67vzgUWuElDUQScjWOPw8VN9TuV8Dm16IIY3xNjQ/EUqTpq19rlAEesT
33J9BxM4S+lbjeJ/WYRj8BTb4jT2DWiE0uMmCaEJWxKaH7fMfZhKvNOyBpuFwdUj
Q4oIxghHbd5XeW22vmge84t27kTYKWzT6a71zRPzzAbEZaofTqX6JmUysWx49EXP
7352ZHTaISteOg==
-----END CERTIFICATE-----