Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
File:                     pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json)
Hash identifier:          1rZ7BFCWyGcT9u8ite/9StT5jDty4MFHAdifRBmqgZU=
Subject key identifier:   87:A3:26:D4:23:DD:61:04:F1:C7:4A:4D:51:0D:2E:40:37:E4:20:BA
Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
Certificate issuer:       /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Certificate serial:       019CADFE4B565019E26A28A72C759D12E2A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
Manifest number:          07C5
Signing time:             Mon 02 Mar 2026 10:00:49 +0000
Manifest this update:     Mon 02 Mar 2026 10:00:49 +0000
Manifest next update:     Tue 03 Mar 2026 10:00:49 +0000
Files and hashes:         1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: cez++FRykwHYDnvTUUWY6N69qyM7ddScauEaoXTGl+4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 10:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:4b:56:50:19:e2:6a:28:a7:2c:75:9d:12:e2:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
        Validity
            Not Before: Mar  2 10:00:49 2026 GMT
            Not After : Mar  3 10:00:49 2026 GMT
        Subject: CN=87a326d423dd6104f1c74a4d510d2e4037e420ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:a5:b8:ae:0b:e4:fa:9c:68:a0:22:1c:7c:aa:
                    fe:4a:7d:93:92:29:85:7c:ad:0e:93:b7:88:20:cc:
                    94:c4:a0:2b:33:05:a5:e4:8e:70:76:c4:6d:ad:3a:
                    0f:1e:05:85:68:48:80:24:ce:0f:b5:cd:df:5d:52:
                    be:f8:f4:6e:14:43:0d:0f:71:94:0d:8b:55:73:d2:
                    1a:75:48:7b:dd:6e:c4:bd:fd:31:10:42:6d:57:0a:
                    23:01:e5:97:34:ce:5f:6e:0b:71:90:74:0b:2e:9a:
                    8e:c4:3e:2d:5a:b2:25:fb:a0:3e:3b:29:a6:e1:3a:
                    dd:f5:3e:c4:f7:bc:da:1b:bc:6a:6b:63:5e:cd:01:
                    5d:d9:92:92:1b:c2:09:e1:b1:99:e6:1e:05:7a:0c:
                    ee:54:02:c5:58:b4:ea:f2:83:cb:fe:ad:d1:3c:e9:
                    e6:6c:8c:d1:28:44:63:41:d5:81:ff:c1:ec:80:d5:
                    d6:af:39:40:0a:c4:bb:32:27:19:ee:fc:6a:78:5d:
                    52:5e:ce:5e:a7:12:28:9c:c0:4c:27:b6:f1:b6:27:
                    87:77:87:31:59:af:bb:0e:73:a4:3f:0d:4e:1e:b2:
                    1c:92:f8:7e:4d:e9:c7:7e:9e:b6:27:98:a4:6e:31:
                    ed:ba:85:0e:fb:0f:75:08:b2:44:43:50:36:33:2d:
                    39:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:A3:26:D4:23:DD:61:04:F1:C7:4A:4D:51:0D:2E:40:37:E4:20:BA
            X509v3 Authority Key Identifier:
                keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:1a:33:ce:7b:f6:94:11:35:76:53:e1:a8:2a:c5:aa:61:2b:
         00:b7:d6:cb:c8:8a:13:e0:4c:1a:ff:89:43:66:b6:6e:5f:6b:
         5b:f2:f4:c0:17:5b:da:b0:63:d6:e1:77:12:41:f8:d7:e2:35:
         50:ee:fa:d6:2b:ee:7f:02:96:67:fe:5e:ca:0b:34:52:d1:33:
         b4:df:dc:71:89:13:0a:f5:da:24:e5:a1:2c:0d:49:b2:13:5c:
         3c:c5:04:8f:6a:51:eb:95:d6:52:ce:52:90:5d:68:65:fc:3e:
         fb:3b:b0:ee:58:ff:2c:c7:07:a0:37:0f:f9:fb:25:ea:67:1c:
         96:57:30:88:6a:38:aa:f2:f9:63:79:da:7d:17:ea:ae:5a:00:
         da:30:65:0d:5c:cb:4b:7e:70:a0:3e:9c:b4:bd:d5:1f:87:d9:
         2c:e5:33:13:66:57:c7:25:4a:62:cd:7f:5a:0e:73:e9:60:31:
         b6:89:13:98:97:3e:c0:3b:4a:02:36:ab:8e:ba:35:1f:b0:92:
         73:bc:6b:cf:7c:56:8a:6f:89:f4:74:56:b0:85:fd:0a:55:34:
         ef:b2:8c:80:b1:a1:ab:f9:83:8d:bd:30:e6:d0:ec:b1:e6:fc:
         80:c7:01:28:9e:9a:da:f7:8c:9e:a9:67:81:4a:38:88:5b:0a:
         68:4f:3d:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/ktWUBniaiinLHWdEuKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1
NGM2MGIwHhcNMjYwMzAyMTAwMDQ5WhcNMjYwMzAzMTAwMDQ5WjAzMTEwLwYDVQQD
Eyg4N2EzMjZkNDIzZGQ2MTA0ZjFjNzRhNGQ1MTBkMmU0MDM3ZTQyMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KW4rgvk+pxooCIcfKr+Sn2TkimF
fK0Ok7eIIMyUxKArMwWl5I5wdsRtrToPHgWFaEiAJM4Ptc3fXVK++PRuFEMND3GU
DYtVc9IadUh73W7Evf0xEEJtVwojAeWXNM5fbgtxkHQLLpqOxD4tWrIl+6A+Oymm
4Trd9T7E97zaG7xqa2NezQFd2ZKSG8IJ4bGZ5h4FegzuVALFWLTq8oPL/q3RPOnm
bIzRKERjQdWB/8HsgNXWrzlACsS7MicZ7vxqeF1SXs5epxIonMBMJ7bxtieHd4cx
Wa+7DnOkPw1OHrIckvh+TenHfp62J5ikbjHtuoUO+w91CLJEQ1A2My05YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIejJtQj3WEE8cdKTVENLkA35CC6MB8GA1UdIwQY
MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt
NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5
LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGRozznv2
lBE1dlPhqCrFqmErALfWy8iKE+BMGv+JQ2a2bl9rW/L0wBdb2rBj1uF3EkH41+I1
UO761ivufwKWZ/5eygs0UtEztN/ccYkTCvXaJOWhLA1JshNcPMUEj2pR65XWUs5S
kF1oZfw++zuw7lj/LMcHoDcP+fsl6mccllcwiGo4qvL5Y3nafRfqrloA2jBlDVzL
S35woD6ctL3VH4fZLOUzE2ZXxyVKYs1/Wg5z6WAxtokTmJc+wDtKAjarjro1H7CS
c7xrz3xWim+J9HRWsIX9ClU077KMgLGhq/mDjb0w5tDsseb8gMcBKJ6a2veMnqln
gUo4iFsKaE89eg==
-----END CERTIFICATE-----