Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
File:                     dLJ8XVaEhkhT31uBVyIS7eMizgo.mft (raw, json)
Hash identifier:          vKZd2QQo2grqctWEcpNe9h8ig3UTRftXLP4s8XRt7oo=
Subject key identifier:   40:A9:FC:FB:72:31:60:F0:06:23:BB:44:1D:03:49:AE:4B:01:AC:1F
Authority key identifier: 74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A
Certificate issuer:       /CN=74b27c5d5684864853df5b81572212ede322ce0a
Certificate serial:       019CAAC60F7169C7862407C17F6B1F19A935
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
Manifest number:          051A
Signing time:             Sun 01 Mar 2026 19:00:32 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:32 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:32 +0000
Files and hashes:         1: dLJ8XVaEhkhT31uBVyIS7eMizgo.crl (hash: IDxS/GKMOWtChbjIvOsK2mvPpzhpnJeAfnD0K1/cC8c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:0f:71:69:c7:86:24:07:c1:7f:6b:1f:19:a9:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b27c5d5684864853df5b81572212ede322ce0a
        Validity
            Not Before: Mar  1 19:00:32 2026 GMT
            Not After : Mar  2 19:00:32 2026 GMT
        Subject: CN=40a9fcfb723160f00623bb441d0349ae4b01ac1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:51:88:20:ab:ee:0c:85:3f:f4:93:00:60:8c:
                    5d:99:83:c2:4c:e5:c5:1b:b6:04:4f:19:18:ea:f8:
                    6c:58:17:8a:f0:c3:2d:55:de:a6:da:90:9b:f3:14:
                    b9:fd:cc:3e:e1:76:97:38:d2:51:8b:6d:41:d2:e5:
                    0e:90:1d:5e:c0:fb:9e:f2:88:5a:83:db:e2:77:2c:
                    e0:18:30:ce:89:1f:c3:14:40:74:0a:64:ea:14:40:
                    57:10:18:bd:09:81:a4:ae:12:19:a6:f3:fb:c6:96:
                    41:40:ca:48:f8:08:5c:90:5e:85:be:91:5c:ed:f7:
                    91:a1:49:c0:e0:f2:e1:24:c2:04:45:d1:65:c1:a2:
                    f2:46:cd:3d:69:f2:ec:87:ff:c4:2a:12:f4:60:72:
                    20:e3:34:99:b6:a6:de:9a:61:e5:5c:2d:1a:b3:59:
                    e9:c4:47:a1:e8:b8:41:20:7f:61:12:80:d4:ae:73:
                    7b:20:7a:d2:e5:e7:6a:49:57:33:36:ad:2c:db:7c:
                    4e:4f:3a:1c:e9:2f:0e:0e:f4:89:d2:61:92:b7:70:
                    0f:b3:60:c6:90:81:7a:17:31:4d:b0:dd:5a:a9:48:
                    05:1b:22:39:0f:79:8a:3d:9d:bc:5a:58:84:9b:55:
                    42:12:57:bd:14:99:a6:0d:08:a4:b6:5f:f7:6a:00:
                    53:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:A9:FC:FB:72:31:60:F0:06:23:BB:44:1D:03:49:AE:4B:01:AC:1F
            X509v3 Authority Key Identifier:
                keyid:74:B2:7C:5D:56:84:86:48:53:DF:5B:81:57:22:12:ED:E3:22:CE:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLJ8XVaEhkhT31uBVyIS7eMizgo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/299656-744a-4daa-8cfd-010a9856f785/1/dLJ8XVaEhkhT31uBVyIS7eMizgo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:7f:fb:b6:ee:65:3c:a2:1c:9e:f9:28:7c:f7:89:74:64:bb:
         81:5a:76:d2:02:04:1a:d1:1a:f2:b7:a3:7e:0c:53:0f:ba:33:
         e7:41:c1:a0:b6:dc:02:2b:ff:5a:4b:d5:fc:ce:30:97:6a:1d:
         5e:80:52:6d:16:a1:28:b3:73:b6:27:25:41:91:4a:de:c9:ca:
         6e:68:ac:47:b7:54:1d:99:e4:2e:ca:de:42:a4:9d:1c:8f:28:
         6e:5a:08:97:43:8e:ca:72:5f:87:0f:5c:bd:df:5c:d9:c7:0a:
         d7:2c:d7:18:7d:97:d2:7e:0e:1a:74:cd:9d:97:57:d6:a1:b1:
         16:fb:a0:2c:aa:1e:53:35:7b:5c:b8:ac:ce:04:23:04:62:2e:
         30:bf:0e:7f:16:e4:af:be:27:d8:54:13:16:76:f9:8b:8d:93:
         14:f3:44:d6:60:36:d1:54:de:cc:b5:77:ea:de:42:f2:12:27:
         de:e6:33:e6:e8:c1:28:2a:fc:2b:a3:65:42:c6:86:44:80:01:
         63:27:87:86:39:d8:d5:16:1c:65:08:75:4e:f7:33:95:ff:d7:
         be:82:67:87:61:65:06:d4:42:8e:27:6b:28:13:5a:82:3f:79:
         42:2f:13:1f:bf:0f:49:4a:17:e1:56:54:02:87:71:da:dc:b1:
         5a:f1:4c:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxg9xaceGJAfBf2sfGak1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjI3YzVkNTY4NDg2NDg1M2RmNWI4MTU3MjIxMmVkZTMy
MmNlMGEwHhcNMjYwMzAxMTkwMDMyWhcNMjYwMzAyMTkwMDMyWjAzMTEwLwYDVQQD
Eyg0MGE5ZmNmYjcyMzE2MGYwMDYyM2JiNDQxZDAzNDlhZTRiMDFhYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8FGIIKvuDIU/9JMAYIxdmYPCTOXF
G7YETxkY6vhsWBeK8MMtVd6m2pCb8xS5/cw+4XaXONJRi21B0uUOkB1ewPue8oha
g9vidyzgGDDOiR/DFEB0CmTqFEBXEBi9CYGkrhIZpvP7xpZBQMpI+AhckF6FvpFc
7feRoUnA4PLhJMIERdFlwaLyRs09afLsh//EKhL0YHIg4zSZtqbemmHlXC0as1np
xEeh6LhBIH9hEoDUrnN7IHrS5edqSVczNq0s23xOTzoc6S8ODvSJ0mGSt3APs2DG
kIF6FzFNsN1aqUgFGyI5D3mKPZ28WliEm1VCEle9FJmmDQiktl/3agBTQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECp/PtyMWDwBiO7RB0DSa5LAawfMB8GA1UdIwQY
MBaAFHSyfF1WhIZIU99bgVciEu3jIs4KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQt
MDEwYTk4NTZmNzg1LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8yOTk2NTYtNzQ0YS00ZGFhLThjZmQtMDEwYTk4NTZmNzg1
LzEvZExKOFhWYUVoa2hUMzF1QlZ5SVM3ZU1pemdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyH/7tu5l
PKIcnvkofPeJdGS7gVp20gIEGtEa8rejfgxTD7oz50HBoLbcAiv/WkvV/M4wl2od
XoBSbRahKLNzticlQZFK3snKbmisR7dUHZnkLsreQqSdHI8obloIl0OOynJfhw9c
vd9c2ccK1yzXGH2X0n4OGnTNnZdX1qGxFvugLKoeUzV7XLiszgQjBGIuML8Ofxbk
r74n2FQTFnb5i42TFPNE1mA20VTezLV36t5C8hIn3uYz5ujBKCr8K6NlQsaGRIAB
YyeHhjnY1RYcZQh1Tvczlf/XvoJnh2FlBtRCjidrKBNagj95Qi8TH78PSUoX4VZU
Aodx2tyxWvFMoA==
-----END CERTIFICATE-----