Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          sTu7+uWpPwLhH9yTYWzAWqOBlndbd3CgTfqWcP4wKW4=
Subject key identifier:   B1:85:F1:E3:DE:75:A0:DC:4C:A0:D3:E8:8C:37:A2:FF:F3:A0:9D:BF
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       019CABA26BA567D423354F0CA890E4E06619
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          0655
Signing time:             Sun 01 Mar 2026 23:01:14 +0000
Manifest this update:     Sun 01 Mar 2026 23:01:14 +0000
Manifest next update:     Mon 02 Mar 2026 23:01:14 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: qum2tcxSarmJYF2Cpx1/2WI/TmQCe7/uY2MaGtmJwgY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 23:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:a2:6b:a5:67:d4:23:35:4f:0c:a8:90:e4:e0:66:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Mar  1 23:01:14 2026 GMT
            Not After : Mar  2 23:01:14 2026 GMT
        Subject: CN=b185f1e3de75a0dc4ca0d3e88c37a2fff3a09dbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:2a:8c:7c:78:22:08:c5:96:7d:c9:a6:de:06:
                    79:36:ab:99:df:d7:3d:7f:7d:5e:7f:e1:c8:af:f4:
                    32:f8:0f:09:31:cf:bb:74:ae:d5:4e:f4:b2:1d:2d:
                    bb:e0:7c:f9:4c:e9:e3:7a:2f:fb:11:99:93:d7:f8:
                    4e:9c:45:16:e8:fe:50:61:0f:79:ac:d6:b5:cd:76:
                    11:c2:61:79:d9:80:38:91:dc:4d:00:f6:ad:b4:c1:
                    85:1b:2a:99:a3:c0:a1:4c:c0:b4:1e:03:d4:66:91:
                    19:8e:e0:e7:75:fe:d2:50:b3:bc:50:7c:db:27:9f:
                    f2:62:c7:11:bc:ab:09:51:b1:6c:1d:c2:ec:da:7c:
                    ea:27:1e:76:0c:3d:2a:d4:fb:5c:f7:80:37:cb:59:
                    65:a7:ac:aa:26:76:0a:b2:0f:20:8b:a0:0f:80:9c:
                    0e:b3:b3:49:e4:f1:13:5d:91:66:74:c6:a9:81:bd:
                    1f:23:48:cf:05:7e:60:ae:af:79:99:56:bd:9b:a7:
                    8b:91:c7:9f:67:14:7b:64:44:c0:e8:3e:e0:85:c5:
                    6c:59:bd:51:b3:5b:e1:57:28:2e:99:fe:c0:f8:37:
                    71:d6:8a:32:fc:12:97:2d:bb:e0:01:5a:4d:d0:f9:
                    49:88:49:a2:ae:67:90:9f:72:eb:85:c1:87:0c:82:
                    e2:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:85:F1:E3:DE:75:A0:DC:4C:A0:D3:E8:8C:37:A2:FF:F3:A0:9D:BF
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:f6:c8:b4:de:b1:13:ec:3d:b0:d1:47:11:51:1e:a3:fe:ab:
         9b:40:2b:b2:37:4a:7d:af:c4:c5:3d:bd:45:de:b1:36:1f:d0:
         fa:1d:a8:d2:34:03:d6:37:47:0b:a0:7f:26:22:dc:1e:d8:b1:
         2d:3b:d6:bf:2c:fd:21:78:7c:af:58:9e:a7:1a:31:b1:5e:5a:
         1b:a2:ea:69:03:b9:83:8d:57:84:05:36:4a:9c:52:b6:55:cc:
         9c:ba:4f:14:18:52:70:da:71:ee:89:b5:ce:14:c4:6a:58:4c:
         68:74:e0:04:14:ea:6c:ab:69:52:57:14:d2:7f:bf:08:10:d6:
         e9:90:eb:c6:d0:c1:7d:43:00:de:25:7e:50:25:27:ad:c4:b0:
         c1:d0:2d:cf:54:e8:e8:61:6b:01:81:20:2e:db:5b:09:94:f6:
         90:3a:f3:53:3f:94:84:9e:39:53:51:b9:01:f4:e6:e9:ac:df:
         0b:9b:08:f4:32:8b:e8:9b:2f:d5:da:e0:dd:03:13:67:81:2a:
         ad:e7:d9:22:ed:f1:ad:62:8e:d8:ac:d1:75:f8:f7:91:14:73:
         58:2a:ad:29:1a:df:75:ee:47:10:5b:a4:59:8d:af:23:ce:04:
         e7:d2:80:a6:a8:17:d6:f2:8d:0b:a5:1f:a2:7d:86:d9:3c:b6:
         d6:9a:e0:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyromulZ9QjNU8MqJDk4GYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjYwMzAxMjMwMTE0WhcNMjYwMzAyMjMwMTE0WjAzMTEwLwYDVQQD
EyhiMTg1ZjFlM2RlNzVhMGRjNGNhMGQzZTg4YzM3YTJmZmYzYTA5ZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiqMfHgiCMWWfcmm3gZ5NquZ39c9
f31ef+HIr/Qy+A8JMc+7dK7VTvSyHS274Hz5TOnjei/7EZmT1/hOnEUW6P5QYQ95
rNa1zXYRwmF52YA4kdxNAPattMGFGyqZo8ChTMC0HgPUZpEZjuDndf7SULO8UHzb
J5/yYscRvKsJUbFsHcLs2nzqJx52DD0q1Ptc94A3y1llp6yqJnYKsg8gi6APgJwO
s7NJ5PETXZFmdMapgb0fI0jPBX5grq95mVa9m6eLkcefZxR7ZETA6D7ghcVsWb1R
s1vhVygumf7A+Ddx1ooy/BKXLbvgAVpN0PlJiEmirmeQn3LrhcGHDILiyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGF8ePedaDcTKDT6Iw3ov/zoJ2/MB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD/bItN6x
E+w9sNFHEVEeo/6rm0ArsjdKfa/ExT29Rd6xNh/Q+h2o0jQD1jdHC6B/JiLcHtix
LTvWvyz9IXh8r1iepxoxsV5aG6LqaQO5g41XhAU2SpxStlXMnLpPFBhScNpx7om1
zhTEalhMaHTgBBTqbKtpUlcU0n+/CBDW6ZDrxtDBfUMA3iV+UCUnrcSwwdAtz1To
6GFrAYEgLttbCZT2kDrzUz+UhJ45U1G5AfTm6azfC5sI9DKL6Jsv1drg3QMTZ4Eq
refZIu3xrWKO2KzRdfj3kRRzWCqtKRrfde5HEFukWY2vI84E59KApqgX1vKNC6Uf
on2G2Ty21prgQw==
-----END CERTIFICATE-----