Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
File:                     v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft (raw, json)
Hash identifier:          WdIrNeF+0GFHj8s0fzxxc+op/KFScLbk3fGbC+CPCm4=
Subject key identifier:   3E:F1:45:DA:2B:79:7C:80:36:64:2E:B1:E6:A9:BD:7B:82:82:7D:94
Authority key identifier: BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36
Certificate issuer:       /CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
Certificate serial:       019CAD59EB8F9405A3C5B4D7A4516B3EDFAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
Manifest number:          0EE6
Signing time:             Mon 02 Mar 2026 07:01:17 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:17 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:17 +0000
Files and hashes:         1: v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl (hash: S67iOgnOGHtje8WAHkHvUEI+xloBN+IimiuJPox8uYA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:eb:8f:94:05:a3:c5:b4:d7:a4:51:6b:3e:df:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf42409a1f8c1cee5974db8a42e1eb672ee83436
        Validity
            Not Before: Mar  2 07:01:17 2026 GMT
            Not After : Mar  3 07:01:17 2026 GMT
        Subject: CN=3ef145da2b797c8036642eb1e6a9bd7b82827d94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9e:33:76:f8:45:dc:da:c3:20:1e:57:ef:67:
                    cb:8c:9a:5b:8b:85:c4:d3:d3:c9:65:cf:f4:c6:5e:
                    f3:e8:05:3f:99:cc:d0:f2:6d:3f:24:30:1f:ee:c8:
                    7f:02:4a:84:2a:5f:0f:ad:85:fb:f1:59:6c:20:47:
                    91:13:1a:8a:6c:5a:b7:0b:6f:76:ca:da:0e:06:d9:
                    59:5c:2b:8d:d1:a3:6c:4f:fe:cc:42:29:8d:8e:6c:
                    7c:61:02:2b:2a:b0:dc:c4:ab:ec:57:3b:c9:ea:9f:
                    c6:d4:29:f4:46:a9:3a:d1:7f:51:b9:2b:11:fe:67:
                    04:41:6a:46:2b:67:98:47:d3:8e:33:96:e6:d3:db:
                    4c:6e:a4:d7:22:0e:76:4a:fd:65:05:c1:76:2f:14:
                    4d:21:fa:c6:e7:34:0f:94:99:2d:84:62:15:a3:9c:
                    59:d2:2b:b0:be:69:e1:8b:f1:af:bc:43:f3:59:b0:
                    36:8f:71:52:a3:e0:ed:95:e6:3d:85:f3:52:01:7c:
                    27:18:ec:ec:d9:45:0d:da:5b:29:f7:76:1e:69:65:
                    c9:d6:b4:8d:55:15:34:e0:2a:71:16:c1:93:b9:bc:
                    e9:6c:8b:e5:56:a4:d9:0a:e7:de:fe:c4:5a:06:26:
                    46:92:5c:05:53:d5:df:a4:f2:d2:aa:6f:92:ca:71:
                    ed:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:F1:45:DA:2B:79:7C:80:36:64:2E:B1:E6:A9:BD:7B:82:82:7D:94
            X509v3 Authority Key Identifier:
                keyid:BF:42:40:9A:1F:8C:1C:EE:59:74:DB:8A:42:E1:EB:67:2E:E8:34:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/572b4a-d230-4603-8a42-a51f46bb7464/1/v0JAmh-MHO5ZdNuKQuHrZy7oNDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:27:a0:d3:2b:0e:e1:9c:74:4c:5f:a0:49:1e:bf:03:62:06:
         b7:1b:86:b4:72:cc:cd:9e:f2:69:8c:43:d9:aa:f9:64:74:1b:
         d0:13:01:c3:b7:a6:14:bc:01:16:56:e0:02:ce:3f:88:3e:9c:
         33:36:15:59:05:13:56:7c:c0:c4:c5:2b:ef:07:8c:20:7e:f9:
         32:64:89:b1:b2:42:71:c1:17:23:e9:bd:b3:86:76:f6:cc:9b:
         45:a8:33:f8:a8:28:72:71:9a:df:98:08:0d:89:59:21:e4:ea:
         b5:f3:da:16:db:2e:a7:9e:63:01:cf:f2:54:9c:29:0c:e9:21:
         f9:1d:62:e8:4b:c7:5e:aa:13:de:19:fb:4b:bd:53:ec:b4:83:
         c3:42:ef:9d:e0:e0:78:97:3e:6d:12:47:c9:cc:53:54:31:67:
         b9:d4:df:9a:66:78:e4:57:38:9f:f4:03:64:b3:b7:97:39:0f:
         3b:8c:a8:e0:f1:d5:79:8c:25:b9:16:b7:db:3a:53:69:06:ce:
         71:98:7b:01:de:4d:c7:51:92:49:4a:a2:e5:a1:6f:d1:98:0c:
         c2:0b:63:88:75:5b:66:9c:9b:1f:45:4b:c0:40:37:b2:55:cd:
         bd:38:db:98:4d:2a:5e:bc:7c:6f:93:6a:4d:10:f7:a4:e1:6b:
         a7:5f:8c:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWeuPlAWjxbTXpFFrPt+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNDI0MDlhMWY4YzFjZWU1OTc0ZGI4YTQyZTFlYjY3MmVl
ODM0MzYwHhcNMjYwMzAyMDcwMTE3WhcNMjYwMzAzMDcwMTE3WjAzMTEwLwYDVQQD
EygzZWYxNDVkYTJiNzk3YzgwMzY2NDJlYjFlNmE5YmQ3YjgyODI3ZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ4zdvhF3NrDIB5X72fLjJpbi4XE
09PJZc/0xl7z6AU/mczQ8m0/JDAf7sh/AkqEKl8PrYX78VlsIEeRExqKbFq3C292
ytoOBtlZXCuN0aNsT/7MQimNjmx8YQIrKrDcxKvsVzvJ6p/G1Cn0Rqk60X9RuSsR
/mcEQWpGK2eYR9OOM5bm09tMbqTXIg52Sv1lBcF2LxRNIfrG5zQPlJkthGIVo5xZ
0iuwvmnhi/GvvEPzWbA2j3FSo+DtleY9hfNSAXwnGOzs2UUN2lsp93YeaWXJ1rSN
VRU04CpxFsGTubzpbIvlVqTZCufe/sRaBiZGklwFU9XfpPLSqm+SynHtBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7xRdoreXyANmQuseapvXuCgn2UMB8GA1UdIwQY
MBaAFL9CQJofjBzuWXTbikLh62cu6DQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDIt
YTUxZjQ2YmI3NDY0LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81NzJiNGEtZDIzMC00NjAzLThhNDItYTUxZjQ2YmI3NDY0
LzEvdjBKQW1oLU1ITzVaZE51S1F1SHJaeTdvTkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjCeg0ysO
4Zx0TF+gSR6/A2IGtxuGtHLMzZ7yaYxD2ar5ZHQb0BMBw7emFLwBFlbgAs4/iD6c
MzYVWQUTVnzAxMUr7weMIH75MmSJsbJCccEXI+m9s4Z29sybRagz+KgocnGa35gI
DYlZIeTqtfPaFtsup55jAc/yVJwpDOkh+R1i6EvHXqoT3hn7S71T7LSDw0LvneDg
eJc+bRJHycxTVDFnudTfmmZ45Fc4n/QDZLO3lzkPO4yo4PHVeYwluRa32zpTaQbO
cZh7Ad5Nx1GSSUqi5aFv0ZgMwgtjiHVbZpybH0VLwEA3slXNvTjbmE0qXrx8b5Nq
TRD3pOFrp1+MpA==
-----END CERTIFICATE-----