Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
File:                     oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json)
Hash identifier:          dCddHAY0c/a9HsT+PBXejaGbd5wwN7aqzm5+Z+CRJn8=
Subject key identifier:   48:B4:08:95:AF:8B:E2:8E:89:3E:9F:34:B7:DF:84:D8:BC:6A:3A:4F
Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB
Certificate issuer:       /CN=a0252fe9b42a643f477e5846619aae886917effb
Certificate serial:       019CAC46FFFF5E45E91DA5BA59897A167F5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
Manifest number:          162F
Signing time:             Mon 02 Mar 2026 02:00:59 +0000
Manifest this update:     Mon 02 Mar 2026 02:00:59 +0000
Manifest next update:     Tue 03 Mar 2026 02:00:59 +0000
Files and hashes:         1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: TNFAZCG1tPANjKNSQxR26OvMSlsdMKk26BUTZ39FVho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:46:ff:ff:5e:45:e9:1d:a5:ba:59:89:7a:16:7f:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb
        Validity
            Not Before: Mar  2 02:00:59 2026 GMT
            Not After : Mar  3 02:00:59 2026 GMT
        Subject: CN=48b40895af8be28e893e9f34b7df84d8bc6a3a4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:65:98:a5:c6:eb:8f:1a:ad:c4:62:9f:65:a7:
                    52:2d:26:82:c3:c2:63:7c:c2:f0:aa:d3:6f:98:8d:
                    74:b9:f6:ed:50:dd:fa:bf:b6:0a:2d:d9:fb:54:bc:
                    94:bc:51:e0:f6:b2:30:76:4f:06:44:20:29:5e:cd:
                    b3:ed:16:b7:70:48:9f:a0:f3:63:fb:1a:d6:88:4f:
                    68:6f:b3:1d:0b:47:73:d7:10:9c:d5:d6:4a:e7:7f:
                    19:c8:5a:59:45:3e:dc:33:af:57:83:3d:25:cb:82:
                    18:da:a4:b2:cf:1e:bb:4b:8b:4d:e3:66:bb:2d:69:
                    39:75:5c:59:bf:db:b4:a9:78:fa:79:5e:34:b8:ab:
                    33:ff:1c:6b:fc:9d:a9:79:78:75:79:7b:1a:b3:25:
                    4e:ab:82:71:d7:3c:4e:5d:78:99:2a:25:c8:df:71:
                    f3:e2:3b:d9:9f:9f:49:a4:d5:09:6d:23:fc:6d:19:
                    80:7c:28:57:b7:47:8a:33:6f:7b:6a:5c:44:56:5d:
                    41:8a:8f:b0:91:55:dd:cf:44:5b:c8:e1:e0:4f:71:
                    c9:8f:b0:ba:f0:b6:3f:7e:d5:63:14:2a:ea:1a:49:
                    67:2f:17:75:5b:86:f3:6a:a9:6a:14:09:79:9f:f0:
                    aa:1e:74:44:bb:5d:53:c9:1a:53:a4:75:ff:e9:76:
                    fa:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:B4:08:95:AF:8B:E2:8E:89:3E:9F:34:B7:DF:84:D8:BC:6A:3A:4F
            X509v3 Authority Key Identifier:
                keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:72:d9:7b:47:a4:b6:11:99:90:06:68:de:55:5a:6c:7a:eb:
         3b:e0:25:68:2d:f2:8c:c3:7b:02:f6:4a:37:a3:c1:cc:d2:07:
         03:e4:bb:5f:a1:aa:43:7e:0b:59:22:ec:6f:0e:44:d9:a9:8f:
         bf:49:5a:d2:a3:26:06:a3:8c:d1:80:a1:ec:a3:11:bd:1b:89:
         fa:42:a9:c0:e3:d5:6d:c8:43:d2:94:e6:6d:6e:a8:e7:af:d9:
         96:02:b1:25:65:49:58:cf:7e:1c:2c:5f:79:96:8b:0b:ce:e5:
         31:35:c0:4d:0e:46:9f:7f:45:ce:8f:a7:55:47:04:84:ea:62:
         9d:e0:d6:6d:62:97:91:ed:a4:bb:e2:95:b0:ee:a7:7d:95:e2:
         ff:e0:12:80:78:bb:cc:9e:e2:e7:f6:55:53:89:de:19:61:49:
         6b:76:83:22:f1:0d:ce:8f:09:02:81:e7:48:ae:a4:05:88:d5:
         45:99:03:f0:7c:0f:c3:d4:8b:6f:aa:ee:e4:2e:70:b0:17:2c:
         91:00:c9:6f:60:13:df:ef:2c:a8:86:0a:6c:f8:95:c0:78:8c:
         75:ec:b6:3d:92:25:b1:6e:78:de:f0:e3:c3:b8:58:b3:0a:4d:
         f8:59:c2:32:8a:5b:96:f8:3d:b8:ed:f0:b7:c2:cc:b4:61:4a:
         63:71:6f:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRv//XkXpHaW6WYl6Fn9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx
N2VmZmIwHhcNMjYwMzAyMDIwMDU5WhcNMjYwMzAzMDIwMDU5WjAzMTEwLwYDVQQD
Eyg0OGI0MDg5NWFmOGJlMjhlODkzZTlmMzRiN2RmODRkOGJjNmEzYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmWYpcbrjxqtxGKfZadSLSaCw8Jj
fMLwqtNvmI10ufbtUN36v7YKLdn7VLyUvFHg9rIwdk8GRCApXs2z7Ra3cEifoPNj
+xrWiE9ob7MdC0dz1xCc1dZK538ZyFpZRT7cM69Xgz0ly4IY2qSyzx67S4tN42a7
LWk5dVxZv9u0qXj6eV40uKsz/xxr/J2peXh1eXsasyVOq4Jx1zxOXXiZKiXI33Hz
4jvZn59JpNUJbSP8bRmAfChXt0eKM297alxEVl1Bio+wkVXdz0RbyOHgT3HJj7C6
8LY/ftVjFCrqGklnLxd1W4bzaqlqFAl5n/CqHnREu11TyRpTpHX/6Xb6+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEi0CJWvi+KOiT6fNLffhNi8ajpPMB8GA1UdIwQY
MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt
MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3
LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe3LZe0ek
thGZkAZo3lVabHrrO+AlaC3yjMN7AvZKN6PBzNIHA+S7X6GqQ34LWSLsbw5E2amP
v0la0qMmBqOM0YCh7KMRvRuJ+kKpwOPVbchD0pTmbW6o56/ZlgKxJWVJWM9+HCxf
eZaLC87lMTXATQ5Gn39Fzo+nVUcEhOpineDWbWKXke2ku+KVsO6nfZXi/+ASgHi7
zJ7i5/ZVU4neGWFJa3aDIvENzo8JAoHnSK6kBYjVRZkD8HwPw9SLb6ru5C5wsBcs
kQDJb2AT3+8sqIYKbPiVwHiMdey2PZIlsW543vDjw7hYswpN+FnCMopblvg9uO3w
t8LMtGFKY3FvmA==
-----END CERTIFICATE-----