Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
File:                     coCW6KzXbpqhfz62eAQG49pWPtI.mft (raw, json)
Hash identifier:          /kvZdsnMYaDu2MMAWYdKVtrj9XToq8uct6quGhm+WII=
Subject key identifier:   3A:8C:DB:4D:98:CE:AE:77:C6:25:F0:14:C8:D2:2B:ED:03:3F:90:61
Authority key identifier: 72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2
Certificate issuer:       /CN=728096e8acd76e9aa17f3eb6780406e3da563ed2
Certificate serial:       019CAA585438A72918271F9782362B63A5F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
Manifest number:          16FF
Signing time:             Sun 01 Mar 2026 17:00:41 +0000
Manifest this update:     Sun 01 Mar 2026 17:00:41 +0000
Manifest next update:     Mon 02 Mar 2026 17:00:41 +0000
Files and hashes:         1: coCW6KzXbpqhfz62eAQG49pWPtI.crl (hash: HkKutwz/LU0rXwUWpD5To16d8MqOYeA3oMF+GbybSwE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:54:38:a7:29:18:27:1f:97:82:36:2b:63:a5:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=728096e8acd76e9aa17f3eb6780406e3da563ed2
        Validity
            Not Before: Mar  1 17:00:41 2026 GMT
            Not After : Mar  2 17:00:41 2026 GMT
        Subject: CN=3a8cdb4d98ceae77c625f014c8d22bed033f9061
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:62:39:59:11:ac:d7:64:57:f3:3d:e7:77:39:
                    21:ff:0b:57:5d:f4:b0:88:2b:32:61:a8:b8:c7:bc:
                    39:67:cc:96:b5:3c:7b:ed:c3:3a:6d:6b:3c:dd:91:
                    ec:92:6b:c8:4e:b4:3b:ff:4c:8a:97:2b:d3:55:07:
                    07:50:b8:70:ce:4a:ae:cf:42:02:b1:44:84:4d:c9:
                    0c:b1:ea:69:05:30:77:63:c1:f5:e5:af:4c:6f:50:
                    62:ad:51:7e:7c:b5:7d:66:f5:61:6e:e8:a9:1d:2a:
                    d7:0a:6e:d8:6d:c3:3b:d7:70:c1:52:6e:cb:20:29:
                    fd:2d:25:e1:53:e1:fe:34:b5:5f:30:ac:15:97:35:
                    b0:15:96:b8:8f:98:80:78:bb:d1:6a:3f:7d:77:f8:
                    41:87:51:8a:12:e5:8a:11:98:06:f8:30:c6:7d:28:
                    b6:d8:fe:ae:15:da:ef:d7:da:3f:cc:17:8d:23:b1:
                    7a:44:5f:0c:d0:7d:fb:c8:a3:41:74:ce:14:7b:bb:
                    b6:dd:b8:c5:7c:ca:5d:2e:38:e3:9a:ce:25:a6:0b:
                    ee:c4:0e:80:2a:93:46:dc:6c:d4:5b:53:de:96:53:
                    30:4a:ee:a6:9f:d1:ab:38:ec:fd:5a:6c:7a:38:70:
                    c0:c7:f1:95:fd:6c:35:af:ca:42:d4:87:8f:68:f7:
                    d2:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:8C:DB:4D:98:CE:AE:77:C6:25:F0:14:C8:D2:2B:ED:03:3F:90:61
            X509v3 Authority Key Identifier:
                keyid:72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:44:94:77:08:5f:2f:85:91:f3:96:8d:a0:d1:9d:2f:79:40:
         3d:20:82:34:16:e2:f7:25:be:7f:23:2e:b6:2f:36:7e:f8:8f:
         00:95:46:bd:80:9a:d4:71:72:45:8b:c6:30:16:83:50:74:01:
         cf:1d:38:da:48:2a:b8:dd:ea:da:06:8f:63:d9:ff:38:13:bb:
         6a:f8:0c:26:de:47:34:4c:86:86:95:7f:2f:cb:54:9c:d3:f4:
         ad:6e:a6:72:22:fa:fb:dd:4e:c6:44:ff:52:8d:2a:01:86:81:
         a5:53:04:47:24:0a:47:e0:7c:c8:13:34:3f:ed:c3:91:c4:d9:
         9f:18:19:a6:dc:b2:51:5c:10:df:2f:2b:b5:d2:65:4e:05:f4:
         9a:84:91:e7:2e:00:ef:5d:7f:28:58:36:b7:44:75:68:da:18:
         e1:0d:fe:d9:a2:a6:01:1c:07:ba:f0:a8:87:48:a0:a5:fb:75:
         1e:dd:2f:b8:8c:43:70:b6:3c:6f:74:0a:12:a1:92:a6:1e:97:
         ef:b6:77:a8:7d:25:b0:dd:df:8e:3c:e8:69:6e:f0:c4:e3:37:
         c3:2a:ea:f0:63:6b:8e:43:eb:a8:1b:6c:b2:6f:2d:76:74:eb:
         25:a6:52:cd:67:6a:3d:1c:75:d0:85:13:0c:be:4e:9b:8c:bf:
         99:73:e2:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWFQ4pykYJx+XgjYrY6XzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyODA5NmU4YWNkNzZlOWFhMTdmM2ViNjc4MDQwNmUzZGE1
NjNlZDIwHhcNMjYwMzAxMTcwMDQxWhcNMjYwMzAyMTcwMDQxWjAzMTEwLwYDVQQD
EygzYThjZGI0ZDk4Y2VhZTc3YzYyNWYwMTRjOGQyMmJlZDAzM2Y5MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmI5WRGs12RX8z3ndzkh/wtXXfSw
iCsyYai4x7w5Z8yWtTx77cM6bWs83ZHskmvITrQ7/0yKlyvTVQcHULhwzkquz0IC
sUSETckMseppBTB3Y8H15a9Mb1BirVF+fLV9ZvVhbuipHSrXCm7YbcM713DBUm7L
ICn9LSXhU+H+NLVfMKwVlzWwFZa4j5iAeLvRaj99d/hBh1GKEuWKEZgG+DDGfSi2
2P6uFdrv19o/zBeNI7F6RF8M0H37yKNBdM4Ue7u23bjFfMpdLjjjms4lpgvuxA6A
KpNG3GzUW1PellMwSu6mn9GrOOz9Wmx6OHDAx/GV/Ww1r8pC1IePaPfStwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqM202Yzq53xiXwFMjSK+0DP5BhMB8GA1UdIwQY
MBaAFHKAluis126aoX8+tngEBuPaVj7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYt
YzE3MzRkNTBjYjNiLzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYtYzE3MzRkNTBjYjNi
LzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiUSUdwhf
L4WR85aNoNGdL3lAPSCCNBbi9yW+fyMuti82fviPAJVGvYCa1HFyRYvGMBaDUHQB
zx042kgquN3q2gaPY9n/OBO7avgMJt5HNEyGhpV/L8tUnNP0rW6mciL6+91OxkT/
Uo0qAYaBpVMERyQKR+B8yBM0P+3DkcTZnxgZptyyUVwQ3y8rtdJlTgX0moSR5y4A
711/KFg2t0R1aNoY4Q3+2aKmARwHuvCoh0igpft1Ht0vuIxDcLY8b3QKEqGSph6X
77Z3qH0lsN3fjjzoaW7wxOM3wyrq8GNrjkPrqBtssm8tdnTrJaZSzWdqPRx10IUT
DL5Om4y/mXPiMw==
-----END CERTIFICATE-----