Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/168096-c887-476f-b335-118960ef62c6/1/4-d1gqvilic_V6RVSq2m-lwf6bA.mft
File:                     4-d1gqvilic_V6RVSq2m-lwf6bA.mft (raw, json)
Hash identifier:          OominIyAfdYpKYhiK3y9wqpTixZSTfoRTZ3Kkb+IFrg=
Subject key identifier:   BB:42:77:66:85:AE:8D:52:08:3E:13:75:00:E1:54:29:9B:AD:CA:81
Authority key identifier: E3:E7:75:82:AB:E2:96:27:3F:57:A4:55:4A:AD:A6:FA:5C:1F:E9:B0
Certificate issuer:       /CN=e3e77582abe296273f57a4554aada6fa5c1fe9b0
Certificate serial:       019CAC7E63A543BA44C698BA84D36232AACB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4-d1gqvilic_V6RVSq2m-lwf6bA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/168096-c887-476f-b335-118960ef62c6/1/4-d1gqvilic_V6RVSq2m-lwf6bA.mft
Manifest number:          070D
Signing time:             Mon 02 Mar 2026 03:01:30 +0000
Manifest this update:     Mon 02 Mar 2026 03:01:30 +0000
Manifest next update:     Tue 03 Mar 2026 03:01:30 +0000
Files and hashes:         1: 4-d1gqvilic_V6RVSq2m-lwf6bA.crl (hash: Q/d4C9IEpQlheeezdKsQPpDKDvKPX/mg8KiT6UZd3oc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/168096-c887-476f-b335-118960ef62c6/1/4-d1gqvilic_V6RVSq2m-lwf6bA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/168096-c887-476f-b335-118960ef62c6/1/4-d1gqvilic_V6RVSq2m-lwf6bA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4-d1gqvilic_V6RVSq2m-lwf6bA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:7e:63:a5:43:ba:44:c6:98:ba:84:d3:62:32:aa:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3e77582abe296273f57a4554aada6fa5c1fe9b0
        Validity
            Not Before: Mar  2 03:01:30 2026 GMT
            Not After : Mar  3 03:01:30 2026 GMT
        Subject: CN=bb42776685ae8d52083e137500e154299badca81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d4:b1:5f:a1:97:15:e3:ca:15:ce:39:4d:64:
                    aa:1b:30:a9:79:f2:cd:b0:38:cd:4c:2f:42:e5:bc:
                    13:73:c0:6d:d2:78:b7:0f:17:11:ca:48:4e:29:44:
                    51:0e:f9:6f:42:ea:b4:2f:da:88:9d:e1:8c:c0:c9:
                    df:d2:ed:5c:3b:ca:de:cb:cd:dd:fe:2e:93:4c:44:
                    89:59:1c:8e:c2:41:d3:19:1c:a2:16:97:64:11:4b:
                    ac:0a:c1:b4:2c:35:f3:54:37:85:14:8b:5d:de:8c:
                    b1:a8:5d:4d:df:0a:2f:3d:a4:fc:38:15:09:4b:ab:
                    52:f5:95:88:a5:90:a4:85:5c:c6:f9:c3:44:2d:ff:
                    b0:1d:c1:f5:76:d7:57:4b:08:21:2a:15:fb:88:d7:
                    1a:9a:67:dc:0e:5f:f8:b0:a0:85:fd:d6:2c:ff:82:
                    4b:57:ed:66:10:70:68:d0:eb:5d:3e:8d:25:83:ef:
                    db:57:41:fa:fd:05:f7:24:96:4c:b6:04:ae:3b:75:
                    94:ea:f0:43:9e:63:81:c0:e1:79:28:61:38:c8:32:
                    06:08:06:5c:02:a7:23:c6:79:6c:70:06:32:ae:80:
                    b0:30:16:67:a2:e1:e5:24:46:12:ca:e6:c0:f0:ff:
                    d7:c5:0c:89:74:60:a0:7d:3c:c8:54:ed:ef:05:72:
                    b6:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:42:77:66:85:AE:8D:52:08:3E:13:75:00:E1:54:29:9B:AD:CA:81
            X509v3 Authority Key Identifier:
                keyid:E3:E7:75:82:AB:E2:96:27:3F:57:A4:55:4A:AD:A6:FA:5C:1F:E9:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4-d1gqvilic_V6RVSq2m-lwf6bA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/168096-c887-476f-b335-118960ef62c6/1/4-d1gqvilic_V6RVSq2m-lwf6bA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/168096-c887-476f-b335-118960ef62c6/1/4-d1gqvilic_V6RVSq2m-lwf6bA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:17:10:c6:b7:ce:51:1e:19:99:41:0d:38:7a:d9:f5:49:78:
         23:ae:cb:2f:9a:29:8b:d3:b0:46:ee:42:98:9c:13:dd:fc:c2:
         57:49:eb:66:fe:44:81:1f:1c:6f:4c:ab:1e:43:f8:b0:34:03:
         ac:4d:0f:f9:8c:98:77:fe:94:f1:c7:42:ad:78:91:19:80:be:
         a7:a2:b5:d1:82:23:56:38:0c:13:d6:48:31:25:dc:f4:c6:44:
         47:5b:ff:30:fe:d6:77:c3:49:77:b4:09:74:cd:e7:9f:c7:ac:
         bf:1c:54:58:0d:db:55:51:0a:25:dc:b0:96:9f:c2:ef:a4:81:
         6e:27:3d:a8:d1:33:66:9c:42:6b:a7:40:b2:d5:82:35:50:08:
         6f:8a:2d:70:a2:01:27:d7:82:c4:6e:21:78:c4:7e:a2:1c:f0:
         f4:77:16:76:0d:db:27:cf:46:1d:06:80:e5:cb:2b:1a:85:b7:
         e2:48:af:5f:de:35:48:3c:df:fc:e4:c6:8c:14:d0:27:55:91:
         69:f8:fa:b1:a2:68:67:55:4e:09:5f:16:d0:6f:29:55:03:5a:
         53:91:2c:5d:0b:2d:50:9d:b8:81:e3:3d:ea:1a:1e:22:b4:ee:
         8a:b6:08:d2:db:0a:20:3f:d5:ee:ae:69:b5:78:a5:9d:70:b5:
         5c:a2:53:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfmOlQ7pExpi6hNNiMqrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZTc3NTgyYWJlMjk2MjczZjU3YTQ1NTRhYWRhNmZhNWMx
ZmU5YjAwHhcNMjYwMzAyMDMwMTMwWhcNMjYwMzAzMDMwMTMwWjAzMTEwLwYDVQQD
EyhiYjQyNzc2Njg1YWU4ZDUyMDgzZTEzNzUwMGUxNTQyOTliYWRjYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdSxX6GXFePKFc45TWSqGzCpefLN
sDjNTC9C5bwTc8Bt0ni3DxcRykhOKURRDvlvQuq0L9qIneGMwMnf0u1cO8rey83d
/i6TTESJWRyOwkHTGRyiFpdkEUusCsG0LDXzVDeFFItd3oyxqF1N3wovPaT8OBUJ
S6tS9ZWIpZCkhVzG+cNELf+wHcH1dtdXSwghKhX7iNcammfcDl/4sKCF/dYs/4JL
V+1mEHBo0OtdPo0lg+/bV0H6/QX3JJZMtgSuO3WU6vBDnmOBwOF5KGE4yDIGCAZc
AqcjxnlscAYyroCwMBZnouHlJEYSyubA8P/XxQyJdGCgfTzIVO3vBXK2IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLtCd2aFro1SCD4TdQDhVCmbrcqBMB8GA1UdIwQY
MBaAFOPndYKr4pYnP1ekVUqtpvpcH+mwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNC1kMWdxdmlsaWNfVjZSVlNxMm0tbHdmNmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xNjgwOTYtYzg4Ny00NzZmLWIzMzUt
MTE4OTYwZWY2MmM2LzEvNC1kMWdxdmlsaWNfVjZSVlNxMm0tbHdmNmJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xNjgwOTYtYzg4Ny00NzZmLWIzMzUtMTE4OTYwZWY2MmM2
LzEvNC1kMWdxdmlsaWNfVjZSVlNxMm0tbHdmNmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAExcQxrfO
UR4ZmUENOHrZ9Ul4I67LL5opi9OwRu5CmJwT3fzCV0nrZv5EgR8cb0yrHkP4sDQD
rE0P+YyYd/6U8cdCrXiRGYC+p6K10YIjVjgME9ZIMSXc9MZER1v/MP7Wd8NJd7QJ
dM3nn8esvxxUWA3bVVEKJdywlp/C76SBbic9qNEzZpxCa6dAstWCNVAIb4otcKIB
J9eCxG4heMR+ohzw9HcWdg3bJ89GHQaA5csrGoW34kivX941SDzf/OTGjBTQJ1WR
afj6saJoZ1VOCV8W0G8pVQNaU5EsXQstUJ24geM96hoeIrTuirYI0tsKID/V7q5p
tXilnXC1XKJTIg==
-----END CERTIFICATE-----