Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
File:                     H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft (raw, json)
Hash identifier:          7aGnoWR3avjZN0+lQ4HMo7KkGsE2/5D+CsqMFDAhcYM=
Subject key identifier:   6D:5B:88:0B:EF:BA:3B:C4:DA:B8:8A:89:CC:7C:9A:5A:4F:3B:96:64
Authority key identifier: 1F:8C:D5:BD:A3:46:10:AD:AF:ED:1F:ED:43:A2:23:45:F0:76:7E:7F
Certificate issuer:       /CN=1f8cd5bda34610adafed1fed43a22345f0767e7f
Certificate serial:       019CABD90A5389840A47D4841846B46D9628
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
Manifest number:          1715
Signing time:             Mon 02 Mar 2026 00:00:53 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:53 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:53 +0000
Files and hashes:         1: H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl (hash: 27cqVfcX2bTMR9AI5oy9uVBk7pXGedH8WEzvq8upOcg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:0a:53:89:84:0a:47:d4:84:18:46:b4:6d:96:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f8cd5bda34610adafed1fed43a22345f0767e7f
        Validity
            Not Before: Mar  2 00:00:53 2026 GMT
            Not After : Mar  3 00:00:53 2026 GMT
        Subject: CN=6d5b880befba3bc4dab88a89cc7c9a5a4f3b9664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:6c:81:de:10:d1:29:fa:27:c2:0b:7a:8a:70:
                    29:79:6d:05:db:d0:f0:39:21:ff:39:a3:c4:93:fb:
                    1f:27:3b:28:fb:b2:1e:9c:f6:74:08:59:b8:fb:ca:
                    c2:75:1c:45:d9:bd:33:9a:59:10:33:6f:d3:fe:a3:
                    ed:44:83:b1:c6:e9:5f:33:d2:2b:f6:a5:f2:1c:5e:
                    1a:89:99:03:b0:65:1c:c7:a5:64:e0:c4:03:e0:09:
                    77:0e:c9:96:86:ee:1f:bb:74:20:a7:78:5a:f7:e1:
                    14:c1:09:20:a7:af:7f:86:37:a3:81:1f:52:2a:22:
                    17:96:19:3c:67:d2:2a:f2:20:45:69:6f:77:19:33:
                    24:76:83:59:ab:c6:ff:ca:6f:d8:49:30:0c:3f:af:
                    24:98:35:41:12:ae:2f:34:13:4c:2d:b6:c5:ed:05:
                    45:90:0f:e1:e3:0d:b1:60:4b:8f:97:09:dc:9b:b0:
                    c4:d3:47:29:e0:11:04:d4:1d:e0:b1:3e:1c:18:46:
                    6b:28:e0:f2:12:cc:82:28:47:6a:20:e0:e5:e6:16:
                    0f:f3:21:5f:2b:e1:7c:33:9e:77:b7:d7:01:a4:fe:
                    52:3b:0f:26:b8:cf:89:18:a7:2f:70:61:cd:28:12:
                    7c:a9:77:05:3f:2e:75:aa:08:25:0d:06:83:f2:d9:
                    63:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:5B:88:0B:EF:BA:3B:C4:DA:B8:8A:89:CC:7C:9A:5A:4F:3B:96:64
            X509v3 Authority Key Identifier:
                keyid:1F:8C:D5:BD:A3:46:10:AD:AF:ED:1F:ED:43:A2:23:45:F0:76:7E:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/49c630-80d8-4955-ba6e-ee6dbfa98d2e/1/H4zVvaNGEK2v7R_tQ6IjRfB2fn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:b9:ed:38:ac:80:07:c9:7b:eb:bd:80:1e:f6:93:31:76:bb:
         c1:5b:70:7e:c0:79:d3:11:46:f4:bd:6d:8a:f1:ee:ae:cb:41:
         35:b5:90:21:9a:bc:a6:1e:25:6d:e8:a6:b1:02:cd:0b:38:a7:
         15:49:45:03:38:c8:3e:de:a7:6c:90:44:1b:0a:d2:66:b4:bc:
         a6:2f:32:7c:08:75:e6:9d:84:fb:25:86:74:07:e5:9b:7f:fe:
         a2:5a:6a:f5:66:af:0b:3b:f1:a5:d8:5b:c5:05:fd:62:b8:dc:
         17:34:f2:d8:99:d6:ea:ae:ef:bb:88:4f:bc:2a:71:7c:99:02:
         17:a7:c5:90:a2:21:45:bb:e0:95:4c:de:9f:4b:93:ea:20:09:
         d6:06:10:46:37:5f:16:07:06:52:34:da:fd:9d:de:55:b7:ba:
         80:37:f1:92:dd:20:ac:07:c9:09:fa:d6:c9:08:6a:3e:2e:4d:
         8b:6a:52:4d:ba:ff:d9:69:34:82:5e:47:7a:c6:ee:0e:2f:72:
         b8:a2:0c:1e:14:e9:74:60:65:c5:10:50:16:63:54:61:18:b6:
         2f:4f:f8:fe:30:7c:c7:8a:3b:e8:88:ec:41:75:47:5b:df:7c:
         2c:98:fc:e3:d2:38:f7:da:92:f2:3b:c7:2d:e5:73:f0:d2:98:
         87:ca:d5:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2QpTiYQKR9SEGEa0bZYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOGNkNWJkYTM0NjEwYWRhZmVkMWZlZDQzYTIyMzQ1ZjA3
NjdlN2YwHhcNMjYwMzAyMDAwMDUzWhcNMjYwMzAzMDAwMDUzWjAzMTEwLwYDVQQD
Eyg2ZDViODgwYmVmYmEzYmM0ZGFiODhhODljYzdjOWE1YTRmM2I5NjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12yB3hDRKfonwgt6inApeW0F29Dw
OSH/OaPEk/sfJzso+7IenPZ0CFm4+8rCdRxF2b0zmlkQM2/T/qPtRIOxxulfM9Ir
9qXyHF4aiZkDsGUcx6Vk4MQD4Al3DsmWhu4fu3Qgp3ha9+EUwQkgp69/hjejgR9S
KiIXlhk8Z9Iq8iBFaW93GTMkdoNZq8b/ym/YSTAMP68kmDVBEq4vNBNMLbbF7QVF
kA/h4w2xYEuPlwncm7DE00cp4BEE1B3gsT4cGEZrKODyEsyCKEdqIODl5hYP8yFf
K+F8M553t9cBpP5SOw8muM+JGKcvcGHNKBJ8qXcFPy51qgglDQaD8tljowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1biAvvujvE2riKicx8mlpPO5ZkMB8GA1UdIwQY
MBaAFB+M1b2jRhCtr+0f7UOiI0Xwdn5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My80OWM2MzAtODBkOC00OTU1LWJhNmUt
ZWU2ZGJmYTk4ZDJlLzEvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My80OWM2MzAtODBkOC00OTU1LWJhNmUtZWU2ZGJmYTk4ZDJl
LzEvSDR6VnZhTkdFSzJ2N1JfdFE2SWpSZkIyZm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVbntOKyA
B8l7672AHvaTMXa7wVtwfsB50xFG9L1tivHurstBNbWQIZq8ph4lbeimsQLNCzin
FUlFAzjIPt6nbJBEGwrSZrS8pi8yfAh15p2E+yWGdAflm3/+olpq9WavCzvxpdhb
xQX9YrjcFzTy2JnW6q7vu4hPvCpxfJkCF6fFkKIhRbvglUzen0uT6iAJ1gYQRjdf
FgcGUjTa/Z3eVbe6gDfxkt0grAfJCfrWyQhqPi5Ni2pSTbr/2Wk0gl5HesbuDi9y
uKIMHhTpdGBlxRBQFmNUYRi2L0/4/jB8x4o76IjsQXVHW998LJj849I499qS8jvH
LeVz8NKYh8rVbw==
-----END CERTIFICATE-----