Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft
File:                     1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft (raw, json)
Hash identifier:          vAWBwn88cMCbab3VH1pnuVDQYSLvndnbjY5txDQ8QzI=
Subject key identifier:   1D:9F:D4:F8:DC:E1:69:A4:9B:3B:BC:E9:75:4A:D7:61:5B:B4:9B:7D
Authority key identifier: D4:2C:C4:02:67:E3:59:2E:1B:52:F0:F0:09:6C:B1:F2:F0:AF:16:7D
Certificate issuer:       /CN=d42cc40267e3592e1b52f0f0096cb1f2f0af167d
Certificate serial:       019CABD9137713266D36219940C992B275C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft
Manifest number:          055E
Signing time:             Mon 02 Mar 2026 00:00:55 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:55 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:55 +0000
Files and hashes:         1: 1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl (hash: H1zCay1C5ORXAE8X9C8wDGekVzH6aZEDE7xY54nw0q4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:13:77:13:26:6d:36:21:99:40:c9:92:b2:75:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d42cc40267e3592e1b52f0f0096cb1f2f0af167d
        Validity
            Not Before: Mar  2 00:00:55 2026 GMT
            Not After : Mar  3 00:00:55 2026 GMT
        Subject: CN=1d9fd4f8dce169a49b3bbce9754ad7615bb49b7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:52:1d:39:d6:2e:07:d0:54:89:a1:2c:13:27:
                    4b:77:eb:c2:ac:83:05:18:98:38:cd:09:65:82:5f:
                    53:80:29:34:75:db:3d:2e:6c:54:ee:58:4d:bf:24:
                    8a:cd:b4:2a:09:f3:0c:14:37:87:6d:14:ec:e6:ad:
                    ef:1c:53:90:28:1f:62:ef:44:ae:33:0b:05:6c:d3:
                    8f:e7:24:8a:1b:6e:76:18:4b:ac:ae:9d:7f:6b:08:
                    f5:54:5e:52:3c:e0:18:f7:2a:8f:67:0e:13:77:96:
                    13:59:2e:49:4c:63:37:fa:f5:c5:6a:e3:9a:09:11:
                    20:7e:37:b4:63:e4:57:a8:f2:7a:ec:98:25:87:b8:
                    56:38:5c:85:0b:2a:c9:26:10:94:af:01:ec:18:a5:
                    d1:fe:00:df:34:eb:31:ce:bc:0a:a8:fb:cd:2d:6d:
                    88:48:20:07:72:0b:22:c2:12:ae:80:e4:1d:c0:36:
                    41:00:8d:78:18:c0:93:53:03:13:b0:63:2d:c2:b3:
                    6d:6c:a1:45:97:d5:23:9c:aa:06:bd:21:65:f3:1b:
                    10:4b:2f:3a:b2:9e:f0:b7:64:b1:c2:40:b1:4c:4d:
                    92:c9:f2:44:43:a0:e3:78:9c:f8:9c:8c:d5:2d:6b:
                    6c:3e:04:96:98:27:b2:a6:09:60:d3:f0:6a:5e:d7:
                    74:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:9F:D4:F8:DC:E1:69:A4:9B:3B:BC:E9:75:4A:D7:61:5B:B4:9B:7D
            X509v3 Authority Key Identifier:
                keyid:D4:2C:C4:02:67:E3:59:2E:1B:52:F0:F0:09:6C:B1:F2:F0:AF:16:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:65:d3:c2:3b:81:31:08:3d:ed:5d:63:28:c2:db:07:bf:66:
         6b:06:ee:07:1b:8a:20:22:11:2e:c9:32:91:28:e5:14:59:36:
         09:b7:d1:03:0c:a9:17:b4:ed:34:f7:ac:d8:a9:b3:7a:e2:57:
         7f:b9:65:2d:37:e9:b8:d6:02:5e:13:01:96:86:a4:fc:d9:a6:
         05:bd:85:d8:ee:f2:4d:a7:99:29:cc:dc:6c:b5:c1:4a:0c:e8:
         a6:3e:7e:53:3d:66:31:66:3b:99:84:75:bb:22:92:62:2e:fb:
         99:7c:7b:fd:19:86:c7:8f:ec:ec:bc:8b:04:24:2d:f7:54:21:
         6a:1e:1b:71:cf:2b:f2:53:53:a2:bf:18:07:49:71:aa:b4:4c:
         28:31:b7:b6:e2:f2:ff:1f:7e:72:cb:4d:e9:a4:29:9b:82:5f:
         11:34:78:c3:a7:bb:78:72:13:58:ac:22:db:95:61:d4:fb:53:
         cf:29:b8:29:e3:d8:e3:b1:04:22:8e:f9:4c:02:9d:f9:0e:9b:
         d7:b4:ce:83:d6:e0:67:00:f7:16:5f:c8:b9:10:aa:6c:26:22:
         02:5e:c0:ca:d7:ff:25:2f:d3:af:e2:c7:d4:32:29:cf:1c:64:
         13:27:18:2e:ee:2c:65:a0:53:9c:ea:97:19:e4:8c:6f:9f:d7:
         3d:c4:9a:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2RN3EyZtNiGZQMmSsnXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MmNjNDAyNjdlMzU5MmUxYjUyZjBmMDA5NmNiMWYyZjBh
ZjE2N2QwHhcNMjYwMzAyMDAwMDU1WhcNMjYwMzAzMDAwMDU1WjAzMTEwLwYDVQQD
EygxZDlmZDRmOGRjZTE2OWE0OWIzYmJjZTk3NTRhZDc2MTViYjQ5YjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFIdOdYuB9BUiaEsEydLd+vCrIMF
GJg4zQllgl9TgCk0dds9LmxU7lhNvySKzbQqCfMMFDeHbRTs5q3vHFOQKB9i70Su
MwsFbNOP5ySKG252GEusrp1/awj1VF5SPOAY9yqPZw4Td5YTWS5JTGM3+vXFauOa
CREgfje0Y+RXqPJ67Jglh7hWOFyFCyrJJhCUrwHsGKXR/gDfNOsxzrwKqPvNLW2I
SCAHcgsiwhKugOQdwDZBAI14GMCTUwMTsGMtwrNtbKFFl9UjnKoGvSFl8xsQSy86
sp7wt2SxwkCxTE2SyfJEQ6DjeJz4nIzVLWtsPgSWmCeypglg0/BqXtd0LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2f1Pjc4Wmkmzu86XVK12FbtJt9MB8GA1UdIwQY
MBaAFNQsxAJn41kuG1Lw8AlssfLwrxZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83MTM0NWQtMmYyZC00YjU5LTllNjct
MTZlMTMwODczN2IwLzEvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83MTM0NWQtMmYyZC00YjU5LTllNjctMTZlMTMwODczN2Iw
LzEvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs2XTwjuB
MQg97V1jKMLbB79mawbuBxuKICIRLskykSjlFFk2CbfRAwypF7TtNPes2KmzeuJX
f7llLTfpuNYCXhMBloak/NmmBb2F2O7yTaeZKczcbLXBSgzopj5+Uz1mMWY7mYR1
uyKSYi77mXx7/RmGx4/s7LyLBCQt91Qhah4bcc8r8lNTor8YB0lxqrRMKDG3tuLy
/x9+cstN6aQpm4JfETR4w6e7eHITWKwi25Vh1PtTzym4KePY47EEIo75TAKd+Q6b
17TOg9bgZwD3Fl/IuRCqbCYiAl7Aytf/JS/Tr+LH1DIpzxxkEycYLu4sZaBTnOqX
GeSMb5/XPcSa2w==
-----END CERTIFICATE-----