Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          4plRlolOLw+pTG9boQ9R88u3aNfS8/KA7mXcOCQzmJo=
Subject key identifier:   9D:78:B3:7E:08:6F:3E:E3:5D:C6:87:13:89:D3:6E:33:95:5F:56:8A
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       019CABD92E4E619E7E5CE80EF98B09A74FAF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          088C
Signing time:             Mon 02 Mar 2026 00:01:02 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:02 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:02 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: I7do8TxYJRE113IBrmLiuXvtaapvoyyCBfx1s8bs7NM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:2e:4e:61:9e:7e:5c:e8:0e:f9:8b:09:a7:4f:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Mar  2 00:01:02 2026 GMT
            Not After : Mar  3 00:01:02 2026 GMT
        Subject: CN=9d78b37e086f3ee35dc6871389d36e33955f568a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f7:5d:18:0c:fd:7c:0c:3c:27:2c:a4:a4:17:
                    a2:73:bc:38:a1:a7:40:ad:ed:8d:ba:51:b2:14:c9:
                    45:d1:2d:1a:80:09:8f:97:99:93:d8:44:45:3f:40:
                    dd:e6:7b:17:f5:6d:31:1a:9a:ce:36:ca:a8:9e:a1:
                    b8:a8:48:ec:1c:07:36:62:7c:e1:21:84:7c:83:e0:
                    00:70:11:25:1c:de:fb:97:c2:b5:18:de:4a:f5:07:
                    c9:c2:5f:7f:6d:f9:31:d5:24:a3:12:59:24:33:f9:
                    6f:c6:9d:b5:d2:3a:18:2f:22:c0:16:00:93:0e:6a:
                    e1:8e:78:89:84:ef:f1:6f:4a:61:cc:18:26:1e:0c:
                    b5:30:76:5e:d5:67:d2:f0:e0:7c:34:59:b0:05:8d:
                    23:7c:bb:b3:67:c7:d1:4a:69:1c:c0:f0:de:37:cb:
                    0e:38:27:02:81:f7:67:37:3d:d9:26:13:11:47:43:
                    cb:f5:6a:1b:8d:58:19:e7:d3:15:31:6c:28:75:56:
                    c7:92:b1:eb:ee:81:9a:f7:63:1c:13:21:c6:5d:25:
                    05:af:a5:a7:3b:79:6c:c1:d7:79:b5:6b:e5:0c:93:
                    71:90:fc:ea:19:df:1c:e0:cd:93:f9:ac:d9:98:1a:
                    1a:eb:4c:53:88:d1:fd:3b:37:a5:a7:36:a4:d1:2f:
                    8b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:78:B3:7E:08:6F:3E:E3:5D:C6:87:13:89:D3:6E:33:95:5F:56:8A
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:62:3f:c5:36:fe:1f:ad:a5:25:ac:08:c9:84:06:58:d0:cf:
         1f:52:bf:be:a0:d8:ce:f1:ae:ba:5a:d6:89:54:e6:30:9b:a6:
         d7:fa:f2:f7:03:23:52:d5:9f:79:b9:8b:7f:9e:2c:33:55:61:
         ca:de:b9:30:69:66:f4:c1:13:a8:7f:9a:2c:be:83:04:62:58:
         43:a9:53:09:4f:8c:97:ec:87:0e:43:ec:1a:c8:14:fd:3a:c6:
         a4:d1:42:e1:17:11:8d:79:31:72:0f:99:d4:48:ce:50:aa:ef:
         6c:2e:8b:04:23:eb:1d:b1:bf:6b:60:aa:bb:2f:b9:54:b9:05:
         d9:82:a3:68:b0:aa:9a:c3:93:b1:5b:88:1a:9c:bc:ed:9c:f5:
         2d:bb:9d:1a:07:e3:7d:be:f7:59:f5:1b:de:49:9d:1a:12:18:
         64:fd:22:63:a3:62:cf:11:57:e5:85:da:c0:ee:ac:92:7b:36:
         e7:85:c1:7c:20:24:eb:80:d0:90:53:17:aa:b5:82:46:bd:9c:
         3c:73:60:f6:74:4b:6f:cd:37:aa:ab:96:48:bc:3e:93:5e:d3:
         a4:fe:e6:60:7f:b9:f7:90:ec:98:03:db:66:e6:00:ea:63:24:
         34:1a:eb:11:3d:bf:75:35:59:d7:2c:ba:af:46:0c:00:0d:eb:
         b1:67:ae:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2S5OYZ5+XOgO+YsJp0+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjYwMzAyMDAwMTAyWhcNMjYwMzAzMDAwMTAyWjAzMTEwLwYDVQQD
Eyg5ZDc4YjM3ZTA4NmYzZWUzNWRjNjg3MTM4OWQzNmUzMzk1NWY1NjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvddGAz9fAw8JyykpBeic7w4oadA
re2NulGyFMlF0S0agAmPl5mT2ERFP0Dd5nsX9W0xGprONsqonqG4qEjsHAc2Ynzh
IYR8g+AAcBElHN77l8K1GN5K9QfJwl9/bfkx1SSjElkkM/lvxp210joYLyLAFgCT
DmrhjniJhO/xb0phzBgmHgy1MHZe1WfS8OB8NFmwBY0jfLuzZ8fRSmkcwPDeN8sO
OCcCgfdnNz3ZJhMRR0PL9WobjVgZ59MVMWwodVbHkrHr7oGa92McEyHGXSUFr6Wn
O3lswdd5tWvlDJNxkPzqGd8c4M2T+azZmBoa60xTiNH9Ozelpzak0S+LmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ14s34Ibz7jXcaHE4nTbjOVX1aKMB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApGI/xTb+
H62lJawIyYQGWNDPH1K/vqDYzvGuulrWiVTmMJum1/ry9wMjUtWfebmLf54sM1Vh
yt65MGlm9METqH+aLL6DBGJYQ6lTCU+Ml+yHDkPsGsgU/TrGpNFC4RcRjXkxcg+Z
1EjOUKrvbC6LBCPrHbG/a2Cquy+5VLkF2YKjaLCqmsOTsVuIGpy87Zz1LbudGgfj
fb73WfUb3kmdGhIYZP0iY6NizxFX5YXawO6skns254XBfCAk64DQkFMXqrWCRr2c
PHNg9nRLb803qquWSLw+k17TpP7mYH+595DsmAPbZuYA6mMkNBrrET2/dTVZ1yy6
r0YMAA3rsWeulg==
-----END CERTIFICATE-----