Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
File:                     dPYRYnGtLREZYKLZYaqcFi-VgKY.mft (raw, json)
Hash identifier:          2TRk29M5k9pWvMsk2Kpf7n7uUqbk+J4QKMqJuElQxtE=
Subject key identifier:   88:5C:02:7A:69:AC:2C:FB:DD:B0:1F:09:2A:B4:F1:86:EA:0D:4E:9D
Authority key identifier: 74:F6:11:62:71:AD:2D:11:19:60:A2:D9:61:AA:9C:16:2F:95:80:A6
Certificate issuer:       /CN=74f6116271ad2d111960a2d961aa9c162f9580a6
Certificate serial:       019CAB6BCD334238435CF139C8987256A44D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
Manifest number:          123E
Signing time:             Sun 01 Mar 2026 22:01:34 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:34 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:34 +0000
Files and hashes:         1: dPYRYnGtLREZYKLZYaqcFi-VgKY.crl (hash: ltwHraoV7MmNI+UxlGphRc3OvX80NdnmMJiEK8E3b+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:cd:33:42:38:43:5c:f1:39:c8:98:72:56:a4:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74f6116271ad2d111960a2d961aa9c162f9580a6
        Validity
            Not Before: Mar  1 22:01:34 2026 GMT
            Not After : Mar  2 22:01:34 2026 GMT
        Subject: CN=885c027a69ac2cfbddb01f092ab4f186ea0d4e9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b1:72:16:9d:a2:5d:d2:bf:8b:74:33:1f:1f:
                    a3:4a:f4:1b:9b:39:00:7d:db:54:2c:c2:2f:15:f7:
                    02:50:16:75:8f:41:d6:86:9d:80:74:fc:1c:6d:c6:
                    b3:7e:c3:71:73:c2:38:0a:64:e2:cb:47:19:25:46:
                    74:86:a0:d0:64:ae:8c:36:2b:23:f5:cc:50:20:fe:
                    82:06:58:87:8c:fc:43:b4:fd:77:cb:7f:6e:12:f0:
                    b6:37:88:4d:00:6c:1a:43:2c:af:a2:40:82:c3:7e:
                    88:1c:9f:2f:41:c7:ed:0f:65:20:51:c7:ae:6b:df:
                    7b:0e:e6:20:d2:c7:62:a4:6d:e0:d2:74:2c:c7:54:
                    54:75:89:a8:cc:39:c0:a4:3d:fb:af:dd:44:d3:4a:
                    2e:4f:54:b3:56:b9:7c:64:f1:27:01:26:db:53:5a:
                    a5:0e:97:d9:45:4f:be:a6:67:00:13:50:91:95:3e:
                    45:93:bc:0c:ba:2a:23:d6:e3:02:3e:91:59:f1:39:
                    12:30:54:ea:4e:6b:56:34:d7:00:a6:5c:95:65:18:
                    ba:93:8e:96:7e:d2:4e:42:a6:f5:14:68:2a:7c:1f:
                    13:82:ff:1c:ea:13:18:23:4b:98:54:a5:37:6a:1c:
                    0c:ed:97:4b:13:ff:02:c2:48:75:08:32:8b:0b:7e:
                    e8:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:5C:02:7A:69:AC:2C:FB:DD:B0:1F:09:2A:B4:F1:86:EA:0D:4E:9D
            X509v3 Authority Key Identifier:
                keyid:74:F6:11:62:71:AD:2D:11:19:60:A2:D9:61:AA:9C:16:2F:95:80:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPYRYnGtLREZYKLZYaqcFi-VgKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/56c8a7-562b-48c8-8a8f-5a05b91b2b8c/1/dPYRYnGtLREZYKLZYaqcFi-VgKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:a8:6d:93:ef:a5:f2:ad:83:e5:43:55:48:67:ea:28:64:ee:
         f7:04:c5:df:5e:95:b8:22:81:30:80:b2:b0:cb:cd:11:6b:39:
         8f:8b:bb:47:3c:11:e1:71:36:21:0e:5f:cb:4d:83:57:bb:9e:
         fc:c2:36:21:9d:9c:68:4d:89:6a:b2:15:ab:56:db:d2:83:01:
         0a:b5:8e:80:e7:c6:57:89:29:07:0c:af:7a:3c:73:c6:86:63:
         58:0e:84:1a:e1:62:b7:44:08:d8:00:bd:1b:c2:05:74:0f:e2:
         d7:d1:31:1a:ea:7c:c5:cc:16:95:a9:b2:93:8e:99:cd:03:01:
         91:3d:27:cd:40:99:43:cb:63:3c:1c:9e:42:d9:ac:89:39:a5:
         b5:c9:ae:30:03:68:8e:3d:cc:70:6b:62:fc:af:0d:b2:b1:26:
         2a:b3:78:93:2a:d1:4d:b7:5c:a9:05:6c:7f:9d:e5:61:a0:48:
         08:3f:b4:80:46:db:51:69:a5:31:a1:d9:28:38:92:f6:50:06:
         58:6f:4c:64:6a:32:ea:86:31:fb:64:87:9e:14:c4:8a:1e:ad:
         3c:90:9e:60:79:a9:da:96:f0:f3:2a:b5:6d:76:bf:37:0e:22:
         0e:34:3d:79:ce:6e:d6:44:8e:e7:86:47:c5:99:2c:40:7a:b0:
         f2:b6:8b:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra80zQjhDXPE5yJhyVqRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjYxMTYyNzFhZDJkMTExOTYwYTJkOTYxYWE5YzE2MmY5
NTgwYTYwHhcNMjYwMzAxMjIwMTM0WhcNMjYwMzAyMjIwMTM0WjAzMTEwLwYDVQQD
Eyg4ODVjMDI3YTY5YWMyY2ZiZGRiMDFmMDkyYWI0ZjE4NmVhMGQ0ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7FyFp2iXdK/i3QzHx+jSvQbmzkA
fdtULMIvFfcCUBZ1j0HWhp2AdPwcbcazfsNxc8I4CmTiy0cZJUZ0hqDQZK6MNisj
9cxQIP6CBliHjPxDtP13y39uEvC2N4hNAGwaQyyvokCCw36IHJ8vQcftD2UgUceu
a997DuYg0sdipG3g0nQsx1RUdYmozDnApD37r91E00ouT1SzVrl8ZPEnASbbU1ql
DpfZRU++pmcAE1CRlT5Fk7wMuioj1uMCPpFZ8TkSMFTqTmtWNNcAplyVZRi6k46W
ftJOQqb1FGgqfB8Tgv8c6hMYI0uYVKU3ahwM7ZdLE/8Cwkh1CDKLC37ocwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhcAnpprCz73bAfCSq08YbqDU6dMB8GA1UdIwQY
MBaAFHT2EWJxrS0RGWCi2WGqnBYvlYCmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni81NmM4YTctNTYyYi00OGM4LThhOGYt
NWEwNWI5MWIyYjhjLzEvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni81NmM4YTctNTYyYi00OGM4LThhOGYtNWEwNWI5MWIyYjhj
LzEvZFBZUlluR3RMUkVaWUtMWllhcWNGaS1WZ0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI6htk++l
8q2D5UNVSGfqKGTu9wTF316VuCKBMICysMvNEWs5j4u7RzwR4XE2IQ5fy02DV7ue
/MI2IZ2caE2JarIVq1bb0oMBCrWOgOfGV4kpBwyvejxzxoZjWA6EGuFit0QI2AC9
G8IFdA/i19ExGup8xcwWlamyk46ZzQMBkT0nzUCZQ8tjPByeQtmsiTmltcmuMANo
jj3McGti/K8NsrEmKrN4kyrRTbdcqQVsf53lYaBICD+0gEbbUWmlMaHZKDiS9lAG
WG9MZGoy6oYx+2SHnhTEih6tPJCeYHmp2pbw8yq1bXa/Nw4iDjQ9ec5u1kSO54ZH
xZksQHqw8raLaw==
-----END CERTIFICATE-----