Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
File:                     mSAfYJ56iT2obPDrvKS79HJ51hc.mft (raw, json)
Hash identifier:          QeBtHANLK3EmGE/vRlBd+X8aFcK23b1+aweP0xuAN9o=
Subject key identifier:   D6:CE:2F:97:F9:2B:55:11:5B:C9:28:D6:C3:3B:26:EC:1C:E8:64:2E
Authority key identifier: 99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17
Certificate issuer:       /CN=99201f609e7a893da86cf0ebbca4bbf47279d617
Certificate serial:       019CAA8FEE4F6723B6E38474039CBFFB7736
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
Manifest number:          06E1
Signing time:             Sun 01 Mar 2026 18:01:25 +0000
Manifest this update:     Sun 01 Mar 2026 18:01:25 +0000
Manifest next update:     Mon 02 Mar 2026 18:01:25 +0000
Files and hashes:         1: mSAfYJ56iT2obPDrvKS79HJ51hc.crl (hash: BIChHL5LeXpIVizodyrfbXesanqNsLgSmJl5AmXrJZk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:8f:ee:4f:67:23:b6:e3:84:74:03:9c:bf:fb:77:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99201f609e7a893da86cf0ebbca4bbf47279d617
        Validity
            Not Before: Mar  1 18:01:25 2026 GMT
            Not After : Mar  2 18:01:25 2026 GMT
        Subject: CN=d6ce2f97f92b55115bc928d6c33b26ec1ce8642e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:77:ca:66:84:69:49:85:51:37:fc:0d:53:bf:
                    b9:0c:cf:52:c0:a8:f1:4b:88:21:41:57:ac:3e:91:
                    4e:92:b8:12:a8:be:9d:73:c8:02:5f:07:5d:72:50:
                    f8:0f:3e:55:0f:7b:57:4d:52:82:c9:55:eb:6d:5e:
                    01:40:c2:12:13:59:1b:35:7f:fe:f2:4b:70:86:83:
                    b2:9a:ef:30:13:36:4f:1b:fd:6d:88:e6:f6:81:91:
                    cf:57:06:12:01:46:97:28:bc:74:61:5c:88:3b:44:
                    03:eb:24:5c:42:8f:6d:b8:28:29:18:a1:ce:76:be:
                    0a:db:d2:ab:f7:cd:a2:2d:ff:48:3a:c7:a9:6e:a5:
                    d3:f2:ff:cc:85:ff:43:5b:95:5e:8b:0c:17:a7:dc:
                    59:4d:d9:d5:e9:58:d7:29:10:7a:71:cd:25:7c:a0:
                    8e:70:ec:19:a6:b3:2b:35:25:ea:ed:ae:66:f3:1f:
                    1b:dd:a2:bd:23:eb:5c:e2:33:34:00:b8:e3:ea:d7:
                    dd:71:f4:56:58:33:b7:d2:44:04:4a:80:7f:29:0d:
                    36:5b:1a:46:b9:a0:a2:4f:0e:3b:46:dc:c5:06:42:
                    2f:18:56:ea:de:3f:bd:16:23:1f:b4:24:fa:ed:70:
                    9e:6c:c7:73:b3:54:46:a1:26:fb:4e:76:bb:3b:a1:
                    d5:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:CE:2F:97:F9:2B:55:11:5B:C9:28:D6:C3:3B:26:EC:1C:E8:64:2E
            X509v3 Authority Key Identifier:
                keyid:99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:55:62:e7:86:55:ae:a3:fa:78:f8:6f:79:a6:44:fc:7d:3c:
         9a:dc:be:6a:e1:4d:13:52:06:4d:f3:96:94:ae:8a:3e:47:ec:
         a9:eb:7f:2f:e9:2f:2b:34:67:a3:72:7f:78:8a:4c:18:fb:cf:
         ac:f9:8c:ea:ad:fa:82:25:d5:fd:bc:60:76:6c:3a:5e:87:d9:
         77:4d:7a:a8:2d:4f:52:73:53:73:90:f6:d4:43:19:b8:71:59:
         91:88:e0:b0:d5:25:e3:52:9d:a2:86:03:37:7c:89:bc:66:8d:
         65:2a:6a:81:29:45:49:25:08:42:d7:38:87:a0:7a:68:97:81:
         ed:98:01:a3:36:cf:5b:1b:6a:c8:82:ab:20:bc:c6:85:cc:a0:
         f3:d9:3d:d6:ed:e7:fb:88:24:bb:9b:f8:92:46:77:38:44:ea:
         97:9e:67:f3:98:3c:1e:b0:b6:f9:5b:46:e9:f4:9c:27:ef:2d:
         8f:56:dc:17:dd:80:12:90:f2:67:3a:6c:4e:e3:1a:e7:7b:d7:
         a1:b5:58:7c:45:92:2d:d1:a7:ea:ea:bc:43:5b:a7:df:00:45:
         ca:8f:78:0e:64:80:7e:74:6a:fb:6e:db:d4:2b:7b:ee:90:0d:
         05:a1:dc:0f:78:ce:fc:ae:39:5c:f7:0d:8f:10:44:3c:94:85:
         a0:28:66:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj+5PZyO244R0A5y/+3c2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MjAxZjYwOWU3YTg5M2RhODZjZjBlYmJjYTRiYmY0NzI3
OWQ2MTcwHhcNMjYwMzAxMTgwMTI1WhcNMjYwMzAyMTgwMTI1WjAzMTEwLwYDVQQD
EyhkNmNlMmY5N2Y5MmI1NTExNWJjOTI4ZDZjMzNiMjZlYzFjZTg2NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXfKZoRpSYVRN/wNU7+5DM9SwKjx
S4ghQVesPpFOkrgSqL6dc8gCXwddclD4Dz5VD3tXTVKCyVXrbV4BQMISE1kbNX/+
8ktwhoOymu8wEzZPG/1tiOb2gZHPVwYSAUaXKLx0YVyIO0QD6yRcQo9tuCgpGKHO
dr4K29Kr982iLf9IOsepbqXT8v/Mhf9DW5VeiwwXp9xZTdnV6VjXKRB6cc0lfKCO
cOwZprMrNSXq7a5m8x8b3aK9I+tc4jM0ALjj6tfdcfRWWDO30kQESoB/KQ02WxpG
uaCiTw47RtzFBkIvGFbq3j+9FiMftCT67XCebMdzs1RGoSb7Tna7O6HVpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbOL5f5K1URW8ko1sM7Juwc6GQuMB8GA1UdIwQY
MBaAFJkgH2Ceeok9qGzw67yku/RyedYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMt
YjIzMTcyZWI4MWZiLzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMtYjIzMTcyZWI4MWZi
LzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFVVi54ZV
rqP6ePhveaZE/H08mty+auFNE1IGTfOWlK6KPkfsqet/L+kvKzRno3J/eIpMGPvP
rPmM6q36giXV/bxgdmw6XofZd016qC1PUnNTc5D21EMZuHFZkYjgsNUl41KdooYD
N3yJvGaNZSpqgSlFSSUIQtc4h6B6aJeB7ZgBozbPWxtqyIKrILzGhcyg89k91u3n
+4gku5v4kkZ3OETql55n85g8HrC2+VtG6fScJ+8tj1bcF92AEpDyZzpsTuMa53vX
obVYfEWSLdGn6uq8Q1un3wBFyo94DmSAfnRq+27b1Ct77pANBaHcD3jO/K45XPcN
jxBEPJSFoChmZg==
-----END CERTIFICATE-----