Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          tsDhHh5BV0YsXfYBf5a02xO4ZapBHMQ+awkTPTt7+tA=
Subject key identifier:   47:B7:3A:B7:F5:B1:71:0F:41:84:96:00:E4:5B:7B:36:01:58:68:6A
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019CAAC64B850F7E0786A89BDBA933279B14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          1177
Signing time:             Sun 01 Mar 2026 19:00:47 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:47 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:47 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: /AKTaoIauvS7wQPkgTPRwTAl7NvLBCbIVfdGav4wCvM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 19:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:4b:85:0f:7e:07:86:a8:9b:db:a9:33:27:9b:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Mar  1 19:00:47 2026 GMT
            Not After : Mar  2 19:00:47 2026 GMT
        Subject: CN=47b73ab7f5b1710f41849600e45b7b360158686a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:20:4d:55:5d:ae:ca:c9:c8:c0:bd:9c:61:fc:
                    2e:74:2e:94:20:0e:67:9a:9a:86:b4:cd:2f:b1:c2:
                    e4:cb:99:e1:85:d0:72:25:80:06:0a:cb:7a:56:03:
                    e5:37:e9:79:bd:38:64:cc:76:df:7a:d3:a9:c8:8b:
                    90:9e:e1:f4:33:54:94:13:84:8e:24:7b:10:8f:c7:
                    50:7e:f2:46:30:4e:3a:86:7e:db:99:6b:0d:65:d9:
                    b6:51:14:db:c5:ff:c1:e7:16:83:91:e8:5c:eb:f0:
                    e7:5f:de:4d:f9:3f:b1:ae:50:77:a3:13:ff:d9:3e:
                    a5:ce:70:33:e4:52:18:f7:2f:22:53:7b:87:c3:8b:
                    fb:2e:92:c1:7c:1e:dd:fb:9c:f1:26:21:a0:b3:1a:
                    18:6c:17:b3:9c:ac:5d:b0:27:b8:9a:bb:e4:65:71:
                    26:e7:16:9b:34:bc:b8:e6:00:12:61:b6:94:f3:6d:
                    a3:37:45:8e:3f:4b:0e:80:a0:d9:df:d5:18:d5:bf:
                    6f:d9:b5:0a:76:68:62:bd:56:8e:c6:31:42:15:53:
                    55:e0:77:6c:25:c9:66:a1:8c:73:7c:cf:21:24:ac:
                    ae:73:d5:72:78:ba:95:f6:8f:e3:af:97:57:6e:36:
                    93:3d:0d:16:ad:91:2a:d1:cc:15:3d:7a:14:15:59:
                    5f:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:B7:3A:B7:F5:B1:71:0F:41:84:96:00:E4:5B:7B:36:01:58:68:6A
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:9a:88:d8:0c:d3:46:cc:bc:d3:c4:ae:0b:ca:08:06:49:97:
         48:68:65:78:78:bb:5b:cc:84:c7:a3:8d:42:08:a6:82:03:55:
         08:4a:72:a7:c3:16:fd:17:66:8b:f5:4b:45:96:21:d0:a6:a2:
         67:fc:db:a7:20:52:b2:da:17:b7:a5:0b:c2:d0:84:cd:f2:29:
         8d:2b:36:4d:ba:ee:fc:aa:ce:e1:a4:26:19:f2:87:b3:95:f6:
         ad:d0:66:1d:d4:f6:13:f7:cb:eb:e1:e8:d7:e2:07:9a:47:b8:
         43:1a:d1:7c:e5:f0:7e:76:45:1c:59:78:32:2d:cc:45:97:31:
         5a:f3:43:ac:a2:c3:f1:2d:5d:6a:a5:1c:41:9e:f8:33:e3:b2:
         8e:e1:55:d0:a6:75:1f:96:8c:42:d2:58:c1:d1:80:66:b9:0e:
         88:c8:a4:20:03:7e:08:98:48:e1:6a:99:bb:02:90:b5:c1:ce:
         d6:4d:ed:16:ff:66:ab:64:51:ab:a4:28:e7:fc:ea:5f:6d:b1:
         18:eb:3a:a4:6c:4b:a6:c9:74:a8:eb:d7:a3:fa:91:3b:e0:4e:
         68:ad:42:7f:be:3f:82:cf:3e:43:a5:0a:b4:92:14:05:bc:3b:
         cd:5a:ee:61:43:fe:a1:0d:f0:b9:bb:72:4e:e2:d0:ee:50:f9:
         ce:64:0d:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxkuFD34Hhqib26kzJ5sUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjYwMzAxMTkwMDQ3WhcNMjYwMzAyMTkwMDQ3WjAzMTEwLwYDVQQD
Eyg0N2I3M2FiN2Y1YjE3MTBmNDE4NDk2MDBlNDViN2IzNjAxNTg2ODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yBNVV2uysnIwL2cYfwudC6UIA5n
mpqGtM0vscLky5nhhdByJYAGCst6VgPlN+l5vThkzHbfetOpyIuQnuH0M1SUE4SO
JHsQj8dQfvJGME46hn7bmWsNZdm2URTbxf/B5xaDkehc6/DnX95N+T+xrlB3oxP/
2T6lznAz5FIY9y8iU3uHw4v7LpLBfB7d+5zxJiGgsxoYbBeznKxdsCe4mrvkZXEm
5xabNLy45gASYbaU822jN0WOP0sOgKDZ39UY1b9v2bUKdmhivVaOxjFCFVNV4Hds
JclmoYxzfM8hJKyuc9VyeLqV9o/jr5dXbjaTPQ0WrZEq0cwVPXoUFVlfpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEe3Orf1sXEPQYSWAORbezYBWGhqMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPpqI2AzT
Rsy808SuC8oIBkmXSGhleHi7W8yEx6ONQgimggNVCEpyp8MW/Rdmi/VLRZYh0Kai
Z/zbpyBSstoXt6ULwtCEzfIpjSs2Tbru/KrO4aQmGfKHs5X2rdBmHdT2E/fL6+Ho
1+IHmke4QxrRfOXwfnZFHFl4Mi3MRZcxWvNDrKLD8S1daqUcQZ74M+OyjuFV0KZ1
H5aMQtJYwdGAZrkOiMikIAN+CJhI4WqZuwKQtcHO1k3tFv9mq2RRq6Qo5/zqX22x
GOs6pGxLpsl0qOvXo/qRO+BOaK1Cf74/gs8+Q6UKtJIUBbw7zVruYUP+oQ3wubty
TuLQ7lD5zmQNyQ==
-----END CERTIFICATE-----