Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.mft
File:                     2OtznG09xxpiBsjzcSQm_1MqCv4.mft (raw, json)
Hash identifier:          BLI1s2hTWy3tFl5VA4NNKI5v1g71kY/IgPUhqVtM0hg=
Subject key identifier:   72:FF:F0:FD:3B:53:13:32:11:FB:F1:36:65:05:3A:94:0C:67:0F:4E
Authority key identifier: D8:EB:73:9C:6D:3D:C7:1A:62:06:C8:F3:71:24:26:FF:53:2A:0A:FE
Certificate issuer:       /CN=d8eb739c6d3dc71a6206c8f3712426ff532a0afe
Certificate serial:       019CAD22CB498B19BE6634067736F6AFE611
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2OtznG09xxpiBsjzcSQm_1MqCv4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.mft
Manifest number:          01B7
Signing time:             Mon 02 Mar 2026 06:01:04 +0000
Manifest this update:     Mon 02 Mar 2026 06:01:04 +0000
Manifest next update:     Tue 03 Mar 2026 06:01:04 +0000
Files and hashes:         1: 2OtznG09xxpiBsjzcSQm_1MqCv4.crl (hash: B8s1k9b5BOOfk1jkx8lXPpMHh/ZnnLiGFbFnZZybnF8=)
                          2: R5Mpv-TpKjDBFOnu2VvpT48qfkY.roa (hash: 4BhY6rNGdaN8G7ZNz8xS2aBWkhA6dXSAvcpryese42E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2OtznG09xxpiBsjzcSQm_1MqCv4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 06:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:22:cb:49:8b:19:be:66:34:06:77:36:f6:af:e6:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8eb739c6d3dc71a6206c8f3712426ff532a0afe
        Validity
            Not Before: Mar  2 06:01:04 2026 GMT
            Not After : Mar  3 06:01:04 2026 GMT
        Subject: CN=72fff0fd3b53133211fbf13665053a940c670f4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:e8:80:19:10:b9:eb:e3:bc:80:99:75:58:62:
                    99:f3:ef:a3:1a:aa:4d:c6:36:5b:69:69:90:f0:4b:
                    c5:4d:f1:1d:84:82:c3:09:f5:f5:0c:7b:0e:89:62:
                    79:8b:b3:b3:39:20:6a:f3:b5:41:ee:e6:b2:eb:9e:
                    e8:aa:89:56:77:13:5b:b1:f5:52:9d:66:25:27:56:
                    f8:a4:99:c1:81:6e:6f:9a:75:73:c5:2f:fb:6e:e5:
                    76:69:4b:67:83:0d:69:7a:87:c4:89:56:61:4b:51:
                    10:6f:fc:68:5c:25:60:35:33:88:53:9d:41:18:6a:
                    96:3a:ea:b2:cb:a5:e5:c6:ac:b9:88:50:95:5e:e3:
                    b4:54:11:7b:f8:0c:ae:c5:37:d5:21:3e:e0:70:9d:
                    c0:a6:83:98:da:a7:98:78:cf:71:28:a4:44:e6:a7:
                    6c:92:92:e8:e9:b0:b4:fd:87:7b:05:75:aa:ef:66:
                    1f:79:35:e0:6c:25:d8:f8:23:3f:64:e0:1e:83:45:
                    cf:65:0a:9f:24:4e:1c:d9:52:e0:db:7f:ec:3d:41:
                    29:cf:2d:97:c2:71:cc:db:54:30:41:a9:4e:09:7f:
                    a7:0a:50:69:61:af:14:62:b0:0d:9f:24:9a:0a:0d:
                    ed:7f:88:71:92:3f:be:3b:84:b8:68:60:58:b0:88:
                    cf:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:FF:F0:FD:3B:53:13:32:11:FB:F1:36:65:05:3A:94:0C:67:0F:4E
            X509v3 Authority Key Identifier:
                keyid:D8:EB:73:9C:6D:3D:C7:1A:62:06:C8:F3:71:24:26:FF:53:2A:0A:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2OtznG09xxpiBsjzcSQm_1MqCv4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/0181f8-4fa4-4697-a272-333b6d4ea45b/1/2OtznG09xxpiBsjzcSQm_1MqCv4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:ed:22:94:dd:43:d9:ad:45:31:e2:d7:61:25:17:84:d0:c1:
         92:28:7e:39:41:4b:5a:02:61:76:ed:b0:e7:20:7c:63:dd:eb:
         27:6d:2d:ad:c3:d4:ec:c0:84:fb:e6:cd:fb:30:f6:46:37:85:
         a7:30:4e:e3:7f:02:c1:09:80:19:d1:3f:6f:d7:f6:6e:6e:49:
         10:de:4d:1d:c4:16:9d:3f:ee:31:15:b4:f2:9c:24:6b:b9:ce:
         21:78:b5:b9:93:cd:04:d8:db:df:7f:f4:39:57:a3:23:69:3f:
         57:d4:e1:86:12:95:ea:36:8e:c7:6c:b8:e2:e7:f6:3f:d5:09:
         5e:35:6d:a4:a3:ae:8d:af:37:57:86:0e:6f:17:ae:8e:9e:49:
         44:72:9c:f1:6d:2b:ad:2b:ce:26:b0:42:80:94:fc:74:83:2c:
         72:46:4a:90:80:33:4a:3b:ed:2e:93:0a:23:b6:e8:a2:4e:2f:
         af:3c:0c:62:58:78:c5:ef:ec:c1:bd:e1:09:4f:7b:82:7b:81:
         13:53:9b:d2:0e:f2:91:33:2a:cf:90:79:69:9f:3b:54:cb:6d:
         3f:43:ad:8b:67:f5:de:f2:88:0a:3c:0a:69:97:ab:41:48:5a:
         4b:46:b4:b6:81:f6:d5:b9:f7:0a:2f:9e:6a:da:57:b1:f5:ca:
         e6:d7:f6:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIstJixm+ZjQGdzb2r+YRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWI3MzljNmQzZGM3MWE2MjA2YzhmMzcxMjQyNmZmNTMy
YTBhZmUwHhcNMjYwMzAyMDYwMTA0WhcNMjYwMzAzMDYwMTA0WjAzMTEwLwYDVQQD
Eyg3MmZmZjBmZDNiNTMxMzMyMTFmYmYxMzY2NTA1M2E5NDBjNjcwZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OiAGRC56+O8gJl1WGKZ8++jGqpN
xjZbaWmQ8EvFTfEdhILDCfX1DHsOiWJ5i7OzOSBq87VB7uay657oqolWdxNbsfVS
nWYlJ1b4pJnBgW5vmnVzxS/7buV2aUtngw1peofEiVZhS1EQb/xoXCVgNTOIU51B
GGqWOuqyy6Xlxqy5iFCVXuO0VBF7+AyuxTfVIT7gcJ3ApoOY2qeYeM9xKKRE5qds
kpLo6bC0/Yd7BXWq72YfeTXgbCXY+CM/ZOAeg0XPZQqfJE4c2VLg23/sPUEpzy2X
wnHM21QwQalOCX+nClBpYa8UYrANnySaCg3tf4hxkj++O4S4aGBYsIjPFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHL/8P07UxMyEfvxNmUFOpQMZw9OMB8GA1UdIwQY
MBaAFNjrc5xtPccaYgbI83EkJv9TKgr+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk90em5HMDl4eHBpQnNqemNTUW1fMU1xQ3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8wMTgxZjgtNGZhNC00Njk3LWEyNzIt
MzMzYjZkNGVhNDViLzEvMk90em5HMDl4eHBpQnNqemNTUW1fMU1xQ3Y0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8wMTgxZjgtNGZhNC00Njk3LWEyNzItMzMzYjZkNGVhNDVi
LzEvMk90em5HMDl4eHBpQnNqemNTUW1fMU1xQ3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAme0ilN1D
2a1FMeLXYSUXhNDBkih+OUFLWgJhdu2w5yB8Y93rJ20trcPU7MCE++bN+zD2RjeF
pzBO438CwQmAGdE/b9f2bm5JEN5NHcQWnT/uMRW08pwka7nOIXi1uZPNBNjb33/0
OVejI2k/V9ThhhKV6jaOx2y44uf2P9UJXjVtpKOuja83V4YObxeujp5JRHKc8W0r
rSvOJrBCgJT8dIMsckZKkIAzSjvtLpMKI7book4vrzwMYlh4xe/swb3hCU97gnuB
E1Ob0g7ykTMqz5B5aZ87VMttP0Oti2f13vKICjwKaZerQUhaS0a0toH21bn3Ci+e
atpXsfXK5tf2Ug==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:45:05 2026 by rpki-client