Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          paGi90yr26pPplUiE2xvNTnwmxKF1sUABqQ4by/5efc=
Subject key identifier:   99:B8:C6:5B:CB:37:08:65:19:90:76:B2:31:94:AF:02:A1:82:02:ED
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       019CAB6BDA7D655684AB23D2062261BF5E76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          09FD
Signing time:             Sun 01 Mar 2026 22:01:38 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:38 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:38 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: cQOIdFCNwrxBJcrMhXyeRsDj9bC6HkGpDj6chGX3iiw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:da:7d:65:56:84:ab:23:d2:06:22:61:bf:5e:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Mar  1 22:01:38 2026 GMT
            Not After : Mar  2 22:01:38 2026 GMT
        Subject: CN=99b8c65bcb370865199076b23194af02a18202ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:51:ea:be:13:7c:25:1e:36:85:04:7f:a5:f4:
                    35:8a:cf:b0:52:96:20:a1:ed:33:f2:30:1d:59:74:
                    ac:a3:49:40:12:41:b8:8b:64:ec:2f:a4:4d:a5:4a:
                    91:de:ae:95:26:97:19:b8:bb:12:b4:a6:63:4a:36:
                    ad:3b:d2:22:d6:16:27:f3:50:fe:dd:de:61:c6:06:
                    d3:f0:29:8c:fb:55:af:c1:6a:f7:a7:22:ef:9a:a8:
                    a7:81:e0:31:a6:f8:32:cc:13:5f:91:10:a3:63:a1:
                    70:5a:ef:17:3b:9b:c1:c6:72:03:d5:47:4a:03:32:
                    5b:56:3d:44:7c:4c:10:5f:e2:95:2e:74:91:1c:39:
                    9b:c6:db:2f:eb:70:07:99:18:13:c3:34:48:d9:84:
                    39:af:a2:11:1d:e0:69:1e:28:57:3b:d9:e0:40:c8:
                    8f:ad:43:62:6f:9e:f6:98:44:b8:61:15:08:a3:66:
                    31:c5:7e:1d:c2:40:98:d2:91:36:b0:b5:e9:99:f6:
                    8e:51:07:17:d7:84:c5:54:3d:72:01:e3:32:f4:c2:
                    e0:44:e5:fd:f5:96:2c:58:ce:3f:ca:93:45:34:9b:
                    d5:f9:02:89:09:d2:18:51:17:8b:5a:11:a8:e5:76:
                    4d:23:6d:25:9b:21:35:c5:1d:9a:22:12:c8:16:71:
                    37:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:B8:C6:5B:CB:37:08:65:19:90:76:B2:31:94:AF:02:A1:82:02:ED
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:8e:fb:ae:52:35:ce:37:80:28:9d:bc:e2:5d:01:bd:f7:50:
         a2:08:1d:df:b2:d4:83:b5:7a:6a:4f:ca:89:49:f5:3f:01:4d:
         4f:f6:49:4b:63:cb:51:fc:98:6b:09:a2:87:41:8a:4a:59:bd:
         99:bb:bf:f8:c3:35:21:9d:22:a4:8e:49:e1:3b:68:b9:1c:61:
         10:03:00:4b:39:52:e7:8c:d8:b4:da:5d:c0:b8:45:42:8e:16:
         a3:56:7c:7e:37:1d:e4:ad:ec:c3:83:70:aa:5b:29:68:68:b0:
         ac:15:59:c6:29:a4:23:66:34:52:3c:97:e9:44:83:cd:24:db:
         cd:18:73:bf:5e:9d:35:3d:99:e9:48:50:f7:f0:1b:40:e4:6d:
         2a:03:2a:1e:43:bd:a6:6e:a1:5a:59:d3:ad:3d:b6:30:cc:0e:
         9b:b8:42:51:38:b6:ff:c9:7c:08:c3:30:1b:e2:7e:6c:b8:38:
         4c:4a:8f:a2:ed:c6:99:fd:1a:69:a0:3c:81:14:69:b8:13:0a:
         66:d5:cd:0d:14:b6:ce:b6:0e:3f:92:92:05:66:33:c2:a5:17:
         9a:de:1f:fd:bf:4e:ae:84:59:79:92:d4:e9:8c:86:c6:c5:48:
         35:bf:32:d6:7d:8c:57:0c:6a:55:0f:b4:7d:ae:cd:61:1e:12:
         8e:34:46:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra9p9ZVaEqyPSBiJhv152MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjYwMzAxMjIwMTM4WhcNMjYwMzAyMjIwMTM4WjAzMTEwLwYDVQQD
Eyg5OWI4YzY1YmNiMzcwODY1MTk5MDc2YjIzMTk0YWYwMmExODIwMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVHqvhN8JR42hQR/pfQ1is+wUpYg
oe0z8jAdWXSso0lAEkG4i2TsL6RNpUqR3q6VJpcZuLsStKZjSjatO9Ii1hYn81D+
3d5hxgbT8CmM+1WvwWr3pyLvmqingeAxpvgyzBNfkRCjY6FwWu8XO5vBxnID1UdK
AzJbVj1EfEwQX+KVLnSRHDmbxtsv63AHmRgTwzRI2YQ5r6IRHeBpHihXO9ngQMiP
rUNib572mES4YRUIo2YxxX4dwkCY0pE2sLXpmfaOUQcX14TFVD1yAeMy9MLgROX9
9ZYsWM4/ypNFNJvV+QKJCdIYUReLWhGo5XZNI20lmyE1xR2aIhLIFnE3owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJm4xlvLNwhlGZB2sjGUrwKhggLtMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn477rlI1
zjeAKJ284l0BvfdQoggd37LUg7V6ak/KiUn1PwFNT/ZJS2PLUfyYawmih0GKSlm9
mbu/+MM1IZ0ipI5J4TtouRxhEAMASzlS54zYtNpdwLhFQo4Wo1Z8fjcd5K3sw4Nw
qlspaGiwrBVZximkI2Y0UjyX6USDzSTbzRhzv16dNT2Z6UhQ9/AbQORtKgMqHkO9
pm6hWlnTrT22MMwOm7hCUTi2/8l8CMMwG+J+bLg4TEqPou3Gmf0aaaA8gRRpuBMK
ZtXNDRS2zrYOP5KSBWYzwqUXmt4f/b9OroRZeZLU6YyGxsVINb8y1n2MVwxqVQ+0
fa7NYR4SjjRG2g==
-----END CERTIFICATE-----