Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
File:                     MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft (raw, json)
Hash identifier:          X55XCQGu764SKbpcEEztPQgqNPygAdoKQOisAEsXJL4=
Subject key identifier:   28:28:C5:04:E4:75:0B:92:FA:7E:51:C0:A0:AA:0E:2B:72:D4:44:1C
Authority key identifier: 31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D
Certificate issuer:       /CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
Certificate serial:       019CA9B3D253A31848E4425F00F9B23AE1CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
Manifest number:          0791
Signing time:             Sun 01 Mar 2026 14:01:00 +0000
Manifest this update:     Sun 01 Mar 2026 14:01:00 +0000
Manifest next update:     Mon 02 Mar 2026 14:01:00 +0000
Files and hashes:         1: MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl (hash: SJx1UUzhpIxsoCYzI8xUeU37Hm4JlKgSI1oMSu7rSjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 14:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:b3:d2:53:a3:18:48:e4:42:5f:00:f9:b2:3a:e1:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=314ce95ba23cdc9d60997c230d6359ad31c1a59d
        Validity
            Not Before: Mar  1 14:01:00 2026 GMT
            Not After : Mar  2 14:01:00 2026 GMT
        Subject: CN=2828c504e4750b92fa7e51c0a0aa0e2b72d4441c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:47:f9:61:b2:f2:76:74:87:7c:de:b8:71:68:
                    4b:14:f9:be:89:0a:34:8f:1d:c2:b9:5c:61:7c:13:
                    a9:58:b4:a0:fb:7b:d7:d9:1f:32:06:a7:1d:f6:a0:
                    ab:bc:82:28:dc:14:a1:4b:51:b5:40:1e:36:10:e6:
                    57:4a:73:ec:28:58:45:4f:a7:cc:4c:73:5c:8c:b0:
                    c3:a0:b9:35:53:50:96:b2:a1:93:a6:44:ee:54:67:
                    be:d9:41:e8:4b:bf:6b:e5:e9:8c:bf:42:a3:1c:f6:
                    d4:aa:b1:99:95:35:89:39:d9:5a:ca:ac:b1:50:2f:
                    69:b1:73:40:77:67:08:9d:b4:19:b1:7f:12:fe:7c:
                    87:b7:0b:6a:6b:5b:18:63:70:00:76:c5:f3:98:d3:
                    91:c6:91:0c:2a:26:98:8b:64:fb:54:80:80:b1:a3:
                    42:8d:3c:78:d0:cb:09:23:c5:be:87:bc:14:9b:11:
                    95:45:b8:1e:ec:ed:f4:54:cb:9a:bd:df:9a:58:c0:
                    f5:1c:2d:ab:a8:5b:00:93:e6:d8:ac:72:70:66:51:
                    61:61:0c:9f:62:84:bd:97:eb:93:b3:cf:88:47:e6:
                    fa:e0:83:7b:f6:be:e9:c0:f4:bf:be:78:03:25:c5:
                    26:4a:55:2f:6f:14:c9:b6:16:df:c0:66:f2:bd:4a:
                    c3:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:28:C5:04:E4:75:0B:92:FA:7E:51:C0:A0:AA:0E:2B:72:D4:44:1C
            X509v3 Authority Key Identifier:
                keyid:31:4C:E9:5B:A2:3C:DC:9D:60:99:7C:23:0D:63:59:AD:31:C1:A5:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUzpW6I83J1gmXwjDWNZrTHBpZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/40c8d7-f570-4992-ad18-15bc9b25dfc0/1/MUzpW6I83J1gmXwjDWNZrTHBpZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:6c:0d:71:b9:e8:1f:98:1d:3c:0a:67:92:aa:ae:25:53:65:
         a0:f9:5b:88:d3:7a:5e:90:b7:2d:8a:cd:57:d5:6f:8c:d4:97:
         11:1e:2b:23:2f:65:12:d8:ab:77:bd:63:3f:a8:d6:57:69:ea:
         6b:46:56:0f:6e:44:e8:9b:58:ed:f7:28:71:ab:00:7c:60:0c:
         0e:fa:e6:5f:37:b3:40:c4:25:95:5a:2a:26:aa:2c:f8:ed:76:
         ce:06:f9:b5:4a:7d:10:94:cf:98:e2:37:ec:3c:e8:7e:40:a6:
         72:e0:9a:85:0a:a9:29:f5:55:83:f6:3f:fd:33:87:ec:59:63:
         5f:17:9e:6f:5f:7c:ef:80:42:23:6f:6a:80:58:7e:e1:56:78:
         00:5a:cb:2a:78:3d:47:b1:66:39:10:cc:96:fd:3d:08:7a:2d:
         42:5e:0b:d8:00:b2:8f:1c:01:08:c0:95:ff:2d:ad:a2:1f:aa:
         c6:65:b3:49:f9:ca:43:2e:6c:74:22:79:93:6e:5e:d0:2c:59:
         5a:f3:4d:89:97:ac:cc:f6:03:bb:ab:68:bc:c0:8a:7c:46:27:
         ff:a0:8f:1a:a2:4f:05:bb:e4:c0:b8:8a:f6:31:d9:fc:81:80:
         d6:05:3f:ae:d3:9e:ce:27:99:57:46:88:73:b1:d7:97:e9:68:
         66:be:44:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyps9JToxhI5EJfAPmyOuHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNGNlOTViYTIzY2RjOWQ2MDk5N2MyMzBkNjM1OWFkMzFj
MWE1OWQwHhcNMjYwMzAxMTQwMTAwWhcNMjYwMzAyMTQwMTAwWjAzMTEwLwYDVQQD
EygyODI4YzUwNGU0NzUwYjkyZmE3ZTUxYzBhMGFhMGUyYjcyZDQ0NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ef5YbLydnSHfN64cWhLFPm+iQo0
jx3CuVxhfBOpWLSg+3vX2R8yBqcd9qCrvIIo3BShS1G1QB42EOZXSnPsKFhFT6fM
THNcjLDDoLk1U1CWsqGTpkTuVGe+2UHoS79r5emMv0KjHPbUqrGZlTWJOdlayqyx
UC9psXNAd2cInbQZsX8S/nyHtwtqa1sYY3AAdsXzmNORxpEMKiaYi2T7VICAsaNC
jTx40MsJI8W+h7wUmxGVRbge7O30VMuavd+aWMD1HC2rqFsAk+bYrHJwZlFhYQyf
YoS9l+uTs8+IR+b64IN79r7pwPS/vngDJcUmSlUvbxTJthbfwGbyvUrDwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCgoxQTkdQuS+n5RwKCqDity1EQcMB8GA1UdIwQY
MBaAFDFM6VuiPNydYJl8Iw1jWa0xwaWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgt
MTViYzliMjVkZmMwLzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80MGM4ZDctZjU3MC00OTkyLWFkMTgtMTViYzliMjVkZmMw
LzEvTVV6cFc2STgzSjFnbVh3akRXTlpyVEhCcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAImwNcbno
H5gdPApnkqquJVNloPlbiNN6XpC3LYrNV9VvjNSXER4rIy9lEtird71jP6jWV2nq
a0ZWD25E6JtY7fcocasAfGAMDvrmXzezQMQllVoqJqos+O12zgb5tUp9EJTPmOI3
7DzofkCmcuCahQqpKfVVg/Y//TOH7FljXxeeb19874BCI29qgFh+4VZ4AFrLKng9
R7FmORDMlv09CHotQl4L2ACyjxwBCMCV/y2toh+qxmWzSfnKQy5sdCJ5k25e0CxZ
WvNNiZeszPYDu6tovMCKfEYn/6CPGqJPBbvkwLiK9jHZ/IGA1gU/rtOezieZV0aI
c7HXl+loZr5EFA==
-----END CERTIFICATE-----