Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          /qbhGEbeZ76iV9GlkU0Rdda0D80Cav6Ag+UlC+l4k7k=
Subject key identifier:   AD:69:BB:B2:A5:AB:03:70:6C:E8:9E:07:B0:39:BD:38:CB:28:CC:02
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       019CAB6B5A980B62160975AF1F6798DCEFC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          17D5
Signing time:             Sun 01 Mar 2026 22:01:05 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:05 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:05 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: T9Erx8XM2665INzKELbWaCS7cFcDNW43yP2Mri4zK4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:5a:98:0b:62:16:09:75:af:1f:67:98:dc:ef:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Mar  1 22:01:05 2026 GMT
            Not After : Mar  2 22:01:05 2026 GMT
        Subject: CN=ad69bbb2a5ab03706ce89e07b039bd38cb28cc02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f4:e3:53:60:62:39:f9:d9:3e:b9:3b:b5:10:
                    2c:94:ff:75:e6:50:1c:b2:16:9b:08:ee:e9:34:6f:
                    7e:11:f9:4e:b7:91:e9:87:4f:e6:7a:b7:b7:5d:f6:
                    d7:3a:34:bd:54:8e:e0:a7:14:4d:d7:4f:a6:a2:8e:
                    c9:20:ed:bd:95:4a:fe:a2:90:c7:e7:3b:74:0e:d3:
                    c6:10:7a:8a:c0:85:1c:33:84:25:ed:f5:8c:b8:43:
                    28:ec:29:9d:40:2d:72:16:26:21:61:53:0f:e6:7c:
                    b1:5c:d3:69:96:7c:90:9e:3d:41:78:4e:54:e9:23:
                    8e:7a:d8:c1:f9:fb:ff:8e:e6:d7:ab:de:21:2d:09:
                    fe:9e:da:7a:27:10:a0:1c:0e:91:1e:3f:6c:ae:1f:
                    f0:06:ab:6f:1b:7a:9e:7d:b9:15:5c:c7:f4:fe:ee:
                    1b:2b:6e:b4:9c:30:d8:3f:76:b5:c9:ae:35:47:0b:
                    b8:85:0e:4f:f2:9b:10:e8:4b:8a:3d:aa:2f:6b:4e:
                    7e:b3:77:58:06:ed:fa:ca:27:b0:03:d8:b6:bb:c9:
                    cc:56:c3:79:2e:7f:4e:0a:0c:e4:c2:4a:91:d9:df:
                    64:70:79:bd:33:39:81:49:91:68:2f:f1:d5:a7:9b:
                    86:86:69:38:a0:04:08:51:01:05:89:23:de:f1:a8:
                    a7:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:69:BB:B2:A5:AB:03:70:6C:E8:9E:07:B0:39:BD:38:CB:28:CC:02
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:d1:41:5c:0f:41:0b:95:0f:42:9a:08:20:a1:12:ba:56:b5:
         21:7c:90:76:b5:ac:db:a6:b3:ac:3d:d8:0f:fe:6f:7d:fd:51:
         2e:bd:20:37:25:d4:20:2c:0c:e0:f3:be:42:55:35:cd:0b:51:
         fd:3a:22:26:91:d0:a5:88:1e:7f:58:8d:75:d4:df:75:ba:e7:
         9f:63:cd:93:a4:52:ac:07:9e:a4:7d:92:bc:fd:0c:19:76:8d:
         71:c5:2c:80:e9:65:67:cc:92:93:6f:07:a1:fb:82:ae:86:94:
         cd:3d:2d:93:ec:81:2e:1d:8a:cd:9d:92:94:1f:c4:bd:67:52:
         9a:cb:cf:74:03:ee:3e:6d:68:7c:70:6c:75:dd:e4:79:76:63:
         19:9a:b7:66:8a:bc:e3:16:73:6b:8d:b1:ab:d9:1c:48:7b:f2:
         71:a9:a2:cd:92:34:16:ee:cf:f1:26:0b:a2:ce:d6:ad:08:49:
         1d:d3:39:c4:7b:82:30:1f:ec:f4:3f:6d:37:61:9a:a2:17:7e:
         5b:52:64:76:5e:4c:cc:b2:1e:65:f6:6e:52:ca:6b:27:70:92:
         11:f3:ce:a0:44:24:42:25:dc:1f:0e:55:d8:18:5d:97:63:9f:
         c6:68:6a:b5:08:38:79:48:5c:a4:a2:54:e2:23:6d:99:a0:8c:
         91:8b:cb:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra1qYC2IWCXWvH2eY3O/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjYwMzAxMjIwMTA1WhcNMjYwMzAyMjIwMTA1WjAzMTEwLwYDVQQD
EyhhZDY5YmJiMmE1YWIwMzcwNmNlODllMDdiMDM5YmQzOGNiMjhjYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufTjU2BiOfnZPrk7tRAslP915lAc
shabCO7pNG9+EflOt5Hph0/mere3XfbXOjS9VI7gpxRN10+moo7JIO29lUr+opDH
5zt0DtPGEHqKwIUcM4Ql7fWMuEMo7CmdQC1yFiYhYVMP5nyxXNNplnyQnj1BeE5U
6SOOetjB+fv/jubXq94hLQn+ntp6JxCgHA6RHj9srh/wBqtvG3qefbkVXMf0/u4b
K260nDDYP3a1ya41Rwu4hQ5P8psQ6EuKPaova05+s3dYBu36yiewA9i2u8nMVsN5
Ln9OCgzkwkqR2d9kcHm9MzmBSZFoL/HVp5uGhmk4oAQIUQEFiSPe8ainewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK1pu7KlqwNwbOieB7A5vTjLKMwCMB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNFBXA9B
C5UPQpoIIKESula1IXyQdrWs26azrD3YD/5vff1RLr0gNyXUICwM4PO+QlU1zQtR
/ToiJpHQpYgef1iNddTfdbrnn2PNk6RSrAeepH2SvP0MGXaNccUsgOllZ8ySk28H
ofuCroaUzT0tk+yBLh2KzZ2SlB/EvWdSmsvPdAPuPm1ofHBsdd3keXZjGZq3Zoq8
4xZza42xq9kcSHvycamizZI0Fu7P8SYLos7WrQhJHdM5xHuCMB/s9D9tN2Gaohd+
W1Jkdl5MzLIeZfZuUsprJ3CSEfPOoEQkQiXcHw5V2Bhdl2OfxmhqtQg4eUhcpKJU
4iNtmaCMkYvLIQ==
-----END CERTIFICATE-----