Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          34x64VkAL2qSCZ45l4ck8xltfi4FTCW/a462ZeUFGRU=
Subject key identifier:   EF:41:35:78:D1:6D:D1:D8:91:4A:BC:DC:19:D0:78:C9:89:3F:30:DA
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       019CAB6B0CD9C4EB571A7542C7A1EC63ED90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0EE8
Signing time:             Sun 01 Mar 2026 22:00:45 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:45 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:45 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: m2e4c3f37m25NuCZRAQpZMsVnF/bRPoUkTef7J5RmxI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:0c:d9:c4:eb:57:1a:75:42:c7:a1:ec:63:ed:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: Mar  1 22:00:45 2026 GMT
            Not After : Mar  2 22:00:45 2026 GMT
        Subject: CN=ef413578d16dd1d8914abcdc19d078c9893f30da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:90:38:d5:07:91:3f:c3:20:63:51:30:53:4a:
                    69:cf:b9:86:d1:89:86:26:3d:a6:b5:96:c3:3a:6e:
                    f6:6d:5f:d9:dd:a4:ce:e4:c9:c0:e9:a2:b9:20:bc:
                    81:18:48:ba:a9:52:d1:98:9d:1c:35:ed:6c:7a:77:
                    49:58:a7:41:42:42:a6:81:97:b2:c7:37:f1:d8:3c:
                    5d:ba:f0:2f:0b:98:9f:4e:8c:c1:8a:a0:7a:f2:da:
                    4e:db:1b:eb:46:f3:a7:59:8c:d5:27:c9:84:ab:df:
                    a2:bd:df:15:bf:a0:58:e8:4e:ed:44:24:69:b3:97:
                    36:af:42:93:14:c4:58:ce:34:9a:45:48:f9:5a:d8:
                    a7:75:0d:2b:8f:4e:3f:d1:9b:b2:33:29:1b:ce:3e:
                    35:8f:95:59:93:56:4c:38:dd:c5:82:2f:68:13:3b:
                    1d:c8:da:84:d6:d4:91:47:7f:2a:b9:90:8b:95:bd:
                    62:2c:56:86:f4:67:4d:7a:41:2d:40:4d:03:93:37:
                    0b:c8:d4:18:fa:82:da:83:a7:d7:b1:9c:31:fe:16:
                    03:df:77:bc:e8:45:bb:58:57:73:d2:9e:ae:af:d3:
                    ad:47:98:09:1a:3d:60:c0:7a:1f:c8:f3:08:b0:b8:
                    72:b2:ef:bb:54:d6:37:f5:c0:0d:3e:4a:84:98:e1:
                    04:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:41:35:78:D1:6D:D1:D8:91:4A:BC:DC:19:D0:78:C9:89:3F:30:DA
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:7a:6a:c2:ea:79:a5:e4:65:00:54:a1:1e:e1:c1:3f:9c:15:
         2c:cc:a7:16:4d:ea:ad:9a:b7:98:55:ad:1a:19:e2:06:66:2e:
         c9:8c:24:01:9b:34:a5:22:c0:b9:65:4f:7b:f0:c2:27:69:77:
         34:64:8c:03:0a:5a:55:07:c4:07:16:58:db:02:4e:4c:6b:b2:
         c4:dc:5e:be:2d:ff:84:1a:5e:c3:2c:6d:02:47:94:e8:0e:55:
         49:cc:45:b1:88:cc:23:da:45:ee:4e:23:72:83:03:b5:68:fe:
         ae:fa:05:e9:44:be:41:e8:95:7f:1c:01:a3:ca:c4:f1:7e:59:
         17:b3:a7:96:dd:b1:69:aa:6d:30:d3:85:4f:68:2b:ea:3e:e1:
         59:f7:53:3f:40:2e:9a:61:82:26:23:5b:0d:7a:b9:d4:87:ed:
         dc:84:fd:a3:a6:9d:ac:9a:fb:b0:19:9b:40:8a:df:73:c5:69:
         58:8c:1f:ea:45:a5:ee:44:a2:cf:f9:45:91:cf:fe:a4:86:fb:
         62:71:be:fc:ac:27:bb:d4:89:09:e8:44:12:ea:52:c6:6c:79:
         02:7c:da:81:12:90:f5:2d:b0:00:1c:76:5f:62:ea:71:cd:96:
         3e:87:ab:15:0b:61:8a:c0:50:fb:8e:76:b6:a4:09:78:c2:48:
         43:f2:71:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrawzZxOtXGnVCx6HsY+2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjYwMzAxMjIwMDQ1WhcNMjYwMzAyMjIwMDQ1WjAzMTEwLwYDVQQD
EyhlZjQxMzU3OGQxNmRkMWQ4OTE0YWJjZGMxOWQwNzhjOTg5M2YzMGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5A41QeRP8MgY1EwU0ppz7mG0YmG
Jj2mtZbDOm72bV/Z3aTO5MnA6aK5ILyBGEi6qVLRmJ0cNe1sendJWKdBQkKmgZey
xzfx2DxduvAvC5ifTozBiqB68tpO2xvrRvOnWYzVJ8mEq9+ivd8Vv6BY6E7tRCRp
s5c2r0KTFMRYzjSaRUj5WtindQ0rj04/0ZuyMykbzj41j5VZk1ZMON3Fgi9oEzsd
yNqE1tSRR38quZCLlb1iLFaG9GdNekEtQE0DkzcLyNQY+oLag6fXsZwx/hYD33e8
6EW7WFdz0p6ur9OtR5gJGj1gwHofyPMIsLhysu+7VNY39cANPkqEmOEEVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9BNXjRbdHYkUq83BnQeMmJPzDaMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxnpqwup5
peRlAFShHuHBP5wVLMynFk3qrZq3mFWtGhniBmYuyYwkAZs0pSLAuWVPe/DCJ2l3
NGSMAwpaVQfEBxZY2wJOTGuyxNxevi3/hBpewyxtAkeU6A5VScxFsYjMI9pF7k4j
coMDtWj+rvoF6US+QeiVfxwBo8rE8X5ZF7Onlt2xaaptMNOFT2gr6j7hWfdTP0Au
mmGCJiNbDXq51Ift3IT9o6adrJr7sBmbQIrfc8VpWIwf6kWl7kSiz/lFkc/+pIb7
YnG+/Kwnu9SJCehEEupSxmx5AnzagRKQ9S2wABx2X2Lqcc2WPoerFQthisBQ+452
tqQJeMJIQ/JxMA==
-----END CERTIFICATE-----