Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
File:                     aWZRzL2U9r6et0MyEiM1yrvvw5o.mft (raw, json)
Hash identifier:          CCx7t6wlSdc+kYNJ82diuNXizG5fl8bfGDNEbHBEoi0=
Subject key identifier:   09:52:FB:0F:AD:13:9A:38:74:25:82:1D:0C:1A:D2:0B:AB:99:33:A9
Authority key identifier: 69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A
Certificate issuer:       /CN=696651ccbd94f6be9eb74332122335cabbefc39a
Certificate serial:       019CABD9D88C2CEB3CBA7D18F607D2175149
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
Manifest number:          0773
Signing time:             Mon 02 Mar 2026 00:01:46 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:46 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:46 +0000
Files and hashes:         1: aWZRzL2U9r6et0MyEiM1yrvvw5o.crl (hash: Y2u7ZnyjxQg32riAeLnekZhz/Vgmn+YkNx+gUnfzDTM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:d8:8c:2c:eb:3c:ba:7d:18:f6:07:d2:17:51:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=696651ccbd94f6be9eb74332122335cabbefc39a
        Validity
            Not Before: Mar  2 00:01:46 2026 GMT
            Not After : Mar  3 00:01:46 2026 GMT
        Subject: CN=0952fb0fad139a387425821d0c1ad20bab9933a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5e:9b:94:6d:61:b6:2e:98:11:90:60:75:fe:
                    94:eb:36:7c:43:99:e4:2e:7f:9e:cd:35:52:3f:8a:
                    ea:26:d8:b4:c6:cc:7e:91:5c:67:6c:4a:1a:7e:10:
                    f7:d0:53:59:81:b4:e2:12:e6:43:eb:c1:2d:ad:6b:
                    d2:44:55:0f:42:0c:49:23:d5:f2:39:49:9d:99:14:
                    d9:b5:42:09:3b:a5:f2:4f:36:bd:7c:40:55:9f:78:
                    7e:87:6f:b1:cd:09:26:dc:16:9d:3d:79:fd:9e:e4:
                    4d:69:8c:39:d0:2e:7d:80:b8:be:ee:cb:02:21:ea:
                    76:8c:56:f3:fe:ca:b1:d1:69:eb:d9:a0:01:9d:a9:
                    cb:85:eb:35:52:5a:6c:da:1a:6b:2b:96:e6:17:a8:
                    4e:9d:a1:30:95:9d:ef:48:fe:7e:26:40:02:6c:29:
                    52:cb:10:48:d7:c7:f5:4d:40:af:6f:04:4d:ce:82:
                    1b:58:e1:51:7f:b0:e7:5d:3f:eb:68:98:97:28:65:
                    f9:71:5e:c7:dc:00:8a:b1:36:70:90:30:e0:c0:6d:
                    98:19:66:f4:6a:c5:e2:03:89:70:fd:38:ab:01:d1:
                    78:3c:05:00:0b:31:b8:b3:79:9b:0e:6c:ca:d8:f0:
                    34:5f:db:62:25:88:12:83:af:5a:3b:d1:c0:9c:82:
                    aa:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:52:FB:0F:AD:13:9A:38:74:25:82:1D:0C:1A:D2:0B:AB:99:33:A9
            X509v3 Authority Key Identifier:
                keyid:69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:15:07:3d:7d:46:94:8f:28:a1:2c:76:d9:14:19:f0:55:ea:
         8f:cd:d0:d1:4e:c5:bf:bd:cb:84:6f:03:fa:92:6e:ca:b9:f5:
         18:39:9a:ee:a6:01:16:8b:7f:5d:a5:c8:cd:b2:d2:5c:f1:fa:
         16:3e:8b:78:a9:dc:e9:46:2c:29:d4:53:74:12:a0:37:99:1a:
         e2:58:98:da:ee:a8:0b:d5:49:d1:27:f2:6f:5a:e1:22:8e:02:
         b8:6b:2e:04:c6:a4:36:08:32:a9:ee:9c:5d:09:97:34:10:66:
         8b:1f:e6:ed:35:23:24:0f:76:69:20:7d:cd:a9:95:ca:52:df:
         58:a0:7d:bb:c0:82:84:cd:6b:62:ce:a5:80:f2:d4:fc:38:9f:
         34:0a:93:06:16:1c:6e:b0:57:1e:b8:ec:b8:e8:d7:fd:bb:5d:
         08:46:87:b9:46:81:ac:5f:7e:99:95:6e:a3:dc:b6:c5:dd:92:
         fa:80:9b:26:71:ad:06:02:2f:35:b0:10:19:45:ee:08:79:9c:
         dd:24:37:c1:8e:2b:fb:e1:4d:4c:0a:cb:c1:4a:37:0d:dd:2f:
         37:7f:31:43:c0:a3:45:94:29:11:c1:3c:dd:7b:c9:0c:7b:2b:
         6d:f4:d6:40:10:ab:7e:1e:5b:69:62:f5:b4:17:38:3d:1f:b2:
         ed:27:c0:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2diMLOs8un0Y9gfSF1FJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY1MWNjYmQ5NGY2YmU5ZWI3NDMzMjEyMjMzNWNhYmJl
ZmMzOWEwHhcNMjYwMzAyMDAwMTQ2WhcNMjYwMzAzMDAwMTQ2WjAzMTEwLwYDVQQD
EygwOTUyZmIwZmFkMTM5YTM4NzQyNTgyMWQwYzFhZDIwYmFiOTkzM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql6blG1hti6YEZBgdf6U6zZ8Q5nk
Ln+ezTVSP4rqJti0xsx+kVxnbEoafhD30FNZgbTiEuZD68EtrWvSRFUPQgxJI9Xy
OUmdmRTZtUIJO6XyTza9fEBVn3h+h2+xzQkm3BadPXn9nuRNaYw50C59gLi+7ssC
Iep2jFbz/sqx0Wnr2aABnanLhes1Ulps2hprK5bmF6hOnaEwlZ3vSP5+JkACbClS
yxBI18f1TUCvbwRNzoIbWOFRf7DnXT/raJiXKGX5cV7H3ACKsTZwkDDgwG2YGWb0
asXiA4lw/TirAdF4PAUACzG4s3mbDmzK2PA0X9tiJYgSg69aO9HAnIKqhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAlS+w+tE5o4dCWCHQwa0gurmTOpMB8GA1UdIwQY
MBaAFGlmUcy9lPa+nrdDMhIjNcq778OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAt
ZDg3MDE3ZDdhNmFjLzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAtZDg3MDE3ZDdhNmFj
LzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAORUHPX1G
lI8ooSx22RQZ8FXqj83Q0U7Fv73LhG8D+pJuyrn1GDma7qYBFot/XaXIzbLSXPH6
Fj6LeKnc6UYsKdRTdBKgN5ka4liY2u6oC9VJ0Sfyb1rhIo4CuGsuBMakNggyqe6c
XQmXNBBmix/m7TUjJA92aSB9zamVylLfWKB9u8CChM1rYs6lgPLU/DifNAqTBhYc
brBXHrjsuOjX/btdCEaHuUaBrF9+mZVuo9y2xd2S+oCbJnGtBgIvNbAQGUXuCHmc
3SQ3wY4r++FNTArLwUo3Dd0vN38xQ8CjRZQpEcE83XvJDHsrbfTWQBCrfh5baWL1
tBc4PR+y7SfAGQ==
-----END CERTIFICATE-----