Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
File:                     lZCfz5xup2MAznHQlNMl9X1knL8.mft (raw, json)
Hash identifier:          NHW+8io/abrhXiOPJiHaRp42qK8q+Ln4eTlf7wDRJ0Y=
Subject key identifier:   CC:55:FC:D1:01:65:22:2E:04:60:54:75:D0:00:10:4E:4D:77:49:0C
Authority key identifier: 95:90:9F:CF:9C:6E:A7:63:00:CE:71:D0:94:D3:25:F5:7D:64:9C:BF
Certificate issuer:       /CN=95909fcf9c6ea76300ce71d094d325f57d649cbf
Certificate serial:       019CAD59A06B93972BFE27B7491F0C7252B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
Manifest number:          157E
Signing time:             Mon 02 Mar 2026 07:00:57 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:57 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:57 +0000
Files and hashes:         1: lZCfz5xup2MAznHQlNMl9X1knL8.crl (hash: ARA6I3btfkpVvoiwqhIPXsNtbWK3jVPaZ41oTEvLUJ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:a0:6b:93:97:2b:fe:27:b7:49:1f:0c:72:52:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95909fcf9c6ea76300ce71d094d325f57d649cbf
        Validity
            Not Before: Mar  2 07:00:57 2026 GMT
            Not After : Mar  3 07:00:57 2026 GMT
        Subject: CN=cc55fcd10165222e04605475d000104e4d77490c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:37:b7:fb:ae:9f:d7:24:d4:f2:b6:c9:3d:ce:
                    49:bb:8a:50:34:53:43:76:5d:37:fc:8c:02:82:8c:
                    68:a1:d4:54:07:99:46:61:3e:c5:d9:6d:74:7c:96:
                    1f:b5:fd:d1:d4:0a:6f:53:44:7a:1a:b8:49:7d:5a:
                    a9:46:3d:d5:0c:9d:e0:88:e6:d1:88:69:bf:3f:43:
                    68:8d:c6:c8:bb:82:6c:59:ed:20:61:a2:32:03:cd:
                    aa:6e:61:6e:99:e8:7f:7b:ea:f5:ef:57:a9:2a:67:
                    9b:40:10:29:c1:18:e9:ac:e5:a7:3c:6b:b7:f3:0a:
                    e2:45:17:ba:26:70:1d:a7:85:51:9f:65:26:a3:f0:
                    d0:35:a2:28:95:9c:84:4d:2c:c8:23:63:f9:ec:cf:
                    58:ef:45:83:70:4f:3a:e5:8f:e2:35:bf:4d:76:09:
                    e2:75:d6:6b:4d:8a:0d:89:98:ee:1b:fc:53:ce:d6:
                    51:0d:a7:5e:85:1d:8f:dc:49:c2:c2:2d:5f:26:da:
                    6a:a3:0f:76:78:15:0f:00:b7:78:e2:26:76:5e:35:
                    d2:4d:06:55:be:94:29:55:01:f6:4e:13:ce:0b:dc:
                    1e:df:8c:7b:73:d1:b6:1d:d6:11:e5:1b:fa:b7:07:
                    fb:40:0e:37:fa:72:5d:76:b9:bc:71:b7:4c:f8:8d:
                    99:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:55:FC:D1:01:65:22:2E:04:60:54:75:D0:00:10:4E:4D:77:49:0C
            X509v3 Authority Key Identifier:
                keyid:95:90:9F:CF:9C:6E:A7:63:00:CE:71:D0:94:D3:25:F5:7D:64:9C:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZCfz5xup2MAznHQlNMl9X1knL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/373e4c-d885-44fa-8c4b-a6eedfa9a4fc/1/lZCfz5xup2MAznHQlNMl9X1knL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:95:1d:3e:70:01:bb:c5:31:77:fa:2f:b2:bd:20:33:ad:e3:
         3a:41:46:34:32:14:cd:e0:30:7c:77:eb:65:03:be:cb:a5:10:
         df:34:19:fb:7b:9a:23:e2:f6:68:35:b8:28:57:ae:c1:f3:d6:
         62:93:b4:59:37:84:78:d3:70:96:47:f2:dd:ff:0a:99:ab:62:
         09:6d:b2:c1:e0:a3:04:b7:c2:75:81:a3:66:33:96:d0:14:b3:
         4e:75:41:28:4d:40:d0:4f:db:80:55:5b:fe:c6:2b:13:bf:69:
         5b:4d:ac:70:27:b2:65:47:d7:ae:a6:95:2e:eb:16:b4:64:e5:
         0f:2c:1d:61:ff:39:07:8f:a4:ce:1a:0b:92:f9:52:bb:5e:8e:
         94:87:ad:cf:d5:79:78:b1:d7:69:ac:b2:c5:a4:60:e1:09:fc:
         c2:d7:b9:06:e0:16:6f:a3:56:bd:d2:47:0d:e5:70:9e:6e:65:
         ac:70:e1:bf:6e:5e:2d:b5:c3:24:f1:2d:f2:82:02:1f:7f:f2:
         a6:72:9f:a9:8b:97:98:8d:4f:f5:4b:23:3b:f3:eb:d7:30:45:
         05:0e:e5:f8:23:d1:3f:70:54:10:a4:ec:86:cd:d5:91:ff:f9:
         61:0d:3b:84:13:0e:b5:ba:18:54:62:cd:32:03:99:15:89:15:
         fa:9c:12:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWaBrk5cr/ie3SR8MclK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OTA5ZmNmOWM2ZWE3NjMwMGNlNzFkMDk0ZDMyNWY1N2Q2
NDljYmYwHhcNMjYwMzAyMDcwMDU3WhcNMjYwMzAzMDcwMDU3WjAzMTEwLwYDVQQD
EyhjYzU1ZmNkMTAxNjUyMjJlMDQ2MDU0NzVkMDAwMTA0ZTRkNzc0OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTe3+66f1yTU8rbJPc5Ju4pQNFND
dl03/IwCgoxoodRUB5lGYT7F2W10fJYftf3R1ApvU0R6GrhJfVqpRj3VDJ3giObR
iGm/P0NojcbIu4JsWe0gYaIyA82qbmFumeh/e+r171epKmebQBApwRjprOWnPGu3
8wriRRe6JnAdp4VRn2Umo/DQNaIolZyETSzII2P57M9Y70WDcE865Y/iNb9Ndgni
ddZrTYoNiZjuG/xTztZRDadehR2P3EnCwi1fJtpqow92eBUPALd44iZ2XjXSTQZV
vpQpVQH2ThPOC9we34x7c9G2HdYR5Rv6twf7QA43+nJddrm8cbdM+I2ZbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMxV/NEBZSIuBGBUddAAEE5Nd0kMMB8GA1UdIwQY
MBaAFJWQn8+cbqdjAM5x0JTTJfV9ZJy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zNzNlNGMtZDg4NS00NGZhLThjNGIt
YTZlZWRmYTlhNGZjLzEvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zNzNlNGMtZDg4NS00NGZhLThjNGItYTZlZWRmYTlhNGZj
LzEvbFpDZno1eHVwMk1Bem5IUWxOTWw5WDFrbkw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAupUdPnAB
u8Uxd/ovsr0gM63jOkFGNDIUzeAwfHfrZQO+y6UQ3zQZ+3uaI+L2aDW4KFeuwfPW
YpO0WTeEeNNwlkfy3f8KmatiCW2yweCjBLfCdYGjZjOW0BSzTnVBKE1A0E/bgFVb
/sYrE79pW02scCeyZUfXrqaVLusWtGTlDywdYf85B4+kzhoLkvlSu16OlIetz9V5
eLHXaayyxaRg4Qn8wte5BuAWb6NWvdJHDeVwnm5lrHDhv25eLbXDJPEt8oICH3/y
pnKfqYuXmI1P9UsjO/Pr1zBFBQ7l+CPRP3BUEKTshs3Vkf/5YQ07hBMOtboYVGLN
MgOZFYkV+pwSRQ==
-----END CERTIFICATE-----