Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
File:                     M1lkDZyLY0Pghqr4vosw6MMdK40.mft (raw, json)
Hash identifier:          4+mSecX5T6X/+dRY84lvmhj3EPhRcHtR7BFj4Jd6Ks4=
Subject key identifier:   15:AE:0D:49:CE:BB:FF:53:B1:AD:3A:75:0C:D4:12:B1:96:C4:92:41
Authority key identifier: 33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D
Certificate issuer:       /CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
Certificate serial:       019CA97C94DF42A1F23875BB5A0ADB98D990
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
Manifest number:          05CC
Signing time:             Sun 01 Mar 2026 13:00:39 +0000
Manifest this update:     Sun 01 Mar 2026 13:00:39 +0000
Manifest next update:     Mon 02 Mar 2026 13:00:39 +0000
Files and hashes:         1: M1lkDZyLY0Pghqr4vosw6MMdK40.crl (hash: kNWqoENvyvacEGvrfMZ/jdxNkGOEZOt5mgxxIz2CBJg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7c:94:df:42:a1:f2:38:75:bb:5a:0a:db:98:d9:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3359640d9c8b6343e086aaf8be8b30e8c31d2b8d
        Validity
            Not Before: Mar  1 13:00:39 2026 GMT
            Not After : Mar  2 13:00:39 2026 GMT
        Subject: CN=15ae0d49cebbff53b1ad3a750cd412b196c49241
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:08:79:41:4a:fb:3f:08:b4:2d:25:f7:3e:33:
                    31:69:bc:16:61:95:3c:c1:59:95:48:48:eb:15:40:
                    6c:78:a8:b3:0d:22:c9:d6:5e:de:47:d4:3a:56:09:
                    fb:9e:5d:48:60:cc:6f:b6:4c:3c:50:56:34:92:cd:
                    f7:9f:9e:06:a8:aa:52:ea:2f:ec:84:e9:e9:9f:07:
                    49:15:61:66:6c:03:c0:ca:b6:a4:75:d6:70:bc:ef:
                    71:ec:f8:ec:06:91:a8:c3:36:08:7f:95:d2:6b:8e:
                    03:3d:ec:87:83:c6:b9:6c:d4:6d:e1:79:1e:7f:06:
                    19:ae:50:65:09:04:c0:31:e1:a7:94:0e:50:b1:e1:
                    08:6b:18:cc:23:21:fc:44:09:59:4c:20:5a:e4:a9:
                    67:55:80:cb:39:08:7e:dc:0b:25:4c:ea:53:4e:03:
                    cb:66:56:2c:77:cd:ac:88:2d:88:24:ab:d5:6e:59:
                    28:d2:08:04:46:4f:3e:43:e1:a2:4e:92:dd:11:98:
                    d6:f3:e9:d9:c6:23:41:cf:e8:88:b5:49:fb:38:49:
                    d6:01:ec:0d:36:a5:b7:68:55:1c:a8:08:93:ba:29:
                    ab:a3:fc:0e:75:6f:4d:03:8e:08:8d:ea:20:cf:d3:
                    d7:ac:fa:f0:e7:1e:8e:3e:f8:ee:5d:6f:89:2f:1f:
                    9f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:AE:0D:49:CE:BB:FF:53:B1:AD:3A:75:0C:D4:12:B1:96:C4:92:41
            X509v3 Authority Key Identifier:
                keyid:33:59:64:0D:9C:8B:63:43:E0:86:AA:F8:BE:8B:30:E8:C3:1D:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1lkDZyLY0Pghqr4vosw6MMdK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/d330c9-3a00-4e85-8a74-bddc3143b313/1/M1lkDZyLY0Pghqr4vosw6MMdK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:ba:e5:4e:25:82:b6:1c:5d:10:3c:a7:9a:18:07:15:f6:f1:
         df:d4:9d:6e:0c:e8:a8:9c:0d:f1:a2:c0:98:36:ec:eb:43:84:
         86:57:31:1e:c9:fc:95:e7:8f:8f:f4:26:19:d1:15:2f:3f:6d:
         9e:cd:ba:db:ba:8b:34:26:13:1e:b0:f8:bb:fc:0e:f5:c0:dc:
         2a:f8:aa:f3:1a:24:0a:7d:39:0f:89:44:9f:69:eb:fd:3c:f9:
         d6:a2:95:85:5e:b1:2c:a7:1d:f4:4a:06:40:18:e6:87:d5:e9:
         00:08:8d:21:b9:65:a6:b3:b6:dd:ef:ae:ed:85:28:28:b5:b0:
         16:75:f4:f4:b9:cc:11:5d:f0:67:6d:5d:7a:a0:c9:ac:39:62:
         08:60:b8:8d:2a:22:c0:49:64:47:0e:52:62:e7:2f:66:2c:36:
         dc:53:5e:0a:34:69:de:c1:6f:41:1a:c2:27:bc:c2:d0:7f:9b:
         b7:d7:c9:66:2b:3d:0e:52:cc:10:7b:98:d6:ca:45:cf:e7:3a:
         b9:33:76:e0:8d:56:a1:04:82:18:5a:ed:2d:8f:07:5d:19:1b:
         2d:63:47:84:17:d2:ba:1b:a7:c6:60:71:22:8e:a6:d2:fa:ad:
         54:98:e7:8d:60:27:5c:d0:0c:bb:83:18:04:2c:f9:a6:06:a3:
         d2:be:bf:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfJTfQqHyOHW7WgrbmNmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNTk2NDBkOWM4YjYzNDNlMDg2YWFmOGJlOGIzMGU4YzMx
ZDJiOGQwHhcNMjYwMzAxMTMwMDM5WhcNMjYwMzAyMTMwMDM5WjAzMTEwLwYDVQQD
EygxNWFlMGQ0OWNlYmJmZjUzYjFhZDNhNzUwY2Q0MTJiMTk2YzQ5MjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwh5QUr7Pwi0LSX3PjMxabwWYZU8
wVmVSEjrFUBseKizDSLJ1l7eR9Q6Vgn7nl1IYMxvtkw8UFY0ks33n54GqKpS6i/s
hOnpnwdJFWFmbAPAyrakddZwvO9x7PjsBpGowzYIf5XSa44DPeyHg8a5bNRt4Xke
fwYZrlBlCQTAMeGnlA5QseEIaxjMIyH8RAlZTCBa5KlnVYDLOQh+3AslTOpTTgPL
ZlYsd82siC2IJKvVblko0ggERk8+Q+GiTpLdEZjW8+nZxiNBz+iItUn7OEnWAewN
NqW3aFUcqAiTuimro/wOdW9NA44Ijeogz9PXrPrw5x6OPvjuXW+JLx+ffQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWuDUnOu/9Tsa06dQzUErGWxJJBMB8GA1UdIwQY
MBaAFDNZZA2ci2ND4Iaq+L6LMOjDHSuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQt
YmRkYzMxNDNiMzEzLzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9kMzMwYzktM2EwMC00ZTg1LThhNzQtYmRkYzMxNDNiMzEz
LzEvTTFsa0RaeUxZMFBnaHFyNHZvc3c2TU1kSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwrrlTiWC
thxdEDynmhgHFfbx39SdbgzoqJwN8aLAmDbs60OEhlcxHsn8leePj/QmGdEVLz9t
ns2627qLNCYTHrD4u/wO9cDcKviq8xokCn05D4lEn2nr/Tz51qKVhV6xLKcd9EoG
QBjmh9XpAAiNIbllprO23e+u7YUoKLWwFnX09LnMEV3wZ21deqDJrDliCGC4jSoi
wElkRw5SYucvZiw23FNeCjRp3sFvQRrCJ7zC0H+bt9fJZis9DlLMEHuY1spFz+c6
uTN24I1WoQSCGFrtLY8HXRkbLWNHhBfSuhunxmBxIo6m0vqtVJjnjWAnXNAMu4MY
BCz5pgaj0r6/MQ==
-----END CERTIFICATE-----