Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
File:                     IPdQab1W78UXA4PtMcrSJGT98DA.mft (raw, json)
Hash identifier:          yTEE6kqpCyVsuwfoTEP4tTO/eoUfhHAGDXAuq2xw9GU=
Subject key identifier:   3C:A9:EC:3D:62:C5:89:2B:B6:E6:D5:C8:BE:A7:8B:79:68:19:EB:B4
Authority key identifier: 20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30
Certificate issuer:       /CN=20f75069bd56efc5170383ed31cad22464fdf030
Certificate serial:       019CAC104495AEDCBCF09895A7D94AFD58C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
Manifest number:          05F5
Signing time:             Mon 02 Mar 2026 01:01:12 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:12 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:12 +0000
Files and hashes:         1: IPdQab1W78UXA4PtMcrSJGT98DA.crl (hash: WmzxPI7TNk4SQ/EVHCtfRXzevrbK9oXtB2IQeeJSG60=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:44:95:ae:dc:bc:f0:98:95:a7:d9:4a:fd:58:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20f75069bd56efc5170383ed31cad22464fdf030
        Validity
            Not Before: Mar  2 01:01:12 2026 GMT
            Not After : Mar  3 01:01:12 2026 GMT
        Subject: CN=3ca9ec3d62c5892bb6e6d5c8bea78b796819ebb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5c:79:db:fa:6c:76:e4:0a:c7:bb:e0:35:f0:
                    04:bf:3f:f9:f2:2e:29:66:d8:9e:e1:d1:a4:af:81:
                    f9:f7:d5:29:9e:d5:ff:2c:71:4c:e3:8e:f1:6b:a2:
                    24:08:72:68:ac:88:35:a5:e2:c8:57:fa:5f:7f:e4:
                    1a:60:69:1c:6c:1d:c7:89:67:18:f2:10:98:bf:8d:
                    5f:78:8d:99:f4:12:63:af:55:c0:c7:d6:d5:a8:5c:
                    77:78:53:de:f3:f3:f3:d0:29:31:42:84:e3:2a:e7:
                    63:07:60:bd:f1:33:82:cb:48:11:dd:79:70:5c:fe:
                    02:bb:3f:64:f5:b5:e5:e8:57:37:7d:96:b9:6b:eb:
                    78:dc:9b:3c:f1:9d:32:b3:b1:10:72:73:c3:57:c8:
                    7f:66:c2:f1:a6:12:9f:54:e2:a4:ec:c8:3e:c2:ab:
                    60:5b:06:eb:4d:27:57:f5:7d:6b:dd:33:14:d1:bf:
                    90:4a:18:35:bf:10:81:d0:48:a0:40:26:67:e9:dd:
                    e5:13:94:62:36:43:b3:b0:26:7e:56:eb:0e:ea:89:
                    18:be:91:c4:83:29:7d:ee:65:71:e3:b8:f1:73:43:
                    d8:e7:2f:02:62:68:a8:31:64:59:3b:ea:95:ff:18:
                    e7:93:72:96:5c:12:29:2a:81:0b:d6:0a:3d:80:fe:
                    6f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:A9:EC:3D:62:C5:89:2B:B6:E6:D5:C8:BE:A7:8B:79:68:19:EB:B4
            X509v3 Authority Key Identifier:
                keyid:20:F7:50:69:BD:56:EF:C5:17:03:83:ED:31:CA:D2:24:64:FD:F0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPdQab1W78UXA4PtMcrSJGT98DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/95cd70-50cd-46bd-8e06-b9705d7d3579/1/IPdQab1W78UXA4PtMcrSJGT98DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:25:9b:f1:c2:65:9f:2d:02:4e:42:36:38:d4:9a:f7:24:29:
         9b:49:ae:bc:b0:a1:9e:74:c1:ad:d1:e0:9e:43:88:d3:ac:99:
         1c:ff:f3:83:9f:c0:1b:25:70:06:2b:e0:03:dd:56:15:f8:3c:
         49:6b:00:50:7d:b3:7f:93:36:b4:49:78:50:c3:5a:1a:ae:f5:
         55:9b:c3:d9:ff:a9:34:da:95:44:7a:60:cc:87:fb:b6:5b:16:
         47:1e:fe:10:06:79:87:b5:f6:cc:c9:b7:b6:f4:62:7d:a1:e3:
         ce:3c:8c:b4:8b:bf:bd:b6:3f:29:60:31:0f:72:da:ec:62:cf:
         a9:ce:76:71:17:a5:7f:4b:ea:d5:96:9f:36:9a:76:95:a7:60:
         a4:59:80:a7:5d:60:81:fa:bf:0c:9c:39:d6:55:b3:ce:db:02:
         ba:2d:27:d6:70:ad:0b:e3:36:b1:75:d2:b3:7a:ed:0d:d5:56:
         d7:32:14:32:73:fb:bf:85:de:4e:e4:7b:6f:e0:9f:49:5c:c4:
         d2:cf:5f:43:d2:ee:2b:fd:ef:3c:e4:5a:86:23:2a:39:ae:5c:
         4e:ff:19:b9:08:5a:31:7a:f1:a2:05:84:69:53:72:0f:7a:d0:
         62:f1:75:7d:46:72:d7:f0:72:c2:5d:0d:c4:75:14:26:8a:c5:
         da:c0:5e:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEESVrty88JiVp9lK/VjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjc1MDY5YmQ1NmVmYzUxNzAzODNlZDMxY2FkMjI0NjRm
ZGYwMzAwHhcNMjYwMzAyMDEwMTEyWhcNMjYwMzAzMDEwMTEyWjAzMTEwLwYDVQQD
EygzY2E5ZWMzZDYyYzU4OTJiYjZlNmQ1YzhiZWE3OGI3OTY4MTllYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlx52/psduQKx7vgNfAEvz/58i4p
Ztie4dGkr4H599UpntX/LHFM447xa6IkCHJorIg1peLIV/pff+QaYGkcbB3HiWcY
8hCYv41feI2Z9BJjr1XAx9bVqFx3eFPe8/Pz0CkxQoTjKudjB2C98TOCy0gR3Xlw
XP4Cuz9k9bXl6Fc3fZa5a+t43Js88Z0ys7EQcnPDV8h/ZsLxphKfVOKk7Mg+wqtg
WwbrTSdX9X1r3TMU0b+QShg1vxCB0EigQCZn6d3lE5RiNkOzsCZ+VusO6okYvpHE
gyl97mVx47jxc0PY5y8CYmioMWRZO+qV/xjnk3KWXBIpKoEL1go9gP5vmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDyp7D1ixYkrtubVyL6ni3loGeu0MB8GA1UdIwQY
MBaAFCD3UGm9Vu/FFwOD7THK0iRk/fAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYt
Yjk3MDVkN2QzNTc5LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85NWNkNzAtNTBjZC00NmJkLThlMDYtYjk3MDVkN2QzNTc5
LzEvSVBkUWFiMVc3OFVYQTRQdE1jclNKR1Q5OERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSWb8cJl
ny0CTkI2ONSa9yQpm0muvLChnnTBrdHgnkOI06yZHP/zg5/AGyVwBivgA91WFfg8
SWsAUH2zf5M2tEl4UMNaGq71VZvD2f+pNNqVRHpgzIf7tlsWRx7+EAZ5h7X2zMm3
tvRifaHjzjyMtIu/vbY/KWAxD3La7GLPqc52cRelf0vq1ZafNpp2ladgpFmAp11g
gfq/DJw51lWzztsCui0n1nCtC+M2sXXSs3rtDdVW1zIUMnP7v4XeTuR7b+CfSVzE
0s9fQ9LuK/3vPORahiMqOa5cTv8ZuQhaMXrxogWEaVNyD3rQYvF1fUZy1/Bywl0N
xHUUJorF2sBenA==
-----END CERTIFICATE-----