Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
File:                     syznolxromOxucmrdrjS3DoNaAY.mft (raw, json)
Hash identifier:          ajEV5Jg81cKZUdRXEK2hwgpyKS6tJ/chgxye+uM4ieg=
Subject key identifier:   69:B8:EF:6F:CB:0B:67:97:E1:7F:87:89:E2:E1:B3:32:4E:A9:38:54
Authority key identifier: B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06
Certificate issuer:       /CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
Certificate serial:       019CAB6AFD9E084338AC3D9386FA834376F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
Manifest number:          06F7
Signing time:             Sun 01 Mar 2026 22:00:41 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:41 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:41 +0000
Files and hashes:         1: syznolxromOxucmrdrjS3DoNaAY.crl (hash: doS8JT8r1pIFr3+7QwLvqWmWzyN8ZIxWA/Z4Qs3oTRk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:fd:9e:08:43:38:ac:3d:93:86:fa:83:43:76:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
        Validity
            Not Before: Mar  1 22:00:41 2026 GMT
            Not After : Mar  2 22:00:41 2026 GMT
        Subject: CN=69b8ef6fcb0b6797e17f8789e2e1b3324ea93854
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0c:59:de:90:13:e4:fd:42:d0:32:e9:0b:bb:
                    c6:62:8a:a5:fa:6f:fe:07:02:e4:f7:65:0c:96:11:
                    47:0e:40:71:ed:5e:2d:e5:44:ba:db:35:e0:ae:0c:
                    de:0b:9c:43:78:64:72:1a:37:b1:09:09:94:e6:0b:
                    c4:e2:f6:4c:65:ca:62:02:40:8b:5c:46:50:b6:12:
                    51:67:dc:5b:25:4e:fe:41:69:f3:e3:c9:1a:df:13:
                    ef:02:7e:99:60:b9:25:db:df:7c:f2:bb:40:a1:44:
                    fa:b2:c7:36:a8:22:80:79:67:79:10:a2:e9:75:0e:
                    a0:23:91:44:9f:94:ca:27:d6:8f:7a:96:29:94:c1:
                    90:bc:91:b5:0b:96:0d:a1:dc:08:c9:b5:be:a2:55:
                    fa:41:98:95:df:7c:ed:89:3d:17:ea:21:38:e8:4f:
                    94:d4:d7:2e:09:fa:8a:be:16:ce:88:d5:7f:f6:9b:
                    f9:fd:19:60:20:14:74:58:46:03:86:f4:cc:5e:2b:
                    34:ec:16:ba:db:17:05:20:84:1c:10:54:01:f2:39:
                    90:46:2d:7d:45:66:79:c4:c4:3d:50:a9:94:ca:a4:
                    7b:bc:a3:ea:64:e7:4c:37:38:f8:db:9d:6e:28:70:
                    03:38:5b:30:a8:b1:c8:bc:2d:48:7a:85:fa:04:c2:
                    ee:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:B8:EF:6F:CB:0B:67:97:E1:7F:87:89:E2:E1:B3:32:4E:A9:38:54
            X509v3 Authority Key Identifier:
                keyid:B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:1c:9b:ea:12:5f:46:85:84:a4:a4:e5:fb:5d:e1:fb:53:43:
         c8:9c:e4:0b:70:83:1f:0a:1c:71:28:fb:37:20:02:84:36:80:
         15:2b:06:08:8c:d9:34:e1:98:28:60:9f:5e:c3:ae:2a:a7:e5:
         fa:0a:ea:de:21:a9:49:66:75:66:e4:7e:df:d7:f7:ff:f8:1e:
         10:64:4f:98:ab:89:f7:5b:60:28:1e:e8:6c:16:2e:de:16:8d:
         29:fe:3d:99:49:83:ed:80:9b:c2:32:6a:8a:e3:da:94:0f:fa:
         da:5e:b3:cc:8d:f3:bf:a0:20:90:50:0f:df:af:b4:ca:1a:55:
         a5:22:6a:85:f0:00:e2:66:88:24:79:48:e7:a9:fa:a5:66:c4:
         fe:e6:cf:e6:21:26:48:e4:6f:5d:3d:4c:5f:73:99:a4:d7:04:
         d6:64:76:19:88:59:4c:aa:f2:37:1e:28:51:5a:f2:ad:71:9b:
         cd:75:1b:fc:75:9b:b0:06:ca:d1:17:a2:ad:47:f6:e6:48:f6:
         e0:9b:d0:6f:a1:79:fb:0e:24:50:e0:3d:6a:c2:35:ce:d6:02:
         c5:fa:ff:77:5f:85:12:8e:dd:ce:a8:70:cc:97:ba:9c:66:aa:
         8e:66:a1:97:8f:19:ed:49:db:7c:71:05:8b:ae:20:c6:77:f9:
         e1:18:2b:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrav2eCEM4rD2ThvqDQ3byMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmNlN2EyNWM2YmEyNjNiMWI5YzlhYjc2YjhkMmRjM2Ew
ZDY4MDYwHhcNMjYwMzAxMjIwMDQxWhcNMjYwMzAyMjIwMDQxWjAzMTEwLwYDVQQD
Eyg2OWI4ZWY2ZmNiMGI2Nzk3ZTE3Zjg3ODllMmUxYjMzMjRlYTkzODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwxZ3pAT5P1C0DLpC7vGYoql+m/+
BwLk92UMlhFHDkBx7V4t5US62zXgrgzeC5xDeGRyGjexCQmU5gvE4vZMZcpiAkCL
XEZQthJRZ9xbJU7+QWnz48ka3xPvAn6ZYLkl29988rtAoUT6ssc2qCKAeWd5EKLp
dQ6gI5FEn5TKJ9aPepYplMGQvJG1C5YNodwIybW+olX6QZiV33ztiT0X6iE46E+U
1NcuCfqKvhbOiNV/9pv5/RlgIBR0WEYDhvTMXis07Ba62xcFIIQcEFQB8jmQRi19
RWZ5xMQ9UKmUyqR7vKPqZOdMNzj4251uKHADOFswqLHIvC1IeoX6BMLuyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGm472/LC2eX4X+HieLhszJOqThUMB8GA1UdIwQY
MBaAFLMs56Jca6JjsbnJq3a40tw6DWgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzct
MzQwM2E4NDI5N2IxLzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzctMzQwM2E4NDI5N2Ix
LzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeByb6hJf
RoWEpKTl+13h+1NDyJzkC3CDHwoccSj7NyAChDaAFSsGCIzZNOGYKGCfXsOuKqfl
+grq3iGpSWZ1ZuR+39f3//geEGRPmKuJ91tgKB7obBYu3haNKf49mUmD7YCbwjJq
iuPalA/62l6zzI3zv6AgkFAP36+0yhpVpSJqhfAA4maIJHlI56n6pWbE/ubP5iEm
SORvXT1MX3OZpNcE1mR2GYhZTKryNx4oUVryrXGbzXUb/HWbsAbK0ReirUf25kj2
4JvQb6F5+w4kUOA9asI1ztYCxfr/d1+FEo7dzqhwzJe6nGaqjmahl48Z7UnbfHEF
i64gxnf54Rgrrw==
-----END CERTIFICATE-----