Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
File:                     582m42RtyToNLUKV0esJR2xmvKY.mft (raw, json)
Hash identifier:          Buhj0k+4m1WQtvlgWLDiNZ8BoVf93JWIFWveu5NKslc=
Subject key identifier:   4B:95:69:E7:31:E7:E6:75:65:6F:35:E9:27:81:62:5E:AF:DE:16:36
Authority key identifier: E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6
Certificate issuer:       /CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
Certificate serial:       019CAC47102986522EABD5A44C5800D4AB6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
Manifest number:          056D
Signing time:             Mon 02 Mar 2026 02:01:04 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:04 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:04 +0000
Files and hashes:         1: 582m42RtyToNLUKV0esJR2xmvKY.crl (hash: kDtIIg7TEa2LytVUhvk/6Jb6+ETWWX6brk/njOYBCbk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:10:29:86:52:2e:ab:d5:a4:4c:58:00:d4:ab:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e7cda6e3646dc93a0d2d4295d1eb09476c66bca6
        Validity
            Not Before: Mar  2 02:01:04 2026 GMT
            Not After : Mar  3 02:01:04 2026 GMT
        Subject: CN=4b9569e731e7e675656f35e92781625eafde1636
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9f:4a:d9:52:73:35:b6:a5:65:2a:86:c3:a9:
                    7b:1f:73:1d:44:c0:12:39:7d:c3:3a:ff:44:87:0d:
                    9e:e4:f7:a8:6a:ce:00:20:a2:aa:58:da:c8:7d:2c:
                    08:ee:cd:b1:8c:30:5a:f0:fa:66:dd:0f:2d:f5:c4:
                    b1:2b:4d:dd:ba:ba:e5:9b:34:f2:b6:43:ab:e9:e7:
                    c5:0b:1c:df:6d:c3:37:e2:88:0f:52:3a:af:c3:11:
                    5a:31:5c:64:85:b5:16:d3:a8:21:2e:67:58:7a:8c:
                    35:9c:b7:3b:73:db:d0:92:ae:36:55:b7:b1:28:30:
                    17:ba:c1:27:7f:98:6e:d6:99:6c:ce:5c:60:23:a8:
                    d3:a3:8c:37:bd:f9:27:86:24:6f:4b:61:ee:f0:83:
                    68:d7:3c:97:a3:19:89:b2:8b:25:20:5e:39:a5:f6:
                    75:e6:67:89:08:6a:22:a0:53:bf:5e:c2:64:43:9b:
                    61:17:97:af:82:76:34:09:af:b4:a6:5e:a9:41:ca:
                    54:76:1d:bc:22:e8:45:dc:ce:74:12:5b:a8:84:f8:
                    ea:cd:76:15:92:97:3d:2c:d3:b3:fd:f1:a6:5a:59:
                    a7:d1:fe:35:da:f8:df:9a:86:2b:57:8e:7b:ce:a4:
                    77:ba:7d:66:f0:51:d7:09:61:5e:33:d8:88:0a:22:
                    e2:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:95:69:E7:31:E7:E6:75:65:6F:35:E9:27:81:62:5E:AF:DE:16:36
            X509v3 Authority Key Identifier:
                keyid:E7:CD:A6:E3:64:6D:C9:3A:0D:2D:42:95:D1:EB:09:47:6C:66:BC:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/582m42RtyToNLUKV0esJR2xmvKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/3a6d28-1c43-4b8b-b713-568c407b30f7/1/582m42RtyToNLUKV0esJR2xmvKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:c4:2e:ef:e3:1c:a3:39:1a:f0:de:96:d7:95:9c:6a:21:e8:
         7b:66:94:1d:8a:5d:57:4b:e7:d4:9d:d7:77:bb:98:16:24:70:
         10:55:2b:aa:24:f9:8b:67:cd:57:30:96:c6:5f:dd:5e:5b:20:
         80:21:fc:47:8f:c4:2c:75:e4:ca:ad:bd:7d:b6:a4:04:78:68:
         4f:eb:be:29:9b:be:6d:19:26:a2:0b:83:58:31:14:72:a5:fe:
         84:6e:94:88:e1:87:fc:2a:bf:a8:b6:de:ec:b1:6b:d9:07:63:
         05:d9:16:40:df:ff:87:18:4d:af:36:07:62:45:1d:c3:ef:8c:
         d7:d6:54:a2:9b:1b:99:4d:c6:be:62:a0:85:07:aa:2b:dc:3e:
         9d:da:cc:9f:42:e5:10:69:64:31:10:65:b5:a5:cd:d1:4e:f7:
         d9:2a:f1:36:3a:af:81:b8:b4:6c:1b:ab:1b:72:b3:a6:f9:a2:
         12:ef:f4:1b:5b:74:80:0e:dd:6f:5b:58:6d:bc:43:26:dc:c9:
         25:b4:1d:45:9c:68:a0:08:99:27:a0:e5:a0:56:be:11:11:e3:
         b6:d5:0b:ba:44:c2:02:0f:50:2f:c1:36:2a:2c:15:d1:93:40:
         be:5f:a9:3b:d2:e7:3b:4a:8b:02:e1:31:7a:d2:15:03:a8:d0:
         10:4c:12:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRxAphlIuq9WkTFgA1KtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2RhNmUzNjQ2ZGM5M2EwZDJkNDI5NWQxZWIwOTQ3NmM2
NmJjYTYwHhcNMjYwMzAyMDIwMTA0WhcNMjYwMzAzMDIwMTA0WjAzMTEwLwYDVQQD
Eyg0Yjk1NjllNzMxZTdlNjc1NjU2ZjM1ZTkyNzgxNjI1ZWFmZGUxNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw59K2VJzNbalZSqGw6l7H3MdRMAS
OX3DOv9Ehw2e5Peoas4AIKKqWNrIfSwI7s2xjDBa8Ppm3Q8t9cSxK03durrlmzTy
tkOr6efFCxzfbcM34ogPUjqvwxFaMVxkhbUW06ghLmdYeow1nLc7c9vQkq42Vbex
KDAXusEnf5hu1plszlxgI6jTo4w3vfknhiRvS2Hu8INo1zyXoxmJsoslIF45pfZ1
5meJCGoioFO/XsJkQ5thF5evgnY0Ca+0pl6pQcpUdh28IuhF3M50EluohPjqzXYV
kpc9LNOz/fGmWlmn0f412vjfmoYrV457zqR3un1m8FHXCWFeM9iICiLioQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEuVaecx5+Z1ZW816SeBYl6v3hY2MB8GA1UdIwQY
MBaAFOfNpuNkbck6DS1CldHrCUdsZrymMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMt
NTY4YzQwN2IzMGY3LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zYTZkMjgtMWM0My00YjhiLWI3MTMtNTY4YzQwN2IzMGY3
LzEvNTgybTQyUnR5VG9OTFVLVjBlc0pSMnhtdktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVsQu7+Mc
ozka8N6W15WcaiHoe2aUHYpdV0vn1J3Xd7uYFiRwEFUrqiT5i2fNVzCWxl/dXlsg
gCH8R4/ELHXkyq29fbakBHhoT+u+KZu+bRkmoguDWDEUcqX+hG6UiOGH/Cq/qLbe
7LFr2QdjBdkWQN//hxhNrzYHYkUdw++M19ZUopsbmU3GvmKghQeqK9w+ndrMn0Ll
EGlkMRBltaXN0U732SrxNjqvgbi0bBurG3KzpvmiEu/0G1t0gA7db1tYbbxDJtzJ
JbQdRZxooAiZJ6DloFa+ERHjttULukTCAg9QL8E2KiwV0ZNAvl+pO9LnO0qLAuEx
etIVA6jQEEwS+A==
-----END CERTIFICATE-----