Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
File:                     iX81rEgorqlfpdLYBNM6ewz_RYo.mft (raw, json)
Hash identifier:          P3MAxygXGTQBqe5mJPI17poPuquNQ2kfOsiGjKxXvDw=
Subject key identifier:   45:94:0F:94:6B:82:FE:2C:F3:23:DB:26:EA:DF:C2:FC:45:C9:A0:7B
Authority key identifier: 89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A
Certificate issuer:       /CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a
Certificate serial:       019CAEDA20D8D7AF188DD6BD6102CE730DCE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
Manifest number:          0709
Signing time:             Mon 02 Mar 2026 14:00:56 +0000
Manifest this update:     Mon 02 Mar 2026 14:00:56 +0000
Manifest next update:     Tue 03 Mar 2026 14:00:56 +0000
Files and hashes:         1: iX81rEgorqlfpdLYBNM6ewz_RYo.crl (hash: 8qv592f23S5ZupnKVQqWC9TAew+r50okvG+fVAxeH2o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 14:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:da:20:d8:d7:af:18:8d:d6:bd:61:02:ce:73:0d:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=897f35ac4828aea95fa5d2d804d33a7b0cff458a
        Validity
            Not Before: Mar  2 14:00:56 2026 GMT
            Not After : Mar  3 14:00:56 2026 GMT
        Subject: CN=45940f946b82fe2cf323db26eadfc2fc45c9a07b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e4:1c:83:25:39:cc:61:ee:f3:cd:7c:1a:00:
                    3f:ca:1e:81:ae:53:d2:66:4f:c0:32:c5:2e:33:57:
                    f8:2d:d7:bd:91:8a:98:37:d0:bf:24:89:87:16:d3:
                    64:47:c6:39:bd:30:83:2c:ed:85:09:b0:dc:d8:af:
                    d2:0f:a8:49:1a:22:f8:d7:3f:2b:8b:ca:01:98:f9:
                    b4:52:9a:cd:12:34:e1:7c:92:d8:19:2e:21:90:f0:
                    14:7d:0d:89:5c:f8:4d:5c:47:8b:c9:df:79:ad:f2:
                    aa:6a:37:84:21:17:d3:b6:6e:c1:f7:52:a1:f2:d8:
                    6d:c5:eb:dc:55:d9:16:f3:22:46:39:41:08:14:a8:
                    7e:ec:1b:30:bf:27:8f:7c:fe:3d:48:44:3e:86:e2:
                    c2:6b:5b:90:f5:56:30:09:66:60:5f:27:17:4a:b0:
                    f1:45:65:e3:ce:a8:89:7e:e6:dd:2b:bb:a1:aa:4e:
                    d4:ba:9a:d3:fc:7f:6e:43:da:60:b6:95:79:74:42:
                    3d:e9:9a:9d:c6:a3:a9:a3:ad:81:05:6b:a9:1e:f4:
                    ed:c9:95:88:79:bc:28:62:6c:3c:4d:1a:b3:47:78:
                    d7:07:0f:00:6a:bd:32:41:9a:f2:1d:41:98:a3:21:
                    65:4c:54:f2:7d:c9:13:7c:3f:03:4e:6b:9c:e5:50:
                    5c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:94:0F:94:6B:82:FE:2C:F3:23:DB:26:EA:DF:C2:FC:45:C9:A0:7B
            X509v3 Authority Key Identifier:
                keyid:89:7F:35:AC:48:28:AE:A9:5F:A5:D2:D8:04:D3:3A:7B:0C:FF:45:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iX81rEgorqlfpdLYBNM6ewz_RYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/dba2f7-7c2b-4670-a1df-b0e4103f4962/1/iX81rEgorqlfpdLYBNM6ewz_RYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:3a:1f:88:10:39:b6:fe:19:20:98:d8:0a:a9:18:89:4f:85:
         31:db:d4:ec:52:83:1a:c5:db:e0:14:8e:be:a1:bc:34:97:6a:
         f6:05:b6:a8:fd:19:fc:7e:ac:83:63:a4:12:e3:3f:11:2d:02:
         c1:bd:b4:ad:2c:c6:14:f9:87:d2:96:4b:34:77:00:05:16:d8:
         3c:5d:67:e6:aa:a9:87:78:10:02:f5:9e:0a:b4:2f:a9:af:1b:
         ae:8c:d8:98:79:d6:51:f1:9d:24:80:47:65:5e:79:96:bb:05:
         5b:71:3b:25:c5:5a:be:bf:76:3c:28:8d:0f:d3:a1:9e:f3:c2:
         cf:96:aa:27:d3:01:fe:9b:d8:ae:3d:ca:0c:7e:d6:ae:bf:5a:
         05:c8:7a:41:be:eb:8c:4c:57:ba:0a:0c:c1:b3:6c:5c:8f:2e:
         b2:78:2b:e1:d1:04:e9:ec:ec:cb:92:04:86:c4:20:7e:b8:33:
         fc:cb:3d:a9:ec:d2:2d:b1:33:21:d4:19:15:d1:9d:84:8c:27:
         9d:94:67:8e:a6:a2:3d:7a:ff:d8:34:7b:6d:7f:f3:d9:3a:51:
         c2:6a:f3:86:8c:93:36:90:5a:7e:ab:3a:33:8a:61:a9:3a:ec:
         20:aa:82:68:58:e9:a9:a4:6a:e6:50:2e:ee:b7:c4:fa:03:66:
         0c:d2:4e:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyu2iDY168Yjda9YQLOcw3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5N2YzNWFjNDgyOGFlYTk1ZmE1ZDJkODA0ZDMzYTdiMGNm
ZjQ1OGEwHhcNMjYwMzAyMTQwMDU2WhcNMjYwMzAzMTQwMDU2WjAzMTEwLwYDVQQD
Eyg0NTk0MGY5NDZiODJmZTJjZjMyM2RiMjZlYWRmYzJmYzQ1YzlhMDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuQcgyU5zGHu8818GgA/yh6BrlPS
Zk/AMsUuM1f4Lde9kYqYN9C/JImHFtNkR8Y5vTCDLO2FCbDc2K/SD6hJGiL41z8r
i8oBmPm0UprNEjThfJLYGS4hkPAUfQ2JXPhNXEeLyd95rfKqajeEIRfTtm7B91Kh
8thtxevcVdkW8yJGOUEIFKh+7BswvyePfP49SEQ+huLCa1uQ9VYwCWZgXycXSrDx
RWXjzqiJfubdK7uhqk7UuprT/H9uQ9pgtpV5dEI96ZqdxqOpo62BBWupHvTtyZWI
ebwoYmw8TRqzR3jXBw8Aar0yQZryHUGYoyFlTFTyfckTfD8DTmuc5VBcAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWUD5Rrgv4s8yPbJurfwvxFyaB7MB8GA1UdIwQY
MBaAFIl/NaxIKK6pX6XS2ATTOnsM/0WKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYt
YjBlNDEwM2Y0OTYyLzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9kYmEyZjctN2MyYi00NjcwLWExZGYtYjBlNDEwM2Y0OTYy
LzEvaVg4MXJFZ29ycWxmcGRMWUJOTTZld3pfUllvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACDofiBA5
tv4ZIJjYCqkYiU+FMdvU7FKDGsXb4BSOvqG8NJdq9gW2qP0Z/H6sg2OkEuM/ES0C
wb20rSzGFPmH0pZLNHcABRbYPF1n5qqph3gQAvWeCrQvqa8brozYmHnWUfGdJIBH
ZV55lrsFW3E7JcVavr92PCiND9OhnvPCz5aqJ9MB/pvYrj3KDH7Wrr9aBch6Qb7r
jExXugoMwbNsXI8usngr4dEE6ezsy5IEhsQgfrgz/Ms9qezSLbEzIdQZFdGdhIwn
nZRnjqaiPXr/2DR7bX/z2TpRwmrzhoyTNpBafqs6M4phqTrsIKqCaFjpqaRq5lAu
7rfE+gNmDNJONw==
-----END CERTIFICATE-----