Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
File:                     S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft (raw, json)
Hash identifier:          +ZsHho8Zcr9IbUD6Uh59tiuEYmDH6c64/C57W2iEdL0=
Subject key identifier:   81:4F:3F:EF:C9:DD:EC:94:74:F6:73:77:F8:6A:7F:25:A3:48:A6:A9
Authority key identifier: 4B:CC:D0:DB:52:F0:ED:4F:73:A6:81:E3:D3:6A:B6:C2:30:27:7D:3C
Certificate issuer:       /CN=4bccd0db52f0ed4f73a681e3d36ab6c230277d3c
Certificate serial:       019CAEA365E3567EDA725BDA9EE72A9EC3AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
Manifest number:          0A5A
Signing time:             Mon 02 Mar 2026 13:01:09 +0000
Manifest this update:     Mon 02 Mar 2026 13:01:09 +0000
Manifest next update:     Tue 03 Mar 2026 13:01:09 +0000
Files and hashes:         1: S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl (hash: QVAd9Er9puTfb77ngpJipiTWJFd4/7LAAJwbFdJBK98=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:a3:65:e3:56:7e:da:72:5b:da:9e:e7:2a:9e:c3:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4bccd0db52f0ed4f73a681e3d36ab6c230277d3c
        Validity
            Not Before: Mar  2 13:01:09 2026 GMT
            Not After : Mar  3 13:01:09 2026 GMT
        Subject: CN=814f3fefc9ddec9474f67377f86a7f25a348a6a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:03:42:d2:0d:e7:1c:61:d8:64:e6:de:b6:01:
                    8a:0c:ef:cb:6b:29:57:d0:fe:88:96:5a:ca:00:2c:
                    b5:d7:41:18:21:37:c8:fb:60:e5:4c:24:09:48:bc:
                    53:24:7b:bf:26:1d:dc:40:91:34:3c:e0:ec:3e:75:
                    95:af:3a:96:72:73:0c:cd:d0:68:a8:1b:17:fb:51:
                    4a:a3:16:22:9e:11:4b:29:0c:80:0c:3f:91:6d:6f:
                    e4:bf:58:94:4d:6b:84:44:5a:1d:dc:0d:74:1b:88:
                    eb:02:5d:36:bc:1e:98:0a:d1:e0:5d:e7:6c:89:b5:
                    f0:cd:fe:d1:26:c7:29:58:9c:b7:3f:0d:4e:df:02:
                    f2:c9:5e:d3:15:63:31:84:f0:8d:ac:a0:ff:1a:00:
                    4b:eb:cd:70:b2:2d:d2:ff:63:ad:4e:ee:8c:39:f4:
                    28:cd:28:65:2d:46:da:a3:9a:c7:f4:19:e6:73:da:
                    3b:2d:66:0b:d8:ba:25:0b:3a:5d:77:0a:74:bb:cb:
                    a2:26:16:d4:af:96:45:aa:93:d3:ca:3b:18:a7:04:
                    4c:4f:0e:61:42:71:07:6d:78:82:73:3b:56:00:14:
                    56:19:6e:7b:e4:cd:c8:7c:0b:dd:c8:18:56:2b:62:
                    fc:d3:b2:e3:1b:93:2c:9d:6c:4d:71:6b:a2:6b:99:
                    71:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:4F:3F:EF:C9:DD:EC:94:74:F6:73:77:F8:6A:7F:25:A3:48:A6:A9
            X509v3 Authority Key Identifier:
                keyid:4B:CC:D0:DB:52:F0:ED:4F:73:A6:81:E3:D3:6A:B6:C2:30:27:7D:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S8zQ21Lw7U9zpoHj02q2wjAnfTw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/41cc57-06a4-4732-8bfc-f3f15b1265bb/1/S8zQ21Lw7U9zpoHj02q2wjAnfTw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:58:62:13:9e:58:31:09:04:19:73:9f:f4:9e:e6:59:ce:89:
         b9:fe:32:77:20:d6:58:0a:38:f8:3c:cd:66:e0:2b:27:f1:c9:
         f3:7a:dd:d2:c7:f8:76:57:21:a3:e6:8f:be:c3:75:57:49:11:
         31:b6:b1:d5:10:6f:23:1e:de:39:31:83:28:06:d0:cc:42:3f:
         90:4c:2e:43:bc:66:55:55:36:2a:e9:e1:40:2e:a6:dc:46:bc:
         f5:cf:9a:4c:5b:1a:23:db:0d:a1:7a:6b:48:76:47:fa:6f:ca:
         c7:fe:c3:c7:56:b4:14:2a:93:b4:68:08:a8:39:2b:12:13:60:
         a6:84:f6:7a:21:40:5d:26:9a:87:5d:cc:51:b0:ae:2a:a9:cc:
         f0:ae:8f:57:31:b2:df:83:e6:4b:ab:2f:59:c2:d4:cf:19:4b:
         ab:43:e3:c3:79:3c:ee:92:08:ec:12:35:aa:a5:03:c1:37:4d:
         ee:d9:d1:1c:ce:c4:41:a8:a6:3a:e1:48:20:91:01:dd:5f:d6:
         8a:5a:3a:83:8e:c9:c7:59:20:a1:27:82:54:c1:32:d4:73:a7:
         98:b5:45:bd:c6:a6:e1:ce:0c:39:b7:04:ab:42:7d:6a:1d:65:
         1f:0a:bf:be:7d:d4:73:d4:f6:e5:73:ac:68:c4:84:72:bf:23:
         00:50:19:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo2XjVn7aclvanucqnsOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiY2NkMGRiNTJmMGVkNGY3M2E2ODFlM2QzNmFiNmMyMzAy
NzdkM2MwHhcNMjYwMzAyMTMwMTA5WhcNMjYwMzAzMTMwMTA5WjAzMTEwLwYDVQQD
Eyg4MTRmM2ZlZmM5ZGRlYzk0NzRmNjczNzdmODZhN2YyNWEzNDhhNmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQNC0g3nHGHYZObetgGKDO/LaylX
0P6IllrKACy110EYITfI+2DlTCQJSLxTJHu/Jh3cQJE0PODsPnWVrzqWcnMMzdBo
qBsX+1FKoxYinhFLKQyADD+RbW/kv1iUTWuERFod3A10G4jrAl02vB6YCtHgXeds
ibXwzf7RJscpWJy3Pw1O3wLyyV7TFWMxhPCNrKD/GgBL681wsi3S/2OtTu6MOfQo
zShlLUbao5rH9Bnmc9o7LWYL2LolCzpddwp0u8uiJhbUr5ZFqpPTyjsYpwRMTw5h
QnEHbXiCcztWABRWGW575M3IfAvdyBhWK2L807LjG5MsnWxNcWuia5lxYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFPP+/J3eyUdPZzd/hqfyWjSKapMB8GA1UdIwQY
MBaAFEvM0NtS8O1Pc6aB49NqtsIwJ308MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80MWNjNTctMDZhNC00NzMyLThiZmMt
ZjNmMTViMTI2NWJiLzEvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80MWNjNTctMDZhNC00NzMyLThiZmMtZjNmMTViMTI2NWJi
LzEvUzh6UTIxTHc3VTl6cG9IajAycTJ3akFuZlR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQFhiE55Y
MQkEGXOf9J7mWc6Juf4ydyDWWAo4+DzNZuArJ/HJ83rd0sf4dlcho+aPvsN1V0kR
Mbax1RBvIx7eOTGDKAbQzEI/kEwuQ7xmVVU2KunhQC6m3Ea89c+aTFsaI9sNoXpr
SHZH+m/Kx/7Dx1a0FCqTtGgIqDkrEhNgpoT2eiFAXSaah13MUbCuKqnM8K6PVzGy
34PmS6svWcLUzxlLq0Pjw3k87pII7BI1qqUDwTdN7tnRHM7EQaimOuFIIJEB3V/W
ilo6g47Jx1kgoSeCVMEy1HOnmLVFvcam4c4MObcEq0J9ah1lHwq/vn3Uc9T25XOs
aMSEcr8jAFAZmg==
-----END CERTIFICATE-----