Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
File:                     PP7M1r9kBrDPRPaCuTzYbjNGUko.mft (raw, json)
Hash identifier:          tzDprfqucv5rGqTtsGcoY+WNtp6kuGVNXV1N6vxJWQQ=
Subject key identifier:   5B:CA:A1:BE:09:DE:5C:29:6B:E0:3E:31:78:3E:AE:24:64:70:14:55
Authority key identifier: 3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A
Certificate issuer:       /CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
Certificate serial:       019CAB6B7286CAEB9E800698165371B535E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
Manifest number:          13BC
Signing time:             Sun 01 Mar 2026 22:01:11 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:11 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:11 +0000
Files and hashes:         1: PP7M1r9kBrDPRPaCuTzYbjNGUko.crl (hash: JcT3cMbt8s19TRVof0V1Stkg2wqsim3j8vvdJzNiAPI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:72:86:ca:eb:9e:80:06:98:16:53:71:b5:35:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cfeccd6bf6406b0cf44f682b93cd86e3346524a
        Validity
            Not Before: Mar  1 22:01:11 2026 GMT
            Not After : Mar  2 22:01:11 2026 GMT
        Subject: CN=5bcaa1be09de5c296be03e31783eae2464701455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:13:fe:87:8f:13:20:ba:98:aa:11:25:8c:29:
                    ea:88:c0:99:d6:d1:75:b9:08:7d:f7:ae:b9:01:13:
                    7f:e6:d8:3f:1d:47:43:af:27:47:56:b0:bd:11:3a:
                    f6:b1:22:59:61:a0:3c:51:39:e9:d6:35:71:f1:cc:
                    b3:a8:67:32:c2:e7:e0:79:51:2f:53:4b:bb:fb:4a:
                    33:b8:3c:a3:7f:7e:74:f5:e3:83:e0:80:4a:34:e2:
                    6d:b4:8f:24:7a:60:63:d8:7e:80:29:2b:f6:9a:76:
                    09:95:a2:88:12:13:97:99:f1:5d:59:76:a3:f9:7c:
                    a5:cf:25:00:3c:d3:bd:48:29:ef:db:39:29:81:db:
                    68:e7:85:0a:b8:0d:e5:80:b8:b8:40:34:f7:6a:3c:
                    97:93:cf:97:e6:5c:49:9c:ad:84:94:a7:e4:2f:55:
                    80:ca:80:54:44:6b:09:b8:8d:4b:27:17:c8:01:d6:
                    8b:2e:2d:4c:43:5f:71:22:e2:8d:3e:f1:6b:61:45:
                    94:c5:09:0d:4d:4c:16:26:38:67:0e:d1:09:32:8b:
                    fc:60:2b:62:08:44:64:f1:2e:46:07:b5:f6:d9:44:
                    52:e9:89:fd:c2:22:c7:49:a6:2e:bb:f2:c5:a3:e8:
                    58:32:5d:b8:5d:8c:9c:cc:33:53:1a:b6:83:2e:95:
                    d9:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:CA:A1:BE:09:DE:5C:29:6B:E0:3E:31:78:3E:AE:24:64:70:14:55
            X509v3 Authority Key Identifier:
                keyid:3C:FE:CC:D6:BF:64:06:B0:CF:44:F6:82:B9:3C:D8:6E:33:46:52:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PP7M1r9kBrDPRPaCuTzYbjNGUko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/5177fd-89ed-4e6f-8c3d-23b8611cce23/1/PP7M1r9kBrDPRPaCuTzYbjNGUko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:3b:1b:71:85:f7:41:80:98:05:a4:de:c4:cd:ad:9f:b3:a9:
         53:03:92:dd:82:e1:d7:4d:55:41:93:75:e7:ed:c5:a4:f7:43:
         80:ea:93:96:3a:b9:32:e2:22:c7:f4:3f:f0:84:a9:38:e2:71:
         a8:65:11:c5:d4:a6:07:99:1c:b2:92:ac:cc:7f:10:73:6b:c0:
         9c:f5:a2:bd:1e:68:9d:18:0e:36:22:f7:09:4e:a9:b2:30:98:
         d0:c2:ba:c0:66:eb:26:8a:e3:0e:ea:1e:b6:3f:10:78:75:61:
         a8:7d:04:05:d9:cc:38:b6:c3:17:c0:8e:93:e1:3c:94:7b:06:
         32:ae:db:25:91:69:0b:a8:dc:74:9b:a8:e2:7f:58:d6:04:b3:
         b7:87:ef:9e:64:25:84:07:0b:be:da:4d:f0:a7:91:b2:28:7e:
         b5:5c:01:54:cc:e9:44:35:b3:87:3b:38:e5:5b:95:ca:b9:6f:
         c1:41:96:86:0d:fe:99:98:cf:22:79:eb:3f:70:b2:1d:70:69:
         ac:94:2e:ff:e8:27:9b:33:c7:c1:1a:ae:41:58:02:c7:c9:f2:
         38:b5:18:5e:d5:f6:14:60:50:ef:c3:74:83:55:b4:eb:b1:d0:
         ca:1b:68:2d:92:36:f2:85:f3:8b:7e:70:81:06:9b:95:d0:5b:
         c4:10:64:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra3KGyuuegAaYFlNxtTXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmVjY2Q2YmY2NDA2YjBjZjQ0ZjY4MmI5M2NkODZlMzM0
NjUyNGEwHhcNMjYwMzAxMjIwMTExWhcNMjYwMzAyMjIwMTExWjAzMTEwLwYDVQQD
Eyg1YmNhYTFiZTA5ZGU1YzI5NmJlMDNlMzE3ODNlYWUyNDY0NzAxNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhP+h48TILqYqhEljCnqiMCZ1tF1
uQh99665ARN/5tg/HUdDrydHVrC9ETr2sSJZYaA8UTnp1jVx8cyzqGcywufgeVEv
U0u7+0ozuDyjf3509eOD4IBKNOJttI8kemBj2H6AKSv2mnYJlaKIEhOXmfFdWXaj
+XylzyUAPNO9SCnv2zkpgdto54UKuA3lgLi4QDT3ajyXk8+X5lxJnK2ElKfkL1WA
yoBURGsJuI1LJxfIAdaLLi1MQ19xIuKNPvFrYUWUxQkNTUwWJjhnDtEJMov8YCti
CERk8S5GB7X22URS6Yn9wiLHSaYuu/LFo+hYMl24XYyczDNTGraDLpXZGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvKob4J3lwpa+A+MXg+riRkcBRVMB8GA1UdIwQY
MBaAFDz+zNa/ZAawz0T2grk82G4zRlJKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2Qt
MjNiODYxMWNjZTIzLzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy81MTc3ZmQtODllZC00ZTZmLThjM2QtMjNiODYxMWNjZTIz
LzEvUFA3TTFyOWtCckRQUlBhQ3VUelliak5HVWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUTsbcYX3
QYCYBaTexM2tn7OpUwOS3YLh101VQZN15+3FpPdDgOqTljq5MuIix/Q/8ISpOOJx
qGURxdSmB5kcspKszH8Qc2vAnPWivR5onRgONiL3CU6psjCY0MK6wGbrJorjDuoe
tj8QeHVhqH0EBdnMOLbDF8COk+E8lHsGMq7bJZFpC6jcdJuo4n9Y1gSzt4fvnmQl
hAcLvtpN8KeRsih+tVwBVMzpRDWzhzs45VuVyrlvwUGWhg3+mZjPInnrP3CyHXBp
rJQu/+gnmzPHwRquQVgCx8nyOLUYXtX2FGBQ78N0g1W067HQyhtoLZI28oXzi35w
gQabldBbxBBkAQ==
-----END CERTIFICATE-----