Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft
File:                     8j79S9kntM6jMSCiG09zFNy-oXk.mft (raw, json)
Hash identifier:          ElRP2XGkrtrvRHdLq2dIxWK0cHLMR29oTgnd+B28Fpc=
Subject key identifier:   4F:0F:62:DC:26:C1:46:68:B8:C1:69:8F:13:C9:1A:E3:41:98:0D:CC
Authority key identifier: F2:3E:FD:4B:D9:27:B4:CE:A3:31:20:A2:1B:4F:73:14:DC:BE:A1:79
Certificate issuer:       /CN=f23efd4bd927b4cea33120a21b4f7314dcbea179
Certificate serial:       019CAA59356901A305210811260B791CD45C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft
Manifest number:          0FEA
Signing time:             Sun 01 Mar 2026 17:01:38 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:38 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:38 +0000
Files and hashes:         1: 8j79S9kntM6jMSCiG09zFNy-oXk.crl (hash: HC69SwC268uRqg+veT2IKtNK5DJQlIl9UdHbTEW+1Yw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:59:35:69:01:a3:05:21:08:11:26:0b:79:1c:d4:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f23efd4bd927b4cea33120a21b4f7314dcbea179
        Validity
            Not Before: Mar  1 17:01:38 2026 GMT
            Not After : Mar  2 17:01:38 2026 GMT
        Subject: CN=4f0f62dc26c14668b8c1698f13c91ae341980dcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:cd:db:2c:06:80:8a:b6:7c:e0:88:4a:ad:7f:
                    85:96:db:b2:c1:9f:45:18:c1:a0:a3:a1:92:62:3d:
                    da:0e:02:9b:94:6d:4e:99:0d:c1:be:81:95:9f:41:
                    ca:8a:cd:a7:87:2e:fe:ca:45:c9:fe:f9:27:75:3e:
                    73:d2:c0:47:f1:a4:c8:d3:64:14:80:9b:26:fa:2d:
                    09:eb:b6:2e:79:d3:f2:ad:44:23:8e:03:b5:a6:9a:
                    f7:b9:90:cc:08:d1:26:6c:79:35:36:12:02:fc:54:
                    46:26:44:45:0d:d0:d4:7a:ec:b0:4b:71:5f:fc:6b:
                    ab:43:e8:cf:12:98:2a:1d:6f:64:ab:0c:a3:c8:8a:
                    cb:98:81:d5:79:d8:53:c6:1e:c6:e7:ad:53:e9:5e:
                    72:36:52:5b:48:48:cb:d2:af:cc:af:53:ba:fd:1d:
                    24:1d:8a:e3:88:d7:07:44:58:fd:c9:5d:a0:bb:de:
                    c9:a1:2c:ae:3e:a9:1e:f5:59:12:fa:c2:2d:c9:3c:
                    a7:1b:25:a5:d2:62:27:ad:60:c6:09:4a:4b:21:06:
                    98:5d:49:d3:0a:fd:05:ba:79:a9:ff:83:13:00:e4:
                    d0:b5:94:f5:9b:c6:e1:5f:68:93:fd:bb:f2:66:ab:
                    e1:29:7a:29:37:25:93:23:ba:a9:f5:ae:6e:74:95:
                    d9:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:0F:62:DC:26:C1:46:68:B8:C1:69:8F:13:C9:1A:E3:41:98:0D:CC
            X509v3 Authority Key Identifier:
                keyid:F2:3E:FD:4B:D9:27:B4:CE:A3:31:20:A2:1B:4F:73:14:DC:BE:A1:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8j79S9kntM6jMSCiG09zFNy-oXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/770494-9f13-4a16-b2e2-d2c8a65aacfe/1/8j79S9kntM6jMSCiG09zFNy-oXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:42:00:9a:da:38:61:b1:30:a0:fe:eb:99:0a:ac:ea:a0:60:
         c8:3f:0e:08:f7:75:13:e9:f3:a4:a5:57:d7:8a:88:74:92:62:
         f1:41:2b:55:aa:55:90:5b:b3:bb:58:21:11:56:ff:bb:9f:67:
         c4:1b:0c:82:cf:fe:74:f0:3b:c7:da:b9:ec:cb:eb:79:d6:e6:
         39:0f:ae:da:05:1f:83:b2:90:24:10:08:7a:c6:33:f6:34:bf:
         7a:40:cd:dc:f3:72:c9:de:f9:97:d3:fc:63:8b:8d:2e:3e:71:
         70:5d:9c:70:51:49:4e:95:4a:8f:a7:75:4a:2c:50:71:98:c7:
         50:dc:25:6c:26:3f:e9:90:45:7d:d7:5d:09:d6:ff:9a:c8:3c:
         fa:20:40:3c:f6:cd:9c:12:e6:27:35:28:36:5f:57:b3:96:80:
         b5:7f:88:c9:06:73:fc:98:58:7d:72:b5:4f:15:65:34:38:7f:
         4d:3a:82:86:cd:1d:8d:64:2f:65:e2:b2:2e:45:a9:e5:ae:22:
         0a:ce:19:51:54:2f:93:e1:fc:fb:61:ba:43:55:98:35:54:8c:
         7e:15:9f:77:27:a0:be:ea:1a:d2:9d:78:49:f7:7b:80:59:98:
         56:4f:a7:30:56:03:5f:f8:8a:09:41:c6:49:e7:72:bd:10:41:
         ec:ed:bd:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWTVpAaMFIQgRJgt5HNRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyM2VmZDRiZDkyN2I0Y2VhMzMxMjBhMjFiNGY3MzE0ZGNi
ZWExNzkwHhcNMjYwMzAxMTcwMTM4WhcNMjYwMzAyMTcwMTM4WjAzMTEwLwYDVQQD
Eyg0ZjBmNjJkYzI2YzE0NjY4YjhjMTY5OGYxM2M5MWFlMzQxOTgwZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAus3bLAaAirZ84IhKrX+FltuywZ9F
GMGgo6GSYj3aDgKblG1OmQ3BvoGVn0HKis2nhy7+ykXJ/vkndT5z0sBH8aTI02QU
gJsm+i0J67YuedPyrUQjjgO1ppr3uZDMCNEmbHk1NhIC/FRGJkRFDdDUeuywS3Ff
/GurQ+jPEpgqHW9kqwyjyIrLmIHVedhTxh7G561T6V5yNlJbSEjL0q/Mr1O6/R0k
HYrjiNcHRFj9yV2gu97JoSyuPqke9VkS+sItyTynGyWl0mInrWDGCUpLIQaYXUnT
Cv0Funmp/4MTAOTQtZT1m8bhX2iT/bvyZqvhKXopNyWTI7qp9a5udJXZJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE8PYtwmwUZouMFpjxPJGuNBmA3MMB8GA1UdIwQY
MBaAFPI+/UvZJ7TOozEgohtPcxTcvqF5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC83NzA0OTQtOWYxMy00YTE2LWIyZTIt
ZDJjOGE2NWFhY2ZlLzEvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC83NzA0OTQtOWYxMy00YTE2LWIyZTItZDJjOGE2NWFhY2Zl
LzEvOGo3OVM5a250TTZqTVNDaUcwOXpGTnktb1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiUIAmto4
YbEwoP7rmQqs6qBgyD8OCPd1E+nzpKVX14qIdJJi8UErVapVkFuzu1ghEVb/u59n
xBsMgs/+dPA7x9q57MvredbmOQ+u2gUfg7KQJBAIesYz9jS/ekDN3PNyyd75l9P8
Y4uNLj5xcF2ccFFJTpVKj6d1SixQcZjHUNwlbCY/6ZBFfdddCdb/msg8+iBAPPbN
nBLmJzUoNl9Xs5aAtX+IyQZz/JhYfXK1TxVlNDh/TTqChs0djWQvZeKyLkWp5a4i
Cs4ZUVQvk+H8+2G6Q1WYNVSMfhWfdyegvuoa0p14Sfd7gFmYVk+nMFYDX/iKCUHG
SedyvRBB7O293A==
-----END CERTIFICATE-----