Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
File:                     tWpL1vXr8vf_2ajRzZparN5iKFw.mft (raw, json)
Hash identifier:          PQnt213vDpXf1L1dXJNueDNyoD0DYhhRJa49dpPx+Jo=
Subject key identifier:   F3:A7:C7:A4:E3:1E:D1:07:FF:31:58:A5:D4:B1:C0:C9:F4:1E:34:7F
Authority key identifier: B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C
Certificate issuer:       /CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
Certificate serial:       019CAC1057B419C0A3CD1EB5FF11FDFEEA0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
Manifest number:          0A00
Signing time:             Mon 02 Mar 2026 01:01:18 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:18 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:18 +0000
Files and hashes:         1: tWpL1vXr8vf_2ajRzZparN5iKFw.crl (hash: zEW+KsyoBvdLAVL99xxcoi3885kVn5YaXSj6cClXmo8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:57:b4:19:c0:a3:cd:1e:b5:ff:11:fd:fe:ea:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
        Validity
            Not Before: Mar  2 01:01:18 2026 GMT
            Not After : Mar  3 01:01:18 2026 GMT
        Subject: CN=f3a7c7a4e31ed107ff3158a5d4b1c0c9f41e347f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:7c:2b:d8:3c:93:dc:5a:f1:71:10:35:bd:f4:
                    ff:5e:07:4a:ec:40:29:52:94:fb:97:66:5a:57:c1:
                    cb:2e:98:6f:ee:90:23:36:af:f4:21:1c:91:28:f3:
                    ea:2a:b5:e8:f1:a4:68:9e:4e:c2:8d:da:24:86:1a:
                    ef:c4:16:2a:70:b1:ba:37:3b:67:a4:87:a3:de:c5:
                    ad:23:d3:fe:ef:60:f1:d2:af:e9:48:3c:4e:99:5e:
                    65:85:77:71:f9:b0:e1:39:59:5a:c4:e5:8e:d3:58:
                    d6:73:b9:19:9c:6d:b3:62:bf:5f:3d:36:95:a7:3b:
                    84:de:53:5c:e5:91:c3:49:c6:8c:99:da:30:31:dc:
                    15:4e:42:61:ce:c8:20:b9:94:c5:5b:29:f0:d9:3a:
                    48:0c:ed:74:76:31:53:36:c8:d0:a6:69:52:8f:85:
                    f3:74:7c:ed:c0:a4:2e:45:2f:64:a8:d7:2b:2a:af:
                    77:c9:17:1c:ae:2e:d3:31:da:47:51:10:69:e0:2c:
                    4a:b3:43:63:17:60:61:9a:aa:eb:96:76:db:2e:82:
                    80:bb:55:dd:10:12:9e:79:cc:5e:da:0c:e8:ed:66:
                    33:ab:63:23:e9:2b:1c:78:69:39:18:69:b8:31:57:
                    79:87:aa:e6:06:74:80:1c:f1:23:f3:15:67:ea:0c:
                    5d:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:A7:C7:A4:E3:1E:D1:07:FF:31:58:A5:D4:B1:C0:C9:F4:1E:34:7F
            X509v3 Authority Key Identifier:
                keyid:B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:06:f7:35:64:cb:84:c4:46:36:4b:ac:2e:11:28:1b:74:23:
         2b:c0:a9:a1:6d:ce:3d:c0:be:7c:01:95:37:4e:1a:68:e7:c8:
         3e:e9:71:6d:3b:40:32:1c:af:25:55:07:7e:17:b9:3f:8f:22:
         7a:25:00:4f:b9:fe:6d:9d:3d:e0:e6:2a:18:ef:b1:b5:f7:c8:
         b6:79:1b:34:e7:84:d8:af:87:18:07:6f:de:9a:34:cc:fb:00:
         12:37:59:98:7e:fd:d9:fa:24:35:e7:06:e9:4e:f6:34:a1:0c:
         ae:d0:62:a0:1e:86:a1:ae:b8:9c:df:69:97:09:02:ec:10:3e:
         75:d0:91:01:ae:4a:00:94:72:40:ff:53:c0:88:c3:60:51:63:
         0b:45:94:ed:6a:ce:31:fd:9d:b4:cb:0a:3c:00:ea:a9:7e:2e:
         5f:33:a7:98:61:5f:04:d1:c0:13:27:f1:2a:89:91:4f:79:42:
         3b:a7:c4:96:05:ce:2b:79:35:08:90:55:7a:c8:f8:2b:2f:07:
         cd:25:70:03:10:f1:03:0a:97:a7:fa:26:73:97:da:4b:6c:c2:
         6a:b5:47:5d:e6:28:0f:74:19:c3:1b:08:d7:c2:5f:f0:73:22:
         ce:81:60:13:00:4f:84:b0:e5:ce:81:fd:54:5f:8f:7e:71:a3:
         f9:7d:e5:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEFe0GcCjzR61/xH9/uoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE0YmQ2ZjVlYmYyZjdmZmQ5YThkMWNkOWE1YWFjZGU2
MjI4NWMwHhcNMjYwMzAyMDEwMTE4WhcNMjYwMzAzMDEwMTE4WjAzMTEwLwYDVQQD
EyhmM2E3YzdhNGUzMWVkMTA3ZmYzMTU4YTVkNGIxYzBjOWY0MWUzNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7nwr2DyT3FrxcRA1vfT/XgdK7EAp
UpT7l2ZaV8HLLphv7pAjNq/0IRyRKPPqKrXo8aRonk7CjdokhhrvxBYqcLG6Nztn
pIej3sWtI9P+72Dx0q/pSDxOmV5lhXdx+bDhOVlaxOWO01jWc7kZnG2zYr9fPTaV
pzuE3lNc5ZHDScaMmdowMdwVTkJhzsgguZTFWynw2TpIDO10djFTNsjQpmlSj4Xz
dHztwKQuRS9kqNcrKq93yRccri7TMdpHURBp4CxKs0NjF2BhmqrrlnbbLoKAu1Xd
EBKeecxe2gzo7WYzq2Mj6SsceGk5GGm4MVd5h6rmBnSAHPEj8xVn6gxdwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPOnx6TjHtEH/zFYpdSxwMn0HjR/MB8GA1UdIwQY
MBaAFLVqS9b16/L3/9mo0c2aWqzeYihcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMt
MDgyZTExMzYzZjBhLzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMtMDgyZTExMzYzZjBh
LzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQb3NWTL
hMRGNkusLhEoG3QjK8CpoW3OPcC+fAGVN04aaOfIPulxbTtAMhyvJVUHfhe5P48i
eiUAT7n+bZ094OYqGO+xtffItnkbNOeE2K+HGAdv3po0zPsAEjdZmH792fokNecG
6U72NKEMrtBioB6Goa64nN9plwkC7BA+ddCRAa5KAJRyQP9TwIjDYFFjC0WU7WrO
Mf2dtMsKPADqqX4uXzOnmGFfBNHAEyfxKomRT3lCO6fElgXOK3k1CJBVesj4Ky8H
zSVwAxDxAwqXp/omc5faS2zCarVHXeYoD3QZwxsI18Jf8HMizoFgEwBPhLDlzoH9
VF+PfnGj+X3lLg==
-----END CERTIFICATE-----