Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.mft
File:                     RAWGxUYUuW7bhHCVJKM0sxyZmf0.mft (raw, json)
Hash identifier:          okmNgpEcMPrQV/7akplm3dfm7Mcf00LHgXEQo5NxgGA=
Subject key identifier:   67:14:E6:BC:7D:FB:58:6A:D5:46:36:04:EE:44:37:BC:83:7A:A0:B9
Authority key identifier: 44:05:86:C5:46:14:B9:6E:DB:84:70:95:24:A3:34:B3:1C:99:99:FD
Certificate issuer:       /CN=440586c54614b96edb84709524a334b31c9999fd
Certificate serial:       019CAB6ACF31EB1A699F79EE2220A8D9C2A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RAWGxUYUuW7bhHCVJKM0sxyZmf0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.mft
Manifest number:          0B4E
Signing time:             Sun 01 Mar 2026 22:00:29 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:29 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:29 +0000
Files and hashes:         1: RAWGxUYUuW7bhHCVJKM0sxyZmf0.crl (hash: LMhHRNvx6cZAskYebX5t/d4sB766VifBLvcBP/KWiiY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RAWGxUYUuW7bhHCVJKM0sxyZmf0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:cf:31:eb:1a:69:9f:79:ee:22:20:a8:d9:c2:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=440586c54614b96edb84709524a334b31c9999fd
        Validity
            Not Before: Mar  1 22:00:29 2026 GMT
            Not After : Mar  2 22:00:29 2026 GMT
        Subject: CN=6714e6bc7dfb586ad5463604ee4437bc837aa0b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c2:47:5d:8d:0a:bc:a2:ce:16:05:ad:e4:10:
                    0d:47:bf:5d:ab:00:64:2c:f6:0c:23:ef:1a:cc:e7:
                    6a:03:76:ca:bd:3d:12:34:84:c4:d5:c6:e2:74:17:
                    d1:9b:62:4f:4f:14:97:00:88:cd:c4:8f:df:e4:b7:
                    a2:08:92:91:2a:fe:9b:7e:fa:08:4c:4a:ea:7b:45:
                    52:3f:3f:a1:43:20:69:f2:a8:6f:ea:ee:aa:d1:b1:
                    64:5f:8e:36:51:54:b1:e5:af:24:46:cd:e7:a9:52:
                    80:61:29:34:7a:2f:f3:0f:fa:0c:12:83:67:a9:51:
                    f2:26:91:e2:f0:f5:19:38:22:d8:dc:3f:16:4c:7e:
                    88:6a:70:ea:32:1f:da:33:c7:1c:47:61:45:66:98:
                    eb:c4:c3:60:92:86:cc:5e:99:13:00:4e:82:f4:e8:
                    84:03:45:4a:ab:ef:e3:6b:a9:d3:95:10:f2:72:a7:
                    c9:a8:71:33:32:15:22:3f:a8:75:1b:42:47:12:a7:
                    07:34:df:fc:03:5a:bf:11:7c:b9:6d:0d:41:fe:78:
                    b1:d7:5d:a1:5c:63:d3:37:91:76:de:7d:3c:e3:20:
                    28:f2:7a:bc:e4:c7:e0:44:99:3e:35:3f:4f:11:f2:
                    3e:78:6f:ca:ba:cc:26:b8:ef:41:0a:66:db:06:87:
                    82:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:14:E6:BC:7D:FB:58:6A:D5:46:36:04:EE:44:37:BC:83:7A:A0:B9
            X509v3 Authority Key Identifier:
                keyid:44:05:86:C5:46:14:B9:6E:DB:84:70:95:24:A3:34:B3:1C:99:99:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RAWGxUYUuW7bhHCVJKM0sxyZmf0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/6bc0c8-1ad7-46ed-8ec2-c74cc54a7e85/1/RAWGxUYUuW7bhHCVJKM0sxyZmf0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:5c:36:e8:52:ed:99:86:a6:a5:5e:46:89:41:ac:c3:83:76:
         96:14:6d:ab:c3:e1:7c:fb:bc:3f:b1:c4:b0:1d:f9:8a:33:cc:
         b3:0b:83:a9:e2:5d:6b:0d:e8:90:09:bf:48:79:86:ea:ff:8a:
         53:94:31:52:2e:1e:11:dc:9b:05:03:56:2a:e5:1f:d5:83:db:
         aa:0f:3a:99:e6:5b:08:f8:ca:74:6d:a6:5b:ae:61:1e:5e:21:
         bf:83:1c:ee:28:5d:61:3c:d4:bb:d5:87:12:91:a1:8e:b4:8d:
         5c:d9:5b:64:18:3f:a9:e6:6e:87:3a:60:5e:94:e8:bc:dd:e6:
         c6:7b:ef:69:c2:39:0b:fd:08:32:20:8b:81:25:c1:bc:c2:05:
         21:78:7a:31:df:26:9f:1f:11:4f:3d:91:bc:4c:d5:d1:5b:50:
         45:31:db:05:b3:0c:fd:f5:63:77:21:fd:d3:20:e1:a3:23:3d:
         d6:b2:3f:8c:cf:fb:60:16:6b:42:c8:b2:1d:de:d0:a5:74:8a:
         54:73:6e:bf:70:84:b8:64:0c:b8:93:02:4e:8f:c3:23:fb:bb:
         fb:9a:57:41:9a:1a:a7:b1:5a:05:b9:7b:92:12:fe:a1:e0:98:
         0f:36:1a:39:04:c6:52:af:1f:c3:f7:23:d2:3f:64:e3:5a:58:
         18:9b:8c:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyras8x6xppn3nuIiCo2cKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MDU4NmM1NDYxNGI5NmVkYjg0NzA5NTI0YTMzNGIzMWM5
OTk5ZmQwHhcNMjYwMzAxMjIwMDI5WhcNMjYwMzAyMjIwMDI5WjAzMTEwLwYDVQQD
Eyg2NzE0ZTZiYzdkZmI1ODZhZDU0NjM2MDRlZTQ0MzdiYzgzN2FhMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MJHXY0KvKLOFgWt5BANR79dqwBk
LPYMI+8azOdqA3bKvT0SNITE1cbidBfRm2JPTxSXAIjNxI/f5LeiCJKRKv6bfvoI
TErqe0VSPz+hQyBp8qhv6u6q0bFkX442UVSx5a8kRs3nqVKAYSk0ei/zD/oMEoNn
qVHyJpHi8PUZOCLY3D8WTH6IanDqMh/aM8ccR2FFZpjrxMNgkobMXpkTAE6C9OiE
A0VKq+/ja6nTlRDycqfJqHEzMhUiP6h1G0JHEqcHNN/8A1q/EXy5bQ1B/nix112h
XGPTN5F23n084yAo8nq85MfgRJk+NT9PEfI+eG/KuswmuO9BCmbbBoeC4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGcU5rx9+1hq1UY2BO5EN7yDeqC5MB8GA1UdIwQY
MBaAFEQFhsVGFLlu24RwlSSjNLMcmZn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkFXR3hVWVV1VzdiaEhDVkpLTTBzeHlabWYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy82YmMwYzgtMWFkNy00NmVkLThlYzIt
Yzc0Y2M1NGE3ZTg1LzEvUkFXR3hVWVV1VzdiaEhDVkpLTTBzeHlabWYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy82YmMwYzgtMWFkNy00NmVkLThlYzItYzc0Y2M1NGE3ZTg1
LzEvUkFXR3hVWVV1VzdiaEhDVkpLTTBzeHlabWYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbFw26FLt
mYampV5GiUGsw4N2lhRtq8PhfPu8P7HEsB35ijPMswuDqeJdaw3okAm/SHmG6v+K
U5QxUi4eEdybBQNWKuUf1YPbqg86meZbCPjKdG2mW65hHl4hv4Mc7ihdYTzUu9WH
EpGhjrSNXNlbZBg/qeZuhzpgXpTovN3mxnvvacI5C/0IMiCLgSXBvMIFIXh6Md8m
nx8RTz2RvEzV0VtQRTHbBbMM/fVjdyH90yDhoyM91rI/jM/7YBZrQsiyHd7QpXSK
VHNuv3CEuGQMuJMCTo/DI/u7+5pXQZoap7FaBbl7khL+oeCYDzYaOQTGUq8fw/cj
0j9k41pYGJuMzQ==
-----END CERTIFICATE-----