Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
File:                     hD524S0l3izPRxnfAlToU5UO7rk.mft (raw, json)
Hash identifier:          VV0pUQ62FM5MJhBQZQS2CcJ3BjGiQAaRZGo/7hpycC8=
Subject key identifier:   FA:E5:13:38:14:3B:D2:6A:D0:03:FB:CF:B5:8D:E8:17:EF:D3:C1:51
Authority key identifier: 84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9
Certificate issuer:       /CN=843e76e12d25de2ccf4719df0254e853950eeeb9
Certificate serial:       019CAD59A4128A29AB51E2691A2A5931F213
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
Manifest number:          0E9C
Signing time:             Mon 02 Mar 2026 07:00:58 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:58 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:58 +0000
Files and hashes:         1: hD524S0l3izPRxnfAlToU5UO7rk.crl (hash: ucgl7Ly+WzjzP+UTe1nyHCK608EPceNXJT098yYcTm8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:a4:12:8a:29:ab:51:e2:69:1a:2a:59:31:f2:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=843e76e12d25de2ccf4719df0254e853950eeeb9
        Validity
            Not Before: Mar  2 07:00:58 2026 GMT
            Not After : Mar  3 07:00:58 2026 GMT
        Subject: CN=fae51338143bd26ad003fbcfb58de817efd3c151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:ea:99:78:30:86:30:d3:f8:88:aa:1a:2f:81:
                    68:a2:22:ce:1a:77:90:d8:56:b4:d1:a1:59:3b:b1:
                    1c:66:04:7a:b3:60:71:45:c7:74:2d:f6:66:75:23:
                    59:4d:ba:b0:32:b4:02:10:a5:d9:25:2e:a8:01:c2:
                    1c:15:ce:f5:c3:2a:53:8c:5f:82:8b:e8:41:f7:60:
                    c7:d2:a3:3d:7f:30:70:81:49:a3:62:7b:37:3e:49:
                    80:ef:0f:9a:7a:f7:eb:97:b0:a4:70:db:86:07:bd:
                    66:74:e9:08:16:36:e0:56:9e:dd:aa:35:37:ef:e8:
                    07:f2:6c:37:9a:65:17:0c:59:8c:5f:c6:bb:6a:c5:
                    78:82:be:80:52:b4:7a:ad:a4:f9:14:01:c2:35:35:
                    13:4d:cf:8e:29:65:16:6e:76:94:63:92:39:52:b1:
                    57:91:bd:c0:eb:15:1c:a4:e9:0b:9c:17:1d:66:20:
                    47:76:41:46:3b:29:d8:fa:c7:e0:ba:15:7f:fe:a0:
                    73:25:3e:c3:c1:76:76:00:3f:99:d5:42:b0:78:82:
                    57:3c:61:f5:98:29:d6:c1:91:4a:54:8f:bb:af:d1:
                    8d:c0:33:21:b6:f4:2d:ee:20:06:54:03:0f:0e:34:
                    16:e7:cb:d3:fa:cc:e6:46:f1:1b:cd:8a:db:e4:76:
                    ff:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:E5:13:38:14:3B:D2:6A:D0:03:FB:CF:B5:8D:E8:17:EF:D3:C1:51
            X509v3 Authority Key Identifier:
                keyid:84:3E:76:E1:2D:25:DE:2C:CF:47:19:DF:02:54:E8:53:95:0E:EE:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD524S0l3izPRxnfAlToU5UO7rk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/93256b-c913-495a-a7f9-67fc8d2065b1/1/hD524S0l3izPRxnfAlToU5UO7rk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:a9:fc:a6:aa:85:3c:3e:a6:64:b4:4b:ee:75:eb:a5:85:a3:
         73:0d:15:5f:ef:5f:05:f5:a1:2c:6f:3a:27:84:e7:92:6c:b5:
         a7:fe:d2:a6:f7:26:08:83:77:c2:f5:7c:06:a0:4b:bd:c4:51:
         b7:91:65:3b:0c:dd:31:37:86:7e:27:21:c2:a6:c8:20:76:9c:
         5a:42:ae:84:49:78:bf:6a:4c:2e:90:1d:ad:97:24:a2:30:f5:
         b4:34:1a:06:c9:91:96:e8:6e:f7:fc:76:ce:41:4e:23:44:df:
         d8:f0:78:d7:2d:c7:7f:18:10:22:d8:7a:f5:97:78:bc:15:74:
         c6:c9:be:7d:9f:e7:05:34:6f:07:71:c3:98:8f:b2:3a:32:18:
         3f:f7:15:c0:9b:2e:0e:a9:33:71:42:8a:3d:4d:f5:c8:b2:43:
         25:f8:59:41:6e:61:6c:e7:93:5e:5a:f7:f7:c8:36:2a:ec:d5:
         ee:be:d0:b0:7f:67:01:d8:39:36:d0:28:82:d3:f4:e0:7d:61:
         87:af:dc:13:cb:dd:83:45:4c:e9:b0:a0:57:01:56:9d:0d:f3:
         37:40:c7:6c:03:5b:da:b1:fb:2e:ee:02:f9:fc:a3:3f:bb:85:
         df:21:3e:9b:7d:38:b3:c9:1a:3a:86:0e:bf:11:8a:f3:bf:ea:
         55:19:e1:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWaQSiimrUeJpGipZMfITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2U3NmUxMmQyNWRlMmNjZjQ3MTlkZjAyNTRlODUzOTUw
ZWVlYjkwHhcNMjYwMzAyMDcwMDU4WhcNMjYwMzAzMDcwMDU4WjAzMTEwLwYDVQQD
EyhmYWU1MTMzODE0M2JkMjZhZDAwM2ZiY2ZiNThkZTgxN2VmZDNjMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOqZeDCGMNP4iKoaL4FooiLOGneQ
2Fa00aFZO7EcZgR6s2BxRcd0LfZmdSNZTbqwMrQCEKXZJS6oAcIcFc71wypTjF+C
i+hB92DH0qM9fzBwgUmjYns3PkmA7w+aevfrl7CkcNuGB71mdOkIFjbgVp7dqjU3
7+gH8mw3mmUXDFmMX8a7asV4gr6AUrR6raT5FAHCNTUTTc+OKWUWbnaUY5I5UrFX
kb3A6xUcpOkLnBcdZiBHdkFGOynY+sfguhV//qBzJT7DwXZ2AD+Z1UKweIJXPGH1
mCnWwZFKVI+7r9GNwDMhtvQt7iAGVAMPDjQW58vT+szmRvEbzYrb5Hb/cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrlEzgUO9Jq0AP7z7WN6Bfv08FRMB8GA1UdIwQY
MBaAFIQ+duEtJd4sz0cZ3wJU6FOVDu65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3Zjkt
NjdmYzhkMjA2NWIxLzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85MzI1NmItYzkxMy00OTVhLWE3ZjktNjdmYzhkMjA2NWIx
LzEvaEQ1MjRTMGwzaXpQUnhuZkFsVG9VNVVPN3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABKn8pqqF
PD6mZLRL7nXrpYWjcw0VX+9fBfWhLG86J4Tnkmy1p/7SpvcmCIN3wvV8BqBLvcRR
t5FlOwzdMTeGfichwqbIIHacWkKuhEl4v2pMLpAdrZckojD1tDQaBsmRluhu9/x2
zkFOI0Tf2PB41y3HfxgQIth69Zd4vBV0xsm+fZ/nBTRvB3HDmI+yOjIYP/cVwJsu
DqkzcUKKPU31yLJDJfhZQW5hbOeTXlr398g2KuzV7r7QsH9nAdg5NtAogtP04H1h
h6/cE8vdg0VM6bCgVwFWnQ3zN0DHbANb2rH7Lu4C+fyjP7uF3yE+m304s8kaOoYO
vxGK87/qVRnhXw==
-----END CERTIFICATE-----