Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
File:                     CvFmObpIfvljxWzLMm8lCNGoPv0.mft (raw, json)
Hash identifier:          3+KBidqw1Ayv4NGPypCfiiT5C8OrjxDIvx7jMzmrZTg=
Subject key identifier:   88:61:E0:F0:28:82:F3:D6:CC:4F:B8:81:47:B7:70:73:D5:5A:73:38
Authority key identifier: 0A:F1:66:39:BA:48:7E:F9:63:C5:6C:CB:32:6F:25:08:D1:A8:3E:FD
Certificate issuer:       /CN=0af16639ba487ef963c56ccb326f2508d1a83efd
Certificate serial:       019CAF48A71474D94733ED8381531F990853
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
Manifest number:          0B37
Signing time:             Mon 02 Mar 2026 16:01:39 +0000
Manifest this update:     Mon 02 Mar 2026 16:01:39 +0000
Manifest next update:     Tue 03 Mar 2026 16:01:39 +0000
Files and hashes:         1: CvFmObpIfvljxWzLMm8lCNGoPv0.crl (hash: hVNZFJR62ZXIRYE76nrAhoAmvCeJEP/Up5dkU9mCuRg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 16:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:48:a7:14:74:d9:47:33:ed:83:81:53:1f:99:08:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0af16639ba487ef963c56ccb326f2508d1a83efd
        Validity
            Not Before: Mar  2 16:01:39 2026 GMT
            Not After : Mar  3 16:01:39 2026 GMT
        Subject: CN=8861e0f02882f3d6cc4fb88147b77073d55a7338
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:2e:c3:ea:40:49:56:7b:a7:b1:f3:cf:d7:78:
                    cf:64:13:ca:8f:da:73:e5:89:19:d0:dc:e6:8a:f6:
                    54:79:5a:3c:3a:84:4c:95:ae:25:73:6a:8c:62:fc:
                    ae:b6:cf:f6:40:5b:8b:ac:4b:a5:8b:2f:d4:60:11:
                    12:0b:7a:8e:95:97:22:bf:0f:95:df:f1:c7:0e:ed:
                    4f:9c:58:cc:b5:46:f6:16:1b:44:01:00:d8:84:ce:
                    0c:e6:68:c9:ee:3d:12:77:f2:c3:3f:a5:dd:47:0f:
                    80:8b:04:f3:04:b7:d7:89:a1:e4:e9:32:85:77:5b:
                    d9:6e:18:35:40:2f:dc:55:f8:7f:b9:c7:25:7f:67:
                    19:77:d7:da:66:c0:e7:61:12:d2:06:37:9c:0c:f0:
                    56:f8:83:d5:0a:59:3e:74:a3:e8:2c:f0:3e:22:4a:
                    37:cd:d4:20:62:8b:0f:80:54:94:09:44:53:00:9c:
                    d9:16:26:12:68:5b:ff:3f:4b:a3:51:5e:2d:f5:82:
                    8e:f6:33:48:87:f7:b4:96:5b:ee:03:d9:37:94:6c:
                    f9:66:8b:2b:2a:a3:2c:8a:13:6b:2c:93:fe:0d:89:
                    de:ee:22:ea:e5:4e:85:34:f8:4c:38:84:24:eb:bc:
                    ab:d6:31:cc:d9:8f:71:8c:79:b4:e6:78:99:90:90:
                    48:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:61:E0:F0:28:82:F3:D6:CC:4F:B8:81:47:B7:70:73:D5:5A:73:38
            X509v3 Authority Key Identifier:
                keyid:0A:F1:66:39:BA:48:7E:F9:63:C5:6C:CB:32:6F:25:08:D1:A8:3E:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvFmObpIfvljxWzLMm8lCNGoPv0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/fc7e2d-7b76-468f-8529-3c637651507d/1/CvFmObpIfvljxWzLMm8lCNGoPv0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:a5:16:8d:c7:14:2f:3d:cb:86:16:24:9c:06:ad:4f:14:3f:
         03:4d:e6:57:af:18:98:8b:2c:dc:39:bb:ac:5a:4d:7f:0f:99:
         94:4e:cf:c7:f4:a9:4c:4b:ca:19:bb:08:6a:09:8f:15:2a:65:
         6a:6e:36:d4:f5:5f:2d:3c:e0:c0:27:b8:9d:9a:e1:6b:20:d9:
         9c:c3:de:4a:61:ad:a9:49:2a:df:ac:68:8f:c7:b6:7c:1e:d1:
         72:d6:c3:b4:6e:1b:ca:d6:83:aa:cb:2d:9d:2e:c5:c3:5c:cb:
         52:6e:d6:24:ef:5e:c9:45:57:0f:2f:84:8d:ad:37:ca:b9:a9:
         67:4e:55:3d:57:68:3b:be:e1:ac:ee:13:49:d6:28:60:38:6d:
         df:68:ae:fc:6b:02:e8:81:69:fe:1b:ce:99:27:41:94:5f:11:
         5f:66:4f:84:28:e2:08:37:f6:d1:09:8f:06:57:62:e0:f1:5e:
         45:c7:56:05:b8:3b:06:09:90:dd:da:2a:cd:ca:23:cb:41:5d:
         63:a0:b8:8d:bc:5d:c0:08:83:c3:4e:49:ab:a6:67:83:50:3b:
         db:c6:30:bd:88:43:bb:ba:81:43:9e:27:1f:1f:d8:2c:a1:26:
         ab:75:dd:be:6e:0c:44:dc:44:c9:b9:9c:38:ea:f3:9d:fd:42:
         9b:51:7e:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvSKcUdNlHM+2DgVMfmQhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZjE2NjM5YmE0ODdlZjk2M2M1NmNjYjMyNmYyNTA4ZDFh
ODNlZmQwHhcNMjYwMzAyMTYwMTM5WhcNMjYwMzAzMTYwMTM5WjAzMTEwLwYDVQQD
Eyg4ODYxZTBmMDI4ODJmM2Q2Y2M0ZmI4ODE0N2I3NzA3M2Q1NWE3MzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmS7D6kBJVnunsfPP13jPZBPKj9pz
5YkZ0NzmivZUeVo8OoRMla4lc2qMYvyuts/2QFuLrEuliy/UYBESC3qOlZcivw+V
3/HHDu1PnFjMtUb2FhtEAQDYhM4M5mjJ7j0Sd/LDP6XdRw+AiwTzBLfXiaHk6TKF
d1vZbhg1QC/cVfh/ucclf2cZd9faZsDnYRLSBjecDPBW+IPVClk+dKPoLPA+Iko3
zdQgYosPgFSUCURTAJzZFiYSaFv/P0ujUV4t9YKO9jNIh/e0llvuA9k3lGz5Zosr
KqMsihNrLJP+DYne7iLq5U6FNPhMOIQk67yr1jHM2Y9xjHm05niZkJBIswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhh4PAogvPWzE+4gUe3cHPVWnM4MB8GA1UdIwQY
MBaAFArxZjm6SH75Y8VsyzJvJQjRqD79MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mYzdlMmQtN2I3Ni00NjhmLTg1Mjkt
M2M2Mzc2NTE1MDdkLzEvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9mYzdlMmQtN2I3Ni00NjhmLTg1MjktM2M2Mzc2NTE1MDdk
LzEvQ3ZGbU9icElmdmxqeFd6TE1tOGxDTkdvUHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjqUWjccU
Lz3LhhYknAatTxQ/A03mV68YmIss3Dm7rFpNfw+ZlE7Px/SpTEvKGbsIagmPFSpl
am421PVfLTzgwCe4nZrhayDZnMPeSmGtqUkq36xoj8e2fB7RctbDtG4bytaDqsst
nS7Fw1zLUm7WJO9eyUVXDy+Eja03yrmpZ05VPVdoO77hrO4TSdYoYDht32iu/GsC
6IFp/hvOmSdBlF8RX2ZPhCjiCDf20QmPBldi4PFeRcdWBbg7BgmQ3doqzcojy0Fd
Y6C4jbxdwAiDw05Jq6Zng1A728YwvYhDu7qBQ54nHx/YLKEmq3Xdvm4MRNxEybmc
OOrznf1Cm1F+Ww==
-----END CERTIFICATE-----