Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
File:                     MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft (raw, json)
Hash identifier:          aISL8hKz3e2GJA4tY6IYwD2DD9y5ZYL4Fn/cVFOIt3w=
Subject key identifier:   46:14:29:DE:5E:39:7A:C6:59:00:25:17:6E:27:A2:4B:32:C8:C4:D3
Authority key identifier: 32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1
Certificate issuer:       /CN=325052b7a678faa097dcbe6547170c9152b46cf1
Certificate serial:       019CABD915BD5859648F32B3194BA7AF6146
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
Manifest number:          17D5
Signing time:             Mon 02 Mar 2026 00:00:56 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:56 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:56 +0000
Files and hashes:         1: MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl (hash: 7FOI/0hxIWNTpukI5LxlmgWgMcg3psWp92Sb3fiCdms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:15:bd:58:59:64:8f:32:b3:19:4b:a7:af:61:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=325052b7a678faa097dcbe6547170c9152b46cf1
        Validity
            Not Before: Mar  2 00:00:56 2026 GMT
            Not After : Mar  3 00:00:56 2026 GMT
        Subject: CN=461429de5e397ac6590025176e27a24b32c8c4d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:7c:f0:10:63:4a:c3:19:44:8a:a5:20:28:95:
                    bf:f4:ac:b4:65:36:9d:fd:7b:b0:3f:19:15:c2:98:
                    39:e0:0c:fb:5b:94:53:e4:cd:03:b5:19:04:91:76:
                    51:f0:44:7f:30:df:8c:19:21:2a:f9:00:f7:26:97:
                    4e:3f:fc:dd:55:6d:e4:64:40:99:fa:da:b0:42:18:
                    24:87:b1:35:5a:f5:e8:b4:43:70:68:6d:c9:60:dd:
                    82:72:5a:8b:fa:19:ec:62:81:85:10:a0:e5:fc:bd:
                    a9:6a:8c:42:a6:b3:00:ce:12:b2:54:5f:44:d5:06:
                    7f:31:5a:42:3f:0d:2a:07:a2:e4:c6:12:a3:9c:4c:
                    a2:50:a5:a9:fd:fd:de:13:26:85:1e:99:9f:51:33:
                    5c:80:39:f6:4e:ad:7e:aa:bc:7b:31:71:05:26:79:
                    5b:bd:7c:e5:cd:d0:00:4b:c8:3d:b8:8e:2d:fb:b2:
                    1e:18:80:6f:94:87:12:50:5b:60:e4:f0:39:ab:c4:
                    a9:69:eb:73:5a:51:5d:f6:87:49:41:2a:4d:8a:7d:
                    45:62:17:cf:ca:78:c6:99:c6:49:e5:bf:c9:e2:b8:
                    ed:24:7d:22:3b:21:47:15:cf:de:6a:99:64:80:0c:
                    42:b6:1c:c5:c4:b3:dc:fd:2e:54:9a:7b:7f:b7:e6:
                    61:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:14:29:DE:5E:39:7A:C6:59:00:25:17:6E:27:A2:4B:32:C8:C4:D3
            X509v3 Authority Key Identifier:
                keyid:32:50:52:B7:A6:78:FA:A0:97:DC:BE:65:47:17:0C:91:52:B4:6C:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2fd023-e646-406a-84a5-bb6945a16fe7/1/MlBSt6Z4-qCX3L5lRxcMkVK0bPE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:4e:7a:dd:bc:11:00:f5:03:62:c3:0c:3d:56:ac:b5:b5:33:
         e3:77:d7:2e:27:c8:09:a3:bc:62:6a:cd:22:97:42:af:28:6f:
         20:2b:c1:28:67:7e:b2:35:28:7e:15:1d:f7:52:8f:85:ea:be:
         d3:3f:f7:43:cd:39:06:5e:4c:75:1e:9e:75:c5:d9:59:42:c7:
         73:5c:2c:f1:c4:ab:28:ec:81:4e:41:68:42:83:11:74:9b:58:
         06:d0:0a:26:16:ec:10:e1:1b:83:ff:b7:50:79:e7:d3:09:6a:
         2f:8f:30:8b:12:f5:61:c6:e2:32:5e:70:05:76:af:f8:e2:d8:
         7c:d5:b0:f3:3a:13:4a:a4:0c:96:66:aa:16:5e:9e:47:9c:18:
         4e:aa:e2:bd:9f:b2:e1:fc:1e:26:85:fb:e8:ef:30:18:b0:83:
         71:21:fa:93:d7:80:9c:c3:d5:9d:00:5e:7e:f4:a4:92:51:8b:
         de:14:8e:96:8c:50:71:7b:bb:87:c9:57:57:f0:1c:29:0d:11:
         39:90:0b:b6:dc:ff:29:ed:82:9d:53:b9:47:a8:5a:55:89:a3:
         77:de:4d:1b:2e:a9:b5:d7:67:1f:8f:b1:60:23:e3:95:e7:44:
         29:9e:59:16:b2:95:84:5c:aa:cc:88:a5:5f:e7:af:9f:df:8b:
         7e:3b:11:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2RW9WFlkjzKzGUunr2FGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA1MmI3YTY3OGZhYTA5N2RjYmU2NTQ3MTcwYzkxNTJi
NDZjZjEwHhcNMjYwMzAyMDAwMDU2WhcNMjYwMzAzMDAwMDU2WjAzMTEwLwYDVQQD
Eyg0NjE0MjlkZTVlMzk3YWM2NTkwMDI1MTc2ZTI3YTI0YjMyYzhjNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHzwEGNKwxlEiqUgKJW/9Ky0ZTad
/XuwPxkVwpg54Az7W5RT5M0DtRkEkXZR8ER/MN+MGSEq+QD3JpdOP/zdVW3kZECZ
+tqwQhgkh7E1WvXotENwaG3JYN2CclqL+hnsYoGFEKDl/L2paoxCprMAzhKyVF9E
1QZ/MVpCPw0qB6LkxhKjnEyiUKWp/f3eEyaFHpmfUTNcgDn2Tq1+qrx7MXEFJnlb
vXzlzdAAS8g9uI4t+7IeGIBvlIcSUFtg5PA5q8SpaetzWlFd9odJQSpNin1FYhfP
ynjGmcZJ5b/J4rjtJH0iOyFHFc/eaplkgAxCthzFxLPc/S5Umnt/t+ZhpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYUKd5eOXrGWQAlF24noksyyMTTMB8GA1UdIwQY
MBaAFDJQUremePqgl9y+ZUcXDJFStGzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUt
YmI2OTQ1YTE2ZmU3LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZmQwMjMtZTY0Ni00MDZhLTg0YTUtYmI2OTQ1YTE2ZmU3
LzEvTWxCU3Q2WjQtcUNYM0w1bFJ4Y01rVkswYlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdk563bwR
APUDYsMMPVastbUz43fXLifICaO8YmrNIpdCryhvICvBKGd+sjUofhUd91KPheq+
0z/3Q805Bl5MdR6edcXZWULHc1ws8cSrKOyBTkFoQoMRdJtYBtAKJhbsEOEbg/+3
UHnn0wlqL48wixL1YcbiMl5wBXav+OLYfNWw8zoTSqQMlmaqFl6eR5wYTqrivZ+y
4fweJoX76O8wGLCDcSH6k9eAnMPVnQBefvSkklGL3hSOloxQcXu7h8lXV/AcKQ0R
OZALttz/Ke2CnVO5R6haVYmjd95NGy6ptddnH4+xYCPjledEKZ5ZFrKVhFyqzIil
X+evn9+LfjsRcw==
-----END CERTIFICATE-----