Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          XN/4fzArJdzKLw3EUAaKj9v2KADwlyQiSlf3WhEl0oo=
Subject key identifier:   62:EE:AA:BE:95:8B:59:A1:02:72:CB:89:A0:96:5A:69:CB:EB:3B:00
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       019CAB6BC5685D846401ADB3A99C95EBE751
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          0B78
Signing time:             Sun 01 Mar 2026 22:01:32 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:32 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:32 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: WYxLI6HHT5I9gLg4HzFsw89wWA5pCYIRUVAPsLWtE6E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:c5:68:5d:84:64:01:ad:b3:a9:9c:95:eb:e7:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Mar  1 22:01:32 2026 GMT
            Not After : Mar  2 22:01:32 2026 GMT
        Subject: CN=62eeaabe958b59a10272cb89a0965a69cbeb3b00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5d:36:d9:68:1c:a5:ed:2b:49:b3:93:6b:a0:
                    c7:14:9f:c0:e0:60:31:d3:de:fb:95:dc:a7:4c:7b:
                    db:65:20:ff:75:a1:65:55:29:90:f4:30:15:47:23:
                    2c:9e:c8:5f:55:72:4a:8a:70:f3:d9:2f:46:c1:3f:
                    9b:f1:93:2d:56:f3:17:07:b9:d1:c2:95:a7:00:08:
                    9f:6a:cd:1f:08:d7:d2:d3:2f:a4:b7:66:cb:1c:80:
                    82:92:a5:33:b5:63:93:1a:f8:79:20:80:d0:1d:3d:
                    d4:35:37:27:b7:04:63:16:4a:4a:76:dd:67:7e:67:
                    c3:f8:82:51:cc:b8:3a:53:bc:d2:56:27:50:7b:a0:
                    1e:50:98:00:7b:a6:81:19:7f:d1:e3:f8:8d:55:9b:
                    a7:4a:b6:e1:1f:42:11:6f:01:52:20:53:24:ab:99:
                    9f:c0:30:7a:35:24:00:a2:2b:1c:16:2e:78:8d:31:
                    1c:e1:6d:fa:e8:5a:47:7c:82:3c:e9:c0:40:a9:e8:
                    88:32:8a:01:25:4e:74:e0:d4:12:0d:dd:8c:d5:ad:
                    c4:e8:35:6a:c1:18:f2:ee:7f:e5:21:e7:5b:e7:db:
                    24:9d:56:c2:2c:c9:cf:d7:bd:a6:bf:79:40:c2:70:
                    c8:5f:32:55:89:0d:26:c7:6d:53:ee:2a:bb:a6:dd:
                    dc:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:EE:AA:BE:95:8B:59:A1:02:72:CB:89:A0:96:5A:69:CB:EB:3B:00
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:59:f1:ef:13:b6:03:a9:c1:4a:2b:88:1f:91:42:f9:aa:90:
         5b:ab:9e:66:6f:da:0e:a8:f7:45:c8:8e:1e:fc:5b:40:04:b9:
         52:3c:1f:6e:c7:ae:58:a3:aa:63:03:a8:c8:16:b3:02:e7:b7:
         57:fe:44:4f:ee:ad:29:9a:6d:52:7b:a7:9a:89:5f:61:c6:50:
         81:5c:ae:fe:14:53:5f:85:a6:fd:8d:7a:cd:50:0c:9a:d3:ce:
         06:08:4e:de:cd:f7:ce:eb:5a:b5:26:19:b5:99:f9:ab:d5:f2:
         e1:d5:42:5b:22:b0:c5:d6:8d:ea:32:cd:b2:c0:ba:e0:0a:d5:
         0e:8d:02:ef:01:d9:25:c9:24:21:a6:d0:ef:f1:9f:68:b3:b3:
         70:a5:24:64:b0:85:47:45:7f:65:4a:f3:6f:49:4e:d7:60:45:
         17:f7:be:11:14:bc:51:3d:ec:3f:24:dc:ae:75:97:7b:8b:d6:
         79:af:0e:34:61:d6:d8:a0:38:8c:50:82:27:eb:5a:dc:93:45:
         88:2a:c3:6e:00:f2:49:7b:ba:91:43:a4:dd:0b:87:c0:90:b9:
         0c:8e:02:8c:6a:9c:78:63:f3:f7:60:93:84:d4:1f:41:34:d2:
         04:5c:3b:8a:5e:c3:0c:ed:d1:27:60:dd:c6:d2:1e:aa:57:68:
         0b:c5:f4:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra8VoXYRkAa2zqZyV6+dRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjYwMzAxMjIwMTMyWhcNMjYwMzAyMjIwMTMyWjAzMTEwLwYDVQQD
Eyg2MmVlYWFiZTk1OGI1OWExMDI3MmNiODlhMDk2NWE2OWNiZWIzYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl022Wgcpe0rSbOTa6DHFJ/A4GAx
0977ldynTHvbZSD/daFlVSmQ9DAVRyMsnshfVXJKinDz2S9GwT+b8ZMtVvMXB7nR
wpWnAAifas0fCNfS0y+kt2bLHICCkqUztWOTGvh5IIDQHT3UNTcntwRjFkpKdt1n
fmfD+IJRzLg6U7zSVidQe6AeUJgAe6aBGX/R4/iNVZunSrbhH0IRbwFSIFMkq5mf
wDB6NSQAoiscFi54jTEc4W366FpHfII86cBAqeiIMooBJU504NQSDd2M1a3E6DVq
wRjy7n/lIedb59sknVbCLMnP172mv3lAwnDIXzJViQ0mx21T7iq7pt3cPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGLuqr6Vi1mhAnLLiaCWWmnL6zsAMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArFnx7xO2
A6nBSiuIH5FC+aqQW6ueZm/aDqj3RciOHvxbQAS5UjwfbseuWKOqYwOoyBazAue3
V/5ET+6tKZptUnunmolfYcZQgVyu/hRTX4Wm/Y16zVAMmtPOBghO3s33zutatSYZ
tZn5q9Xy4dVCWyKwxdaN6jLNssC64ArVDo0C7wHZJckkIabQ7/GfaLOzcKUkZLCF
R0V/ZUrzb0lO12BFF/e+ERS8UT3sPyTcrnWXe4vWea8ONGHW2KA4jFCCJ+ta3JNF
iCrDbgDySXu6kUOk3QuHwJC5DI4CjGqceGPz92CThNQfQTTSBFw7il7DDO3RJ2Dd
xtIeqldoC8X0Dg==
-----END CERTIFICATE-----