Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
File:                     gU3w5sDcpazuCDqMcwTUXz0z1W0.mft (raw, json)
Hash identifier:          oau4wn1npU6iUuNCjdGquL2ydPu5DIR/ftTi10rC6gM=
Subject key identifier:   A3:43:B5:61:EF:57:10:33:D2:7F:52:D4:3C:8A:6C:2C:BC:C6:11:7E
Authority key identifier: 81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D
Certificate issuer:       /CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
Certificate serial:       019CAB6B074CABDFB4763434C421D4B5DF81
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
Manifest number:          0F26
Signing time:             Sun 01 Mar 2026 22:00:43 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:43 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:43 +0000
Files and hashes:         1: gU3w5sDcpazuCDqMcwTUXz0z1W0.crl (hash: leMeaOq0ytNduiA+773zIcZjyS00bEP4wx6eTB/4akI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:07:4c:ab:df:b4:76:34:34:c4:21:d4:b5:df:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
        Validity
            Not Before: Mar  1 22:00:43 2026 GMT
            Not After : Mar  2 22:00:43 2026 GMT
        Subject: CN=a343b561ef571033d27f52d43c8a6c2cbcc6117e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:2c:c3:fa:63:63:27:1c:1c:38:65:09:c1:ef:
                    1e:39:b8:1a:42:cd:43:21:b4:ee:a8:7a:51:36:9e:
                    56:e1:55:5b:f3:99:af:39:8a:24:0a:00:a1:82:dd:
                    4c:84:d6:45:6e:65:91:a8:ba:93:f2:12:f7:7f:8d:
                    2e:ba:f6:0f:6c:3c:5a:17:72:53:44:54:59:94:10:
                    48:45:2d:08:f5:74:94:52:23:ee:c9:61:12:fb:56:
                    3d:f7:1d:76:8a:5a:ef:a5:dc:ce:99:76:e0:dc:24:
                    b3:bf:cd:a5:b9:4e:5d:02:bb:13:c0:e6:fb:b9:f2:
                    4c:ce:4f:8c:d9:14:d7:b3:55:6b:c0:72:73:40:d5:
                    bb:0d:cb:93:c9:22:1e:1a:32:35:1c:f3:64:23:7b:
                    11:71:87:d9:cb:f6:77:44:6c:b5:82:35:bd:7b:1d:
                    09:77:9c:83:6e:01:42:43:5a:51:47:8f:63:94:b1:
                    7d:9e:45:8a:98:88:b8:21:35:59:1f:2c:79:7a:96:
                    47:05:b7:ba:34:5d:cb:a9:c2:20:1d:1e:f4:ff:35:
                    b2:28:c2:54:a6:98:80:5a:00:63:04:cd:11:f1:32:
                    7b:ab:a9:f4:9c:26:ee:3c:da:ed:01:77:5b:9e:ff:
                    ff:c7:98:ef:37:9f:3a:98:5a:c0:f1:ab:8e:8e:4b:
                    4a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:43:B5:61:EF:57:10:33:D2:7F:52:D4:3C:8A:6C:2C:BC:C6:11:7E
            X509v3 Authority Key Identifier:
                keyid:81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:7a:e2:ed:1c:5c:3a:d4:25:ed:f8:37:92:ef:04:fd:09:43:
         a5:a3:44:68:30:a0:19:c1:6c:0a:d7:ae:52:08:87:08:4a:6c:
         7a:10:d2:9c:71:0d:f8:01:1e:43:f4:43:57:8a:2e:da:d1:b5:
         51:53:57:97:bc:c0:65:5b:56:19:63:f2:b4:05:58:76:04:5b:
         8d:43:da:32:69:6a:3f:8b:48:21:db:d5:42:13:6e:f1:b9:0c:
         37:24:0e:65:26:fc:96:91:b0:cf:33:13:6f:c6:35:a9:ea:05:
         70:a3:6c:3a:d4:79:04:ed:03:3b:83:ca:1d:0c:2c:92:64:d3:
         5f:21:ca:39:eb:6d:56:63:65:69:ee:fd:ce:2f:47:01:48:fc:
         8e:e7:47:39:fc:16:67:b0:ba:12:1a:e8:2e:d1:f6:ac:01:81:
         bb:d4:6b:83:b9:37:29:0f:bf:2b:8b:6b:62:99:1a:cc:35:69:
         2d:b6:7d:bc:16:58:ad:94:40:18:24:c1:e1:05:ef:8c:a6:e3:
         4e:c4:22:93:be:c9:37:d1:c7:03:60:99:bd:21:3f:37:2c:e9:
         7e:1a:be:12:92:1f:e9:57:13:21:09:cd:3d:57:0e:2b:0c:3a:
         3b:c8:e3:79:7f:4e:6a:c1:2d:eb:4c:82:d5:fb:7a:44:fe:51:
         8a:ba:d0:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrawdMq9+0djQ0xCHUtd+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGRmMGU2YzBkY2E1YWNlZTA4M2E4YzczMDRkNDVmM2Qz
M2Q1NmQwHhcNMjYwMzAxMjIwMDQzWhcNMjYwMzAyMjIwMDQzWjAzMTEwLwYDVQQD
EyhhMzQzYjU2MWVmNTcxMDMzZDI3ZjUyZDQzYzhhNmMyY2JjYzYxMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5izD+mNjJxwcOGUJwe8eObgaQs1D
IbTuqHpRNp5W4VVb85mvOYokCgChgt1MhNZFbmWRqLqT8hL3f40uuvYPbDxaF3JT
RFRZlBBIRS0I9XSUUiPuyWES+1Y99x12ilrvpdzOmXbg3CSzv82luU5dArsTwOb7
ufJMzk+M2RTXs1VrwHJzQNW7DcuTySIeGjI1HPNkI3sRcYfZy/Z3RGy1gjW9ex0J
d5yDbgFCQ1pRR49jlLF9nkWKmIi4ITVZHyx5epZHBbe6NF3LqcIgHR70/zWyKMJU
ppiAWgBjBM0R8TJ7q6n0nCbuPNrtAXdbnv//x5jvN586mFrA8auOjktKWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNDtWHvVxAz0n9S1DyKbCy8xhF+MB8GA1UdIwQY
MBaAFIFN8ObA3KWs7gg6jHME1F89M9VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzIt
ZDBkMmYyY2E4Y2JjLzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzItZDBkMmYyY2E4Y2Jj
LzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArXri7Rxc
OtQl7fg3ku8E/QlDpaNEaDCgGcFsCteuUgiHCEpsehDSnHEN+AEeQ/RDV4ou2tG1
UVNXl7zAZVtWGWPytAVYdgRbjUPaMmlqP4tIIdvVQhNu8bkMNyQOZSb8lpGwzzMT
b8Y1qeoFcKNsOtR5BO0DO4PKHQwskmTTXyHKOettVmNlae79zi9HAUj8judHOfwW
Z7C6EhroLtH2rAGBu9Rrg7k3KQ+/K4trYpkazDVpLbZ9vBZYrZRAGCTB4QXvjKbj
TsQik77JN9HHA2CZvSE/Nyzpfhq+EpIf6VcTIQnNPVcOKww6O8jjeX9OasEt60yC
1ft6RP5RirrQqg==
-----END CERTIFICATE-----