Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
File:                     idSzdf1Mr9XfusQG3SWmHSLdNso.mft (raw, json)
Hash identifier:          iIPO0o67nGaQewUf22CBYGPysQFm25e53m3PT+u6/X4=
Subject key identifier:   3D:3E:C7:ED:D0:A1:8E:37:62:76:A4:A5:6F:BA:B6:D4:20:BD:46:30
Authority key identifier: 89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA
Certificate issuer:       /CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
Certificate serial:       019CAB6AF3F583CD576BD7FCD62F1E8893CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
Manifest number:          13C3
Signing time:             Sun 01 Mar 2026 22:00:39 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:39 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:39 +0000
Files and hashes:         1: idSzdf1Mr9XfusQG3SWmHSLdNso.crl (hash: whe61YR8x2kwjM6jnIcv8QtVGJHpsvs/SezZfT69W/M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:f3:f5:83:cd:57:6b:d7:fc:d6:2f:1e:88:93:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
        Validity
            Not Before: Mar  1 22:00:39 2026 GMT
            Not After : Mar  2 22:00:39 2026 GMT
        Subject: CN=3d3ec7edd0a18e376276a4a56fbab6d420bd4630
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ad:00:5e:86:00:a6:d2:13:63:cd:cd:5f:f0:
                    b0:26:94:ff:0f:83:53:5b:a1:e7:b6:74:f1:4c:85:
                    16:d7:43:54:77:12:ea:32:9c:75:fb:eb:d7:60:a4:
                    43:f1:a8:49:b7:f9:91:d1:1e:cf:26:c4:37:b9:ef:
                    76:fb:3a:27:08:b0:74:0b:86:b8:a9:6a:be:4d:91:
                    75:50:80:66:f7:b4:79:c0:74:90:ea:29:08:0c:0e:
                    07:83:e0:66:a5:fc:23:b5:ca:13:c5:67:90:9c:d7:
                    58:51:89:62:f2:a0:0a:f2:dc:2a:0f:de:8b:fa:f3:
                    21:25:01:ad:17:48:f0:8f:d2:d0:d6:ff:d2:b5:89:
                    64:dc:f3:13:c1:f8:e9:21:da:26:20:61:d6:af:a1:
                    35:a1:b8:64:d9:db:75:0a:57:ac:49:93:3e:e9:65:
                    a3:93:4b:0d:0a:fb:84:90:7e:8a:ad:bc:36:8f:70:
                    a1:c9:14:79:98:11:98:32:37:5d:d1:76:91:da:58:
                    62:18:b4:fb:67:e3:e8:7e:41:88:02:a2:93:43:de:
                    b6:f8:5d:af:92:ff:8a:36:a9:7e:63:f4:f9:80:b9:
                    cd:7e:0b:6c:ba:c3:28:6d:62:a3:02:59:a6:c7:44:
                    7b:b9:f1:0d:76:e4:99:e7:e6:ea:bf:11:eb:76:b6:
                    5d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:3E:C7:ED:D0:A1:8E:37:62:76:A4:A5:6F:BA:B6:D4:20:BD:46:30
            X509v3 Authority Key Identifier:
                keyid:89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:bc:ea:98:77:e3:9f:46:a1:7d:f5:7d:42:81:b5:0a:92:af:
         d1:9f:fc:22:68:9c:3d:20:76:69:65:3b:ab:6a:d6:7d:0f:8d:
         7a:da:d6:f8:a5:40:91:80:e6:6a:75:e0:d2:eb:9f:18:79:7f:
         89:c4:bc:90:b9:ec:f7:e3:99:5a:19:df:fd:8c:ee:a5:15:c2:
         d1:95:33:ab:45:ff:19:0c:d1:8f:ef:97:55:5b:35:af:f9:91:
         98:08:77:35:a5:17:01:a3:32:91:ca:1a:ab:a0:ca:a2:80:9a:
         9e:9d:b5:93:fa:3e:35:19:06:8e:32:7d:70:ad:56:13:5d:5b:
         5e:58:a1:ec:89:74:4d:9f:b3:2a:bd:3c:2a:fc:1e:40:8f:52:
         a5:65:f4:c4:c0:54:b6:2b:84:bf:20:f0:73:ec:72:c6:93:11:
         a1:a2:0a:5d:0a:14:6b:62:d5:88:57:6d:6f:61:f1:20:49:d8:
         33:e4:c5:ff:96:39:af:23:9f:74:db:93:d9:d2:5c:dc:bd:6c:
         13:b3:eb:98:1f:52:cb:99:ed:e1:1a:74:d8:00:59:b6:bb:9f:
         55:e0:11:00:9c:fc:c6:42:3c:3f:fe:20:8b:fb:cb:d7:7e:fc:
         9c:3c:2b:1e:84:30:26:da:ff:06:33:fd:15:00:0f:a7:3d:bd:
         f4:d5:48:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyravP1g81Xa9f81i8eiJPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDRiMzc1ZmQ0Y2FmZDVkZmJhYzQwNmRkMjVhNjFkMjJk
ZDM2Y2EwHhcNMjYwMzAxMjIwMDM5WhcNMjYwMzAyMjIwMDM5WjAzMTEwLwYDVQQD
EygzZDNlYzdlZGQwYTE4ZTM3NjI3NmE0YTU2ZmJhYjZkNDIwYmQ0NjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq0AXoYAptITY83NX/CwJpT/D4NT
W6HntnTxTIUW10NUdxLqMpx1++vXYKRD8ahJt/mR0R7PJsQ3ue92+zonCLB0C4a4
qWq+TZF1UIBm97R5wHSQ6ikIDA4Hg+BmpfwjtcoTxWeQnNdYUYli8qAK8twqD96L
+vMhJQGtF0jwj9LQ1v/StYlk3PMTwfjpIdomIGHWr6E1obhk2dt1ClesSZM+6WWj
k0sNCvuEkH6Krbw2j3ChyRR5mBGYMjdd0XaR2lhiGLT7Z+PofkGIAqKTQ962+F2v
kv+KNql+Y/T5gLnNfgtsusMobWKjAlmmx0R7ufENduSZ5+bqvxHrdrZd0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD0+x+3QoY43YnakpW+6ttQgvUYwMB8GA1UdIwQY
MBaAFInUs3X9TK/V37rEBt0lph0i3TbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMt
Mjc0MjUxMjUyMDc3LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMtMjc0MjUxMjUyMDc3
LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQLzqmHfj
n0ahffV9QoG1CpKv0Z/8ImicPSB2aWU7q2rWfQ+NetrW+KVAkYDmanXg0uufGHl/
icS8kLns9+OZWhnf/YzupRXC0ZUzq0X/GQzRj++XVVs1r/mRmAh3NaUXAaMykcoa
q6DKooCanp21k/o+NRkGjjJ9cK1WE11bXlih7Il0TZ+zKr08KvweQI9SpWX0xMBU
tiuEvyDwc+xyxpMRoaIKXQoUa2LViFdtb2HxIEnYM+TF/5Y5ryOfdNuT2dJc3L1s
E7PrmB9Sy5nt4Rp02ABZtrufVeARAJz8xkI8P/4gi/vL1378nDwrHoQwJtr/BjP9
FQAPpz299NVIKw==
-----END CERTIFICATE-----