Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          LeciT/4OcEKQgOX5GG5KAj2wchoVkrM3wN+DdVmWrss=
Subject key identifier:   7A:14:A3:80:DE:BA:57:3F:88:0A:5A:CE:E0:76:B5:91:D0:E6:4D:AD
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       019CAA21EB5338536B785F3F1ABC1EDCE6DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          0512
Signing time:             Sun 01 Mar 2026 16:01:15 +0000
Manifest this update:     Sun 01 Mar 2026 16:01:15 +0000
Manifest next update:     Mon 02 Mar 2026 16:01:15 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: px2/cMbQ4tjXNYnulrHfWd2GqzFJoDCAMuQsZHSvYew=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:eb:53:38:53:6b:78:5f:3f:1a:bc:1e:dc:e6:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Mar  1 16:01:15 2026 GMT
            Not After : Mar  2 16:01:15 2026 GMT
        Subject: CN=7a14a380deba573f880a5acee076b591d0e64dad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:5f:b4:af:fa:a3:7a:29:38:44:37:68:e4:d2:
                    a8:fe:8b:aa:3d:a0:23:16:52:54:db:b4:28:af:5e:
                    89:bc:c2:b5:58:77:af:2f:3f:6f:58:9e:22:04:04:
                    15:66:d6:c3:e4:03:00:5a:26:44:ef:1f:9b:b2:56:
                    4a:e9:33:3e:29:7d:32:7d:c0:55:d0:64:f8:36:6c:
                    32:83:a4:c1:94:d2:ad:f3:b4:82:10:2d:2e:70:a9:
                    78:b9:27:2f:25:04:22:4b:3d:bc:3d:c8:70:66:b1:
                    b8:8f:66:a2:e2:92:07:93:0f:d6:99:a7:d7:36:aa:
                    ff:dc:07:4c:e6:21:fa:2f:04:f5:f6:c1:d7:c9:aa:
                    df:91:fd:54:b7:76:b3:93:40:69:d9:60:75:0a:92:
                    1c:77:38:43:79:de:c0:5c:d1:45:84:4d:69:98:ff:
                    89:15:50:59:72:e1:5b:02:58:69:83:4b:6c:73:fd:
                    2f:ff:b1:c7:d0:37:8f:eb:73:de:d5:88:f9:3a:94:
                    00:b8:00:5d:c8:fa:97:9e:19:4b:ca:3e:12:4d:cc:
                    98:0d:44:5d:cc:38:3f:07:8c:82:44:b8:9e:85:04:
                    c6:91:b1:1e:34:e3:b2:b9:3b:17:b7:8b:1c:76:cf:
                    09:d6:af:1c:91:6d:70:a1:10:69:f1:25:e5:00:f6:
                    d1:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:14:A3:80:DE:BA:57:3F:88:0A:5A:CE:E0:76:B5:91:D0:E6:4D:AD
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:4c:dc:d9:69:ce:55:42:03:4b:df:64:5f:c2:ec:c9:2b:72:
         67:2f:b8:45:f8:0f:dc:6e:90:b3:95:7c:bc:cb:ab:cb:32:31:
         6d:90:fe:93:9e:dd:f0:7e:c9:83:e1:23:d7:1e:a7:fe:89:26:
         d8:ed:72:07:1d:bc:e1:d4:01:f1:7e:c7:01:4d:49:42:2a:aa:
         43:88:9b:f0:7a:04:9b:4d:f4:af:53:c0:83:54:54:93:48:be:
         bf:00:49:7a:ca:c3:74:9f:64:2d:31:4a:33:07:27:aa:c1:ac:
         1b:cc:18:77:2d:4b:71:72:ab:e8:87:9c:58:26:82:ee:67:74:
         24:86:83:45:00:bf:61:e8:28:c1:6a:d7:6d:ae:cf:63:dd:b1:
         21:a4:34:a8:7e:ea:97:a1:b0:a0:fc:f8:0c:e9:d3:ad:01:26:
         db:65:ea:06:94:3c:c8:6a:65:a3:65:1e:c7:85:62:7b:df:1e:
         c4:2d:80:71:a8:94:a5:b9:a1:fd:8d:d9:b6:21:7a:51:63:85:
         21:68:f6:77:1e:30:80:e5:dd:11:e1:1b:98:51:a0:e7:58:07:
         d8:1e:a7:8c:7d:75:e8:40:b3:06:1f:77:0c:af:66:52:77:f1:
         11:1c:50:b1:c4:59:53:b0:e4:5e:42:0b:80:ca:95:7d:f8:96:
         84:a3:bd:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIetTOFNreF8/Grwe3ObeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjYwMzAxMTYwMTE1WhcNMjYwMzAyMTYwMTE1WjAzMTEwLwYDVQQD
Eyg3YTE0YTM4MGRlYmE1NzNmODgwYTVhY2VlMDc2YjU5MWQwZTY0ZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApF+0r/qjeik4RDdo5NKo/ouqPaAj
FlJU27Qor16JvMK1WHevLz9vWJ4iBAQVZtbD5AMAWiZE7x+bslZK6TM+KX0yfcBV
0GT4Nmwyg6TBlNKt87SCEC0ucKl4uScvJQQiSz28PchwZrG4j2ai4pIHkw/WmafX
Nqr/3AdM5iH6LwT19sHXyarfkf1Ut3azk0Bp2WB1CpIcdzhDed7AXNFFhE1pmP+J
FVBZcuFbAlhpg0tsc/0v/7HH0DeP63Pe1Yj5OpQAuABdyPqXnhlLyj4STcyYDURd
zDg/B4yCRLiehQTGkbEeNOOyuTsXt4scds8J1q8ckW1woRBp8SXlAPbRTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHoUo4Deulc/iApazuB2tZHQ5k2tMB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuEzc2WnO
VUIDS99kX8LsyStyZy+4RfgP3G6Qs5V8vMuryzIxbZD+k57d8H7Jg+Ej1x6n/okm
2O1yBx284dQB8X7HAU1JQiqqQ4ib8HoEm030r1PAg1RUk0i+vwBJesrDdJ9kLTFK
MwcnqsGsG8wYdy1LcXKr6IecWCaC7md0JIaDRQC/YegowWrXba7PY92xIaQ0qH7q
l6GwoPz4DOnTrQEm22XqBpQ8yGplo2Uex4Vie98exC2AcaiUpbmh/Y3ZtiF6UWOF
IWj2dx4wgOXdEeEbmFGg51gH2B6njH116ECzBh93DK9mUnfxERxQscRZU7DkXkIL
gMqVffiWhKO9gw==
-----END CERTIFICATE-----