Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft
File:                     EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft (raw, json)
Hash identifier:          x6BkRulJngrKcbL+rhBgVTpGHxFaCT0eQokMTv9jnfs=
Subject key identifier:   CD:B9:6E:52:1F:8E:CB:03:FD:4E:C2:DF:FF:4F:FF:80:62:FE:64:47
Authority key identifier: 12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD
Certificate issuer:       /CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd
Certificate serial:       019CABA1B60C5FF84A367BBFC25EFC1119E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft
Manifest number:          0A41
Signing time:             Sun 01 Mar 2026 23:00:27 +0000
Manifest this update:     Sun 01 Mar 2026 23:00:27 +0000
Manifest next update:     Mon 02 Mar 2026 23:00:27 +0000
Files and hashes:         1: EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl (hash: vJNWwuWyWtAUxaM/fb3jI/KRIhdZIknjqG+jhx6lvyg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:a1:b6:0c:5f:f8:4a:36:7b:bf:c2:5e:fc:11:19:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=129462d45b8ab95d4c35c40265b31b52bf1e8dbd
        Validity
            Not Before: Mar  1 23:00:27 2026 GMT
            Not After : Mar  2 23:00:27 2026 GMT
        Subject: CN=cdb96e521f8ecb03fd4ec2dfff4fff8062fe6447
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:28:bc:c5:bd:38:59:ef:0b:5f:80:32:c8:97:
                    26:20:1e:89:c2:29:12:c3:da:6d:0a:f6:60:62:88:
                    cc:85:df:a6:1f:03:cf:48:7a:df:8b:40:0a:74:13:
                    51:fd:ef:f0:0c:a3:f1:fd:8a:17:b9:ca:91:ab:ce:
                    fb:3f:63:ba:93:17:92:7e:b6:64:4d:6a:9d:f4:ec:
                    58:0e:5b:23:04:f9:cf:21:56:da:f9:0e:a0:81:4c:
                    ef:99:bd:0f:82:72:64:ca:f0:6f:58:21:45:16:64:
                    85:a8:26:74:4b:56:9b:26:f1:51:8a:3e:83:b6:75:
                    c2:e2:59:e7:35:dd:4f:1a:83:6c:76:9c:06:21:64:
                    13:2d:0a:3c:76:0d:8c:8f:e8:85:4e:4d:55:f7:04:
                    73:87:0e:77:22:d9:d7:4f:a8:fd:ac:4d:88:4e:d3:
                    4b:8f:69:12:cd:4f:de:a7:e4:ce:39:47:b0:03:a8:
                    0b:cd:00:cf:4b:1b:09:9d:9a:a7:67:ff:ba:c1:88:
                    5c:b7:08:94:73:27:7a:cc:03:ab:e9:28:27:f7:2d:
                    54:20:eb:12:5d:7c:4d:eb:22:1d:19:f8:06:3c:03:
                    b4:bc:18:83:99:91:0f:ca:1b:66:e8:ef:7d:42:3f:
                    92:e3:df:7f:6e:73:98:67:19:75:cf:2e:4d:93:dc:
                    9c:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:B9:6E:52:1F:8E:CB:03:FD:4E:C2:DF:FF:4F:FF:80:62:FE:64:47
            X509v3 Authority Key Identifier:
                keyid:12:94:62:D4:5B:8A:B9:5D:4C:35:C4:02:65:B3:1B:52:BF:1E:8D:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EpRi1FuKuV1MNcQCZbMbUr8ejb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/999509-bdc0-4e07-8774-3a389332f79f/1/EpRi1FuKuV1MNcQCZbMbUr8ejb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:e7:7d:0d:e7:64:46:87:93:c9:5a:c6:20:86:31:28:f8:4e:
         a1:bc:94:19:0e:64:e3:7e:1f:cb:a3:0f:c7:11:16:b1:ac:1c:
         9f:41:fd:ac:d9:81:a9:1b:85:99:2c:44:4d:73:79:1a:ba:c8:
         3b:42:6b:b9:39:e8:66:b0:87:fe:0e:37:77:fd:6e:df:67:b0:
         0b:f1:61:3a:37:31:af:19:df:cc:88:08:06:d7:3a:35:1f:6a:
         70:2c:93:1e:4c:f3:a7:76:3b:1e:0f:a4:02:45:ac:f3:03:18:
         85:d0:ca:76:01:f0:33:f4:f0:9a:86:ed:a9:a5:2b:82:2f:4d:
         af:5c:c7:75:6a:0c:c2:c0:f5:16:1b:ff:00:e8:0f:fa:2b:b1:
         ce:88:80:f1:29:c9:a0:16:f6:94:c5:a4:76:92:6e:5b:03:f1:
         8e:b4:88:16:19:7e:bc:35:5d:03:6a:6d:79:32:b6:9e:4f:e7:
         9c:cf:82:86:5d:cc:54:6a:73:f9:56:54:e8:48:93:82:6c:d2:
         af:49:03:c4:a6:c5:17:0f:87:3a:9a:30:89:fe:d5:2a:1b:31:
         b7:98:0c:57:a8:60:9e:71:b9:b3:07:a6:22:7e:45:67:d4:77:
         1d:fc:de:39:40:4c:25:0a:9a:4d:8a:a3:77:35:f7:b9:17:cd:
         3c:9d:5f:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrobYMX/hKNnu/wl78ERnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyOTQ2MmQ0NWI4YWI5NWQ0YzM1YzQwMjY1YjMxYjUyYmYx
ZThkYmQwHhcNMjYwMzAxMjMwMDI3WhcNMjYwMzAyMjMwMDI3WjAzMTEwLwYDVQQD
EyhjZGI5NmU1MjFmOGVjYjAzZmQ0ZWMyZGZmZjRmZmY4MDYyZmU2NDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8yi8xb04We8LX4AyyJcmIB6JwikS
w9ptCvZgYojMhd+mHwPPSHrfi0AKdBNR/e/wDKPx/YoXucqRq877P2O6kxeSfrZk
TWqd9OxYDlsjBPnPIVba+Q6ggUzvmb0PgnJkyvBvWCFFFmSFqCZ0S1abJvFRij6D
tnXC4lnnNd1PGoNsdpwGIWQTLQo8dg2Mj+iFTk1V9wRzhw53ItnXT6j9rE2ITtNL
j2kSzU/ep+TOOUewA6gLzQDPSxsJnZqnZ/+6wYhctwiUcyd6zAOr6Sgn9y1UIOsS
XXxN6yIdGfgGPAO0vBiDmZEPyhtm6O99Qj+S499/bnOYZxl1zy5Nk9yc+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM25blIfjssD/U7C3/9P/4Bi/mRHMB8GA1UdIwQY
MBaAFBKUYtRbirldTDXEAmWzG1K/Ho29MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQt
M2EzODkzMzJmNzlmLzEvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85OTk1MDktYmRjMC00ZTA3LTg3NzQtM2EzODkzMzJmNzlm
LzEvRXBSaTFGdUt1VjFNTmNRQ1piTWJVcjhlamIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ+d9Dedk
RoeTyVrGIIYxKPhOobyUGQ5k434fy6MPxxEWsawcn0H9rNmBqRuFmSxETXN5GrrI
O0JruTnoZrCH/g43d/1u32ewC/FhOjcxrxnfzIgIBtc6NR9qcCyTHkzzp3Y7Hg+k
AkWs8wMYhdDKdgHwM/TwmobtqaUrgi9Nr1zHdWoMwsD1Fhv/AOgP+iuxzoiA8SnJ
oBb2lMWkdpJuWwPxjrSIFhl+vDVdA2pteTK2nk/nnM+Chl3MVGpz+VZU6EiTgmzS
r0kDxKbFFw+HOpowif7VKhsxt5gMV6hgnnG5swemIn5FZ9R3HfzeOUBMJQqaTYqj
dzX3uRfNPJ1fxA==
-----END CERTIFICATE-----