Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          OJfeDrPvHSGsWqwDi8iS5712wDQXUEJqI5I8kEeIAf4=
Subject key identifier:   91:BD:98:3D:63:3F:3E:4F:09:15:D4:91:78:02:E5:87:07:41:A1:07
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       019CABD8E3102F91E5DF058DB03D6EEFA59A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          080F
Signing time:             Mon 02 Mar 2026 00:00:43 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:43 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:43 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: vDXJkjTkufAwNacvO7wXQZZ/5PZVdcPZ1BAsuy5unHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d8:e3:10:2f:91:e5:df:05:8d:b0:3d:6e:ef:a5:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: Mar  2 00:00:43 2026 GMT
            Not After : Mar  3 00:00:43 2026 GMT
        Subject: CN=91bd983d633f3e4f0915d4917802e5870741a107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:81:72:7e:56:3b:56:11:40:d1:5d:45:77:b5:
                    5c:64:76:54:2a:3c:db:5e:43:ef:77:de:fc:b7:6a:
                    d0:0e:95:f3:c6:37:4e:65:cd:1b:9c:93:ca:09:a0:
                    67:c2:b2:fb:cd:01:d5:8c:67:4f:d3:73:16:8c:6a:
                    5a:0c:80:2c:6a:da:40:a4:fe:82:9c:10:e7:b5:0d:
                    63:67:e7:e3:41:1f:0c:d0:54:e9:da:93:58:c9:8f:
                    52:36:74:ec:23:d0:db:4c:44:95:ef:58:b9:68:0d:
                    fd:9f:89:e0:60:ff:98:a0:2d:e7:cf:69:ff:20:fd:
                    73:75:97:40:c8:3d:b3:c1:54:92:b6:90:25:f3:02:
                    a0:a9:83:21:be:ff:77:1f:fc:d8:65:87:b1:1f:27:
                    68:2a:90:b6:70:3f:e9:94:02:67:ee:43:54:a3:95:
                    39:a9:1d:39:c4:f2:8d:26:fa:a0:30:12:ca:d7:b1:
                    5a:6b:c8:3e:68:44:75:28:c3:e3:d9:6a:a8:30:71:
                    25:79:aa:35:c6:e8:17:df:43:15:64:a7:68:99:e9:
                    14:c1:2a:be:93:07:e3:be:e9:ca:df:bf:96:b3:a2:
                    e0:06:de:f4:88:ac:00:b7:38:8a:55:52:58:52:b5:
                    ab:34:ce:b7:c0:17:b1:37:bf:2f:26:39:7e:54:12:
                    70:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:BD:98:3D:63:3F:3E:4F:09:15:D4:91:78:02:E5:87:07:41:A1:07
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:31:7c:57:3c:d9:d1:85:69:8b:b8:64:39:53:3d:d1:51:81:
         a5:be:76:14:db:cd:b1:8b:5b:25:93:be:82:e0:76:1c:d8:cc:
         5b:d2:eb:3c:11:36:ca:aa:8a:0f:41:1d:6d:be:35:7a:ae:0d:
         0d:b7:ac:2f:c0:ea:ac:b1:a8:76:4e:8c:21:9f:dd:71:68:9f:
         75:34:f7:5a:a1:e9:d5:2e:c5:2c:b3:1a:af:c2:ec:c7:ef:49:
         e2:32:e5:21:ca:8d:08:fe:2d:90:b9:e9:55:73:14:de:02:c2:
         5b:9c:dc:fc:f6:89:29:b3:4b:9d:e6:50:23:ef:46:09:11:22:
         05:72:6e:3e:5b:97:ea:bf:f2:38:49:26:25:a9:71:46:61:38:
         9f:cc:15:bf:95:95:f3:4a:2a:0f:95:e0:84:82:ae:59:71:93:
         cb:c6:a4:67:6e:cb:d3:f4:92:29:82:03:5f:7c:7c:ab:52:f7:
         38:23:f2:f2:6e:12:fb:29:f0:11:c4:3f:28:d9:32:62:a5:8c:
         ae:6c:dd:25:30:91:91:ff:f3:f1:3e:c8:9e:b5:33:1c:ec:0e:
         90:1f:86:7b:ba:a7:41:45:c3:a7:b6:27:3d:99:95:fd:85:d5:
         42:ec:cf:77:c6:6f:03:a7:1b:87:c8:1b:5f:94:be:6a:2d:99:
         2a:9f:b9:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2OMQL5Hl3wWNsD1u76WaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjYwMzAyMDAwMDQzWhcNMjYwMzAzMDAwMDQzWjAzMTEwLwYDVQQD
Eyg5MWJkOTgzZDYzM2YzZTRmMDkxNWQ0OTE3ODAyZTU4NzA3NDFhMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoFyflY7VhFA0V1Fd7VcZHZUKjzb
XkPvd978t2rQDpXzxjdOZc0bnJPKCaBnwrL7zQHVjGdP03MWjGpaDIAsatpApP6C
nBDntQ1jZ+fjQR8M0FTp2pNYyY9SNnTsI9DbTESV71i5aA39n4ngYP+YoC3nz2n/
IP1zdZdAyD2zwVSStpAl8wKgqYMhvv93H/zYZYexHydoKpC2cD/plAJn7kNUo5U5
qR05xPKNJvqgMBLK17Faa8g+aER1KMPj2WqoMHEleao1xugX30MVZKdomekUwSq+
kwfjvunK37+Ws6LgBt70iKwAtziKVVJYUrWrNM63wBexN78vJjl+VBJwowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJG9mD1jPz5PCRXUkXgC5YcHQaEHMB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYjF8VzzZ
0YVpi7hkOVM90VGBpb52FNvNsYtbJZO+guB2HNjMW9LrPBE2yqqKD0Edbb41eq4N
DbesL8DqrLGodk6MIZ/dcWifdTT3WqHp1S7FLLMar8Lsx+9J4jLlIcqNCP4tkLnp
VXMU3gLCW5zc/PaJKbNLneZQI+9GCREiBXJuPluX6r/yOEkmJalxRmE4n8wVv5WV
80oqD5XghIKuWXGTy8akZ27L0/SSKYIDX3x8q1L3OCPy8m4S+ynwEcQ/KNkyYqWM
rmzdJTCRkf/z8T7InrUzHOwOkB+Ge7qnQUXDp7YnPZmV/YXVQuzPd8ZvA6cbh8gb
X5S+ai2ZKp+5fw==
-----END CERTIFICATE-----