Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
File:                     _D39VAG24EhxYrQuBDdnosKTGnc.mft (raw, json)
Hash identifier:          ML4G7++k2OHbGgMAUwTB9NZy7ryJkzrs/MTmlxaozys=
Subject key identifier:   EF:B5:8F:D9:FF:AF:9A:C1:44:48:FA:E1:43:EE:5C:94:33:C3:7C:DF
Authority key identifier: FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
Certificate issuer:       /CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Certificate serial:       019CA97D327EF4A305DAC75C4DC24D75C342
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
Manifest number:          0BC7
Signing time:             Sun 01 Mar 2026 13:01:20 +0000
Manifest this update:     Sun 01 Mar 2026 13:01:20 +0000
Manifest next update:     Mon 02 Mar 2026 13:01:20 +0000
Files and hashes:         1: _D39VAG24EhxYrQuBDdnosKTGnc.crl (hash: BhFU816IX/UHx1018EEBvN/prXBtss8Lti/HPrL0MfE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7d:32:7e:f4:a3:05:da:c7:5c:4d:c2:4d:75:c3:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
        Validity
            Not Before: Mar  1 13:01:20 2026 GMT
            Not After : Mar  2 13:01:20 2026 GMT
        Subject: CN=efb58fd9ffaf9ac14448fae143ee5c9433c37cdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:13:5c:35:1a:9d:51:e9:19:d1:86:9d:e3:04:
                    d9:42:e4:75:eb:a8:c4:4f:62:0a:75:01:57:e3:7e:
                    f4:7b:29:94:e2:6a:d2:b8:f3:48:ce:6f:54:07:8e:
                    20:27:90:1d:c2:82:32:c1:4d:ad:fd:46:b3:69:3c:
                    da:cb:d5:b4:84:33:db:b4:36:8b:a4:c0:76:77:e0:
                    a8:f4:f2:97:2a:03:8b:1b:9a:a3:ed:17:a7:bd:a6:
                    01:06:89:81:f2:f3:bf:80:ef:67:e8:2e:40:f9:ed:
                    70:cc:48:1b:ae:db:07:d4:48:88:ef:f1:90:1d:68:
                    21:f6:b7:4a:7d:70:db:94:ae:dc:40:eb:fc:0c:d0:
                    15:6f:f0:8a:ae:84:f8:8c:b1:1a:54:83:1b:39:7d:
                    a0:f1:fb:c4:98:6c:71:07:a9:ef:5b:f8:00:48:3b:
                    81:cb:bd:6b:9d:da:38:5b:32:6b:b6:40:61:13:f8:
                    f9:d7:88:a4:52:d9:91:f1:69:e1:9c:2f:98:1f:43:
                    33:4f:7a:b1:e1:0c:fd:ba:7e:e6:51:a6:79:71:ff:
                    29:a3:46:19:61:75:f0:0a:10:60:c7:74:dd:6c:08:
                    6d:d5:c9:ed:af:ed:2b:69:e5:bc:4b:7b:13:0f:d0:
                    e3:44:44:b6:64:47:90:97:17:1e:35:44:91:64:e8:
                    71:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:B5:8F:D9:FF:AF:9A:C1:44:48:FA:E1:43:EE:5C:94:33:C3:7C:DF
            X509v3 Authority Key Identifier:
                keyid:FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:29:09:87:5d:76:43:70:cc:06:13:1e:20:ee:72:f6:5d:7f:
         2b:8f:1f:27:9d:18:43:8a:a1:fb:b4:2f:f1:c1:42:a8:d4:be:
         22:18:d2:ee:a8:f7:36:3e:83:8f:1d:4e:08:16:04:06:ae:22:
         3e:8b:02:ec:f3:fd:22:51:7c:d7:cf:d8:de:1d:33:93:83:33:
         07:0d:66:75:f3:f8:03:2a:0e:91:1e:49:0d:8a:27:01:5d:18:
         c6:c9:f3:3f:93:36:a9:b0:ba:33:f2:b7:ab:05:55:9c:e3:6b:
         4e:f6:be:94:4d:47:69:ad:32:f4:9b:e1:16:cf:f9:d2:c0:fa:
         ef:8a:b9:9b:06:58:5b:4d:55:c6:80:a3:8c:a0:d5:f3:6a:ae:
         45:41:55:2a:96:9b:01:ba:e1:01:fb:64:ef:3e:06:16:aa:9b:
         4f:7d:d3:67:46:be:99:2f:6f:bb:b8:9f:ea:1f:a2:3c:e5:de:
         48:df:0b:46:67:7b:d0:b2:8b:f7:bf:39:8e:b3:b0:71:5a:df:
         31:27:c4:6e:3f:21:35:fe:0b:bf:31:85:8f:10:31:2f:e6:1f:
         c4:8d:b2:8c:5b:34:89:04:fd:f6:65:c6:31:0a:3a:84:23:41:
         ec:15:f8:d1:29:50:d5:82:51:c6:32:54:0b:ef:5d:40:19:df:
         94:51:ad:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfTJ+9KMF2sdcTcJNdcNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2RmZDU0MDFiNmUwNDg3MTYyYjQyZTA0Mzc2N2EyYzI5
MzFhNzcwHhcNMjYwMzAxMTMwMTIwWhcNMjYwMzAyMTMwMTIwWjAzMTEwLwYDVQQD
EyhlZmI1OGZkOWZmYWY5YWMxNDQ0OGZhZTE0M2VlNWM5NDMzYzM3Y2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhNcNRqdUekZ0Yad4wTZQuR166jE
T2IKdQFX4370eymU4mrSuPNIzm9UB44gJ5AdwoIywU2t/UazaTzay9W0hDPbtDaL
pMB2d+Co9PKXKgOLG5qj7RenvaYBBomB8vO/gO9n6C5A+e1wzEgbrtsH1EiI7/GQ
HWgh9rdKfXDblK7cQOv8DNAVb/CKroT4jLEaVIMbOX2g8fvEmGxxB6nvW/gASDuB
y71rndo4WzJrtkBhE/j514ikUtmR8WnhnC+YH0MzT3qx4Qz9un7mUaZ5cf8po0YZ
YXXwChBgx3TdbAht1cntr+0raeW8S3sTD9DjRES2ZEeQlxceNUSRZOhx5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+1j9n/r5rBREj64UPuXJQzw3zfMB8GA1UdIwQY
MBaAFPw9/VQBtuBIcWK0LgQ3Z6LCkxp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEt
ZGRhZGUzZDM0MWM3LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEtZGRhZGUzZDM0MWM3
LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApikJh112
Q3DMBhMeIO5y9l1/K48fJ50YQ4qh+7Qv8cFCqNS+IhjS7qj3Nj6Djx1OCBYEBq4i
PosC7PP9IlF818/Y3h0zk4MzBw1mdfP4AyoOkR5JDYonAV0YxsnzP5M2qbC6M/K3
qwVVnONrTva+lE1Haa0y9JvhFs/50sD674q5mwZYW01VxoCjjKDV82quRUFVKpab
AbrhAftk7z4GFqqbT33TZ0a+mS9vu7if6h+iPOXeSN8LRmd70LKL9785jrOwcVrf
MSfEbj8hNf4LvzGFjxAxL+YfxI2yjFs0iQT99mXGMQo6hCNB7BX40SlQ1YJRxjJU
C+9dQBnflFGtJA==
-----END CERTIFICATE-----