Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
File:                     6kHoOY_3zvtSIWNusighJuv-O3g.mft (raw, json)
Hash identifier:          Ob7ViXCWO8THCe9/dAOeFBE1K59np/jVeVJ3HvKeFvQ=
Subject key identifier:   11:81:73:23:88:F7:5D:FB:B0:E4:E2:D7:98:26:24:A0:02:C6:84:5D
Authority key identifier: EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78
Certificate issuer:       /CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
Certificate serial:       019CAF480693EDCA168B29DC98C8DE8D131F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
Manifest number:          0497
Signing time:             Mon 02 Mar 2026 16:00:58 +0000
Manifest this update:     Mon 02 Mar 2026 16:00:58 +0000
Manifest next update:     Tue 03 Mar 2026 16:00:58 +0000
Files and hashes:         1: 6kHoOY_3zvtSIWNusighJuv-O3g.crl (hash: YRwrJ5wchoBdejzs3tTM2rF/CF+0jX6zs7RJCLRuXvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:48:06:93:ed:ca:16:8b:29:dc:98:c8:de:8d:13:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea41e8398ff7cefb5221636eb2282126ebfe3b78
        Validity
            Not Before: Mar  2 16:00:58 2026 GMT
            Not After : Mar  3 16:00:58 2026 GMT
        Subject: CN=1181732388f75dfbb0e4e2d7982624a002c6845d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:b1:c2:60:fb:a6:d0:93:90:6a:ce:4b:46:33:
                    b8:08:47:39:a0:79:8e:00:9c:54:64:26:27:66:39:
                    f2:48:69:55:31:17:5a:8b:a2:05:16:49:61:6d:f0:
                    8f:89:3c:78:1c:c9:7a:52:5f:ea:66:00:50:e2:67:
                    2b:55:e3:ab:57:80:d4:b0:61:1c:8c:46:03:a0:4f:
                    e6:b1:df:68:9d:af:f1:7c:b9:d9:be:75:32:65:2d:
                    5c:65:b3:32:2b:2e:14:16:0e:f4:5f:bf:a4:91:42:
                    ee:1c:cc:43:ff:7c:72:3b:d8:44:aa:81:a5:5f:b3:
                    da:40:ab:a9:8b:59:79:cb:8c:4b:f6:55:3a:66:7d:
                    a0:50:84:de:44:c7:8f:16:94:dc:4d:92:bc:34:de:
                    76:77:27:29:bb:c4:e9:aa:48:43:d9:e0:ac:87:f8:
                    04:39:ed:0b:c2:7e:cf:0f:49:f7:3c:ef:cf:c9:34:
                    9b:d3:a2:50:5b:46:b4:e4:a9:ea:84:10:8d:2f:4d:
                    3d:f1:6f:1f:76:62:89:0b:b4:d2:5a:ad:3a:9a:55:
                    6a:83:3b:08:cf:ce:15:ac:b5:46:12:8d:5b:59:94:
                    1f:3e:99:a3:9f:0a:80:e8:4f:3a:50:de:b1:cf:52:
                    79:35:77:f4:71:85:95:d5:41:b7:60:2c:70:73:26:
                    34:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:81:73:23:88:F7:5D:FB:B0:E4:E2:D7:98:26:24:A0:02:C6:84:5D
            X509v3 Authority Key Identifier:
                keyid:EA:41:E8:39:8F:F7:CE:FB:52:21:63:6E:B2:28:21:26:EB:FE:3B:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kHoOY_3zvtSIWNusighJuv-O3g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/53cbe8-f5a7-407d-84ce-628b4394b822/1/6kHoOY_3zvtSIWNusighJuv-O3g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:e4:80:3f:44:d7:2d:71:ea:d1:fa:93:af:bd:8e:d0:23:fa:
         43:6f:fc:c2:fa:ce:b1:26:8e:6f:a4:0e:df:17:9b:67:1d:0a:
         53:ee:77:72:a2:ff:2c:17:71:ce:29:e7:75:a8:65:c7:e5:09:
         de:91:80:ed:ab:f7:ba:84:64:4c:28:45:52:be:73:b5:b8:7a:
         27:9d:c7:39:04:23:07:1c:f6:0a:d5:30:27:f9:66:86:fc:26:
         fd:ff:2c:20:59:60:81:87:36:4d:b5:c9:aa:88:b4:56:b8:fe:
         d4:7b:dd:fa:71:ed:d9:ff:f7:63:77:8d:b4:84:56:e0:ee:2c:
         69:21:1a:95:d8:f2:f3:e0:d2:55:83:fa:20:57:1f:cf:15:4a:
         0e:56:5e:ea:ae:fb:50:5f:0a:9f:de:37:e5:3e:c5:f7:14:eb:
         b2:3b:f7:86:71:81:b5:d5:5b:a0:f7:49:6a:78:63:47:80:ff:
         25:90:f1:6d:19:1f:e9:54:a3:68:77:ff:44:77:cb:e9:be:03:
         1f:66:59:e6:c6:60:0a:21:43:bf:cb:53:56:29:31:4e:b5:b1:
         f9:e9:d9:1b:14:cc:5b:8b:6e:7f:d9:89:0a:c2:7c:5c:16:d2:
         6c:5f:9d:fe:fb:7b:30:93:d9:8b:bb:67:46:6d:4e:6a:6c:86:
         b1:f4:54:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvSAaT7coWiyncmMjejRMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDFlODM5OGZmN2NlZmI1MjIxNjM2ZWIyMjgyMTI2ZWJm
ZTNiNzgwHhcNMjYwMzAyMTYwMDU4WhcNMjYwMzAzMTYwMDU4WjAzMTEwLwYDVQQD
EygxMTgxNzMyMzg4Zjc1ZGZiYjBlNGUyZDc5ODI2MjRhMDAyYzY4NDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LHCYPum0JOQas5LRjO4CEc5oHmO
AJxUZCYnZjnySGlVMRdai6IFFklhbfCPiTx4HMl6Ul/qZgBQ4mcrVeOrV4DUsGEc
jEYDoE/msd9ona/xfLnZvnUyZS1cZbMyKy4UFg70X7+kkULuHMxD/3xyO9hEqoGl
X7PaQKupi1l5y4xL9lU6Zn2gUITeRMePFpTcTZK8NN52dycpu8TpqkhD2eCsh/gE
Oe0Lwn7PD0n3PO/PyTSb06JQW0a05KnqhBCNL0098W8fdmKJC7TSWq06mlVqgzsI
z84VrLVGEo1bWZQfPpmjnwqA6E86UN6xz1J5NXf0cYWV1UG3YCxwcyY01QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGBcyOI9137sOTi15gmJKACxoRdMB8GA1UdIwQY
MBaAFOpB6DmP9877UiFjbrIoISbr/jt4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2Ut
NjI4YjQzOTRiODIyLzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81M2NiZTgtZjVhNy00MDdkLTg0Y2UtNjI4YjQzOTRiODIy
LzEvNmtIb09ZXzN6dnRTSVdOdXNpZ2hKdXYtTzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhOSAP0TX
LXHq0fqTr72O0CP6Q2/8wvrOsSaOb6QO3xebZx0KU+53cqL/LBdxzinndahlx+UJ
3pGA7av3uoRkTChFUr5ztbh6J53HOQQjBxz2CtUwJ/lmhvwm/f8sIFlggYc2TbXJ
qoi0Vrj+1Hvd+nHt2f/3Y3eNtIRW4O4saSEaldjy8+DSVYP6IFcfzxVKDlZe6q77
UF8Kn9435T7F9xTrsjv3hnGBtdVboPdJanhjR4D/JZDxbRkf6VSjaHf/RHfL6b4D
H2ZZ5sZgCiFDv8tTVikxTrWx+enZGxTMW4tuf9mJCsJ8XBbSbF+d/vt7MJPZi7tn
Rm1OamyGsfRUkw==
-----END CERTIFICATE-----