Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
File:                     3tvumMupuOYloRR7s7VRl9LQoFc.mft (raw, json)
Hash identifier:          OXO012s4zxTIVQDsAhg6hIL4lJKPCp5CPWCdMWh2vuc=
Subject key identifier:   F9:8F:2F:97:79:CB:50:20:7B:A3:26:83:36:6A:04:70:A8:21:B6:A8
Authority key identifier: DE:DB:EE:98:CB:A9:B8:E6:25:A1:14:7B:B3:B5:51:97:D2:D0:A0:57
Certificate issuer:       /CN=dedbee98cba9b8e625a1147bb3b55197d2d0a057
Certificate serial:       019CAB6BEC4135213D61DD84C35177F7E092
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
Manifest number:          08AE
Signing time:             Sun 01 Mar 2026 22:01:42 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:42 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:42 +0000
Files and hashes:         1: 3tvumMupuOYloRR7s7VRl9LQoFc.crl (hash: e8M9OXGi/wBnxJHbUK4w6L+viWU/wgopm4zA1uk19fc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:ec:41:35:21:3d:61:dd:84:c3:51:77:f7:e0:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dedbee98cba9b8e625a1147bb3b55197d2d0a057
        Validity
            Not Before: Mar  1 22:01:42 2026 GMT
            Not After : Mar  2 22:01:42 2026 GMT
        Subject: CN=f98f2f9779cb50207ba32683366a0470a821b6a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:bc:f1:62:29:89:1f:44:96:e0:a4:cd:54:20:
                    2e:3c:17:d2:f8:7c:61:86:bc:3f:cd:4d:a7:a0:cc:
                    fa:15:1e:ac:cb:e9:67:bc:af:61:53:5f:07:3d:67:
                    4a:f3:b8:a3:ea:5a:9a:c5:7e:9d:68:d0:af:86:a9:
                    47:4e:ad:fa:9e:f1:55:9a:06:3e:ac:b9:ea:06:e0:
                    fc:36:ef:2e:00:2f:94:3f:8a:fb:b2:5a:5a:09:61:
                    5d:1d:01:1b:f0:ba:f8:e6:a0:e9:22:4d:34:4d:f6:
                    55:fa:54:0f:21:62:36:d1:f1:ef:42:20:48:b4:bf:
                    fd:e1:d9:b4:c8:ba:a8:43:f4:75:36:ba:f7:06:1f:
                    be:b9:59:75:a8:cc:41:25:24:13:40:f0:f7:55:41:
                    e4:b3:4f:00:c0:49:ea:87:9c:74:cc:bd:84:8d:d6:
                    7a:72:be:9c:2b:44:ac:45:15:91:60:35:52:e9:f7:
                    eb:d0:05:00:4c:7c:d9:12:08:db:50:a5:a0:f7:0c:
                    18:91:17:ee:40:83:d1:6a:90:37:f5:ac:73:83:68:
                    77:56:44:f3:bd:75:ae:d9:78:3a:77:d3:df:bd:03:
                    40:0b:3b:c9:f1:6e:d4:97:af:f2:30:1c:f9:ec:6f:
                    17:bd:a6:45:d5:de:1f:6a:23:20:5b:fb:e6:0d:b8:
                    8c:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:8F:2F:97:79:CB:50:20:7B:A3:26:83:36:6A:04:70:A8:21:B6:A8
            X509v3 Authority Key Identifier:
                keyid:DE:DB:EE:98:CB:A9:B8:E6:25:A1:14:7B:B3:B5:51:97:D2:D0:A0:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tvumMupuOYloRR7s7VRl9LQoFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0ef678-7870-4e08-ab25-18f0b80f250d/1/3tvumMupuOYloRR7s7VRl9LQoFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:aa:e4:60:64:98:06:30:bf:99:58:ff:fe:22:55:31:8b:29:
         f8:74:90:bd:14:9b:54:13:2a:d8:24:5e:98:fb:cb:52:9e:bb:
         f2:d9:6d:a2:ce:4a:18:11:c8:92:d0:4e:fe:66:83:85:98:43:
         53:0c:e1:45:c3:5d:9e:bb:88:fd:44:d1:2b:76:46:ac:2f:0e:
         2d:9f:f1:60:38:bf:2c:8e:59:d5:29:b4:d0:a0:fd:3d:ba:ca:
         0d:b7:78:0c:b4:d1:6f:a8:02:d7:f4:4d:6f:58:f1:de:e4:e1:
         aa:a4:02:fb:f6:7c:51:76:4a:dd:db:60:6d:50:bf:bc:3a:a2:
         48:df:3d:1a:bb:4f:ca:c4:d8:37:de:aa:26:db:a8:d3:b6:18:
         c6:7f:a0:94:8c:06:47:60:ff:37:5e:65:54:ef:1f:b8:b5:7c:
         cd:5a:31:4e:6b:18:e9:02:6e:66:96:c0:8d:b7:d2:84:2a:e3:
         f8:b1:b9:30:1a:3a:85:09:92:fe:ce:3c:cd:02:12:08:4a:cd:
         04:82:47:a6:7e:0c:71:17:c7:9b:1e:f8:15:a7:60:6f:f6:29:
         8b:d8:c9:f7:19:3b:2b:fa:2c:8b:54:f5:2e:5c:62:38:c7:61:
         a5:49:ac:ba:7a:62:f8:f1:2c:4a:71:55:19:33:f1:8c:da:4b:
         86:97:2f:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra+xBNSE9Yd2Ew1F39+CSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGJlZTk4Y2JhOWI4ZTYyNWExMTQ3YmIzYjU1MTk3ZDJk
MGEwNTcwHhcNMjYwMzAxMjIwMTQyWhcNMjYwMzAyMjIwMTQyWjAzMTEwLwYDVQQD
EyhmOThmMmY5Nzc5Y2I1MDIwN2JhMzI2ODMzNjZhMDQ3MGE4MjFiNmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubzxYimJH0SW4KTNVCAuPBfS+Hxh
hrw/zU2noMz6FR6sy+lnvK9hU18HPWdK87ij6lqaxX6daNCvhqlHTq36nvFVmgY+
rLnqBuD8Nu8uAC+UP4r7slpaCWFdHQEb8Lr45qDpIk00TfZV+lQPIWI20fHvQiBI
tL/94dm0yLqoQ/R1Nrr3Bh++uVl1qMxBJSQTQPD3VUHks08AwEnqh5x0zL2EjdZ6
cr6cK0SsRRWRYDVS6ffr0AUATHzZEgjbUKWg9wwYkRfuQIPRapA39axzg2h3VkTz
vXWu2Xg6d9PfvQNACzvJ8W7Ul6/yMBz57G8XvaZF1d4faiMgW/vmDbiMEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmPL5d5y1Age6MmgzZqBHCoIbaoMB8GA1UdIwQY
MBaAFN7b7pjLqbjmJaEUe7O1UZfS0KBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wZWY2NzgtNzg3MC00ZTA4LWFiMjUt
MThmMGI4MGYyNTBkLzEvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wZWY2NzgtNzg3MC00ZTA4LWFiMjUtMThmMGI4MGYyNTBk
LzEvM3R2dW1NdXB1T1lsb1JSN3M3VlJsOUxRb0ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK6rkYGSY
BjC/mVj//iJVMYsp+HSQvRSbVBMq2CRemPvLUp678tltos5KGBHIktBO/maDhZhD
UwzhRcNdnruI/UTRK3ZGrC8OLZ/xYDi/LI5Z1Sm00KD9PbrKDbd4DLTRb6gC1/RN
b1jx3uThqqQC+/Z8UXZK3dtgbVC/vDqiSN89GrtPysTYN96qJtuo07YYxn+glIwG
R2D/N15lVO8fuLV8zVoxTmsY6QJuZpbAjbfShCrj+LG5MBo6hQmS/s48zQISCErN
BIJHpn4McRfHmx74Fadgb/Ypi9jJ9xk7K/osi1T1LlxiOMdhpUmsunpi+PEsSnFV
GTPxjNpLhpcvqQ==
-----END CERTIFICATE-----