Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
File:                     itYGdkMvaHI2YskyV5qEk1IBS5U.mft (raw, json)
Hash identifier:          cIrRuYqsE0V+ATB8wA19GjZvWRBHNB84y6p+HY1xANo=
Subject key identifier:   E6:82:D9:87:69:59:10:09:25:C1:00:5C:EE:28:8A:FA:F5:C8:E8:C3
Authority key identifier: 8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95
Certificate issuer:       /CN=8ad60676432f68723662c932579a849352014b95
Certificate serial:       019CAAC6E6A9A8D6FB5975008FFDEA3C002C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
Manifest number:          0A0C
Signing time:             Sun 01 Mar 2026 19:01:27 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:27 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:27 +0000
Files and hashes:         1: itYGdkMvaHI2YskyV5qEk1IBS5U.crl (hash: llQfcgVIcglLGWv/XLvQZ/K62ZVFb00OA5S+2atZ7TM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:e6:a9:a8:d6:fb:59:75:00:8f:fd:ea:3c:00:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad60676432f68723662c932579a849352014b95
        Validity
            Not Before: Mar  1 19:01:27 2026 GMT
            Not After : Mar  2 19:01:27 2026 GMT
        Subject: CN=e682d9876959100925c1005cee288afaf5c8e8c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:81:a8:5d:fe:1c:00:c9:9a:16:b6:fe:26:e9:
                    24:af:c9:a7:9c:09:86:5e:27:18:a6:eb:95:b4:49:
                    40:78:f7:9d:d8:48:ee:0b:31:a9:8d:ee:7a:90:31:
                    b0:16:10:99:b0:fe:3f:a4:1b:65:7d:8f:37:5e:d2:
                    9c:ac:f1:63:1e:44:73:36:ea:43:62:be:6d:c0:ad:
                    11:f9:cf:1d:95:a2:1d:a9:ec:63:48:32:7f:06:aa:
                    60:65:97:15:d4:03:cd:d7:7f:d1:9e:77:c9:8a:44:
                    b6:af:da:f3:0c:7d:e0:ca:a0:92:72:96:e4:8a:6e:
                    40:ab:33:11:3f:53:37:41:9d:e2:81:c8:51:4c:bf:
                    52:49:bf:0a:35:b5:cd:ca:09:69:20:71:6b:f2:7e:
                    f5:80:eb:f0:40:69:5a:11:4b:b2:12:36:7e:db:e0:
                    01:c0:cc:52:52:cc:31:3c:8e:94:1a:23:76:b5:19:
                    35:e5:10:a6:ed:9e:02:6e:ac:b8:da:f9:f8:2a:07:
                    33:d3:35:1a:d8:7b:74:16:7a:6a:f1:eb:04:bd:d4:
                    d7:91:e2:89:c5:46:4e:81:ba:be:9b:a4:60:2f:a9:
                    f2:dc:f6:02:58:84:3b:44:c3:00:d4:96:b2:45:9b:
                    02:59:1b:44:af:85:a9:03:df:4e:bb:f2:aa:d4:71:
                    9f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:82:D9:87:69:59:10:09:25:C1:00:5C:EE:28:8A:FA:F5:C8:E8:C3
            X509v3 Authority Key Identifier:
                keyid:8A:D6:06:76:43:2F:68:72:36:62:C9:32:57:9A:84:93:52:01:4B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itYGdkMvaHI2YskyV5qEk1IBS5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/cdc148-5703-4e91-9a8e-284036a81d90/1/itYGdkMvaHI2YskyV5qEk1IBS5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:d0:20:90:6c:b5:3d:d1:b3:49:a2:31:6b:cd:b9:9d:47:64:
         d7:41:17:22:a7:da:3c:93:19:8a:1d:26:6b:84:93:d4:61:d1:
         f5:b5:d5:8d:69:c3:89:2b:1c:0b:bf:5e:97:03:8d:62:7c:c3:
         cd:11:40:10:9f:b2:8e:30:33:e2:d8:35:c9:7d:69:44:91:69:
         98:a3:60:62:f0:ee:db:7f:be:67:46:82:7b:fe:b9:55:62:20:
         2c:62:9a:5f:3d:b4:27:12:9d:68:18:ef:40:f3:7a:cb:a4:94:
         4d:02:df:9d:c9:5b:81:eb:f4:80:0a:bf:71:a2:fb:79:8c:8a:
         64:a1:2b:76:1f:fe:58:9f:42:56:6f:c2:9e:e4:0a:82:a8:bf:
         52:b0:81:d6:88:b1:52:47:62:52:ba:dc:a5:ba:80:bc:23:54:
         65:db:df:c4:ee:a4:2c:12:4b:e0:8b:3d:2e:66:f8:7b:9f:f5:
         fd:47:6d:26:c1:ca:f5:49:ad:44:02:16:c1:d8:bf:8f:e7:fa:
         d3:27:9b:8c:51:d0:e9:51:c7:16:6f:67:1a:5b:91:72:e1:a3:
         41:c7:5a:1b:96:e5:9a:32:79:6a:84:b3:76:c7:2c:08:21:a1:
         d4:44:6f:37:e4:a6:56:c3:c3:69:ed:48:00:c9:98:e4:0d:05:
         8a:a1:cd:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxuapqNb7WXUAj/3qPAAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDYwNjc2NDMyZjY4NzIzNjYyYzkzMjU3OWE4NDkzNTIw
MTRiOTUwHhcNMjYwMzAxMTkwMTI3WhcNMjYwMzAyMTkwMTI3WjAzMTEwLwYDVQQD
EyhlNjgyZDk4NzY5NTkxMDA5MjVjMTAwNWNlZTI4OGFmYWY1YzhlOGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14GoXf4cAMmaFrb+Jukkr8mnnAmG
XicYpuuVtElAePed2EjuCzGpje56kDGwFhCZsP4/pBtlfY83XtKcrPFjHkRzNupD
Yr5twK0R+c8dlaIdqexjSDJ/BqpgZZcV1APN13/RnnfJikS2r9rzDH3gyqCScpbk
im5AqzMRP1M3QZ3igchRTL9SSb8KNbXNyglpIHFr8n71gOvwQGlaEUuyEjZ+2+AB
wMxSUswxPI6UGiN2tRk15RCm7Z4Cbqy42vn4Kgcz0zUa2Ht0Fnpq8esEvdTXkeKJ
xUZOgbq+m6RgL6ny3PYCWIQ7RMMA1JayRZsCWRtEr4WpA99Ou/Kq1HGfwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaC2YdpWRAJJcEAXO4oivr1yOjDMB8GA1UdIwQY
MBaAFIrWBnZDL2hyNmLJMleahJNSAUuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUt
Mjg0MDM2YTgxZDkwLzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jZGMxNDgtNTcwMy00ZTkxLTlhOGUtMjg0MDM2YTgxZDkw
LzEvaXRZR2RrTXZhSEkyWXNreVY1cUVrMUlCUzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbdAgkGy1
PdGzSaIxa825nUdk10EXIqfaPJMZih0ma4ST1GHR9bXVjWnDiSscC79elwONYnzD
zRFAEJ+yjjAz4tg1yX1pRJFpmKNgYvDu23++Z0aCe/65VWIgLGKaXz20JxKdaBjv
QPN6y6SUTQLfnclbgev0gAq/caL7eYyKZKErdh/+WJ9CVm/CnuQKgqi/UrCB1oix
UkdiUrrcpbqAvCNUZdvfxO6kLBJL4Is9Lmb4e5/1/UdtJsHK9UmtRAIWwdi/j+f6
0yebjFHQ6VHHFm9nGluRcuGjQcdaG5blmjJ5aoSzdscsCCGh1ERvN+SmVsPDae1I
AMmY5A0FiqHNRA==
-----END CERTIFICATE-----