Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          9SbT9PDRmRmtzRrU1l++j/dd8iNfT6IS2PZPua7WfiA=
Subject key identifier:   53:30:18:24:76:30:93:56:9E:10:F7:67:C5:6B:FE:EC:30:FE:4E:F6
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       019CABD9402457AF60D6A51EF85D17D10AFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          0898
Signing time:             Mon 02 Mar 2026 00:01:07 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:07 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:07 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: p/Y3yLmmopvDbS0zabwMVICVhBRe1n4Npf103MLxmWE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:40:24:57:af:60:d6:a5:1e:f8:5d:17:d1:0a:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: Mar  2 00:01:07 2026 GMT
            Not After : Mar  3 00:01:07 2026 GMT
        Subject: CN=53301824763093569e10f767c56bfeec30fe4ef6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:8b:ab:b2:78:d2:84:7d:30:85:21:9b:84:9c:
                    00:54:e3:59:a9:4d:3c:78:ac:47:40:0b:68:d2:8e:
                    e5:93:2e:30:86:7a:9d:6a:82:e6:93:82:90:9c:f0:
                    b0:7b:e1:30:b2:de:f9:19:8f:57:66:45:20:10:6a:
                    ac:57:ec:fc:94:c8:38:b4:86:71:13:f9:0c:2c:2f:
                    7c:3e:e4:3a:28:b4:51:9e:70:d9:eb:e6:d7:82:2a:
                    4c:ff:d6:30:a6:72:bb:89:d9:84:22:b5:46:1b:a3:
                    20:df:67:76:a2:e2:fe:a5:33:67:c2:68:da:78:fc:
                    12:5a:1b:ec:60:14:d3:5b:3f:1e:56:7a:47:8d:7d:
                    8f:ec:05:18:ce:8c:67:ac:79:e1:b6:51:70:68:04:
                    31:bd:b5:42:1a:cd:ab:d0:9f:a1:b3:87:64:92:13:
                    dc:e1:aa:d7:c5:63:86:1e:74:a1:01:d4:68:08:23:
                    20:9d:3f:8c:0c:a7:44:0b:bc:48:a6:28:54:28:1a:
                    c9:47:88:f2:e2:a1:6c:a9:2c:1b:91:3e:dc:14:30:
                    a7:9b:23:5c:ea:8b:50:5e:20:87:97:f6:cb:25:65:
                    8c:0a:6a:75:4f:35:dd:6b:21:62:8e:10:c9:e5:25:
                    47:4a:00:dc:f5:d5:6b:73:0d:86:e7:b5:5c:28:8c:
                    b3:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:30:18:24:76:30:93:56:9E:10:F7:67:C5:6B:FE:EC:30:FE:4E:F6
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:6b:e0:f0:be:88:fd:a4:02:90:88:8c:8e:83:d4:2b:5b:db:
         99:ab:e0:f9:3f:a5:d0:88:77:ce:02:91:26:b3:99:4a:bb:6b:
         da:9b:67:66:29:7d:5c:97:91:61:f9:79:70:27:b0:d0:da:7d:
         52:7e:e4:4b:21:4a:36:ad:4d:09:03:01:bd:7d:9e:1b:84:fc:
         34:ae:d3:8d:84:a1:b8:bc:ab:41:d9:18:4b:98:90:dd:3d:f3:
         cd:e5:13:84:11:1e:4f:9f:3d:25:bc:3d:77:75:37:5f:64:54:
         b0:b0:f7:07:5f:02:8b:d0:ac:e7:a9:6a:7b:13:7c:cf:a6:84:
         d6:ee:ab:e6:9f:75:95:79:41:6b:3e:ab:be:b6:b6:a3:96:f6:
         1c:a3:95:1b:da:f0:b9:15:fd:40:d6:a6:65:6f:ca:2e:6c:72:
         a9:cf:f2:f1:10:9c:ce:9a:56:4f:10:85:1a:7e:1c:90:e2:97:
         2f:ad:32:81:88:28:81:3c:f9:7f:b9:73:2e:a9:40:0b:98:9c:
         c5:d9:b2:45:ff:6d:ff:95:ff:c1:a5:94:c5:6c:ee:df:93:07:
         a8:6a:05:11:1b:65:bd:f4:81:04:4f:bd:a2:c7:fa:64:23:8f:
         74:98:e4:f5:be:26:e6:db:b7:5e:80:38:a4:06:04:21:ab:50:
         35:54:b9:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2UAkV69g1qUe+F0X0Qr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjYwMzAyMDAwMTA3WhcNMjYwMzAzMDAwMTA3WjAzMTEwLwYDVQQD
Eyg1MzMwMTgyNDc2MzA5MzU2OWUxMGY3NjdjNTZiZmVlYzMwZmU0ZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9YursnjShH0whSGbhJwAVONZqU08
eKxHQAto0o7lky4whnqdaoLmk4KQnPCwe+Ewst75GY9XZkUgEGqsV+z8lMg4tIZx
E/kMLC98PuQ6KLRRnnDZ6+bXgipM/9YwpnK7idmEIrVGG6Mg32d2ouL+pTNnwmja
ePwSWhvsYBTTWz8eVnpHjX2P7AUYzoxnrHnhtlFwaAQxvbVCGs2r0J+hs4dkkhPc
4arXxWOGHnShAdRoCCMgnT+MDKdEC7xIpihUKBrJR4jy4qFsqSwbkT7cFDCnmyNc
6otQXiCHl/bLJWWMCmp1TzXdayFijhDJ5SVHSgDc9dVrcw2G57VcKIyzNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMwGCR2MJNWnhD3Z8Vr/uww/k72MB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc2vg8L6I
/aQCkIiMjoPUK1vbmavg+T+l0Ih3zgKRJrOZSrtr2ptnZil9XJeRYfl5cCew0Np9
Un7kSyFKNq1NCQMBvX2eG4T8NK7TjYShuLyrQdkYS5iQ3T3zzeUThBEeT589Jbw9
d3U3X2RUsLD3B18Ci9Cs56lqexN8z6aE1u6r5p91lXlBaz6rvra2o5b2HKOVG9rw
uRX9QNamZW/KLmxyqc/y8RCczppWTxCFGn4ckOKXL60ygYgogTz5f7lzLqlAC5ic
xdmyRf9t/5X/waWUxWzu35MHqGoFERtlvfSBBE+9osf6ZCOPdJjk9b4m5tu3XoA4
pAYEIatQNVS5AQ==
-----END CERTIFICATE-----