Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
File:                     RXHLqFoCMKnLR6vrWzue1NUxz54.mft (raw, json)
Hash identifier:          2SiFL8ng3lFLds6b9EeuZ9z84XWSaLX418cxW5vYUA0=
Subject key identifier:   99:05:B2:D0:A7:ED:89:61:AA:18:0C:D1:5C:6A:AD:85:80:F9:64:F3
Authority key identifier: 45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E
Certificate issuer:       /CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
Certificate serial:       019CAC0FB2F3053C4BE75CB8A2429BBF8841
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
Manifest number:          05F0
Signing time:             Mon 02 Mar 2026 01:00:35 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:35 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:35 +0000
Files and hashes:         1: RXHLqFoCMKnLR6vrWzue1NUxz54.crl (hash: OJfIz1NiuQGTVa8lGJ1Yz8rgEBMYpdZHFt4P9PQWz9w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:b2:f3:05:3c:4b:e7:5c:b8:a2:42:9b:bf:88:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4571cba85a0230a9cb47abeb5b3b9ed4d531cf9e
        Validity
            Not Before: Mar  2 01:00:35 2026 GMT
            Not After : Mar  3 01:00:35 2026 GMT
        Subject: CN=9905b2d0a7ed8961aa180cd15c6aad8580f964f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:ae:d3:96:cd:84:5f:5d:3d:9c:0d:c7:bb:3b:
                    23:23:ab:a9:11:42:bb:da:a1:e8:79:10:1e:1b:50:
                    68:fd:38:67:a4:79:b9:d3:53:3b:42:59:af:bf:c0:
                    ee:4e:fc:9d:60:65:08:c5:07:fa:6e:78:e6:ac:df:
                    80:c3:b6:00:db:0a:11:45:e9:21:39:0b:5b:90:2d:
                    44:fb:3d:2c:8d:65:d7:cd:22:f8:88:01:83:3b:3c:
                    ab:b0:1d:98:ad:c3:07:94:c7:a3:23:87:70:37:16:
                    57:18:16:36:23:b7:b1:7c:d5:39:b3:c8:23:ab:ec:
                    c9:00:61:13:bc:b8:39:9f:51:26:b4:cc:47:91:5e:
                    b9:57:7c:c9:47:f8:03:29:23:f0:df:cc:5a:04:39:
                    5e:ea:db:f6:23:64:95:00:4d:b2:d6:b5:05:ef:e1:
                    cb:1d:d2:15:34:3e:1f:82:17:1f:8c:f0:d9:0d:96:
                    76:8d:d7:2f:33:38:02:65:3e:aa:69:29:3f:6b:05:
                    84:ef:07:7a:a2:30:fb:f5:01:27:71:ac:52:dd:24:
                    59:aa:3e:9f:43:ae:72:a4:0b:95:57:21:26:d4:3a:
                    9c:a9:a6:ad:44:99:19:44:99:29:13:5a:f4:16:6c:
                    5b:88:eb:d5:ab:2b:1e:d9:98:df:45:8d:6a:d5:e4:
                    24:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:05:B2:D0:A7:ED:89:61:AA:18:0C:D1:5C:6A:AD:85:80:F9:64:F3
            X509v3 Authority Key Identifier:
                keyid:45:71:CB:A8:5A:02:30:A9:CB:47:AB:EB:5B:3B:9E:D4:D5:31:CF:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RXHLqFoCMKnLR6vrWzue1NUxz54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a64099-345f-4f1c-a930-760cb3ea1415/1/RXHLqFoCMKnLR6vrWzue1NUxz54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:00:77:df:7a:08:a2:81:25:89:64:6d:69:9c:ff:dc:a5:60:
         df:b4:91:f6:7b:6c:7c:57:23:07:c5:31:79:35:12:39:c9:73:
         28:04:2a:69:b0:df:a4:57:cd:9d:26:62:8c:e5:23:7f:72:75:
         75:32:f6:b3:ad:83:6b:be:62:5c:4a:5f:57:4c:be:69:53:a6:
         30:94:fa:c3:20:c3:58:f0:7c:7d:73:0d:e4:76:5d:65:72:2d:
         64:69:6f:99:ea:8b:e7:58:72:a2:80:df:ea:6e:6c:b9:c2:fb:
         6d:ce:7b:7e:dc:95:22:43:a1:ae:88:26:94:20:33:11:7c:06:
         22:d6:6b:16:19:4c:6a:47:b4:d6:a4:cf:b2:0a:1e:42:a9:95:
         2d:66:cc:89:09:9c:a6:4f:8f:6f:75:16:5f:a0:8e:7c:07:bc:
         68:67:c7:59:33:dc:2d:b2:10:7c:5c:bd:2b:40:d1:04:c9:00:
         5d:4a:fc:f5:10:b8:dd:55:1f:69:0a:fe:ed:54:ec:dd:cb:ea:
         ad:4c:d8:4a:17:f0:8f:8f:30:be:b4:56:fe:23:00:80:91:a4:
         90:39:98:1f:67:d9:79:69:fa:c6:0a:3a:89:05:27:c5:14:87:
         b1:ec:c5:47:04:48:cc:5e:b2:9e:bf:11:e5:e0:29:f9:60:2c:
         a0:8b:a3:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD7LzBTxL51y4okKbv4hBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NzFjYmE4NWEwMjMwYTljYjQ3YWJlYjViM2I5ZWQ0ZDUz
MWNmOWUwHhcNMjYwMzAyMDEwMDM1WhcNMjYwMzAzMDEwMDM1WjAzMTEwLwYDVQQD
Eyg5OTA1YjJkMGE3ZWQ4OTYxYWExODBjZDE1YzZhYWQ4NTgwZjk2NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAya7Tls2EX109nA3HuzsjI6upEUK7
2qHoeRAeG1Bo/ThnpHm501M7Qlmvv8DuTvydYGUIxQf6bnjmrN+Aw7YA2woRRekh
OQtbkC1E+z0sjWXXzSL4iAGDOzyrsB2YrcMHlMejI4dwNxZXGBY2I7exfNU5s8gj
q+zJAGETvLg5n1EmtMxHkV65V3zJR/gDKSPw38xaBDle6tv2I2SVAE2y1rUF7+HL
HdIVND4fghcfjPDZDZZ2jdcvMzgCZT6qaSk/awWE7wd6ojD79QEncaxS3SRZqj6f
Q65ypAuVVyEm1DqcqaatRJkZRJkpE1r0FmxbiOvVqyse2ZjfRY1q1eQkdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkFstCn7YlhqhgM0VxqrYWA+WTzMB8GA1UdIwQY
MBaAFEVxy6haAjCpy0er61s7ntTVMc+eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAt
NzYwY2IzZWExNDE1LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hNjQwOTktMzQ1Zi00ZjFjLWE5MzAtNzYwY2IzZWExNDE1
LzEvUlhITHFGb0NNS25MUjZ2cld6dWUxTlV4ejU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQB333oI
ooEliWRtaZz/3KVg37SR9ntsfFcjB8UxeTUSOclzKAQqabDfpFfNnSZijOUjf3J1
dTL2s62Da75iXEpfV0y+aVOmMJT6wyDDWPB8fXMN5HZdZXItZGlvmeqL51hyooDf
6m5sucL7bc57ftyVIkOhrogmlCAzEXwGItZrFhlMake01qTPsgoeQqmVLWbMiQmc
pk+Pb3UWX6COfAe8aGfHWTPcLbIQfFy9K0DRBMkAXUr89RC43VUfaQr+7VTs3cvq
rUzYShfwj48wvrRW/iMAgJGkkDmYH2fZeWn6xgo6iQUnxRSHsezFRwRIzF6ynr8R
5eAp+WAsoIujcg==
-----END CERTIFICATE-----