Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
File:                     SQtgyL0tnQHwq1ocTApT4dczn2U.mft (raw, json)
Hash identifier:          G1Cmu67TMhIatHnqnLcbbgUUhHTYpbluz+45uVDe/3g=
Subject key identifier:   AF:F3:44:7A:01:EE:0B:A5:C4:31:28:C0:41:81:B1:48:F4:D4:65:64
Authority key identifier: 49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65
Certificate issuer:       /CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
Certificate serial:       019CAB6BBD7F005563E1B2CE29C48504047B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
Manifest number:          142D
Signing time:             Sun 01 Mar 2026 22:01:30 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:30 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:30 +0000
Files and hashes:         1: SQtgyL0tnQHwq1ocTApT4dczn2U.crl (hash: VX4B1YA9J00rtKLBI3tfylFmy7HPnENp/JqgUKSw7Ns=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:bd:7f:00:55:63:e1:b2:ce:29:c4:85:04:04:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
        Validity
            Not Before: Mar  1 22:01:30 2026 GMT
            Not After : Mar  2 22:01:30 2026 GMT
        Subject: CN=aff3447a01ee0ba5c43128c04181b148f4d46564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:5a:91:2a:7d:6b:1c:e4:55:45:e7:bd:5c:7d:
                    7a:df:72:a9:22:eb:e0:b8:93:e1:99:72:19:de:a5:
                    ae:bc:11:d9:32:f4:1d:6a:27:f5:48:8f:2a:34:4e:
                    bf:87:56:c7:4d:9f:b7:d0:f2:40:de:de:14:32:c7:
                    84:6f:8c:18:ee:38:ea:e7:78:c8:e7:2c:2d:61:12:
                    f4:db:be:98:6a:93:e5:01:5b:d6:4b:67:f2:d2:72:
                    f5:7f:ac:b2:2f:50:6e:e7:fa:ef:09:39:af:90:14:
                    8c:bb:f1:98:b9:ce:ba:1f:84:ba:37:c6:59:88:da:
                    ce:11:73:e1:8b:30:ef:51:7f:de:8b:91:93:ce:00:
                    4e:19:81:c9:a8:ac:ed:74:23:9b:00:ca:14:bd:5d:
                    bc:39:2f:b9:ea:aa:cf:fd:18:a1:2c:0f:6d:21:4b:
                    26:3b:9b:03:47:c5:4c:73:3d:54:6c:95:0f:5a:7c:
                    db:48:4c:bc:56:6f:18:e5:dc:97:ff:ed:18:c1:3e:
                    d5:8a:f4:bc:a3:97:b9:cf:2a:35:22:ae:25:02:3a:
                    97:8b:72:45:cd:85:23:7d:0d:fe:b5:ff:c0:a8:03:
                    70:50:b2:db:86:17:74:c9:25:18:8a:c3:29:16:ca:
                    a7:a2:c0:50:27:55:de:be:0a:e4:11:59:50:d7:bd:
                    f1:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:F3:44:7A:01:EE:0B:A5:C4:31:28:C0:41:81:B1:48:F4:D4:65:64
            X509v3 Authority Key Identifier:
                keyid:49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:3b:c9:b3:40:4a:b4:8c:9a:f5:b5:ab:76:ce:e1:74:45:09:
         19:2b:55:bb:fe:83:b9:50:aa:25:4b:c5:f4:a2:cb:30:02:65:
         f9:c3:4a:46:33:b5:72:b7:5d:2f:fb:39:99:09:7c:45:54:49:
         fc:4d:de:4f:7d:6f:e3:94:5a:7c:c0:dc:11:26:c2:3a:5b:33:
         a4:41:1a:69:4c:44:d9:09:4c:b5:86:fd:80:d8:e5:8a:2f:12:
         cc:93:21:08:f9:15:b0:5b:1f:85:19:98:67:0f:fb:1d:a6:64:
         51:77:53:5a:7a:56:bb:05:df:e6:99:e9:cd:f9:31:c1:67:9f:
         9f:61:55:89:66:bd:04:e3:f9:39:42:55:26:17:f6:a9:ea:ad:
         d8:9b:f2:2a:64:44:c6:e6:1b:60:26:71:d3:0e:5d:7e:d0:3e:
         91:49:22:38:06:f3:17:45:33:b2:54:1b:8b:41:05:a9:5b:e6:
         31:e1:92:2f:05:c5:07:e1:48:08:e0:32:4d:27:27:f6:15:1f:
         23:55:45:ad:98:2a:19:1e:3d:aa:1d:85:83:a3:76:02:37:eb:
         64:2f:0a:1c:d2:24:64:b4:b3:81:28:0b:67:1c:a4:2c:e7:44:
         a7:b8:90:c4:f4:6a:1c:7b:82:c2:be:2a:27:ad:73:da:26:f1:
         6b:e8:4c:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra71/AFVj4bLOKcSFBAR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGI2MGM4YmQyZDlkMDFmMGFiNWExYzRjMGE1M2UxZDcz
MzlmNjUwHhcNMjYwMzAxMjIwMTMwWhcNMjYwMzAyMjIwMTMwWjAzMTEwLwYDVQQD
EyhhZmYzNDQ3YTAxZWUwYmE1YzQzMTI4YzA0MTgxYjE0OGY0ZDQ2NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1qRKn1rHORVRee9XH1633KpIuvg
uJPhmXIZ3qWuvBHZMvQdaif1SI8qNE6/h1bHTZ+30PJA3t4UMseEb4wY7jjq53jI
5ywtYRL0276YapPlAVvWS2fy0nL1f6yyL1Bu5/rvCTmvkBSMu/GYuc66H4S6N8ZZ
iNrOEXPhizDvUX/ei5GTzgBOGYHJqKztdCObAMoUvV28OS+56qrP/RihLA9tIUsm
O5sDR8VMcz1UbJUPWnzbSEy8Vm8Y5dyX/+0YwT7VivS8o5e5zyo1Iq4lAjqXi3JF
zYUjfQ3+tf/AqANwULLbhhd0ySUYisMpFsqnosBQJ1XevgrkEVlQ173xTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/zRHoB7gulxDEowEGBsUj01GVkMB8GA1UdIwQY
MBaAFEkLYMi9LZ0B8KtaHEwKU+HXM59lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYt
OTJhNGJlODVjMTFkLzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYtOTJhNGJlODVjMTFk
LzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKzvJs0BK
tIya9bWrds7hdEUJGStVu/6DuVCqJUvF9KLLMAJl+cNKRjO1crddL/s5mQl8RVRJ
/E3eT31v45RafMDcESbCOlszpEEaaUxE2QlMtYb9gNjlii8SzJMhCPkVsFsfhRmY
Zw/7HaZkUXdTWnpWuwXf5pnpzfkxwWefn2FViWa9BOP5OUJVJhf2qeqt2JvyKmRE
xuYbYCZx0w5dftA+kUkiOAbzF0UzslQbi0EFqVvmMeGSLwXFB+FICOAyTScn9hUf
I1VFrZgqGR49qh2Fg6N2AjfrZC8KHNIkZLSzgSgLZxykLOdEp7iQxPRqHHuCwr4q
J61z2ibxa+hMWQ==
-----END CERTIFICATE-----