Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          N0rpEu9Mtn9pvK2fwjMY1rSsDb7988LmyF0nozAazH0=
Subject key identifier:   CC:56:10:4B:D8:8F:11:1B:86:57:33:40:A4:17:D4:55:05:0A:BF:CC
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       019CAC7E3A9A8916D1FCB834F6FA7A486873
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          0873
Signing time:             Mon 02 Mar 2026 03:01:19 +0000
Manifest this update:     Mon 02 Mar 2026 03:01:19 +0000
Manifest next update:     Tue 03 Mar 2026 03:01:19 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: YUC7JY3ZAlv1WEIFilJlF2T6cClsp8lCxKAMexsYAl0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:7e:3a:9a:89:16:d1:fc:b8:34:f6:fa:7a:48:68:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Mar  2 03:01:19 2026 GMT
            Not After : Mar  3 03:01:19 2026 GMT
        Subject: CN=cc56104bd88f111b86573340a417d455050abfcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d0:fd:58:1d:5c:e8:41:9f:6f:53:fe:d4:b8:
                    6e:ee:60:47:cf:4f:ed:33:7a:3e:ac:71:67:6f:31:
                    01:85:fc:31:e1:fb:6f:cd:a0:a7:51:c6:96:ef:07:
                    bf:8a:f7:7c:ca:da:e3:c7:6a:59:fe:01:3d:1a:3b:
                    ed:02:ab:87:bf:2c:7c:d0:fd:a9:4b:a1:da:2e:55:
                    9c:2c:49:74:bf:0f:48:41:fc:59:95:82:7c:f3:d5:
                    c5:8e:d9:7d:cc:6d:81:61:db:c3:0a:d7:4f:42:ab:
                    56:2a:be:2c:88:1c:42:b4:9d:24:6a:0a:0a:6b:a1:
                    cd:ea:d1:12:d8:5c:41:f9:e6:eb:11:31:18:a4:f2:
                    ba:fd:5e:bc:70:bc:7e:b6:56:84:5c:56:d5:0a:cd:
                    63:2a:0d:ea:39:c4:30:73:d6:0e:ea:4a:c9:d4:81:
                    07:0c:64:86:eb:36:6e:39:a6:1c:7c:01:68:fc:ce:
                    f1:00:38:44:8d:1b:b6:be:93:a5:8f:d8:a3:02:d7:
                    b9:76:39:a9:86:df:93:9c:6b:b7:97:78:89:b3:55:
                    c0:2f:01:1b:7b:89:5a:d5:7f:9f:30:5d:e2:02:d1:
                    b1:2e:43:79:74:3f:85:98:ec:db:fd:a1:c2:15:3b:
                    53:67:dc:b3:ae:49:fe:47:60:a4:2e:53:db:c6:d1:
                    0d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:56:10:4B:D8:8F:11:1B:86:57:33:40:A4:17:D4:55:05:0A:BF:CC
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:c5:8c:19:f5:64:b1:1d:7e:3c:34:64:bb:3f:63:90:74:4f:
         e1:44:81:fc:19:e3:73:2b:6d:16:ac:2f:c2:31:a1:16:c8:dd:
         a5:23:f7:d9:a5:48:97:90:05:d0:08:28:f7:03:c8:92:d3:a5:
         b3:67:a1:74:17:2e:1f:66:f6:cb:b6:fb:11:1e:0b:80:01:f2:
         a3:3d:25:1d:c3:3e:27:f2:8e:38:6e:a0:c3:6b:2f:8c:61:02:
         b4:51:28:27:16:a7:76:78:6f:d8:34:54:88:b0:67:b6:e3:fe:
         4a:4c:04:fa:df:5c:52:30:01:de:76:24:f8:f0:9a:be:58:45:
         99:49:eb:60:00:cc:bd:95:f6:81:a4:c0:20:b5:ef:28:17:73:
         6d:da:ca:43:b9:0e:ae:22:65:85:f1:21:ad:ad:14:20:62:2a:
         a8:33:29:54:6d:75:fb:d3:c7:c2:20:72:50:bc:25:15:3a:36:
         6f:1a:ae:4e:83:78:ad:26:59:e8:fa:d3:5a:66:4f:be:9d:be:
         bd:e0:e1:9a:0c:ea:55:51:c7:e0:7e:45:87:3d:e7:76:0d:82:
         41:25:51:4a:a6:d2:02:3a:d6:47:69:31:01:da:ec:fb:ee:0c:
         98:d2:ea:33:19:8c:d2:89:b3:a3:92:98:5b:2f:ca:d6:7d:5c:
         b1:7f:e8:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfjqaiRbR/Lg09vp6SGhzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjYwMzAyMDMwMTE5WhcNMjYwMzAzMDMwMTE5WjAzMTEwLwYDVQQD
EyhjYzU2MTA0YmQ4OGYxMTFiODY1NzMzNDBhNDE3ZDQ1NTA1MGFiZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstD9WB1c6EGfb1P+1Lhu7mBHz0/t
M3o+rHFnbzEBhfwx4ftvzaCnUcaW7we/ivd8ytrjx2pZ/gE9GjvtAquHvyx80P2p
S6HaLlWcLEl0vw9IQfxZlYJ889XFjtl9zG2BYdvDCtdPQqtWKr4siBxCtJ0kagoK
a6HN6tES2FxB+ebrETEYpPK6/V68cLx+tlaEXFbVCs1jKg3qOcQwc9YO6krJ1IEH
DGSG6zZuOaYcfAFo/M7xADhEjRu2vpOlj9ijAte5djmpht+TnGu3l3iJs1XALwEb
e4la1X+fMF3iAtGxLkN5dD+FmOzb/aHCFTtTZ9yzrkn+R2CkLlPbxtENswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMxWEEvYjxEbhlczQKQX1FUFCr/MMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOMWMGfVk
sR1+PDRkuz9jkHRP4USB/BnjcyttFqwvwjGhFsjdpSP32aVIl5AF0Ago9wPIktOl
s2ehdBcuH2b2y7b7ER4LgAHyoz0lHcM+J/KOOG6gw2svjGECtFEoJxandnhv2DRU
iLBntuP+SkwE+t9cUjAB3nYk+PCavlhFmUnrYADMvZX2gaTAILXvKBdzbdrKQ7kO
riJlhfEhra0UIGIqqDMpVG11+9PHwiByULwlFTo2bxquToN4rSZZ6PrTWmZPvp2+
veDhmgzqVVHH4H5Fhz3ndg2CQSVRSqbSAjrWR2kxAdrs++4MmNLqMxmM0omzo5KY
Wy/K1n1csX/opQ==
-----END CERTIFICATE-----