Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a35540-aa58-4a3c-ab45-bc2d17fe8beb/1/cc2ljxUk2CM2224M8qKf-vLaifg.mft
File:                     cc2ljxUk2CM2224M8qKf-vLaifg.mft (raw, json)
Hash identifier:          Umn5sZ7EYxbAEaxS6QIIF6NUvy/jETtdMUQmBrYNMAA=
Subject key identifier:   F2:5A:15:33:76:6A:75:59:B5:86:B9:E1:A3:40:76:C0:D6:7E:C0:48
Authority key identifier: 71:CD:A5:8F:15:24:D8:23:36:DB:6E:0C:F2:A2:9F:FA:F2:DA:89:F8
Certificate issuer:       /CN=71cda58f1524d82336db6e0cf2a29ffaf2da89f8
Certificate serial:       019CAF487C0499C8B215046FDC278C0EC8FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cc2ljxUk2CM2224M8qKf-vLaifg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a35540-aa58-4a3c-ab45-bc2d17fe8beb/1/cc2ljxUk2CM2224M8qKf-vLaifg.mft
Manifest number:          1063
Signing time:             Mon 02 Mar 2026 16:01:29 +0000
Manifest this update:     Mon 02 Mar 2026 16:01:29 +0000
Manifest next update:     Tue 03 Mar 2026 16:01:29 +0000
Files and hashes:         1: cc2ljxUk2CM2224M8qKf-vLaifg.crl (hash: ItpgxHERqVL13kzgYhjOE+rkqCbqY/HYLKY/aS44yVc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/a35540-aa58-4a3c-ab45-bc2d17fe8beb/1/cc2ljxUk2CM2224M8qKf-vLaifg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/a35540-aa58-4a3c-ab45-bc2d17fe8beb/1/cc2ljxUk2CM2224M8qKf-vLaifg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cc2ljxUk2CM2224M8qKf-vLaifg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:48:7c:04:99:c8:b2:15:04:6f:dc:27:8c:0e:c8:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71cda58f1524d82336db6e0cf2a29ffaf2da89f8
        Validity
            Not Before: Mar  2 16:01:29 2026 GMT
            Not After : Mar  3 16:01:29 2026 GMT
        Subject: CN=f25a1533766a7559b586b9e1a34076c0d67ec048
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:b9:18:f2:d6:a6:2b:ff:ff:dd:c1:14:b0:73:
                    0f:ef:e8:5e:27:eb:a4:0a:a9:cc:79:d9:f7:26:c7:
                    5c:35:74:49:cf:03:98:4b:73:40:f1:83:35:2d:ff:
                    80:4c:4e:1f:ab:12:25:91:6e:00:44:3a:75:48:94:
                    8f:00:61:77:2a:a6:15:96:62:70:c1:91:40:2c:f4:
                    c7:a5:80:a8:c5:f4:12:42:c0:33:de:b0:8d:7c:78:
                    34:62:2b:d6:58:e6:ad:93:bd:66:59:13:a3:a0:22:
                    d1:56:e5:f2:75:7d:d4:b9:40:63:30:bf:31:03:ba:
                    83:4f:d2:46:7b:f2:38:e7:30:93:26:16:cd:45:3e:
                    59:1c:ef:ae:a2:19:4f:9c:30:02:26:63:b6:0d:9f:
                    11:f4:90:44:4b:df:d3:17:60:7f:eb:48:06:01:fc:
                    cf:d1:9a:38:27:41:c4:73:f6:0d:2c:f5:3e:6b:de:
                    65:42:b4:1c:55:a5:b2:09:33:3d:74:72:9f:4e:52:
                    17:b0:1a:7e:65:c7:42:9c:cb:ee:f9:40:81:e0:2f:
                    d6:6b:ef:5d:6f:04:ce:d5:01:e2:43:11:60:0f:d1:
                    e3:6f:8f:f5:cb:6e:ba:39:62:9b:6f:26:b3:76:23:
                    89:ae:eb:9a:32:45:07:46:8d:92:70:ff:f6:b4:52:
                    f9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:5A:15:33:76:6A:75:59:B5:86:B9:E1:A3:40:76:C0:D6:7E:C0:48
            X509v3 Authority Key Identifier:
                keyid:71:CD:A5:8F:15:24:D8:23:36:DB:6E:0C:F2:A2:9F:FA:F2:DA:89:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc2ljxUk2CM2224M8qKf-vLaifg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a35540-aa58-4a3c-ab45-bc2d17fe8beb/1/cc2ljxUk2CM2224M8qKf-vLaifg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a35540-aa58-4a3c-ab45-bc2d17fe8beb/1/cc2ljxUk2CM2224M8qKf-vLaifg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:56:c2:db:bf:48:f2:68:d3:31:3e:3c:11:fe:1e:71:ac:f1:
         74:10:04:c1:d5:ba:73:4a:48:17:62:19:57:1a:b1:a4:6a:24:
         50:a0:44:5a:48:bc:ca:64:b9:67:65:27:9b:7c:0a:10:22:15:
         fd:3a:32:8b:94:9b:65:9c:bc:de:61:29:2f:18:fd:4b:99:25:
         02:cc:c8:20:e1:19:4a:11:d7:f2:b3:4d:c0:3d:29:82:33:54:
         fb:08:06:fd:37:3e:0b:33:38:4e:64:1c:fc:9e:54:ee:ec:52:
         60:7d:5a:7f:0b:d7:33:81:0c:74:a0:ab:63:87:83:37:7a:15:
         f0:e4:71:bf:54:7b:03:88:fb:1d:42:b4:92:ac:66:85:e1:27:
         8f:26:66:7c:3c:af:ca:33:86:33:8a:32:ad:69:da:4d:7a:bf:
         d9:56:6c:ea:89:bb:28:4b:40:3e:ce:e1:c4:79:28:95:a0:01:
         53:12:45:25:46:be:cb:2e:98:9c:59:ed:90:56:a0:99:5b:0a:
         6b:cd:fb:bd:80:eb:2e:ac:24:af:51:a3:65:37:c4:dc:6b:86:
         6b:ac:27:15:7a:63:e3:da:a7:b4:1d:8d:9b:7c:dc:76:fd:c8:
         5e:45:cc:01:ff:97:cd:cd:c3:ad:67:6f:2c:8e:6c:18:9b:6b:
         24:a8:92:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvSHwEmciyFQRv3CeMDsj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxY2RhNThmMTUyNGQ4MjMzNmRiNmUwY2YyYTI5ZmZhZjJk
YTg5ZjgwHhcNMjYwMzAyMTYwMTI5WhcNMjYwMzAzMTYwMTI5WjAzMTEwLwYDVQQD
EyhmMjVhMTUzMzc2NmE3NTU5YjU4NmI5ZTFhMzQwNzZjMGQ2N2VjMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7kY8tamK///3cEUsHMP7+heJ+uk
CqnMedn3JsdcNXRJzwOYS3NA8YM1Lf+ATE4fqxIlkW4ARDp1SJSPAGF3KqYVlmJw
wZFALPTHpYCoxfQSQsAz3rCNfHg0YivWWOatk71mWROjoCLRVuXydX3UuUBjML8x
A7qDT9JGe/I45zCTJhbNRT5ZHO+uohlPnDACJmO2DZ8R9JBES9/TF2B/60gGAfzP
0Zo4J0HEc/YNLPU+a95lQrQcVaWyCTM9dHKfTlIXsBp+ZcdCnMvu+UCB4C/Wa+9d
bwTO1QHiQxFgD9Hjb4/1y266OWKbbyazdiOJruuaMkUHRo2ScP/2tFL5NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJaFTN2anVZtYa54aNAdsDWfsBIMB8GA1UdIwQY
MBaAFHHNpY8VJNgjNttuDPKin/ry2on4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2MybGp4VWsyQ00yMjI0TThxS2YtdkxhaWZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hMzU1NDAtYWE1OC00YTNjLWFiNDUt
YmMyZDE3ZmU4YmViLzEvY2MybGp4VWsyQ00yMjI0TThxS2YtdkxhaWZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hMzU1NDAtYWE1OC00YTNjLWFiNDUtYmMyZDE3ZmU4YmVi
LzEvY2MybGp4VWsyQ00yMjI0TThxS2YtdkxhaWZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAElbC279I
8mjTMT48Ef4ecazxdBAEwdW6c0pIF2IZVxqxpGokUKBEWki8ymS5Z2Unm3wKECIV
/Toyi5SbZZy83mEpLxj9S5klAszIIOEZShHX8rNNwD0pgjNU+wgG/Tc+CzM4TmQc
/J5U7uxSYH1afwvXM4EMdKCrY4eDN3oV8ORxv1R7A4j7HUK0kqxmheEnjyZmfDyv
yjOGM4oyrWnaTXq/2VZs6om7KEtAPs7hxHkolaABUxJFJUa+yy6YnFntkFagmVsK
a837vYDrLqwkr1GjZTfE3GuGa6wnFXpj49qntB2Nm3zcdv3IXkXMAf+Xzc3DrWdv
LI5sGJtrJKiSJw==
-----END CERTIFICATE-----