Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
File:                     ScKchYIxItOsfH9IBdWyQocNLeI.mft (raw, json)
Hash identifier:          EFWsUaoKAB+MOHHq3xZGqOvEvKX14hFEQbVmSS4O2Dk=
Subject key identifier:   22:38:E7:53:C0:2C:EB:56:D6:B0:53:E9:B3:CE:2E:67:53:8E:28:FB
Authority key identifier: 49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2
Certificate issuer:       /CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
Certificate serial:       019CA945F18DB1E82C45BBD555D00B872BA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
Manifest number:          15DA
Signing time:             Sun 01 Mar 2026 12:00:59 +0000
Manifest this update:     Sun 01 Mar 2026 12:00:59 +0000
Manifest next update:     Mon 02 Mar 2026 12:00:59 +0000
Files and hashes:         1: ScKchYIxItOsfH9IBdWyQocNLeI.crl (hash: 6c9Qv23o5WxNy/RDbNgd+nHimUMOmHkYEFbCL5GDWtQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 12:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:45:f1:8d:b1:e8:2c:45:bb:d5:55:d0:0b:87:2b:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49c29c85823122d3ac7c7f4805d5b242870d2de2
        Validity
            Not Before: Mar  1 12:00:59 2026 GMT
            Not After : Mar  2 12:00:59 2026 GMT
        Subject: CN=2238e753c02ceb56d6b053e9b3ce2e67538e28fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d3:45:ec:02:bf:6a:e4:ce:68:c7:17:a9:1a:
                    4f:a8:41:e1:ed:8a:a8:74:c3:49:df:15:5d:de:86:
                    28:f3:2b:1c:02:91:e7:cc:56:c0:ee:10:95:e1:32:
                    02:9c:b8:e0:df:b8:d3:c0:b7:73:b0:a9:bb:ab:18:
                    2d:94:8c:c8:27:80:e6:e7:2e:96:2e:be:d7:bf:cd:
                    0f:a7:3f:73:43:e0:10:7f:34:2a:15:70:d8:9f:04:
                    48:53:86:83:d7:74:17:94:e7:a8:40:56:2e:de:b9:
                    53:24:65:1f:5e:1e:c0:be:b1:01:f8:3a:39:fa:9e:
                    72:3c:21:a8:25:0d:58:36:81:ba:2f:9e:5f:48:a5:
                    c1:e0:e1:ac:9b:42:2c:cd:71:ef:4d:32:60:fd:7c:
                    e5:06:bb:7d:13:b0:3a:3b:4a:36:7f:6e:97:35:b5:
                    c7:0e:74:9e:e3:13:68:f9:31:23:c3:1f:5c:80:2c:
                    9e:80:9f:c0:30:bb:89:16:7a:ce:31:ec:b6:b1:c5:
                    75:3a:10:e5:fd:be:44:bf:0d:5c:64:eb:64:8c:c9:
                    8e:b2:84:4e:d4:73:7f:05:c2:b1:fd:29:6e:85:f1:
                    3e:b1:9b:2b:60:f8:97:b9:f7:f8:fc:25:7d:7e:7e:
                    81:8f:98:37:ce:d1:ac:82:8a:fc:23:d5:0a:ef:06:
                    ba:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:38:E7:53:C0:2C:EB:56:D6:B0:53:E9:B3:CE:2E:67:53:8E:28:FB
            X509v3 Authority Key Identifier:
                keyid:49:C2:9C:85:82:31:22:D3:AC:7C:7F:48:05:D5:B2:42:87:0D:2D:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ScKchYIxItOsfH9IBdWyQocNLeI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a57a63-a6b4-4165-9e5e-9c2d044dd4af/1/ScKchYIxItOsfH9IBdWyQocNLeI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:08:47:1a:cc:fa:f5:ec:60:91:4d:1d:f6:0c:c6:9b:90:cb:
         51:65:ce:fb:57:32:3c:52:ba:a6:c0:bb:dc:91:7c:ce:dd:76:
         68:b0:0c:d6:61:cf:7d:dd:33:47:81:e1:a7:3b:56:a7:ae:5f:
         7d:e7:f9:de:9f:df:02:62:77:93:cf:f8:02:c8:db:7a:92:ab:
         76:9c:28:a1:0f:fa:13:33:0d:0d:69:cd:c7:cd:2f:16:24:05:
         ac:b4:0e:c4:b4:2d:d4:14:54:b8:91:eb:11:b3:24:fa:80:8b:
         cc:cc:51:ce:20:2a:9b:c4:bb:dd:b2:66:11:90:ae:9a:76:47:
         fb:fa:a9:cd:3e:4d:c6:64:e8:6d:f6:84:a6:44:8b:ff:b4:41:
         15:d9:a0:8b:fe:15:71:0d:bd:80:e9:65:f6:b0:5a:1c:db:f6:
         51:e2:10:2d:c8:90:44:d1:92:a0:88:9c:19:16:e9:4a:99:78:
         a6:1f:b8:09:2e:7b:3a:10:3c:d9:f2:1e:08:a0:5d:e7:64:f8:
         f3:1f:16:5e:74:c5:53:74:07:0b:e4:e2:1a:f1:56:51:bf:6b:
         24:da:87:78:14:be:8c:c4:67:fa:e2:d6:d5:c9:46:30:87:b0:
         46:11:bf:98:d4:08:82:07:7f:5a:22:c4:78:44:7b:fd:81:17:
         51:86:e8:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypRfGNsegsRbvVVdALhyumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YzI5Yzg1ODIzMTIyZDNhYzdjN2Y0ODA1ZDViMjQyODcw
ZDJkZTIwHhcNMjYwMzAxMTIwMDU5WhcNMjYwMzAyMTIwMDU5WjAzMTEwLwYDVQQD
EygyMjM4ZTc1M2MwMmNlYjU2ZDZiMDUzZTliM2NlMmU2NzUzOGUyOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNNF7AK/auTOaMcXqRpPqEHh7Yqo
dMNJ3xVd3oYo8yscApHnzFbA7hCV4TICnLjg37jTwLdzsKm7qxgtlIzIJ4Dm5y6W
Lr7Xv80Ppz9zQ+AQfzQqFXDYnwRIU4aD13QXlOeoQFYu3rlTJGUfXh7AvrEB+Do5
+p5yPCGoJQ1YNoG6L55fSKXB4OGsm0IszXHvTTJg/XzlBrt9E7A6O0o2f26XNbXH
DnSe4xNo+TEjwx9cgCyegJ/AMLuJFnrOMey2scV1OhDl/b5Evw1cZOtkjMmOsoRO
1HN/BcKx/SluhfE+sZsrYPiXuff4/CV9fn6Bj5g3ztGsgor8I9UK7wa6ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCI451PALOtW1rBT6bPOLmdTjij7MB8GA1UdIwQY
MBaAFEnCnIWCMSLTrHx/SAXVskKHDS3iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUt
OWMyZDA0NGRkNGFmLzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hNTdhNjMtYTZiNC00MTY1LTllNWUtOWMyZDA0NGRkNGFm
LzEvU2NLY2hZSXhJdE9zZkg5SUJkV3lRb2NOTGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnQhHGsz6
9exgkU0d9gzGm5DLUWXO+1cyPFK6psC73JF8zt12aLAM1mHPfd0zR4HhpztWp65f
fef53p/fAmJ3k8/4AsjbepKrdpwooQ/6EzMNDWnNx80vFiQFrLQOxLQt1BRUuJHr
EbMk+oCLzMxRziAqm8S73bJmEZCumnZH+/qpzT5NxmTobfaEpkSL/7RBFdmgi/4V
cQ29gOll9rBaHNv2UeIQLciQRNGSoIicGRbpSpl4ph+4CS57OhA82fIeCKBd52T4
8x8WXnTFU3QHC+TiGvFWUb9rJNqHeBS+jMRn+uLW1clGMIewRhG/mNQIggd/WiLE
eER7/YEXUYbotQ==
-----END CERTIFICATE-----