Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft
File:                     STGaFtGrBlzvNlhRkqfv-H-VFV8.mft (raw, json)
Hash identifier:          YbMWBp/94rnqtUB6JSmXuFG7WIT8Uekl5xMgkLFitCg=
Subject key identifier:   C5:F8:56:CB:FC:34:7B:C4:23:B9:A3:E7:54:23:94:1C:91:07:44:3A
Authority key identifier: 49:31:9A:16:D1:AB:06:5C:EF:36:58:51:92:A7:EF:F8:7F:95:15:5F
Certificate issuer:       /CN=49319a16d1ab065cef36585192a7eff87f95155f
Certificate serial:       019CAB6B55F633866B14DDE4045F83A9A9C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/STGaFtGrBlzvNlhRkqfv-H-VFV8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft
Manifest number:          0708
Signing time:             Sun 01 Mar 2026 22:01:03 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:03 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:03 +0000
Files and hashes:         1: STGaFtGrBlzvNlhRkqfv-H-VFV8.crl (hash: ad2gj0JbqBqFzQ16/1j3Sm69gK8Cfbwy8/CGKR93dtk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/STGaFtGrBlzvNlhRkqfv-H-VFV8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:55:f6:33:86:6b:14:dd:e4:04:5f:83:a9:a9:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49319a16d1ab065cef36585192a7eff87f95155f
        Validity
            Not Before: Mar  1 22:01:03 2026 GMT
            Not After : Mar  2 22:01:03 2026 GMT
        Subject: CN=c5f856cbfc347bc423b9a3e75423941c9107443a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d1:a9:ff:1a:d2:72:c6:25:bb:2b:30:5e:82:
                    fd:8b:c6:93:81:5b:f8:37:80:2c:5a:17:60:72:98:
                    d5:8d:a8:36:4f:10:8d:bb:8f:95:49:3f:39:b8:83:
                    6b:cc:ac:4f:1a:ad:fa:e3:bd:d5:16:d7:25:8a:57:
                    3a:94:de:5b:40:2d:4b:aa:33:42:ab:84:43:61:41:
                    02:23:bc:83:31:ec:26:d6:06:a0:ad:b4:e4:e3:4d:
                    38:7e:a6:54:57:a9:22:4b:7c:30:6b:e5:17:35:85:
                    ef:62:64:56:a5:47:9c:1e:f4:41:9e:aa:04:2a:4b:
                    80:3a:21:fd:55:03:46:e2:1d:95:9f:18:a4:04:88:
                    c4:49:20:d3:47:ac:a7:59:57:3f:2a:2c:5c:31:5f:
                    db:01:c1:1b:1e:6a:5e:7c:a0:07:09:f9:88:ed:5a:
                    2e:fb:a5:82:60:5b:9a:ce:7b:01:4d:61:80:d8:82:
                    04:0f:d0:d6:54:50:64:92:02:e7:37:79:45:ed:48:
                    d6:17:50:dd:a3:65:1c:30:1d:4b:62:08:f2:7f:9d:
                    2b:25:e2:f4:cf:0e:a3:9c:00:77:cf:f2:f6:47:cb:
                    cc:89:23:6f:64:91:a1:7b:c2:20:36:e4:71:f8:3e:
                    6a:b3:ab:87:97:45:6e:23:86:bc:d6:a5:94:1a:22:
                    26:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:F8:56:CB:FC:34:7B:C4:23:B9:A3:E7:54:23:94:1C:91:07:44:3A
            X509v3 Authority Key Identifier:
                keyid:49:31:9A:16:D1:AB:06:5C:EF:36:58:51:92:A7:EF:F8:7F:95:15:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STGaFtGrBlzvNlhRkqfv-H-VFV8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/13da12-e553-4714-9618-4ce506cf7a2c/1/STGaFtGrBlzvNlhRkqfv-H-VFV8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:8e:19:90:ce:03:a5:fd:2a:4f:7b:ea:32:bc:3e:b0:2b:c9:
         2a:f2:49:dd:82:68:b9:5c:8d:66:e1:43:89:b6:b3:24:76:de:
         1e:f9:6a:90:75:f5:07:8e:7e:85:1d:58:68:cf:97:2c:0a:32:
         87:5c:4a:75:16:59:e9:ed:0b:ff:aa:27:0e:44:52:30:31:c0:
         78:17:36:25:45:ba:02:37:b2:ab:3d:75:d9:59:0b:95:1b:c1:
         0d:94:14:f6:c3:4c:2d:49:ed:d8:fb:93:90:eb:19:6c:fb:9d:
         c0:e3:e8:c4:67:ed:50:2c:b9:0f:18:f3:65:f8:8b:99:6b:30:
         aa:6f:6b:3d:30:87:2c:91:f2:d2:16:b9:53:37:f0:cc:90:6c:
         99:bf:06:d7:78:21:f7:87:2f:5e:15:ed:bc:ed:b6:0f:74:27:
         76:f2:6a:4c:2d:01:50:64:5a:18:e7:e1:14:a7:98:8d:65:43:
         08:47:13:2c:7a:73:38:26:73:81:44:af:c7:1e:b6:f3:58:25:
         09:1f:08:b3:60:dc:f8:47:6f:f9:80:33:df:f2:fa:db:d6:a2:
         e6:81:95:27:63:14:58:cc:db:99:02:3c:78:f2:17:8c:3d:35:
         fd:2a:da:2a:b4:4f:23:6a:d9:ec:3c:c8:22:1c:3e:f6:ec:b5:
         e9:d4:08:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra1X2M4ZrFN3kBF+DqanJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MzE5YTE2ZDFhYjA2NWNlZjM2NTg1MTkyYTdlZmY4N2Y5
NTE1NWYwHhcNMjYwMzAxMjIwMTAzWhcNMjYwMzAyMjIwMTAzWjAzMTEwLwYDVQQD
EyhjNWY4NTZjYmZjMzQ3YmM0MjNiOWEzZTc1NDIzOTQxYzkxMDc0NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9Gp/xrScsYluyswXoL9i8aTgVv4
N4AsWhdgcpjVjag2TxCNu4+VST85uINrzKxPGq36473VFtclilc6lN5bQC1LqjNC
q4RDYUECI7yDMewm1gagrbTk4004fqZUV6kiS3wwa+UXNYXvYmRWpUecHvRBnqoE
KkuAOiH9VQNG4h2VnxikBIjESSDTR6ynWVc/KixcMV/bAcEbHmpefKAHCfmI7Vou
+6WCYFuaznsBTWGA2IIED9DWVFBkkgLnN3lF7UjWF1Ddo2UcMB1LYgjyf50rJeL0
zw6jnAB3z/L2R8vMiSNvZJGhe8IgNuRx+D5qs6uHl0VuI4a81qWUGiImwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMX4Vsv8NHvEI7mj51QjlByRB0Q6MB8GA1UdIwQY
MBaAFEkxmhbRqwZc7zZYUZKn7/h/lRVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RHYUZ0R3JCbHp2TmxoUmtxZnYtSC1WRlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xM2RhMTItZTU1My00NzE0LTk2MTgt
NGNlNTA2Y2Y3YTJjLzEvU1RHYUZ0R3JCbHp2TmxoUmtxZnYtSC1WRlY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xM2RhMTItZTU1My00NzE0LTk2MTgtNGNlNTA2Y2Y3YTJj
LzEvU1RHYUZ0R3JCbHp2TmxoUmtxZnYtSC1WRlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMI4ZkM4D
pf0qT3vqMrw+sCvJKvJJ3YJouVyNZuFDibazJHbeHvlqkHX1B45+hR1YaM+XLAoy
h1xKdRZZ6e0L/6onDkRSMDHAeBc2JUW6Ajeyqz112VkLlRvBDZQU9sNMLUnt2PuT
kOsZbPudwOPoxGftUCy5DxjzZfiLmWswqm9rPTCHLJHy0ha5UzfwzJBsmb8G13gh
94cvXhXtvO22D3QndvJqTC0BUGRaGOfhFKeYjWVDCEcTLHpzOCZzgUSvxx6281gl
CR8Is2Dc+Edv+YAz3/L629ai5oGVJ2MUWMzbmQI8ePIXjD01/SraKrRPI2rZ7DzI
Ihw+9uy16dQIAA==
-----END CERTIFICATE-----