Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
File:                     o_60EOB9CI-2UbkTdJuBJX47mVI.mft (raw, json)
Hash identifier:          pg3ayjM8nqaspY4e4kjgCcZ5zIHoNlrtst4gMXB/yD0=
Subject key identifier:   D8:45:7A:C1:68:F4:FA:09:61:A3:5E:D1:34:28:1E:4B:3D:E9:C6:65
Authority key identifier: A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52
Certificate issuer:       /CN=a3feb410e07d088fb651b913749b81257e3b9952
Certificate serial:       019CAB6BB963FD298883FF4B1D9CD07D8161
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
Manifest number:          1290
Signing time:             Sun 01 Mar 2026 22:01:29 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:29 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:29 +0000
Files and hashes:         1: o_60EOB9CI-2UbkTdJuBJX47mVI.crl (hash: 5W5MGNveHt65W+e+Xc2XzjdDxm30fUQXbZ7gb2th7e0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:b9:63:fd:29:88:83:ff:4b:1d:9c:d0:7d:81:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3feb410e07d088fb651b913749b81257e3b9952
        Validity
            Not Before: Mar  1 22:01:29 2026 GMT
            Not After : Mar  2 22:01:29 2026 GMT
        Subject: CN=d8457ac168f4fa0961a35ed134281e4b3de9c665
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:cb:0b:dd:3c:9c:27:02:22:7a:00:e8:71:e1:
                    79:fe:6a:8b:e9:b8:a3:a2:1c:53:01:ea:b1:75:0c:
                    f2:c2:56:9e:35:13:51:5b:a3:23:74:44:3f:33:c0:
                    30:bc:4b:f8:5f:35:ee:80:31:79:0d:d3:5e:6f:a4:
                    d3:2d:8c:f0:ec:1a:7a:eb:a5:3d:af:4f:07:2a:fb:
                    96:16:7b:6a:7b:30:00:ce:67:b8:f2:02:ef:82:4c:
                    37:3b:ab:07:6b:3d:b4:7f:7c:aa:18:04:07:6f:0b:
                    ac:00:8d:38:1d:08:fc:28:fc:0b:97:f9:63:ca:99:
                    89:51:52:2b:0c:c3:a7:6d:b7:34:eb:0d:29:ad:a8:
                    91:c3:78:43:b9:25:a6:d5:d2:f1:7d:f4:88:63:2b:
                    d8:3f:cb:73:5d:99:5b:45:82:ad:21:a0:09:5d:d0:
                    24:70:a7:57:f5:26:14:94:3e:ab:66:f5:cf:51:d1:
                    66:a8:74:a2:bb:1f:d1:23:a4:25:03:05:40:b9:6e:
                    ff:06:a0:66:1d:fc:33:fd:53:cd:e3:9d:33:45:aa:
                    05:8c:89:67:29:87:73:2b:96:33:e6:e7:93:df:2d:
                    72:9c:d9:8b:b7:16:39:86:2a:7e:8d:64:e4:b5:2c:
                    0e:71:31:e9:50:1f:3c:1e:3d:d6:46:af:84:6a:fa:
                    76:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:45:7A:C1:68:F4:FA:09:61:A3:5E:D1:34:28:1E:4B:3D:E9:C6:65
            X509v3 Authority Key Identifier:
                keyid:A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:6f:3f:63:2d:58:7b:f3:9f:41:f4:8f:2e:79:16:9d:24:3a:
         13:67:94:7a:eb:af:92:6b:2e:a4:e8:dc:ef:67:27:ed:87:fb:
         29:2e:fc:2a:7e:bd:fa:fe:bb:7c:c0:57:16:65:95:b1:f6:4c:
         a7:09:44:64:0b:e0:61:a1:ab:12:c9:4a:36:ee:b0:3f:ab:5b:
         c6:ce:b5:83:43:fa:34:e9:dd:e2:1c:bb:34:99:9a:90:c4:86:
         18:5d:bd:5e:92:a5:99:b9:cd:2f:9c:58:2a:21:ca:c5:e3:1f:
         6b:b0:6b:91:6f:75:55:bc:5c:c0:7f:3e:dc:c2:d6:89:03:0d:
         ec:c3:c6:07:4f:10:76:3f:bd:56:72:69:6d:4e:00:13:73:26:
         c4:2a:0c:7f:d6:ce:84:d1:3b:e2:18:17:2f:8f:ef:0d:2b:00:
         96:26:c9:c8:8d:44:10:63:d8:49:1d:8e:4b:3b:37:66:4d:81:
         48:34:43:5a:46:e0:f9:d6:21:a6:b7:90:52:1c:34:3a:d4:9a:
         4e:9c:a9:45:c9:35:e0:5d:ee:90:4c:8b:c3:01:bc:c5:61:19:
         fa:a0:45:91:ec:02:52:8c:98:7b:78:6f:52:5d:1a:a3:af:f3:
         33:7f:d4:7e:f6:e3:62:f1:c4:4a:dc:b7:27:33:21:a8:41:d8:
         e1:bf:ef:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra7lj/SmIg/9LHZzQfYFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZmViNDEwZTA3ZDA4OGZiNjUxYjkxMzc0OWI4MTI1N2Uz
Yjk5NTIwHhcNMjYwMzAxMjIwMTI5WhcNMjYwMzAyMjIwMTI5WjAzMTEwLwYDVQQD
EyhkODQ1N2FjMTY4ZjRmYTA5NjFhMzVlZDEzNDI4MWU0YjNkZTljNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8sL3TycJwIiegDoceF5/mqL6bij
ohxTAeqxdQzywlaeNRNRW6MjdEQ/M8AwvEv4XzXugDF5DdNeb6TTLYzw7Bp666U9
r08HKvuWFntqezAAzme48gLvgkw3O6sHaz20f3yqGAQHbwusAI04HQj8KPwLl/lj
ypmJUVIrDMOnbbc06w0praiRw3hDuSWm1dLxffSIYyvYP8tzXZlbRYKtIaAJXdAk
cKdX9SYUlD6rZvXPUdFmqHSiux/RI6QlAwVAuW7/BqBmHfwz/VPN450zRaoFjIln
KYdzK5Yz5ueT3y1ynNmLtxY5hip+jWTktSwOcTHpUB88Hj3WRq+Eavp2OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhFesFo9PoJYaNe0TQoHks96cZlMB8GA1UdIwQY
MBaAFKP+tBDgfQiPtlG5E3SbgSV+O5lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMt
MjM0YjMyMmEwY2ZlLzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMtMjM0YjMyMmEwY2Zl
LzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP28/Yy1Y
e/OfQfSPLnkWnSQ6E2eUeuuvkmsupOjc72cn7Yf7KS78Kn69+v67fMBXFmWVsfZM
pwlEZAvgYaGrEslKNu6wP6tbxs61g0P6NOnd4hy7NJmakMSGGF29XpKlmbnNL5xY
KiHKxeMfa7BrkW91VbxcwH8+3MLWiQMN7MPGB08Qdj+9VnJpbU4AE3MmxCoMf9bO
hNE74hgXL4/vDSsAlibJyI1EEGPYSR2OSzs3Zk2BSDRDWkbg+dYhpreQUhw0OtSa
TpypRck14F3ukEyLwwG8xWEZ+qBFkewCUoyYe3hvUl0ao6/zM3/UfvbjYvHESty3
JzMhqEHY4b/vVg==
-----END CERTIFICATE-----