Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft
File:                     U5UGCcqN1_bG-jzsrHeUIexsAQA.mft (raw, json)
Hash identifier:          6RxiVT2qcg4jjreqNPFjKJEGFdACtoX2sr/NeW0L68o=
Subject key identifier:   6B:60:56:8C:4C:5F:92:D8:3E:28:3B:D6:FE:61:DA:D4:4E:AF:42:0F
Authority key identifier: 53:95:06:09:CA:8D:D7:F6:C6:FA:3C:EC:AC:77:94:21:EC:6C:01:00
Certificate issuer:       /CN=53950609ca8dd7f6c6fa3cecac779421ec6c0100
Certificate serial:       019CAAFCFFEC3255AB649033A29A4DBA3525
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U5UGCcqN1_bG-jzsrHeUIexsAQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft
Manifest number:          0707
Signing time:             Sun 01 Mar 2026 20:00:33 +0000
Manifest this update:     Sun 01 Mar 2026 20:00:33 +0000
Manifest next update:     Mon 02 Mar 2026 20:00:33 +0000
Files and hashes:         1: U5UGCcqN1_bG-jzsrHeUIexsAQA.crl (hash: zhZxvDfihfLdDuwrVgDzQ1tHNDFGKlDHcZA7oo5pqTM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U5UGCcqN1_bG-jzsrHeUIexsAQA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 20:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:fc:ff:ec:32:55:ab:64:90:33:a2:9a:4d:ba:35:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53950609ca8dd7f6c6fa3cecac779421ec6c0100
        Validity
            Not Before: Mar  1 20:00:33 2026 GMT
            Not After : Mar  2 20:00:33 2026 GMT
        Subject: CN=6b60568c4c5f92d83e283bd6fe61dad44eaf420f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e5:f5:58:66:d4:c3:ec:96:6f:49:24:f9:cc:
                    d4:7c:2c:f1:d2:67:ef:3a:98:12:8f:fa:95:a4:2b:
                    c8:f9:4d:09:d2:21:a1:09:d9:07:b0:87:52:56:07:
                    bf:0f:f3:32:3c:7a:c2:95:46:c3:bc:31:ec:d0:16:
                    96:96:2d:c8:d3:c9:13:e5:a6:2f:df:f7:97:2f:39:
                    05:57:32:5f:f8:b8:31:c1:9f:80:d8:5c:c9:c1:b4:
                    1c:77:c2:f6:f3:84:87:ac:b5:05:39:fd:ec:d4:20:
                    30:71:38:4f:3d:ad:c1:41:ba:79:0b:e4:72:4d:64:
                    f6:e3:02:04:d0:12:fa:d8:36:02:e5:a9:a8:10:5c:
                    9e:87:e3:61:ff:89:be:56:e1:2c:fc:a1:3e:92:9b:
                    ae:5d:58:37:c2:93:7c:52:39:a2:8a:c3:2a:5c:7a:
                    22:42:fd:5a:9b:68:e9:d8:42:42:42:ad:f3:43:04:
                    c0:2a:4b:7e:07:dd:b3:62:87:b5:4d:33:f0:07:6b:
                    96:93:71:28:b9:8c:6a:ff:f9:68:57:8c:67:43:49:
                    ac:03:4e:c1:26:02:38:fb:da:42:de:ba:30:8b:ae:
                    5e:7a:f8:bf:61:f6:f5:32:af:01:50:d9:72:d2:1a:
                    e4:26:79:ce:77:dd:69:76:7a:6c:a4:14:12:34:73:
                    84:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:60:56:8C:4C:5F:92:D8:3E:28:3B:D6:FE:61:DA:D4:4E:AF:42:0F
            X509v3 Authority Key Identifier:
                keyid:53:95:06:09:CA:8D:D7:F6:C6:FA:3C:EC:AC:77:94:21:EC:6C:01:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U5UGCcqN1_bG-jzsrHeUIexsAQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/876a65-bf54-4652-8970-801cf4fec74e/1/U5UGCcqN1_bG-jzsrHeUIexsAQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:70:17:75:54:18:72:e9:30:27:58:6d:ab:87:4c:38:07:8f:
         45:47:bb:57:6a:48:c5:09:52:9f:ce:83:80:6a:b9:3e:54:4e:
         88:3c:c2:3d:e8:0f:46:99:d1:5d:ce:df:5a:23:53:4a:dd:9b:
         98:3d:87:eb:7d:45:3b:df:51:35:18:47:dc:70:6e:80:6b:a1:
         d0:d3:2c:83:64:90:24:fd:02:b3:c4:aa:1f:39:2d:72:88:47:
         2c:95:c1:b8:dc:2d:07:3e:6a:ce:22:50:de:57:0b:ff:1a:18:
         90:a9:8a:dc:5b:b1:ec:38:1d:0d:68:81:df:e4:21:de:73:ab:
         ac:9b:61:1a:ca:8f:b7:09:c6:de:e8:3e:3a:b3:af:fd:ae:1e:
         2c:ac:8e:b9:2f:fd:d5:94:06:7b:8c:3f:f2:c2:ce:ac:60:0f:
         5d:0f:68:a1:fe:2f:70:80:b1:19:6a:f2:f0:9b:6e:62:73:90:
         00:17:3f:43:3c:f6:e4:1f:fc:a5:b3:79:99:4c:50:ee:80:2e:
         ca:99:03:4e:81:e2:a0:20:e3:ed:e4:42:fb:d7:8f:2f:d3:0a:
         3e:e2:5a:15:77:c0:71:2c:48:09:14:9c:7f:11:7d:dd:ea:d3:
         7e:d3:7d:79:08:d1:27:38:55:a5:09:55:b7:bf:61:fd:7b:61:
         56:70:09:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/P/sMlWrZJAzoppNujUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOTUwNjA5Y2E4ZGQ3ZjZjNmZhM2NlY2FjNzc5NDIxZWM2
YzAxMDAwHhcNMjYwMzAxMjAwMDMzWhcNMjYwMzAyMjAwMDMzWjAzMTEwLwYDVQQD
Eyg2YjYwNTY4YzRjNWY5MmQ4M2UyODNiZDZmZTYxZGFkNDRlYWY0MjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquX1WGbUw+yWb0kk+czUfCzx0mfv
OpgSj/qVpCvI+U0J0iGhCdkHsIdSVge/D/MyPHrClUbDvDHs0BaWli3I08kT5aYv
3/eXLzkFVzJf+LgxwZ+A2FzJwbQcd8L284SHrLUFOf3s1CAwcThPPa3BQbp5C+Ry
TWT24wIE0BL62DYC5amoEFyeh+Nh/4m+VuEs/KE+kpuuXVg3wpN8UjmiisMqXHoi
Qv1am2jp2EJCQq3zQwTAKkt+B92zYoe1TTPwB2uWk3EouYxq//loV4xnQ0msA07B
JgI4+9pC3rowi65eevi/Yfb1Mq8BUNly0hrkJnnOd91pdnpspBQSNHOEtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtgVoxMX5LYPig71v5h2tROr0IPMB8GA1UdIwQY
MBaAFFOVBgnKjdf2xvo87Kx3lCHsbAEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTVVR0NjcU4xX2JHLWp6c3JIZVVJZXhzQVFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84NzZhNjUtYmY1NC00NjUyLTg5NzAt
ODAxY2Y0ZmVjNzRlLzEvVTVVR0NjcU4xX2JHLWp6c3JIZVVJZXhzQVFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84NzZhNjUtYmY1NC00NjUyLTg5NzAtODAxY2Y0ZmVjNzRl
LzEvVTVVR0NjcU4xX2JHLWp6c3JIZVVJZXhzQVFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd3AXdVQY
cukwJ1htq4dMOAePRUe7V2pIxQlSn86DgGq5PlROiDzCPegPRpnRXc7fWiNTSt2b
mD2H631FO99RNRhH3HBugGuh0NMsg2SQJP0Cs8SqHzktcohHLJXBuNwtBz5qziJQ
3lcL/xoYkKmK3Fux7DgdDWiB3+Qh3nOrrJthGsqPtwnG3ug+OrOv/a4eLKyOuS/9
1ZQGe4w/8sLOrGAPXQ9oof4vcICxGWry8JtuYnOQABc/Qzz25B/8pbN5mUxQ7oAu
ypkDToHioCDj7eRC+9ePL9MKPuJaFXfAcSxICRScfxF93erTftN9eQjRJzhVpQlV
t79h/XthVnAJKQ==
-----END CERTIFICATE-----