Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
File:                     r4yBlkcmb7yxOeZyqPuaV89Ysog.mft (raw, json)
Hash identifier:          MQq3WuVWbWOQv0CFcuUfVOY7Kq3nKc9kgn3TA+3/kFk=
Subject key identifier:   AE:34:BB:6C:27:92:6A:67:5D:CF:70:60:FA:70:83:32:06:C9:91:14
Authority key identifier: AF:8C:81:96:47:26:6F:BC:B1:39:E6:72:A8:FB:9A:57:CF:58:B2:88
Certificate issuer:       /CN=af8c819647266fbcb139e672a8fb9a57cf58b288
Certificate serial:       019CADC7DD340CA76656D4C774D119D0C952
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
Manifest number:          0659
Signing time:             Mon 02 Mar 2026 09:01:22 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:22 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:22 +0000
Files and hashes:         1: r4yBlkcmb7yxOeZyqPuaV89Ysog.crl (hash: 7+rkSO+FBBCV36c28VYd7wsNYRiWTgvKSiJ95fjrZq8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:dd:34:0c:a7:66:56:d4:c7:74:d1:19:d0:c9:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af8c819647266fbcb139e672a8fb9a57cf58b288
        Validity
            Not Before: Mar  2 09:01:22 2026 GMT
            Not After : Mar  3 09:01:22 2026 GMT
        Subject: CN=ae34bb6c27926a675dcf7060fa70833206c99114
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d1:35:ee:eb:36:cc:4c:1b:2e:11:e7:f2:3f:
                    da:2d:cb:89:a1:1e:10:3c:ad:58:fa:0d:c5:f3:7c:
                    b9:15:25:71:78:c7:a9:06:12:f3:12:3e:bd:83:7e:
                    8a:6e:6f:77:1b:ea:38:2f:7e:f3:0c:ec:41:1a:a7:
                    94:b7:1a:97:67:8c:8c:aa:83:c5:4a:79:96:8d:f1:
                    bf:ba:cc:24:3a:e0:a5:50:33:26:95:08:57:90:7a:
                    39:5e:ee:41:b2:b9:f6:5d:61:90:1c:40:9d:4e:e2:
                    73:82:90:fb:79:bc:5c:cd:0f:28:62:f2:2f:1e:be:
                    d0:c1:07:11:89:cd:0e:c4:7e:83:ad:83:0e:73:d9:
                    0f:f2:13:8d:ca:69:b2:ea:6f:7b:06:0d:3d:cb:f4:
                    94:7f:f4:0f:bb:33:4b:61:3e:7f:4f:62:86:05:5f:
                    68:61:2a:68:7c:7e:90:dc:57:14:0c:5a:27:69:31:
                    73:54:16:5f:b9:c3:b9:3d:d2:e0:21:d0:d9:51:15:
                    ae:c9:a9:d0:a5:75:e9:b9:8e:3b:43:28:da:8d:c6:
                    2f:c9:d6:98:de:fc:2b:0d:dd:65:53:88:9d:fe:bf:
                    c3:b3:90:43:3c:c4:ea:20:f5:69:cf:e1:04:07:f5:
                    9f:82:45:71:e6:e4:fe:ba:9e:18:9f:41:a5:9c:91:
                    95:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:34:BB:6C:27:92:6A:67:5D:CF:70:60:FA:70:83:32:06:C9:91:14
            X509v3 Authority Key Identifier:
                keyid:AF:8C:81:96:47:26:6F:BC:B1:39:E6:72:A8:FB:9A:57:CF:58:B2:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4yBlkcmb7yxOeZyqPuaV89Ysog.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/6be7af-97b8-4777-bbdd-30117c20bf42/1/r4yBlkcmb7yxOeZyqPuaV89Ysog.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:a3:8a:44:d5:65:58:d6:01:fa:8f:70:30:2b:c6:7e:c0:3e:
         a6:e6:7b:d4:63:38:69:60:59:0f:54:e8:90:ce:84:5e:01:d0:
         ed:8d:25:da:88:e9:a3:4f:92:cb:c5:11:6a:ae:18:6a:31:72:
         3a:d7:24:61:2d:dc:94:67:d6:fc:af:1f:de:98:c6:2d:ba:27:
         15:5b:6a:36:e8:9a:2a:01:07:2a:43:0e:93:8d:28:26:cf:13:
         2b:51:4b:ea:b1:6f:7a:fe:09:83:4e:ca:e5:93:83:b5:8c:47:
         12:b2:5a:9a:64:aa:eb:24:87:79:99:45:4b:38:0b:42:32:fb:
         4e:8f:b0:30:ec:92:e3:c0:56:95:1d:57:c2:fa:45:6b:80:6c:
         b5:e8:5c:50:76:97:a1:a9:84:2d:28:5b:c2:50:0c:fa:8f:92:
         29:55:ed:37:d1:78:64:03:82:b9:47:67:87:dc:c6:1b:3c:37:
         43:d1:21:a9:dd:e8:be:97:94:6b:e3:e3:c6:7e:1c:06:41:e9:
         1d:56:ec:42:03:95:89:c6:73:41:d2:c6:65:a7:e9:c8:7c:94:
         37:82:5b:3f:2f:28:1d:f8:4b:ae:6b:80:e2:46:c0:93:81:1e:
         36:ac:64:0d:15:31:f5:3a:e3:0c:d8:16:63:3a:c1:14:2f:1b:
         43:3e:97:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx900DKdmVtTHdNEZ0MlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOGM4MTk2NDcyNjZmYmNiMTM5ZTY3MmE4ZmI5YTU3Y2Y1
OGIyODgwHhcNMjYwMzAyMDkwMTIyWhcNMjYwMzAzMDkwMTIyWjAzMTEwLwYDVQQD
EyhhZTM0YmI2YzI3OTI2YTY3NWRjZjcwNjBmYTcwODMzMjA2Yzk5MTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tE17us2zEwbLhHn8j/aLcuJoR4Q
PK1Y+g3F83y5FSVxeMepBhLzEj69g36Kbm93G+o4L37zDOxBGqeUtxqXZ4yMqoPF
SnmWjfG/uswkOuClUDMmlQhXkHo5Xu5Bsrn2XWGQHECdTuJzgpD7ebxczQ8oYvIv
Hr7QwQcRic0OxH6DrYMOc9kP8hONymmy6m97Bg09y/SUf/QPuzNLYT5/T2KGBV9o
YSpofH6Q3FcUDFonaTFzVBZfucO5PdLgIdDZURWuyanQpXXpuY47QyjajcYvydaY
3vwrDd1lU4id/r/Ds5BDPMTqIPVpz+EEB/WfgkVx5uT+up4Yn0GlnJGVCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK40u2wnkmpnXc9wYPpwgzIGyZEUMB8GA1UdIwQY
MBaAFK+MgZZHJm+8sTnmcqj7mlfPWLKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC82YmU3YWYtOTdiOC00Nzc3LWJiZGQt
MzAxMTdjMjBiZjQyLzEvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC82YmU3YWYtOTdiOC00Nzc3LWJiZGQtMzAxMTdjMjBiZjQy
LzEvcjR5QmxrY21iN3l4T2VaeXFQdWFWODlZc29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhKOKRNVl
WNYB+o9wMCvGfsA+puZ71GM4aWBZD1TokM6EXgHQ7Y0l2ojpo0+Sy8URaq4YajFy
OtckYS3clGfW/K8f3pjGLbonFVtqNuiaKgEHKkMOk40oJs8TK1FL6rFvev4Jg07K
5ZODtYxHErJammSq6ySHeZlFSzgLQjL7To+wMOyS48BWlR1XwvpFa4BstehcUHaX
oamELShbwlAM+o+SKVXtN9F4ZAOCuUdnh9zGGzw3Q9Ehqd3ovpeUa+Pjxn4cBkHp
HVbsQgOVicZzQdLGZafpyHyUN4JbPy8oHfhLrmuA4kbAk4EeNqxkDRUx9TrjDNgW
YzrBFC8bQz6XMQ==
-----END CERTIFICATE-----