Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
File:                     PRf0av89iyHwD-6PY16uNKf0pNc.mft (raw, json)
Hash identifier:          /vy04LvWGla3b5mdn32VElQLYZfsWqtUnWLA/tthAQA=
Subject key identifier:   D5:63:65:4C:34:2E:7A:E0:DC:A4:09:08:C4:86:15:E7:B3:11:4A:30
Authority key identifier: 3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7
Certificate issuer:       /CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
Certificate serial:       019CAB6B6849895E6A5034D06FD975BC942B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
Manifest number:          0D34
Signing time:             Sun 01 Mar 2026 22:01:08 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:08 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:08 +0000
Files and hashes:         1: PRf0av89iyHwD-6PY16uNKf0pNc.crl (hash: 7sZAulJt+2coct8Xkb4sV4fctA8twxQlDcrFDxuGB3M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:68:49:89:5e:6a:50:34:d0:6f:d9:75:bc:94:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d17f46aff3d8b21f00fee8f635eae34a7f4a4d7
        Validity
            Not Before: Mar  1 22:01:08 2026 GMT
            Not After : Mar  2 22:01:08 2026 GMT
        Subject: CN=d563654c342e7ae0dca40908c48615e7b3114a30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:77:66:4f:14:f5:85:30:4a:2e:15:01:07:96:
                    92:29:03:bf:85:4d:e8:94:f9:e7:fc:7a:30:4f:16:
                    3d:70:1b:ae:18:65:5f:f6:56:88:64:c5:a8:da:d6:
                    9f:2d:e8:2c:27:7a:39:b8:ba:78:f6:aa:21:5e:57:
                    2f:15:b5:8f:76:8f:88:4c:45:ff:db:65:7e:42:68:
                    70:3c:8a:5c:a3:e5:d4:d3:de:d5:b4:ee:51:da:46:
                    41:3c:82:dd:27:8b:a7:b8:33:20:fd:75:71:f7:83:
                    ce:e5:13:bf:b1:39:e7:f3:fe:d8:94:a8:d0:35:77:
                    f7:cb:ea:a3:69:73:69:9b:e7:05:f5:c3:6e:72:dc:
                    3f:21:8d:ca:c2:f8:ff:de:76:16:ef:e8:2f:49:e1:
                    2e:c1:05:63:6a:57:00:c7:9f:6a:5f:6c:97:5f:1a:
                    54:94:75:ea:74:ef:f2:0a:4f:50:31:b6:ad:60:b7:
                    ea:22:3d:84:da:88:c1:7e:3f:4d:e3:d7:43:b6:9e:
                    5c:2e:66:a3:50:f2:ba:c3:30:98:a2:85:c6:33:48:
                    73:3f:b7:94:f6:17:8a:ed:f0:42:3b:c7:ac:14:3f:
                    aa:31:60:a7:1f:03:a2:95:52:3e:cb:34:f0:41:b9:
                    7e:78:4f:57:3e:88:63:70:aa:6f:05:4c:01:f9:ed:
                    dd:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:63:65:4C:34:2E:7A:E0:DC:A4:09:08:C4:86:15:E7:B3:11:4A:30
            X509v3 Authority Key Identifier:
                keyid:3D:17:F4:6A:FF:3D:8B:21:F0:0F:EE:8F:63:5E:AE:34:A7:F4:A4:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRf0av89iyHwD-6PY16uNKf0pNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b281c7-cd9a-4375-b84a-851ed529f222/1/PRf0av89iyHwD-6PY16uNKf0pNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:9c:bf:64:dd:b3:fd:f0:a7:a7:5d:65:fa:b4:dd:9e:8a:3f:
         60:12:03:22:8a:24:30:30:c6:05:06:d8:5e:f4:97:11:94:26:
         c2:d2:b1:d9:b8:24:79:47:d5:90:3d:63:4e:59:fb:69:69:a3:
         3c:af:c4:8c:32:85:24:32:c6:df:95:8f:d6:0c:bd:5a:cc:2d:
         54:e4:18:94:dd:25:98:a9:7c:11:b1:3a:c5:91:63:f3:9c:4c:
         85:d0:dd:d4:73:27:8f:e1:40:5f:44:f3:f6:02:9c:1b:04:b6:
         10:7c:38:b6:f9:16:74:77:68:db:bc:02:53:6b:d3:00:72:df:
         c1:e8:e8:53:cd:07:da:ba:64:61:22:38:af:97:f9:ef:96:6f:
         52:ff:98:98:70:59:94:46:5e:ca:87:c6:f6:b5:42:e1:05:30:
         bb:d3:91:40:23:f5:ee:d2:b8:21:25:f5:6d:02:25:1d:cb:89:
         de:35:a4:45:4f:fc:bc:63:fe:3d:51:ee:4d:73:fc:b6:bc:71:
         65:e0:bb:fe:57:9b:db:5f:88:c4:16:ae:ab:bf:55:b5:1a:a0:
         68:a7:8c:9c:92:07:5b:48:2d:5e:60:3f:0e:11:a2:87:25:6f:
         92:de:80:71:07:26:c5:78:c6:ae:57:ba:4f:e7:e6:88:b1:99:
         91:84:c9:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra2hJiV5qUDTQb9l1vJQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTdmNDZhZmYzZDhiMjFmMDBmZWU4ZjYzNWVhZTM0YTdm
NGE0ZDcwHhcNMjYwMzAxMjIwMTA4WhcNMjYwMzAyMjIwMTA4WjAzMTEwLwYDVQQD
EyhkNTYzNjU0YzM0MmU3YWUwZGNhNDA5MDhjNDg2MTVlN2IzMTE0YTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXdmTxT1hTBKLhUBB5aSKQO/hU3o
lPnn/HowTxY9cBuuGGVf9laIZMWo2tafLegsJ3o5uLp49qohXlcvFbWPdo+ITEX/
22V+QmhwPIpco+XU097VtO5R2kZBPILdJ4unuDMg/XVx94PO5RO/sTnn8/7YlKjQ
NXf3y+qjaXNpm+cF9cNuctw/IY3Kwvj/3nYW7+gvSeEuwQVjalcAx59qX2yXXxpU
lHXqdO/yCk9QMbatYLfqIj2E2ojBfj9N49dDtp5cLmajUPK6wzCYooXGM0hzP7eU
9heK7fBCO8esFD+qMWCnHwOilVI+yzTwQbl+eE9XPohjcKpvBUwB+e3dwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNVjZUw0Lnrg3KQJCMSGFeezEUowMB8GA1UdIwQY
MBaAFD0X9Gr/PYsh8A/uj2NerjSn9KTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEt
ODUxZWQ1MjlmMjIyLzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMjgxYzctY2Q5YS00Mzc1LWI4NGEtODUxZWQ1MjlmMjIy
LzEvUFJmMGF2ODlpeUh3RC02UFkxNnVOS2YwcE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm5y/ZN2z
/fCnp11l+rTdnoo/YBIDIookMDDGBQbYXvSXEZQmwtKx2bgkeUfVkD1jTln7aWmj
PK/EjDKFJDLG35WP1gy9WswtVOQYlN0lmKl8EbE6xZFj85xMhdDd1HMnj+FAX0Tz
9gKcGwS2EHw4tvkWdHdo27wCU2vTAHLfwejoU80H2rpkYSI4r5f575ZvUv+YmHBZ
lEZeyofG9rVC4QUwu9ORQCP17tK4ISX1bQIlHcuJ3jWkRU/8vGP+PVHuTXP8trxx
ZeC7/leb21+IxBauq79VtRqgaKeMnJIHW0gtXmA/DhGihyVvkt6AcQcmxXjGrle6
T+fmiLGZkYTJiw==
-----END CERTIFICATE-----