Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
File:                     f1HfHfTohn5B5ef5Lef50foMFU0.mft (raw, json)
Hash identifier:          nfbOYloBtX0PSI9n+PDhYtWXlB9fX/lpRaTCXKTVJMI=
Subject key identifier:   D2:ED:19:18:59:BA:27:53:C5:F0:81:D4:E2:35:58:C1:27:35:7C:59
Authority key identifier: 7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D
Certificate issuer:       /CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
Certificate serial:       019CABD946EBBA5838EDD323606535B8505D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
Manifest number:          0D2B
Signing time:             Mon 02 Mar 2026 00:01:08 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:08 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:08 +0000
Files and hashes:         1: f1HfHfTohn5B5ef5Lef50foMFU0.crl (hash: NYF9bQ813jqxvfvNtFFDYl+QBj0cFiKDtV02MVTPqFI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:46:eb:ba:58:38:ed:d3:23:60:65:35:b8:50:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d
        Validity
            Not Before: Mar  2 00:01:08 2026 GMT
            Not After : Mar  3 00:01:08 2026 GMT
        Subject: CN=d2ed191859ba2753c5f081d4e23558c127357c59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:56:83:e3:c8:88:06:4f:0a:52:93:85:50:ca:
                    66:eb:a6:66:1b:b1:0d:30:ed:88:71:1d:df:2e:a5:
                    39:bf:a6:71:15:2c:93:17:fd:bf:17:2e:11:fa:a1:
                    63:73:2c:06:8b:29:05:ef:f0:db:64:d1:6f:3e:0f:
                    44:30:27:f1:46:c9:9e:d4:8f:aa:bc:de:bf:7b:b4:
                    eb:67:42:eb:42:b9:91:d2:fe:d3:80:c7:f5:1a:77:
                    01:56:9c:c7:56:4c:ad:d7:a0:89:87:a0:e2:dd:ef:
                    fd:1b:12:06:5f:80:d8:1e:9e:fc:ad:fa:85:51:5b:
                    cd:5d:6a:c1:3b:3c:64:93:e9:a5:50:40:41:49:34:
                    7b:c8:b3:12:2b:40:11:7f:f7:cd:92:c1:ad:a5:c8:
                    9f:1d:2a:b1:b3:97:15:6d:e8:50:96:8f:07:7c:77:
                    13:06:27:c9:e4:b5:2d:2e:f2:a0:5d:6e:20:ef:1a:
                    5a:d5:b2:0e:9e:9a:ea:7b:f6:e1:3e:30:63:63:9e:
                    ba:cc:08:44:49:e2:8a:c5:0f:9f:d7:12:3a:44:11:
                    46:cc:e2:58:c5:5c:7e:ae:d3:da:80:fa:d0:93:8b:
                    76:43:88:48:a8:11:d6:7c:ba:b1:ce:7c:1d:8f:2a:
                    7f:a6:42:6c:ae:5a:0a:85:71:5f:94:1e:38:6e:79:
                    e4:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:ED:19:18:59:BA:27:53:C5:F0:81:D4:E2:35:58:C1:27:35:7C:59
            X509v3 Authority Key Identifier:
                keyid:7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:89:45:88:66:52:8c:b5:a9:14:1e:ae:63:5d:9a:9a:64:bf:
         8b:33:54:5c:d0:a3:70:cb:7f:a5:0d:cf:79:eb:bb:42:42:29:
         0a:70:4b:9c:d4:7e:f7:13:fc:b3:a2:e2:62:cc:fc:9b:9c:51:
         9d:78:93:27:3b:26:8c:44:86:3b:e6:f7:ba:2c:e6:c5:19:7f:
         d1:06:81:3d:6f:98:be:50:ca:54:1c:fa:ee:2a:1c:59:b1:32:
         dc:46:17:ce:8a:65:5e:25:50:df:43:96:be:6e:f3:b5:83:17:
         da:e8:16:be:26:cc:6b:2c:95:b4:65:1d:ee:d2:8e:ec:b5:b8:
         65:f3:59:d1:66:09:e9:14:5a:fb:44:ab:68:67:89:ac:17:14:
         88:6c:8d:c8:a0:b0:1c:d6:1a:56:e1:72:3e:ed:cf:d7:0c:3d:
         8b:0f:f2:20:87:52:65:e3:70:e8:32:36:42:c0:be:ad:c2:d5:
         53:80:df:3d:bb:0a:15:45:07:d3:9b:f9:ee:76:6a:17:b8:9c:
         66:72:df:b5:fb:73:db:21:3f:34:aa:f4:72:e8:4e:42:1e:df:
         14:eb:d5:9c:b8:98:99:03:a8:d3:06:30:96:e8:b7:19:25:6a:
         c5:96:07:4c:d0:7c:13:16:3b:0d:0d:b3:56:45:c9:99:1b:22:
         a2:1a:d7:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2Ubrulg47dMjYGU1uFBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTFkZjFkZjRlODg2N2U0MWU1ZTdmOTJkZTdmOWQxZmEw
YzE1NGQwHhcNMjYwMzAyMDAwMTA4WhcNMjYwMzAzMDAwMTA4WjAzMTEwLwYDVQQD
EyhkMmVkMTkxODU5YmEyNzUzYzVmMDgxZDRlMjM1NThjMTI3MzU3YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVaD48iIBk8KUpOFUMpm66ZmG7EN
MO2IcR3fLqU5v6ZxFSyTF/2/Fy4R+qFjcywGiykF7/DbZNFvPg9EMCfxRsme1I+q
vN6/e7TrZ0LrQrmR0v7TgMf1GncBVpzHVkyt16CJh6Di3e/9GxIGX4DYHp78rfqF
UVvNXWrBOzxkk+mlUEBBSTR7yLMSK0ARf/fNksGtpcifHSqxs5cVbehQlo8HfHcT
BifJ5LUtLvKgXW4g7xpa1bIOnprqe/bhPjBjY566zAhESeKKxQ+f1xI6RBFGzOJY
xVx+rtPagPrQk4t2Q4hIqBHWfLqxznwdjyp/pkJsrloKhXFflB44bnnkIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLtGRhZuidTxfCB1OI1WMEnNXxZMB8GA1UdIwQY
MBaAFH9R3x306IZ+QeXn+S3n+dH6DBVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgt
NmQ5MDM1YWYxNTM1LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgtNmQ5MDM1YWYxNTM1
LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr4lFiGZS
jLWpFB6uY12ammS/izNUXNCjcMt/pQ3Peeu7QkIpCnBLnNR+9xP8s6LiYsz8m5xR
nXiTJzsmjESGO+b3uizmxRl/0QaBPW+YvlDKVBz67iocWbEy3EYXzoplXiVQ30OW
vm7ztYMX2ugWvibMayyVtGUd7tKO7LW4ZfNZ0WYJ6RRa+0SraGeJrBcUiGyNyKCw
HNYaVuFyPu3P1ww9iw/yIIdSZeNw6DI2QsC+rcLVU4DfPbsKFUUH05v57nZqF7ic
ZnLftftz2yE/NKr0cuhOQh7fFOvVnLiYmQOo0wYwlui3GSVqxZYHTNB8ExY7DQ2z
VkXJmRsiohrX/A==
-----END CERTIFICATE-----