Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
File:                     bQmekI59iHniTR7eCdgSz0at4sw.mft (raw, json)
Hash identifier:          XeOSFOgX4xW/FEPTU8hc6DuVMvSJARLt5QpGDKHERsY=
Subject key identifier:   C3:79:19:95:35:46:76:CA:69:A5:09:3D:BE:0C:2D:3B:2A:C7:E6:93
Authority key identifier: 6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC
Certificate issuer:       /CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
Certificate serial:       019CABD98244DEE6A66E2A5FDA16D7236F11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
Manifest number:          0742
Signing time:             Mon 02 Mar 2026 00:01:24 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:24 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:24 +0000
Files and hashes:         1: bQmekI59iHniTR7eCdgSz0at4sw.crl (hash: 2RN9R4C1+WxxHy8y8Vg+tIauaJLLWvWGme8/317yN6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:82:44:de:e6:a6:6e:2a:5f:da:16:d7:23:6f:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d099e908e7d8879e24d1ede09d812cf46ade2cc
        Validity
            Not Before: Mar  2 00:01:24 2026 GMT
            Not After : Mar  3 00:01:24 2026 GMT
        Subject: CN=c3791995354676ca69a5093dbe0c2d3b2ac7e693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:da:83:e8:67:d0:86:e1:9d:61:4d:d1:86:7e:
                    15:b0:c6:ec:42:90:83:21:11:00:71:1b:f7:8a:c3:
                    c6:0e:59:62:6b:1c:64:fb:01:67:36:40:73:13:25:
                    7a:58:d5:9e:b7:ba:c1:7f:05:df:a7:b7:9c:9a:2d:
                    eb:17:42:df:ad:cd:47:27:c7:e7:d9:33:b1:e0:76:
                    a6:1a:c8:92:5d:6e:db:fe:a7:12:44:8e:92:95:2d:
                    00:70:53:6a:ff:24:29:61:3a:4c:09:c0:2e:09:9f:
                    9b:6f:7a:56:f6:a0:a1:1b:41:b6:11:38:fc:70:d5:
                    16:a1:2f:fd:5c:dd:63:11:41:14:e2:c1:74:68:4e:
                    61:1a:7e:20:fb:e0:74:6f:7f:8a:8f:2d:f5:26:cf:
                    04:4f:78:66:7a:39:f9:20:f1:2f:64:c9:5e:5e:2d:
                    51:f7:20:30:1e:e9:51:61:56:5a:d4:c7:95:79:af:
                    79:7b:c8:0b:a1:dd:b7:8d:05:57:75:50:90:dc:e5:
                    ab:ff:27:57:75:84:74:6a:d9:db:bc:6b:14:b8:21:
                    92:19:7c:c3:a9:b7:3e:4b:0d:f4:e1:97:a8:b1:0f:
                    b0:34:25:a0:4e:84:e1:26:5b:2c:f3:0e:71:e0:26:
                    70:fa:1b:26:4f:fc:be:5f:94:16:81:bf:ef:5e:51:
                    19:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:79:19:95:35:46:76:CA:69:A5:09:3D:BE:0C:2D:3B:2A:C7:E6:93
            X509v3 Authority Key Identifier:
                keyid:6D:09:9E:90:8E:7D:88:79:E2:4D:1E:DE:09:D8:12:CF:46:AD:E2:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQmekI59iHniTR7eCdgSz0at4sw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/45c53d-aba9-42f7-8496-7cce34fe6b5d/1/bQmekI59iHniTR7eCdgSz0at4sw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:25:20:4b:45:0e:ee:b2:b8:85:fa:ca:b2:cc:9a:a8:fc:69:
         e2:19:ed:a3:cb:96:78:16:51:b5:17:d7:6a:55:bc:33:e9:7f:
         f1:88:fc:51:53:88:48:0a:72:5e:71:7f:15:25:1e:ad:eb:29:
         dc:98:a8:2f:c2:f6:1c:f3:34:29:ef:49:fa:27:54:84:aa:31:
         33:82:08:f0:66:02:a3:3b:9c:04:d0:be:fd:cc:06:3d:0f:83:
         dd:29:72:88:4d:5a:90:9a:54:50:c0:42:6b:fa:9e:b1:39:a0:
         cb:1d:0e:e2:bd:c0:b2:43:51:bc:54:c0:f9:36:45:64:e9:c3:
         9b:7f:e8:fa:2b:39:73:9b:02:d8:9f:80:c5:9d:eb:21:f1:1a:
         7d:e8:3f:0e:9e:b9:0c:58:5a:31:46:ef:b4:af:fd:26:12:40:
         be:2a:6c:bf:c5:ca:2f:a3:54:7d:10:b8:25:d1:17:58:a8:9e:
         0d:81:a5:e0:b9:ae:74:27:b8:e8:18:c1:b2:de:1c:20:49:d1:
         61:ef:30:ab:46:44:fd:1c:90:55:a2:61:c9:57:26:b0:07:51:
         18:9b:7d:dc:5c:e8:73:1d:a1:84:83:53:9a:a3:4a:44:ea:de:
         47:f9:db:82:8b:43:b2:b7:fb:c2:7e:f5:3b:4e:f1:43:7e:2f:
         d5:b8:c6:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2YJE3uambipf2hbXI28RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDk5ZTkwOGU3ZDg4NzllMjRkMWVkZTA5ZDgxMmNmNDZh
ZGUyY2MwHhcNMjYwMzAyMDAwMTI0WhcNMjYwMzAzMDAwMTI0WjAzMTEwLwYDVQQD
EyhjMzc5MTk5NTM1NDY3NmNhNjlhNTA5M2RiZTBjMmQzYjJhYzdlNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9qD6GfQhuGdYU3Rhn4VsMbsQpCD
IREAcRv3isPGDlliaxxk+wFnNkBzEyV6WNWet7rBfwXfp7ecmi3rF0Lfrc1HJ8fn
2TOx4HamGsiSXW7b/qcSRI6SlS0AcFNq/yQpYTpMCcAuCZ+bb3pW9qChG0G2ETj8
cNUWoS/9XN1jEUEU4sF0aE5hGn4g++B0b3+Kjy31Js8ET3hmejn5IPEvZMleXi1R
9yAwHulRYVZa1MeVea95e8gLod23jQVXdVCQ3OWr/ydXdYR0atnbvGsUuCGSGXzD
qbc+Sw304ZeosQ+wNCWgToThJlss8w5x4CZw+hsmT/y+X5QWgb/vXlEZ2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMN5GZU1RnbKaaUJPb4MLTsqx+aTMB8GA1UdIwQY
MBaAFG0JnpCOfYh54k0e3gnYEs9GreLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYt
N2NjZTM0ZmU2YjVkLzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80NWM1M2QtYWJhOS00MmY3LTg0OTYtN2NjZTM0ZmU2YjVk
LzEvYlFtZWtJNTlpSG5pVFI3ZUNkZ1N6MGF0NHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOCUgS0UO
7rK4hfrKssyaqPxp4hnto8uWeBZRtRfXalW8M+l/8Yj8UVOISApyXnF/FSUeresp
3JioL8L2HPM0Ke9J+idUhKoxM4II8GYCozucBNC+/cwGPQ+D3SlyiE1akJpUUMBC
a/qesTmgyx0O4r3AskNRvFTA+TZFZOnDm3/o+is5c5sC2J+AxZ3rIfEafeg/Dp65
DFhaMUbvtK/9JhJAvipsv8XKL6NUfRC4JdEXWKieDYGl4LmudCe46BjBst4cIEnR
Ye8wq0ZE/RyQVaJhyVcmsAdRGJt93Fzocx2hhINTmqNKROreR/nbgotDsrf7wn71
O07xQ34v1bjGdQ==
-----END CERTIFICATE-----