Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
File:                     2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft (raw, json)
Hash identifier:          FRzUbbGx9DaXWYxJkbJu3EmQSqHO1tX7gjQbUcuD0/w=
Subject key identifier:   A8:19:FC:DD:55:9E:B3:4F:D4:B1:2F:47:DC:9F:7B:34:43:32:11:8A
Authority key identifier: DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
Certificate issuer:       /CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Certificate serial:       019D25F16BEBBC1AFBD8A09D47B0779FA857
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
Manifest number:          06C7
Signing time:             Wed 25 Mar 2026 17:01:11 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:11 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:11 +0000
Files and hashes:         1: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl (hash: j+59fEIKus6Kv4fzYwlu28gsb/5PUJo3z3ZDAqF435c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 17:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:6b:eb:bc:1a:fb:d8:a0:9d:47:b0:77:9f:a8:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
        Validity
            Not Before: Mar 25 17:01:11 2026 GMT
            Not After : Mar 26 17:01:11 2026 GMT
        Subject: CN=a819fcdd559eb34fd4b12f47dc9f7b344332118a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:cc:65:86:2e:3b:26:c2:3d:50:31:16:50:45:
                    8c:5f:69:09:e8:f5:a5:67:e0:f5:97:57:3a:26:86:
                    10:44:93:a4:fe:36:59:ab:6f:52:a2:51:4f:71:78:
                    13:65:0a:f7:a2:2c:7a:aa:2f:c1:da:fb:c2:31:63:
                    6b:5c:d7:27:37:b9:02:ae:cc:b0:62:13:04:d7:ed:
                    6d:a3:33:54:69:22:9a:a3:88:c5:08:97:31:5c:c6:
                    ee:a9:4c:ea:41:c3:87:be:73:ef:b4:9c:67:cb:b6:
                    44:bb:e2:7d:09:8d:c1:3e:87:0b:7c:a9:2c:69:09:
                    cb:ae:84:f3:9a:66:84:b4:52:a1:27:dc:f2:d0:a8:
                    e4:17:8a:e5:4e:1e:11:3a:27:08:28:5b:74:70:cd:
                    28:ad:f7:e7:11:9f:40:59:96:7f:f3:20:8f:06:cd:
                    ad:22:8f:55:2e:a6:55:19:e6:7d:a3:f5:ae:06:b4:
                    a0:16:f7:08:18:f8:30:dd:d4:c6:60:75:f6:0f:d0:
                    a8:65:70:35:1d:b0:df:95:14:e8:ab:07:c7:c3:36:
                    87:9f:90:f9:a9:27:ae:ce:d0:46:4a:67:be:9e:35:
                    83:a3:24:ae:a0:35:96:eb:89:97:c3:0c:48:e7:19:
                    69:40:d0:ab:83:39:74:01:2f:ef:33:cc:66:f0:c0:
                    d3:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:19:FC:DD:55:9E:B3:4F:D4:B1:2F:47:DC:9F:7B:34:43:32:11:8A
            X509v3 Authority Key Identifier:
                keyid:DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:b8:37:41:d1:6e:11:c9:c5:3f:7f:22:9a:e6:c4:0c:ba:e7:
         e2:36:55:2f:60:00:91:90:ca:ac:89:6a:dd:71:eb:b3:1a:e3:
         fd:ae:a2:86:c7:f8:a5:ef:01:d2:78:dd:94:7d:1d:eb:e0:85:
         dd:0b:9e:85:7c:ac:32:4e:55:03:14:16:17:84:a0:79:f4:42:
         d4:2c:4f:fe:8e:db:49:87:38:74:0d:bc:20:9d:77:70:7b:74:
         bd:1d:ff:49:3c:be:7d:37:34:de:36:89:d9:0b:c1:c9:46:54:
         ce:59:09:d0:70:87:96:c9:49:c3:d6:bf:31:f2:2e:b2:e3:07:
         0b:5a:49:f4:92:9d:b9:a3:16:cf:cb:93:58:25:1d:8f:ae:55:
         03:37:04:a5:c1:32:4b:a7:95:0e:19:ff:4f:81:5c:ca:6d:b2:
         dc:ec:69:3c:96:ec:45:d8:13:6a:bf:f4:f4:7b:b7:90:67:cc:
         35:4a:86:97:09:f7:53:24:a7:25:c9:bc:d0:8a:97:8a:c9:bf:
         8b:a5:8b:9b:02:93:f1:ae:69:67:51:1d:81:2e:0e:cb:7c:81:
         8f:44:e0:48:fd:d3:1b:d1:2c:55:2a:4e:63:0c:5a:f4:79:18:
         43:17:ca:a8:ce:f3:fd:bd:75:29:a9:e4:2a:4c:a4:dd:96:87:
         b6:cf:9b:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8WvrvBr72KCdR7B3n6hXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTY3YzU4YjRhNmZlMjEyZmMyMGZiNzU2OTQ5YWRkYzFh
OWE2MmMwHhcNMjYwMzI1MTcwMTExWhcNMjYwMzI2MTcwMTExWjAzMTEwLwYDVQQD
EyhhODE5ZmNkZDU1OWViMzRmZDRiMTJmNDdkYzlmN2IzNDQzMzIxMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsxlhi47JsI9UDEWUEWMX2kJ6PWl
Z+D1l1c6JoYQRJOk/jZZq29SolFPcXgTZQr3oix6qi/B2vvCMWNrXNcnN7kCrsyw
YhME1+1tozNUaSKao4jFCJcxXMbuqUzqQcOHvnPvtJxny7ZEu+J9CY3BPocLfKks
aQnLroTzmmaEtFKhJ9zy0KjkF4rlTh4ROicIKFt0cM0orffnEZ9AWZZ/8yCPBs2t
Io9VLqZVGeZ9o/WuBrSgFvcIGPgw3dTGYHX2D9CoZXA1HbDflRToqwfHwzaHn5D5
qSeuztBGSme+njWDoySuoDWW64mXwwxI5xlpQNCrgzl0AS/vM8xm8MDTJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgZ/N1VnrNP1LEvR9yfezRDMhGKMB8GA1UdIwQY
MBaAFNqmfFi0pv4hL8IPt1aUmt3BqaYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYt
NTBmMzRmNDM1ZjAzLzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYtNTBmMzRmNDM1ZjAz
LzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa7g3QdFu
EcnFP38imubEDLrn4jZVL2AAkZDKrIlq3XHrsxrj/a6ihsf4pe8B0njdlH0d6+CF
3QuehXysMk5VAxQWF4SgefRC1CxP/o7bSYc4dA28IJ13cHt0vR3/STy+fTc03jaJ
2QvByUZUzlkJ0HCHlslJw9a/MfIusuMHC1pJ9JKduaMWz8uTWCUdj65VAzcEpcEy
S6eVDhn/T4Fcym2y3OxpPJbsRdgTar/09Hu3kGfMNUqGlwn3UySnJcm80IqXism/
i6WLmwKT8a5pZ1EdgS4Oy3yBj0TgSP3TG9EsVSpOYwxa9HkYQxfKqM7z/b11Kank
Kkyk3ZaHts+bhw==
-----END CERTIFICATE-----