Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
File:                     ccWe2rmO-wzTdnYPQGnkxouL2iA.mft (raw, json)
Hash identifier:          HACUvXqk/WaRqRs8djGgyXyA9bLTe8KYxTCWgq6EYk0=
Subject key identifier:   54:84:0A:53:9E:F8:AF:DE:4A:B6:6A:A9:AD:93:C4:1F:73:46:B6:B6
Authority key identifier: 71:C5:9E:DA:B9:8E:FB:0C:D3:76:76:0F:40:69:E4:C6:8B:8B:DA:20
Certificate issuer:       /CN=71c59edab98efb0cd376760f4069e4c68b8bda20
Certificate serial:       019D2703B21A867B899F819549E3F917E31E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
Manifest number:          09D6
Signing time:             Wed 25 Mar 2026 22:00:46 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:46 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:46 +0000
Files and hashes:         1: ccWe2rmO-wzTdnYPQGnkxouL2iA.crl (hash: g3qlAw79pPs+ZXe9/0pOEbsxb0UdR6h6vu7jwymALyc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:b2:1a:86:7b:89:9f:81:95:49:e3:f9:17:e3:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71c59edab98efb0cd376760f4069e4c68b8bda20
        Validity
            Not Before: Mar 25 22:00:46 2026 GMT
            Not After : Mar 26 22:00:46 2026 GMT
        Subject: CN=54840a539ef8afde4ab66aa9ad93c41f7346b6b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:93:5f:90:0d:a7:71:5b:4a:95:7d:5f:80:c2:
                    ca:b7:34:f1:88:34:a9:2d:40:a0:43:f7:59:9c:03:
                    76:6c:33:92:53:18:da:35:c7:09:76:05:83:d8:41:
                    95:74:f2:a4:c1:ee:d9:3e:7b:4a:59:cd:5a:62:8e:
                    db:02:a1:41:b7:3d:ba:cf:22:20:21:b6:58:27:6e:
                    ba:8f:ec:f4:27:cc:9d:11:1d:07:8a:a0:d0:4e:95:
                    b1:6c:f3:65:b6:cc:54:ee:ce:f0:60:4b:e5:f6:3e:
                    66:5b:f5:b1:29:4f:a7:d9:0d:23:ed:38:11:16:fa:
                    cd:d3:e1:15:d9:89:0e:3a:a2:df:ee:2f:cb:8c:0d:
                    d6:9b:5b:de:aa:20:06:5f:0f:81:92:de:e7:39:27:
                    eb:1a:4f:bd:73:ee:fc:d4:7e:6f:d9:22:c6:a1:fe:
                    c6:54:cb:a3:7c:68:4d:05:37:24:5a:2a:ca:fd:f5:
                    0f:69:ac:ce:ff:e3:fb:4a:9b:74:f7:d6:d1:00:d0:
                    2c:37:b6:1f:70:cf:d3:83:98:98:97:39:2a:d3:07:
                    41:ee:8a:fe:01:1c:2b:2a:cb:29:c0:69:0a:51:fe:
                    b1:24:3e:82:1a:5d:23:c5:25:cb:30:ba:dc:04:d9:
                    a9:6e:83:c8:6d:d9:a9:d4:47:1c:e9:a6:36:6b:76:
                    62:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:84:0A:53:9E:F8:AF:DE:4A:B6:6A:A9:AD:93:C4:1F:73:46:B6:B6
            X509v3 Authority Key Identifier:
                keyid:71:C5:9E:DA:B9:8E:FB:0C:D3:76:76:0F:40:69:E4:C6:8B:8B:DA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccWe2rmO-wzTdnYPQGnkxouL2iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ff58dc-4971-4132-ba17-77ecbbb4f7d8/1/ccWe2rmO-wzTdnYPQGnkxouL2iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:8d:b2:c4:0c:21:a9:af:f6:27:2d:5b:1d:82:d0:62:b3:85:
         23:a6:53:a0:c6:51:f5:64:c5:37:24:91:76:49:7d:75:32:72:
         3f:bc:35:b5:d5:95:df:3e:44:42:c6:50:7f:03:ff:03:14:73:
         d8:ae:84:78:f1:7c:21:08:23:a0:cf:9d:9d:18:5c:ae:5c:74:
         a3:c0:b2:e0:6b:9d:00:70:c5:d9:ae:60:cd:c9:05:9c:6d:b2:
         d3:d9:b6:cc:97:23:d0:25:42:17:89:c8:4e:7c:05:bf:4e:75:
         64:78:f9:75:d2:d5:81:13:42:9d:56:21:a4:dd:63:2c:67:8e:
         59:e2:89:71:dd:93:45:3b:f0:5d:a8:ad:df:42:d3:c7:a0:36:
         b3:a9:07:7b:5e:b9:1c:7a:2c:c1:1c:3f:39:9c:af:09:da:67:
         6f:11:ab:13:83:b4:ac:dc:c0:24:01:06:c1:6f:98:df:6a:a6:
         44:c3:31:96:5f:f9:37:c5:a2:5a:cf:b7:a2:99:0d:26:e9:ec:
         8b:1b:04:37:cd:11:a1:d0:dc:0b:9c:fb:11:25:ce:ba:e9:5e:
         ad:f1:4f:92:e8:2e:53:43:f6:ca:7d:e0:de:16:f3:aa:40:6c:
         3a:83:a0:a0:fd:d2:73:8a:63:5d:71:96:08:fd:63:5e:47:90:
         43:1a:f8:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA7IahnuJn4GVSeP5F+MeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzU5ZWRhYjk4ZWZiMGNkMzc2NzYwZjQwNjllNGM2OGI4
YmRhMjAwHhcNMjYwMzI1MjIwMDQ2WhcNMjYwMzI2MjIwMDQ2WjAzMTEwLwYDVQQD
Eyg1NDg0MGE1MzllZjhhZmRlNGFiNjZhYTlhZDkzYzQxZjczNDZiNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZNfkA2ncVtKlX1fgMLKtzTxiDSp
LUCgQ/dZnAN2bDOSUxjaNccJdgWD2EGVdPKkwe7ZPntKWc1aYo7bAqFBtz26zyIg
IbZYJ266j+z0J8ydER0HiqDQTpWxbPNltsxU7s7wYEvl9j5mW/WxKU+n2Q0j7TgR
FvrN0+EV2YkOOqLf7i/LjA3Wm1veqiAGXw+Bkt7nOSfrGk+9c+781H5v2SLGof7G
VMujfGhNBTckWirK/fUPaazO/+P7Spt099bRANAsN7YfcM/Tg5iYlzkq0wdB7or+
ARwrKsspwGkKUf6xJD6CGl0jxSXLMLrcBNmpboPIbdmp1Ecc6aY2a3ZiJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSEClOe+K/eSrZqqa2TxB9zRra2MB8GA1UdIwQY
MBaAFHHFntq5jvsM03Z2D0Bp5MaLi9ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mZjU4ZGMtNDk3MS00MTMyLWJhMTct
NzdlY2JiYjRmN2Q4LzEvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mZjU4ZGMtNDk3MS00MTMyLWJhMTctNzdlY2JiYjRmN2Q4
LzEvY2NXZTJybU8td3pUZG5ZUFFHbmt4b3VMMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJo2yxAwh
qa/2Jy1bHYLQYrOFI6ZToMZR9WTFNySRdkl9dTJyP7w1tdWV3z5EQsZQfwP/AxRz
2K6EePF8IQgjoM+dnRhcrlx0o8Cy4GudAHDF2a5gzckFnG2y09m2zJcj0CVCF4nI
TnwFv051ZHj5ddLVgRNCnVYhpN1jLGeOWeKJcd2TRTvwXait30LTx6A2s6kHe165
HHoswRw/OZyvCdpnbxGrE4O0rNzAJAEGwW+Y32qmRMMxll/5N8WiWs+3opkNJuns
ixsEN80RodDcC5z7ESXOuulerfFPkuguU0P2yn3g3hbzqkBsOoOgoP3Sc4pjXXGW
CP1jXkeQQxr4BQ==
-----END CERTIFICATE-----