Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
File:                     mNtTOItvp7HlovTGhjq3Hxz7VRI.mft (raw, json)
Hash identifier:          PhRlvZu4/NVFJidkakEZrqdzbmcelkNVqlRU6tb0mG8=
Subject key identifier:   E7:85:FC:31:95:B8:7E:77:C4:A5:82:9F:95:C1:E3:32:07:25:EC:BC
Authority key identifier: 98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12
Certificate issuer:       /CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512
Certificate serial:       019D2704927D712CF4A222A95CD663AAAA9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
Manifest number:          058C
Signing time:             Wed 25 Mar 2026 22:01:44 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:44 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:44 +0000
Files and hashes:         1: mNtTOItvp7HlovTGhjq3Hxz7VRI.crl (hash: VtaShdC4HgDcOK5EtkNX1LQZc1CVnS64K9VwxejR8vc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:92:7d:71:2c:f4:a2:22:a9:5c:d6:63:aa:aa:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98db53388b6fa7b1e5a2f4c6863ab71f1cfb5512
        Validity
            Not Before: Mar 25 22:01:44 2026 GMT
            Not After : Mar 26 22:01:44 2026 GMT
        Subject: CN=e785fc3195b87e77c4a5829f95c1e3320725ecbc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:71:c0:3a:5b:8d:2e:4b:52:b1:a5:e5:c4:a8:
                    38:46:80:33:3f:1d:7a:96:37:13:04:ac:6b:5a:fa:
                    63:1e:b4:41:f0:b5:65:6a:93:fc:7f:eb:b2:e3:b0:
                    26:e2:59:b5:1d:7a:ee:43:72:e4:a4:5e:03:1b:b3:
                    81:37:83:09:bd:56:be:ff:fc:bf:54:71:1a:d6:ca:
                    c7:6a:76:d7:91:1c:6f:d5:92:74:60:fd:57:67:ed:
                    be:cb:08:14:fb:bc:33:4c:cb:83:b5:9e:4a:04:ea:
                    0b:4b:03:93:97:9c:31:4a:70:4a:67:a6:f1:76:a2:
                    85:1f:02:64:e6:5c:28:fc:db:56:7a:a8:b0:d2:99:
                    0c:1f:6f:d5:6c:82:68:4a:28:0d:ba:7f:da:75:ea:
                    a2:98:df:14:00:3c:82:c9:df:ba:7c:40:36:68:77:
                    65:e3:58:ce:d6:05:4b:1c:2c:a3:c0:06:97:91:8b:
                    0e:60:50:1c:b8:af:16:43:f4:ce:ce:07:93:66:4e:
                    89:27:89:9d:e8:3a:f9:39:70:75:b7:54:42:f1:70:
                    9f:08:37:45:41:b6:2c:cb:c1:93:29:ba:7b:d4:45:
                    d0:c1:c4:64:56:40:01:62:1d:e7:93:14:d8:ed:c0:
                    6c:16:41:9c:75:b6:4e:da:c7:d4:17:27:ae:09:ed:
                    27:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:85:FC:31:95:B8:7E:77:C4:A5:82:9F:95:C1:E3:32:07:25:EC:BC
            X509v3 Authority Key Identifier:
                keyid:98:DB:53:38:8B:6F:A7:B1:E5:A2:F4:C6:86:3A:B7:1F:1C:FB:55:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mNtTOItvp7HlovTGhjq3Hxz7VRI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/996da3-9f8c-475b-8bf6-c7467da2db60/1/mNtTOItvp7HlovTGhjq3Hxz7VRI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:16:bf:b8:e8:7c:f1:2f:98:e0:a6:b9:2a:ab:55:00:17:3a:
         1e:88:98:6d:a9:42:ff:f4:e7:c5:31:20:af:28:f1:db:8a:09:
         f8:c5:80:17:fd:42:4f:67:44:4c:08:73:c1:b5:4e:61:e0:cb:
         b2:a0:19:fc:80:ab:6f:66:6e:35:72:39:d7:d1:c3:93:65:53:
         d9:28:03:a6:e0:69:5e:0c:56:bb:e8:8e:96:87:bf:15:76:e7:
         a2:8e:8c:b4:e8:f3:81:bb:5d:df:a0:fc:d5:f5:d0:cf:be:1b:
         15:0d:ca:c2:57:0d:98:53:c2:df:b9:8e:98:0b:8d:23:8c:bb:
         19:12:9f:64:34:04:59:7e:e9:e1:18:1d:3d:50:47:c9:51:b3:
         ba:b3:17:5e:17:cd:e8:77:db:4c:cf:db:d3:a2:a8:e1:b5:57:
         52:2f:77:c0:a7:aa:bf:ae:ef:b6:a9:ff:11:80:e1:21:28:83:
         5f:1b:61:7e:4f:43:7a:2b:48:69:1d:b1:8d:2c:b8:e6:c6:8b:
         42:9f:20:af:70:42:7f:b1:52:e6:0c:e2:46:22:76:fe:b3:bd:
         b4:f6:5b:2f:bd:d9:fa:c2:87:af:55:c4:04:43:c6:6e:bc:75:
         7d:19:91:88:e0:9a:43:80:2e:3f:7a:e7:50:27:01:f4:5a:5f:
         6b:9b:4a:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBJJ9cSz0oiKpXNZjqqqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZGI1MzM4OGI2ZmE3YjFlNWEyZjRjNjg2M2FiNzFmMWNm
YjU1MTIwHhcNMjYwMzI1MjIwMTQ0WhcNMjYwMzI2MjIwMTQ0WjAzMTEwLwYDVQQD
EyhlNzg1ZmMzMTk1Yjg3ZTc3YzRhNTgyOWY5NWMxZTMzMjA3MjVlY2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXHAOluNLktSsaXlxKg4RoAzPx16
ljcTBKxrWvpjHrRB8LVlapP8f+uy47Am4lm1HXruQ3LkpF4DG7OBN4MJvVa+//y/
VHEa1srHanbXkRxv1ZJ0YP1XZ+2+ywgU+7wzTMuDtZ5KBOoLSwOTl5wxSnBKZ6bx
dqKFHwJk5lwo/NtWeqiw0pkMH2/VbIJoSigNun/adeqimN8UADyCyd+6fEA2aHdl
41jO1gVLHCyjwAaXkYsOYFAcuK8WQ/TOzgeTZk6JJ4md6Dr5OXB1t1RC8XCfCDdF
QbYsy8GTKbp71EXQwcRkVkABYh3nkxTY7cBsFkGcdbZO2sfUFyeuCe0nXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOeF/DGVuH53xKWCn5XB4zIHJey8MB8GA1UdIwQY
MBaAFJjbUziLb6ex5aL0xoY6tx8c+1USMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OTZkYTMtOWY4Yy00NzViLThiZjYt
Yzc0NjdkYTJkYjYwLzEvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85OTZkYTMtOWY4Yy00NzViLThiZjYtYzc0NjdkYTJkYjYw
LzEvbU50VE9JdHZwN0hsb3ZUR2hqcTNIeHo3VlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMRa/uOh8
8S+Y4Ka5KqtVABc6HoiYbalC//TnxTEgryjx24oJ+MWAF/1CT2dETAhzwbVOYeDL
sqAZ/ICrb2ZuNXI519HDk2VT2SgDpuBpXgxWu+iOloe/FXbnoo6MtOjzgbtd36D8
1fXQz74bFQ3KwlcNmFPC37mOmAuNI4y7GRKfZDQEWX7p4RgdPVBHyVGzurMXXhfN
6HfbTM/b06Ko4bVXUi93wKeqv67vtqn/EYDhISiDXxthfk9DeitIaR2xjSy45saL
Qp8gr3BCf7FS5gziRiJ2/rO9tPZbL73Z+sKHr1XEBEPGbrx1fRmRiOCaQ4AuP3rn
UCcB9Fpfa5tKiA==
-----END CERTIFICATE-----