Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
File:                     a_CO0PpuGTufOlC_cmtB0MMpspc.mft (raw, json)
Hash identifier:          /kggzsTrWbXQwrfpbDUELHu/el6DVKmOIVD2vWlH0Ao=
Subject key identifier:   F5:CB:E0:30:E1:52:67:66:69:38:A6:B3:03:F1:FA:83:C4:9B:F5:84
Authority key identifier: 6B:F0:8E:D0:FA:6E:19:3B:9F:3A:50:BF:72:6B:41:D0:C3:29:B2:97
Certificate issuer:       /CN=6bf08ed0fa6e193b9f3a50bf726b41d0c329b297
Certificate serial:       019D269627936352590609E483E5B82FB903
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
Manifest number:          0475
Signing time:             Wed 25 Mar 2026 20:01:07 +0000
Manifest this update:     Wed 25 Mar 2026 20:01:07 +0000
Manifest next update:     Thu 26 Mar 2026 20:01:07 +0000
Files and hashes:         1: a_CO0PpuGTufOlC_cmtB0MMpspc.crl (hash: g2iXO099WmCvHOb+y/WRC0pjz/e1Fdm4MsnwmoMitIM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 20:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:96:27:93:63:52:59:06:09:e4:83:e5:b8:2f:b9:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bf08ed0fa6e193b9f3a50bf726b41d0c329b297
        Validity
            Not Before: Mar 25 20:01:07 2026 GMT
            Not After : Mar 26 20:01:07 2026 GMT
        Subject: CN=f5cbe030e15267666938a6b303f1fa83c49bf584
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:fa:fb:fb:ac:fa:6e:8c:b7:06:10:7e:f2:9b:
                    c7:cb:4c:df:b5:d4:55:ed:98:f4:15:08:f6:e9:af:
                    56:5f:56:03:22:36:a6:ad:16:9d:24:e7:0d:9a:0f:
                    94:e5:ad:52:c6:c5:d5:0b:7f:ce:6f:0c:9d:e1:33:
                    4f:78:f5:21:55:53:60:ad:97:2d:49:9d:b4:93:5c:
                    5b:18:22:9d:75:a1:e8:ad:d3:d0:f4:73:3a:3c:16:
                    f7:2a:78:34:fa:10:05:d6:c9:c1:c1:b3:31:9e:8d:
                    83:15:ea:7e:de:10:3d:13:7c:9c:bc:41:3d:f4:89:
                    c7:65:cd:f5:94:c5:14:12:f7:1e:b1:06:67:0f:64:
                    ea:72:ef:0d:0d:4b:79:55:f9:bc:66:7c:06:42:fa:
                    ec:eb:87:99:17:2e:22:dd:1b:4a:05:20:a8:61:26:
                    bc:45:1c:77:1d:b6:80:f4:ac:48:76:a4:2e:27:71:
                    71:77:21:76:8a:77:c4:fc:d5:00:e7:39:e6:0f:53:
                    e3:85:b7:3f:fd:d9:2f:f2:c4:7a:9c:6f:c5:19:d9:
                    aa:d6:9c:c8:b3:4c:c7:ae:e3:af:0d:66:46:2d:ff:
                    ec:ce:6b:ae:73:5f:40:23:56:a7:11:f5:f4:a9:e5:
                    e0:c2:7d:6f:75:fb:9a:7a:38:9d:db:b6:ba:1f:50:
                    c9:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:CB:E0:30:E1:52:67:66:69:38:A6:B3:03:F1:FA:83:C4:9B:F5:84
            X509v3 Authority Key Identifier:
                keyid:6B:F0:8E:D0:FA:6E:19:3B:9F:3A:50:BF:72:6B:41:D0:C3:29:B2:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a_CO0PpuGTufOlC_cmtB0MMpspc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/67a63a-1a03-4822-ac9e-3d4205f5e2d3/1/a_CO0PpuGTufOlC_cmtB0MMpspc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:12:5a:c2:b7:fd:1c:74:d8:eb:b9:82:63:13:4b:a0:b0:3a:
         90:e6:51:65:39:ad:b2:d8:90:62:59:78:f5:03:3c:64:d2:df:
         be:19:dd:52:da:ab:90:8f:24:a2:2a:ae:1d:17:75:e7:f9:30:
         f4:1f:0c:99:98:0b:07:07:5a:5f:3c:0c:1b:62:2f:e3:37:8b:
         bb:ba:43:20:67:7f:ef:94:e3:9c:49:22:9a:a8:c6:fe:f3:4a:
         96:a1:24:7b:2b:1e:a3:8f:8c:50:7e:74:75:d8:07:d5:20:85:
         31:37:fb:3b:1c:0e:70:41:a9:19:ba:89:dc:ab:2f:f3:33:d2:
         11:8e:66:53:44:79:8a:70:4e:6e:1d:af:cb:17:73:b9:7e:f8:
         23:8e:7f:86:8b:56:74:c9:93:67:86:36:d7:35:8f:2e:5f:2e:
         8b:bd:f1:46:3c:f1:5f:e3:6a:b3:79:34:f1:e6:8c:9b:dc:38:
         da:04:82:1f:c6:11:27:23:f1:a8:83:03:65:23:39:54:d9:77:
         cd:f3:e1:bd:77:85:91:fa:e1:5f:04:0f:2c:55:34:29:dd:11:
         a0:f5:36:cc:43:e7:db:ae:f9:73:55:62:f9:02:cc:50:cf:5f:
         d4:ed:3d:78:2d:e5:1c:c8:f8:bf:54:65:55:92:62:21:47:d9:
         0e:1f:68:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlieTY1JZBgnkg+W4L7kDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZjA4ZWQwZmE2ZTE5M2I5ZjNhNTBiZjcyNmI0MWQwYzMy
OWIyOTcwHhcNMjYwMzI1MjAwMTA3WhcNMjYwMzI2MjAwMTA3WjAzMTEwLwYDVQQD
EyhmNWNiZTAzMGUxNTI2NzY2NjkzOGE2YjMwM2YxZmE4M2M0OWJmNTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/r7+6z6boy3BhB+8pvHy0zftdRV
7Zj0FQj26a9WX1YDIjamrRadJOcNmg+U5a1SxsXVC3/Obwyd4TNPePUhVVNgrZct
SZ20k1xbGCKddaHordPQ9HM6PBb3Kng0+hAF1snBwbMxno2DFep+3hA9E3ycvEE9
9InHZc31lMUUEvcesQZnD2Tqcu8NDUt5Vfm8ZnwGQvrs64eZFy4i3RtKBSCoYSa8
RRx3HbaA9KxIdqQuJ3FxdyF2infE/NUA5znmD1Pjhbc//dkv8sR6nG/FGdmq1pzI
s0zHruOvDWZGLf/szmuuc19AI1anEfX0qeXgwn1vdfuaejid27a6H1DJAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXL4DDhUmdmaTimswPx+oPEm/WEMB8GA1UdIwQY
MBaAFGvwjtD6bhk7nzpQv3JrQdDDKbKXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC82N2E2M2EtMWEwMy00ODIyLWFjOWUt
M2Q0MjA1ZjVlMmQzLzEvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC82N2E2M2EtMWEwMy00ODIyLWFjOWUtM2Q0MjA1ZjVlMmQz
LzEvYV9DTzBQcHVHVHVmT2xDX2NtdEIwTU1wc3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsRJawrf9
HHTY67mCYxNLoLA6kOZRZTmtstiQYll49QM8ZNLfvhndUtqrkI8koiquHRd15/kw
9B8MmZgLBwdaXzwMG2Iv4zeLu7pDIGd/75TjnEkimqjG/vNKlqEkeyseo4+MUH50
ddgH1SCFMTf7OxwOcEGpGbqJ3Ksv8zPSEY5mU0R5inBObh2vyxdzuX74I45/hotW
dMmTZ4Y21zWPLl8ui73xRjzxX+Nqs3k08eaMm9w42gSCH8YRJyPxqIMDZSM5VNl3
zfPhvXeFkfrhXwQPLFU0Kd0RoPU2zEPn2675c1Vi+QLMUM9f1O09eC3lHMj4v1Rl
VZJiIUfZDh9opg==
-----END CERTIFICATE-----