Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft
File:                     mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft (raw, json)
Hash identifier:          /D/8iESGbMHvI1v08rDZ5eBa91G/wD7DLT4gUMVu8Pw=
Subject key identifier:   E2:55:99:03:9D:C0:C8:8D:02:00:82:B0:26:B4:CD:88:BA:5D:8C:B3
Authority key identifier: 98:24:1A:AC:9E:DA:7B:EF:69:08:9F:64:7B:5D:8F:77:4F:F4:3A:26
Certificate issuer:       /CN=98241aac9eda7bef69089f647b5d8f774ff43a26
Certificate serial:       019D265F9A2CA8848A1BE632F289B5C19D93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft
Manifest number:          0FBA
Signing time:             Wed 25 Mar 2026 19:01:32 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:32 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:32 +0000
Files and hashes:         1: mCQarJ7ae-9pCJ9ke12Pd0_0OiY.crl (hash: cgcV84PQigv9oqJT/ShyjAcrfqFNl1ru3tNwen4dvRc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:9a:2c:a8:84:8a:1b:e6:32:f2:89:b5:c1:9d:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98241aac9eda7bef69089f647b5d8f774ff43a26
        Validity
            Not Before: Mar 25 19:01:32 2026 GMT
            Not After : Mar 26 19:01:32 2026 GMT
        Subject: CN=e25599039dc0c88d020082b026b4cd88ba5d8cb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:85:51:d7:85:8c:0d:04:8c:1d:47:32:3d:0c:
                    1a:dc:33:3f:10:9a:c1:45:f2:3b:a2:9c:70:49:e1:
                    7e:3c:23:5c:39:6b:26:93:61:e7:88:c3:f9:d7:b7:
                    26:18:23:b8:17:f6:23:6e:94:3b:b5:9f:bd:e1:5b:
                    c4:15:52:4a:f5:ef:ea:19:6a:4a:86:e7:66:a8:e5:
                    5a:8e:5d:60:6a:d3:9b:f0:6e:00:a0:6c:4e:13:0e:
                    eb:a5:73:d3:ad:26:13:76:4e:aa:dd:54:f8:77:62:
                    99:45:86:bd:66:85:6c:16:e7:0f:72:f5:50:f0:94:
                    71:b9:fc:3d:50:c8:22:0b:ca:d5:ee:c4:55:3f:3e:
                    cd:9e:09:41:47:66:8a:e0:3b:79:6a:fb:10:bb:57:
                    11:1f:d2:be:81:0f:42:e8:9f:f0:fc:af:bf:13:9b:
                    25:59:9c:98:de:27:a0:06:a1:26:5b:b6:6d:63:6d:
                    14:cc:3f:bf:82:ec:bf:9f:d7:2e:e6:b1:d2:47:52:
                    f8:66:72:c6:ed:b7:7e:81:10:60:5b:00:a0:5f:04:
                    4b:94:35:0d:5b:35:ca:34:f4:02:ae:59:99:bd:36:
                    fc:5d:75:b9:57:56:03:4c:07:cb:44:3d:cb:9f:57:
                    39:90:11:21:ac:7c:42:d7:dd:cc:19:e5:c5:a4:8f:
                    46:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:55:99:03:9D:C0:C8:8D:02:00:82:B0:26:B4:CD:88:BA:5D:8C:B3
            X509v3 Authority Key Identifier:
                keyid:98:24:1A:AC:9E:DA:7B:EF:69:08:9F:64:7B:5D:8F:77:4F:F4:3A:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:b3:16:65:91:49:ef:a1:c4:05:a4:2e:9e:88:a0:0f:0a:fc:
         4b:d5:af:79:90:92:de:27:7d:21:0b:37:63:f6:ba:95:7e:1f:
         9c:db:22:12:00:fe:6f:4c:c9:b3:d7:37:7f:55:64:26:f1:35:
         b4:90:1f:6d:dd:56:44:fc:48:83:91:bf:93:9c:6e:ed:cd:df:
         ec:2b:d8:36:27:1d:46:a4:5c:7f:94:f2:78:6d:41:66:fa:03:
         47:f1:35:83:0e:2b:b2:d2:de:46:b8:35:0a:78:02:c1:39:0d:
         68:46:22:0b:a7:4e:8f:76:b9:52:91:77:e8:d4:3f:03:36:8d:
         a4:1b:88:a3:cc:21:fa:f8:a7:c7:6b:20:f8:d6:3b:45:f9:dd:
         04:1c:57:00:62:24:7b:4e:73:42:97:77:98:76:4a:47:68:5c:
         dc:ad:67:99:29:60:00:ac:bd:78:96:b9:7d:b4:59:9d:94:af:
         7f:12:4f:5e:f4:1d:61:9e:15:5c:e1:a2:72:1f:dc:53:0b:2f:
         43:4e:c7:e0:ab:67:5a:1f:f4:06:69:0a:72:27:7f:a8:22:a9:
         af:34:16:61:84:45:b2:a7:6d:ea:e3:f2:5e:b1:34:13:64:3d:
         b9:4c:eb:e2:29:43:cc:77:b7:39:ed:58:39:24:de:d7:8c:24:
         94:6a:71:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX5osqISKG+Yy8om1wZ2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MjQxYWFjOWVkYTdiZWY2OTA4OWY2NDdiNWQ4Zjc3NGZm
NDNhMjYwHhcNMjYwMzI1MTkwMTMyWhcNMjYwMzI2MTkwMTMyWjAzMTEwLwYDVQQD
EyhlMjU1OTkwMzlkYzBjODhkMDIwMDgyYjAyNmI0Y2Q4OGJhNWQ4Y2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroVR14WMDQSMHUcyPQwa3DM/EJrB
RfI7opxwSeF+PCNcOWsmk2HniMP517cmGCO4F/YjbpQ7tZ+94VvEFVJK9e/qGWpK
hudmqOVajl1gatOb8G4AoGxOEw7rpXPTrSYTdk6q3VT4d2KZRYa9ZoVsFucPcvVQ
8JRxufw9UMgiC8rV7sRVPz7NnglBR2aK4Dt5avsQu1cRH9K+gQ9C6J/w/K+/E5sl
WZyY3iegBqEmW7ZtY20UzD+/guy/n9cu5rHSR1L4ZnLG7bd+gRBgWwCgXwRLlDUN
WzXKNPQCrlmZvTb8XXW5V1YDTAfLRD3Ln1c5kBEhrHxC193MGeXFpI9GPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJVmQOdwMiNAgCCsCa0zYi6XYyzMB8GA1UdIwQY
MBaAFJgkGqye2nvvaQifZHtdj3dP9DomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9jZGE5NTgtM2NhYi00YjIzLTkxNmMt
MzVkZTM4NGMwOTgyLzEvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9jZGE5NTgtM2NhYi00YjIzLTkxNmMtMzVkZTM4NGMwOTgy
LzEvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArbMWZZFJ
76HEBaQunoigDwr8S9WveZCS3id9IQs3Y/a6lX4fnNsiEgD+b0zJs9c3f1VkJvE1
tJAfbd1WRPxIg5G/k5xu7c3f7CvYNicdRqRcf5TyeG1BZvoDR/E1gw4rstLeRrg1
CngCwTkNaEYiC6dOj3a5UpF36NQ/AzaNpBuIo8wh+vinx2sg+NY7RfndBBxXAGIk
e05zQpd3mHZKR2hc3K1nmSlgAKy9eJa5fbRZnZSvfxJPXvQdYZ4VXOGich/cUwsv
Q07H4KtnWh/0BmkKcid/qCKprzQWYYRFsqdt6uPyXrE0E2Q9uUzr4ilDzHe3Oe1Y
OSTe14wklGpxZA==
-----END CERTIFICATE-----