Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.mft
File:                     cOqX0WJrEm9ZHG-zHo7LiTnbQio.mft (raw, json)
Hash identifier:          IZrm08PkFWz+tpVU11vo1yejTdUK6IuOqd1F/Qe2fsA=
Subject key identifier:   A2:BE:59:E8:7E:5F:92:E8:4C:FB:10:7A:D0:21:DE:2F:44:9C:F9:42
Authority key identifier: 70:EA:97:D1:62:6B:12:6F:59:1C:6F:B3:1E:8E:CB:89:39:DB:42:2A
Certificate issuer:       /CN=70ea97d1626b126f591c6fb31e8ecb8939db422a
Certificate serial:       019D38D2C294425617FAB50841556080959B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cOqX0WJrEm9ZHG-zHo7LiTnbQio.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.mft
Manifest number:          01B9
Signing time:             Sun 29 Mar 2026 09:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:29 +0000
Files and hashes:         1: cOqX0WJrEm9ZHG-zHo7LiTnbQio.crl (hash: xLMU1xj9f8+h6JweHEFHYdq3EAuIxndaRzEdIGgZ9dk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cOqX0WJrEm9ZHG-zHo7LiTnbQio.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:c2:94:42:56:17:fa:b5:08:41:55:60:80:95:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70ea97d1626b126f591c6fb31e8ecb8939db422a
        Validity
            Not Before: Mar 29 09:00:29 2026 GMT
            Not After : Mar 30 09:00:29 2026 GMT
        Subject: CN=a2be59e87e5f92e84cfb107ad021de2f449cf942
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:fe:80:81:11:64:47:c0:74:97:b4:c1:ab:47:
                    78:c9:35:af:ad:6d:ac:93:83:93:44:43:0e:50:7e:
                    a0:35:ed:85:30:9b:84:b8:ce:34:82:01:65:51:d5:
                    f3:a5:91:01:2a:36:b2:56:f7:f2:27:1a:31:c1:4f:
                    ce:39:ce:66:3a:bb:68:4f:f9:f4:84:ac:e3:cf:28:
                    e7:dd:a7:0c:0c:c0:4d:c4:b4:1a:2d:9c:9d:db:b8:
                    14:74:18:68:d4:06:40:f8:fd:a0:c6:64:a9:ac:86:
                    da:65:46:a8:49:1b:ab:bd:8b:bc:47:70:df:ce:46:
                    c0:2b:d9:ba:4c:02:40:47:33:a7:39:36:88:3b:cd:
                    19:db:1d:6c:4a:3c:0b:72:1e:e3:19:29:27:fe:62:
                    ce:b7:9b:8b:90:47:58:ba:a7:05:c7:b2:a1:b9:7f:
                    f0:69:cc:7d:42:84:cd:65:6b:2b:8e:08:36:0e:a1:
                    c9:97:10:9b:47:dc:5b:8a:19:8c:29:29:f1:98:84:
                    0a:d8:2f:b4:ec:bc:a6:86:69:51:23:f2:10:68:40:
                    6f:7f:98:90:a5:90:59:27:2a:31:75:21:53:a7:02:
                    c7:73:f3:ec:90:1e:ff:02:f0:7e:10:ce:7e:a7:23:
                    69:d4:28:7c:b2:01:01:27:f0:e3:67:2f:05:82:77:
                    9e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:BE:59:E8:7E:5F:92:E8:4C:FB:10:7A:D0:21:DE:2F:44:9C:F9:42
            X509v3 Authority Key Identifier:
                keyid:70:EA:97:D1:62:6B:12:6F:59:1C:6F:B3:1E:8E:CB:89:39:DB:42:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOqX0WJrEm9ZHG-zHo7LiTnbQio.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b63569-a267-4144-ad30-ec9a7d1bdf5b/1/cOqX0WJrEm9ZHG-zHo7LiTnbQio.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:d7:08:7c:fd:52:b6:05:20:81:23:a9:ff:44:ea:22:28:98:
         e1:09:41:a6:bc:40:3a:4c:99:ce:3a:6b:5d:82:ed:5b:74:2c:
         fd:9d:97:27:d2:bc:08:12:ee:f2:d4:48:c8:92:63:a4:60:f3:
         2b:d4:56:0d:bc:e4:e9:09:eb:a1:cc:b8:7e:cf:b8:7d:b2:ec:
         8d:4d:71:8a:f9:53:3f:f5:96:a2:3b:dd:01:3a:0f:a6:e3:fd:
         eb:ec:21:11:fe:09:cf:73:54:c6:31:56:d0:56:12:41:2e:39:
         06:4c:43:6f:f4:00:90:84:04:de:8b:ad:1c:f6:72:4c:f6:ba:
         23:e3:3d:f6:49:d8:96:79:7c:5c:e0:eb:ef:6b:d5:e3:30:f9:
         79:27:08:6c:f5:d7:cb:d1:f0:12:35:7a:3b:84:9a:2e:ae:4e:
         18:b3:3b:b5:17:ce:22:d8:31:f5:ac:e0:4d:0d:65:a2:c7:1d:
         d8:a0:50:f4:8b:0c:51:1f:d6:a4:37:99:2c:86:1b:29:70:9a:
         af:07:67:53:0d:63:2f:9f:1f:c3:cd:7e:0a:6a:2a:81:ca:a1:
         75:6b:db:49:94:4e:79:4b:34:5d:ee:fd:ae:96:67:6a:7a:86:
         56:79:ba:30:a5:d6:1b:4a:23:f9:6b:88:6d:6a:21:f7:ee:62:
         dc:21:43:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040sKUQlYX+rUIQVVggJWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZWE5N2QxNjI2YjEyNmY1OTFjNmZiMzFlOGVjYjg5Mzlk
YjQyMmEwHhcNMjYwMzI5MDkwMDI5WhcNMjYwMzMwMDkwMDI5WjAzMTEwLwYDVQQD
EyhhMmJlNTllODdlNWY5MmU4NGNmYjEwN2FkMDIxZGUyZjQ0OWNmOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4P6AgRFkR8B0l7TBq0d4yTWvrW2s
k4OTREMOUH6gNe2FMJuEuM40ggFlUdXzpZEBKjayVvfyJxoxwU/OOc5mOrtoT/n0
hKzjzyjn3acMDMBNxLQaLZyd27gUdBho1AZA+P2gxmSprIbaZUaoSRurvYu8R3Df
zkbAK9m6TAJARzOnOTaIO80Z2x1sSjwLch7jGSkn/mLOt5uLkEdYuqcFx7KhuX/w
acx9QoTNZWsrjgg2DqHJlxCbR9xbihmMKSnxmIQK2C+07LymhmlRI/IQaEBvf5iQ
pZBZJyoxdSFTpwLHc/PskB7/AvB+EM5+pyNp1Ch8sgEBJ/DjZy8FgneedwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKK+Weh+X5LoTPsQetAh3i9EnPlCMB8GA1UdIwQY
MBaAFHDql9FiaxJvWRxvsx6Oy4k520IqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09xWDBXSnJFbTlaSEctekhvN0xpVG5iUWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9iNjM1NjktYTI2Ny00MTQ0LWFkMzAt
ZWM5YTdkMWJkZjViLzEvY09xWDBXSnJFbTlaSEctekhvN0xpVG5iUWlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9iNjM1NjktYTI2Ny00MTQ0LWFkMzAtZWM5YTdkMWJkZjVi
LzEvY09xWDBXSnJFbTlaSEctekhvN0xpVG5iUWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHtcIfP1S
tgUggSOp/0TqIiiY4QlBprxAOkyZzjprXYLtW3Qs/Z2XJ9K8CBLu8tRIyJJjpGDz
K9RWDbzk6Qnrocy4fs+4fbLsjU1xivlTP/WWojvdAToPpuP96+whEf4Jz3NUxjFW
0FYSQS45BkxDb/QAkIQE3outHPZyTPa6I+M99knYlnl8XODr72vV4zD5eScIbPXX
y9HwEjV6O4SaLq5OGLM7tRfOItgx9azgTQ1loscd2KBQ9IsMUR/WpDeZLIYbKXCa
rwdnUw1jL58fw81+CmoqgcqhdWvbSZROeUs0Xe79rpZnanqGVnm6MKXWG0oj+WuI
bWoh9+5i3CFDaA==
-----END CERTIFICATE-----