Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
File:                     R0NPTmaYKfhsbea6PrDo9m2piLY.mft (raw, json)
Hash identifier:          uJGE4e3A64mJ48zfhAuJ0+0U8zsbO1At7IozRQWk4+8=
Subject key identifier:   26:ED:A9:46:72:2D:D4:A8:3C:93:0C:04:31:0E:87:50:75:C1:11:C3
Authority key identifier: 47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6
Certificate issuer:       /CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
Certificate serial:       019D38664DE2E716CB814A3756A1F6A4CB47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
Manifest number:          02C1
Signing time:             Sun 29 Mar 2026 07:02:01 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:01 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:01 +0000
Files and hashes:         1: R0NPTmaYKfhsbea6PrDo9m2piLY.crl (hash: fMAQ8TPXxHxU84hjH0zQSduAJ4SYjvJCFZBQr50IgW0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:4d:e2:e7:16:cb:81:4a:37:56:a1:f6:a4:cb:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
        Validity
            Not Before: Mar 29 07:02:01 2026 GMT
            Not After : Mar 30 07:02:01 2026 GMT
        Subject: CN=26eda946722dd4a83c930c04310e875075c111c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a7:5d:4a:88:39:07:69:19:7a:22:6f:36:f9:
                    29:2e:09:30:19:cd:a0:1f:c7:53:d5:f0:6e:50:dd:
                    af:e8:8f:bf:a0:91:21:56:9f:78:88:28:e8:1b:11:
                    e3:a1:d0:6a:af:66:0e:17:63:f6:0d:56:e9:fb:3d:
                    d6:d9:4e:58:68:24:52:cf:69:be:e9:ee:19:e4:42:
                    52:e3:c4:e5:66:3b:7b:83:47:c0:93:9c:b3:df:d8:
                    4c:05:77:e7:0a:21:39:4e:fc:b8:7d:31:33:c7:f5:
                    10:e8:8f:87:7b:90:3c:0e:c9:4d:a3:08:cc:e8:65:
                    1b:8e:c8:a9:ca:a9:37:f8:2b:b4:da:73:5c:f9:9d:
                    e7:fc:80:cd:73:4c:44:05:8e:20:5f:c1:7a:b6:e0:
                    79:a6:5c:f3:64:a5:cd:2f:76:7e:96:e5:b1:2d:be:
                    78:af:f2:fc:2e:09:60:5b:ab:4e:0f:ee:94:f5:ad:
                    39:8c:9a:16:9e:8c:73:37:df:1a:33:c0:bf:55:16:
                    a9:5e:ac:3b:68:8e:4a:b5:01:53:f1:1f:23:84:cc:
                    a9:d3:a7:a5:d6:4c:3d:eb:40:04:83:f5:a3:03:c7:
                    f0:db:76:bb:21:23:7f:83:89:f9:bf:2f:30:a6:5b:
                    f1:76:3b:2d:ad:ec:8f:b9:20:d5:46:b4:44:0f:4b:
                    f6:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:ED:A9:46:72:2D:D4:A8:3C:93:0C:04:31:0E:87:50:75:C1:11:C3
            X509v3 Authority Key Identifier:
                keyid:47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:aa:78:c3:78:18:3b:33:8e:5b:01:c7:c0:23:4c:a5:75:54:
         be:44:77:f2:1a:c4:4f:12:27:ec:bf:93:37:4e:fb:e0:8f:58:
         89:53:5f:33:da:2e:74:ab:72:9a:32:d8:f1:89:6d:a8:54:7e:
         f6:cb:5c:00:e9:c9:5f:07:4e:39:86:09:7b:9d:8c:6b:69:c9:
         de:89:53:66:e5:c1:d5:c6:85:58:01:96:44:7d:1b:f3:46:26:
         5f:f0:53:70:47:ec:33:ff:16:1c:da:21:b7:5b:1e:b2:a9:5a:
         79:11:2e:fe:62:3a:a3:26:a8:bb:ae:7e:de:02:c1:a2:53:83:
         6c:44:41:32:34:db:80:77:15:a2:8a:56:42:5b:b7:e0:4e:56:
         d1:2b:4d:f1:8c:c7:61:74:c1:c6:a3:1b:8f:bf:81:81:bd:68:
         08:c4:7c:76:aa:9a:e6:77:0c:98:6f:b7:09:0c:46:de:59:0e:
         62:3e:28:4c:d0:c6:08:bc:f3:4a:7c:f2:89:2e:f5:62:1c:51:
         3a:6c:42:28:d5:35:99:58:d2:96:0d:bf:e2:84:8f:03:e8:4c:
         fd:68:f5:af:b8:e6:0f:91:34:c2:a9:a0:04:1f:58:70:36:d3:
         a9:1a:df:67:4c:ba:6d:70:ea:fb:6d:4b:9c:89:de:8c:7f:a7:
         96:13:06:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zk3i5xbLgUo3VqH2pMtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NDM0ZjRlNjY5ODI5Zjg2YzZkZTZiYTNlYjBlOGY2NmRh
OTg4YjYwHhcNMjYwMzI5MDcwMjAxWhcNMjYwMzMwMDcwMjAxWjAzMTEwLwYDVQQD
EygyNmVkYTk0NjcyMmRkNGE4M2M5MzBjMDQzMTBlODc1MDc1YzExMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaddSog5B2kZeiJvNvkpLgkwGc2g
H8dT1fBuUN2v6I+/oJEhVp94iCjoGxHjodBqr2YOF2P2DVbp+z3W2U5YaCRSz2m+
6e4Z5EJS48TlZjt7g0fAk5yz39hMBXfnCiE5Tvy4fTEzx/UQ6I+He5A8DslNowjM
6GUbjsipyqk3+Cu02nNc+Z3n/IDNc0xEBY4gX8F6tuB5plzzZKXNL3Z+luWxLb54
r/L8LglgW6tOD+6U9a05jJoWnoxzN98aM8C/VRapXqw7aI5KtQFT8R8jhMyp06el
1kw960AEg/WjA8fw23a7ISN/g4n5vy8wplvxdjstreyPuSDVRrRED0v2dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCbtqUZyLdSoPJMMBDEOh1B1wRHDMB8GA1UdIwQY
MBaAFEdDT05mmCn4bG3muj6w6PZtqYi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODkt
NWI5ZmZmZjA4MmYxLzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODktNWI5ZmZmZjA4MmYx
LzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVap4w3gY
OzOOWwHHwCNMpXVUvkR38hrETxIn7L+TN0774I9YiVNfM9oudKtymjLY8YltqFR+
9stcAOnJXwdOOYYJe52Ma2nJ3olTZuXB1caFWAGWRH0b80YmX/BTcEfsM/8WHNoh
t1sesqlaeREu/mI6oyaou65+3gLBolODbERBMjTbgHcVoopWQlu34E5W0StN8YzH
YXTBxqMbj7+Bgb1oCMR8dqqa5ncMmG+3CQxG3lkOYj4oTNDGCLzzSnzyiS71YhxR
OmxCKNU1mVjSlg2/4oSPA+hM/Wj1r7jmD5E0wqmgBB9YcDbTqRrfZ0y6bXDq+21L
nInejH+nlhMGsg==
-----END CERTIFICATE-----