Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
File:                     coCW6KzXbpqhfz62eAQG49pWPtI.mft (raw, json)
Hash identifier:          jFiCEqxri0ZmThqXniWrc5rilAXfH1N/p5aLj79gS6M=
Subject key identifier:   B3:A7:9C:46:5C:EA:DF:F4:8D:38:C0:93:24:BE:43:C4:66:37:17:99
Authority key identifier: 72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2
Certificate issuer:       /CN=728096e8acd76e9aa17f3eb6780406e3da563ed2
Certificate serial:       019D3940EEA2BC99B40C543AE5E8A0CED6B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
Manifest number:          1749
Signing time:             Sun 29 Mar 2026 11:00:49 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:49 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:49 +0000
Files and hashes:         1: coCW6KzXbpqhfz62eAQG49pWPtI.crl (hash: pOE4ntecYQ6v9y7/1ypuWE10l+8nKvOyp0/ZLm2KzOA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:ee:a2:bc:99:b4:0c:54:3a:e5:e8:a0:ce:d6:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=728096e8acd76e9aa17f3eb6780406e3da563ed2
        Validity
            Not Before: Mar 29 11:00:49 2026 GMT
            Not After : Mar 30 11:00:49 2026 GMT
        Subject: CN=b3a79c465ceadff48d38c09324be43c466371799
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:49:20:c5:f9:b4:8c:35:0f:bd:7b:c9:22:49:
                    3a:da:a5:f5:a8:59:da:6a:85:ef:bc:35:ad:f7:b2:
                    3a:51:f3:e3:b1:42:de:77:a8:ce:4e:6b:59:40:d6:
                    e9:07:5c:04:07:a4:b1:2c:ca:07:d7:2b:eb:15:47:
                    de:73:c5:b8:36:30:76:69:a1:70:65:9c:ee:5e:5b:
                    1e:d4:64:c3:c4:8b:09:98:8c:4a:a1:f4:5e:75:fb:
                    a9:c6:70:0a:3f:25:b9:45:a8:cb:f6:f2:a2:9c:2c:
                    d8:e3:de:12:db:ed:4f:1e:38:68:54:c4:9d:f1:e6:
                    95:31:c6:7b:32:9f:5c:9c:0e:08:be:c2:7d:36:b4:
                    a7:fa:2f:61:55:08:c1:9e:cb:c1:e4:78:c1:46:a5:
                    fb:d5:00:7b:de:87:96:77:70:7f:f5:6b:54:4d:99:
                    fa:aa:39:60:8f:6e:a3:0a:e2:aa:45:31:20:3a:d4:
                    d8:96:ab:ea:ab:d5:9a:91:41:d6:00:90:7a:b1:d5:
                    b3:94:2a:43:3e:e2:53:f1:e7:03:bc:2c:08:9b:19:
                    dc:bb:29:c6:e6:48:80:15:27:ce:0f:85:35:b6:b8:
                    81:47:aa:1d:65:1b:17:61:fb:75:71:c1:ec:2e:76:
                    fd:7d:ee:99:48:c5:81:8b:28:37:00:6f:5a:6a:3c:
                    d1:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:A7:9C:46:5C:EA:DF:F4:8D:38:C0:93:24:BE:43:C4:66:37:17:99
            X509v3 Authority Key Identifier:
                keyid:72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:05:db:e3:43:bc:8c:6b:cd:35:e7:0e:f0:c0:4c:c1:67:78:
         f4:b5:cc:7e:a3:3a:91:c5:be:e8:29:87:a4:a9:76:8b:5b:e4:
         7f:6d:5c:aa:1e:88:ea:67:7c:2e:f0:ae:e1:96:ff:f7:29:8d:
         79:0d:6e:40:41:84:c3:71:3d:ce:7d:db:9b:a5:f6:5b:b2:5c:
         db:a6:8b:1d:4d:82:2c:13:10:e0:af:96:95:06:0d:73:aa:a5:
         bf:5d:85:8e:98:d9:e4:0b:ec:8e:b4:66:53:dd:ff:59:6b:c0:
         a5:b5:6a:0d:01:bf:fb:19:b6:c0:78:8d:34:28:47:f4:4d:fd:
         b1:d8:0e:00:76:68:92:c7:59:e8:b2:57:ed:53:54:40:82:28:
         37:30:ef:3e:9e:07:59:fb:ab:4a:1d:46:62:3c:ba:5b:2a:4a:
         d0:b3:af:98:8e:ae:81:7a:80:18:04:e4:34:5b:2a:4b:3a:2d:
         66:d8:90:8a:5e:1c:47:d1:81:42:24:1d:df:fa:67:ed:ca:19:
         53:f0:0d:d7:78:a4:2d:24:26:50:83:e2:f1:66:01:fb:b7:9f:
         34:98:7e:95:0e:cf:6f:f4:14:a0:60:45:02:9c:ef:7c:e4:6a:
         58:73:ef:aa:68:3c:4f:d1:e8:41:df:83:0b:43:e7:54:73:28:
         f8:a7:5b:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QO6ivJm0DFQ65eigztaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyODA5NmU4YWNkNzZlOWFhMTdmM2ViNjc4MDQwNmUzZGE1
NjNlZDIwHhcNMjYwMzI5MTEwMDQ5WhcNMjYwMzMwMTEwMDQ5WjAzMTEwLwYDVQQD
EyhiM2E3OWM0NjVjZWFkZmY0OGQzOGMwOTMyNGJlNDNjNDY2MzcxNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ukgxfm0jDUPvXvJIkk62qX1qFna
aoXvvDWt97I6UfPjsULed6jOTmtZQNbpB1wEB6SxLMoH1yvrFUfec8W4NjB2aaFw
ZZzuXlse1GTDxIsJmIxKofRedfupxnAKPyW5RajL9vKinCzY494S2+1PHjhoVMSd
8eaVMcZ7Mp9cnA4IvsJ9NrSn+i9hVQjBnsvB5HjBRqX71QB73oeWd3B/9WtUTZn6
qjlgj26jCuKqRTEgOtTYlqvqq9WakUHWAJB6sdWzlCpDPuJT8ecDvCwImxncuynG
5kiAFSfOD4U1triBR6odZRsXYft1ccHsLnb9fe6ZSMWBiyg3AG9aajzRWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOnnEZc6t/0jTjAkyS+Q8RmNxeZMB8GA1UdIwQY
MBaAFHKAluis126aoX8+tngEBuPaVj7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYt
YzE3MzRkNTBjYjNiLzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYtYzE3MzRkNTBjYjNi
LzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoQXb40O8
jGvNNecO8MBMwWd49LXMfqM6kcW+6CmHpKl2i1vkf21cqh6I6md8LvCu4Zb/9ymN
eQ1uQEGEw3E9zn3bm6X2W7Jc26aLHU2CLBMQ4K+WlQYNc6qlv12FjpjZ5AvsjrRm
U93/WWvApbVqDQG/+xm2wHiNNChH9E39sdgOAHZoksdZ6LJX7VNUQIIoNzDvPp4H
WfurSh1GYjy6WypK0LOvmI6ugXqAGATkNFsqSzotZtiQil4cR9GBQiQd3/pn7coZ
U/AN13ikLSQmUIPi8WYB+7efNJh+lQ7Pb/QUoGBFApzvfORqWHPvqmg8T9HoQd+D
C0PnVHMo+Kdbsw==
-----END CERTIFICATE-----