Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
File:                     mSAfYJ56iT2obPDrvKS79HJ51hc.mft (raw, json)
Hash identifier:          lZfiQufrTAGrD6AMpPIYnVCKMOrePqsFiNGMWEZQEYY=
Subject key identifier:   58:9F:66:3F:60:1A:A5:2F:AB:E8:A3:BE:6B:BB:96:9F:CF:25:36:73
Authority key identifier: 99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17
Certificate issuer:       /CN=99201f609e7a893da86cf0ebbca4bbf47279d617
Certificate serial:       019D3789AABDB1ED7A533EF2457805984D24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
Manifest number:          072A
Signing time:             Sun 29 Mar 2026 03:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 03:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 03:01:02 +0000
Files and hashes:         1: mSAfYJ56iT2obPDrvKS79HJ51hc.crl (hash: qqnXxNelKJMMgw3U3rZDB/GdJxaQI1849w4eZcST76E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:aa:bd:b1:ed:7a:53:3e:f2:45:78:05:98:4d:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99201f609e7a893da86cf0ebbca4bbf47279d617
        Validity
            Not Before: Mar 29 03:01:02 2026 GMT
            Not After : Mar 30 03:01:02 2026 GMT
        Subject: CN=589f663f601aa52fabe8a3be6bbb969fcf253673
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:50:7a:9f:0f:48:b1:a6:3a:8e:3f:58:1b:67:
                    a6:7e:cf:fc:3c:4c:44:6a:7c:94:ae:c3:53:cf:d4:
                    ce:c9:53:d0:f5:a8:c6:4c:90:c3:4a:7a:e6:3c:66:
                    ea:d7:83:3d:03:45:bd:3f:f5:70:5d:0f:f2:ba:f2:
                    04:81:cd:15:c2:c9:d1:dd:0b:59:da:bc:a1:14:5e:
                    88:d0:aa:20:fe:7b:8f:e2:08:6e:b2:59:07:5e:a1:
                    75:6f:e3:79:4b:8c:0a:80:db:a8:27:f1:f8:a2:6e:
                    df:af:43:f2:7f:ef:8d:a5:2a:c3:7c:41:7e:58:b8:
                    d7:c9:f0:51:43:ca:b9:21:61:d9:4e:eb:c4:22:e6:
                    b5:c4:f8:a1:f2:33:64:57:33:2b:ef:3b:a2:c0:a8:
                    85:f0:ad:97:08:4d:76:bd:df:75:86:ae:89:3c:2c:
                    20:2a:6f:bd:46:18:64:49:a5:76:35:cc:5e:10:80:
                    48:ba:10:e6:68:5c:52:0d:8a:01:f7:ac:d2:7e:bb:
                    0e:ca:de:51:f9:03:86:66:46:1f:da:f5:ee:53:3b:
                    5b:f0:e3:ee:8c:b3:5d:7b:f4:39:e7:3b:a8:15:15:
                    f0:9e:ba:a8:32:ac:c1:51:85:ed:ec:ba:5c:f5:db:
                    12:3b:3c:6d:4b:2c:e5:56:ba:9e:ee:00:aa:f6:15:
                    af:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:9F:66:3F:60:1A:A5:2F:AB:E8:A3:BE:6B:BB:96:9F:CF:25:36:73
            X509v3 Authority Key Identifier:
                keyid:99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:16:12:dc:77:40:e0:ce:19:76:2c:84:76:4b:0f:61:64:37:
         b5:68:11:5e:de:4f:57:a9:2f:e8:c4:1f:44:29:da:ee:d2:70:
         bb:c5:81:6a:ce:85:0d:5e:e2:c5:54:08:dd:71:a7:95:72:58:
         b9:03:72:1b:df:1e:29:91:c8:b2:a1:09:8b:d0:4f:f1:02:ed:
         60:df:20:d8:38:d6:cf:60:3e:95:8a:44:a7:e1:46:2e:07:90:
         7c:62:7b:89:77:cc:f3:44:4e:bc:7c:5f:7c:f7:1f:e4:b0:e9:
         4d:94:38:da:2c:36:82:96:aa:4d:53:d2:46:fa:7a:b4:29:8a:
         2a:42:45:d9:ac:95:d4:8c:81:5a:70:09:00:56:2a:cc:2a:a3:
         b2:6a:e7:c2:95:11:f8:1a:b0:a8:00:52:56:13:bd:08:4f:5b:
         14:6a:3f:65:3b:d5:05:d9:77:db:ed:80:a1:86:9d:59:bc:1e:
         d3:a7:67:7f:80:24:23:65:e8:6b:c0:26:a8:c5:e0:58:2b:fc:
         f9:9e:12:0c:f1:32:c3:64:4b:03:a3:e7:05:6e:d1:54:a8:c0:
         e3:2a:4a:f9:80:d7:49:52:a5:bc:5d:6c:0c:60:85:f0:3b:36:
         30:20:7b:b3:bc:43:72:47:e4:67:40:37:3b:67:0f:1b:c6:0d:
         23:2e:c9:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iaq9se16Uz7yRXgFmE0kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MjAxZjYwOWU3YTg5M2RhODZjZjBlYmJjYTRiYmY0NzI3
OWQ2MTcwHhcNMjYwMzI5MDMwMTAyWhcNMjYwMzMwMDMwMTAyWjAzMTEwLwYDVQQD
Eyg1ODlmNjYzZjYwMWFhNTJmYWJlOGEzYmU2YmJiOTY5ZmNmMjUzNjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFB6nw9IsaY6jj9YG2emfs/8PExE
anyUrsNTz9TOyVPQ9ajGTJDDSnrmPGbq14M9A0W9P/VwXQ/yuvIEgc0VwsnR3QtZ
2ryhFF6I0Kog/nuP4ghuslkHXqF1b+N5S4wKgNuoJ/H4om7fr0Pyf++NpSrDfEF+
WLjXyfBRQ8q5IWHZTuvEIua1xPih8jNkVzMr7zuiwKiF8K2XCE12vd91hq6JPCwg
Km+9RhhkSaV2NcxeEIBIuhDmaFxSDYoB96zSfrsOyt5R+QOGZkYf2vXuUztb8OPu
jLNde/Q55zuoFRXwnrqoMqzBUYXt7Lpc9dsSOzxtSyzlVrqe7gCq9hWv+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFifZj9gGqUvq+ijvmu7lp/PJTZzMB8GA1UdIwQY
MBaAFJkgH2Ceeok9qGzw67yku/RyedYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMt
YjIzMTcyZWI4MWZiLzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMtYjIzMTcyZWI4MWZi
LzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsRYS3HdA
4M4ZdiyEdksPYWQ3tWgRXt5PV6kv6MQfRCna7tJwu8WBas6FDV7ixVQI3XGnlXJY
uQNyG98eKZHIsqEJi9BP8QLtYN8g2DjWz2A+lYpEp+FGLgeQfGJ7iXfM80ROvHxf
fPcf5LDpTZQ42iw2gpaqTVPSRvp6tCmKKkJF2ayV1IyBWnAJAFYqzCqjsmrnwpUR
+BqwqABSVhO9CE9bFGo/ZTvVBdl32+2AoYadWbwe06dnf4AkI2Xoa8AmqMXgWCv8
+Z4SDPEyw2RLA6PnBW7RVKjA4ypK+YDXSVKlvF1sDGCF8Ds2MCB7s7xDckfkZ0A3
O2cPG8YNIy7J7Q==
-----END CERTIFICATE-----