Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
File:                     AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft (raw, json)
Hash identifier:          tpZ9Qp8ZAQnmpc4zdaxjzwiw0+6sg/O2kl0WLv9lscs=
Subject key identifier:   87:B5:ED:35:58:67:85:FC:BC:E0:14:BD:EA:4D:29:DB:BD:C7:FD:1A
Authority key identifier: 02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05
Certificate issuer:       /CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
Certificate serial:       019CAB6B914361A71A45F4863F95B0E84828
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 22:01:19 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:19 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:19 +0000
Files and hashes:         1: AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl (hash: FtBOXGuoE4Vui9737bfjlmN02hhuipuActLujoTIuGo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:91:43:61:a7:1a:45:f4:86:3f:95:b0:e8:48:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
        Validity
            Not Before: Mar  1 22:01:19 2026 GMT
            Not After : Mar  2 22:01:19 2026 GMT
        Subject: CN=87b5ed35586785fcbce014bdea4d29dbbdc7fd1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:0e:7c:26:9a:f1:ad:22:7c:90:09:d5:92:52:
                    0e:92:76:c3:ad:04:1e:4d:a4:7f:96:a7:38:60:03:
                    13:58:da:fd:12:80:56:f2:05:0e:20:a3:76:a3:ce:
                    c7:57:29:4f:cb:aa:1d:c6:6e:b5:69:77:30:06:a8:
                    a3:c0:ef:98:40:ef:6a:27:2d:cb:a2:b0:de:b7:60:
                    a8:b1:35:bd:11:28:13:4d:d0:0d:3f:5f:32:30:6c:
                    79:15:6c:aa:9e:4a:6d:73:47:63:5f:76:09:cd:7b:
                    32:b4:d6:23:26:72:b9:b3:c9:9a:60:d6:20:1d:f9:
                    6b:f6:5c:77:94:57:bb:fc:75:b8:89:27:f6:62:55:
                    2e:e7:0e:ca:b1:d9:86:49:4a:58:29:c5:22:8d:cf:
                    57:6d:12:fb:b0:7a:36:94:3e:25:e4:29:f5:23:ff:
                    49:74:2a:47:64:67:f7:d8:36:ed:aa:4a:08:51:a6:
                    8f:8e:2c:7a:1c:62:9e:e0:c8:e3:f7:24:d0:ca:0f:
                    69:60:97:77:01:63:82:4d:38:ff:c5:12:47:31:b1:
                    33:ff:2c:94:f1:26:e6:0c:23:13:6e:72:ef:c4:ee:
                    04:51:a1:aa:ee:1b:64:1b:5e:ac:c9:b9:88:91:a4:
                    be:00:52:0a:17:cf:d2:c8:d1:98:ba:23:41:1c:b4:
                    2b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:B5:ED:35:58:67:85:FC:BC:E0:14:BD:EA:4D:29:DB:BD:C7:FD:1A
            X509v3 Authority Key Identifier:
                keyid:02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:d1:b1:f9:5b:af:ab:f7:28:55:9e:d8:7f:ff:e8:3e:0c:6d:
         58:96:4d:1d:5a:e0:54:ee:61:73:88:37:51:39:78:4f:7d:23:
         90:53:7c:8f:05:07:72:ad:30:35:e5:21:62:75:5f:2f:dc:9d:
         31:15:f7:93:db:c9:3b:f7:07:98:36:36:60:ba:fc:d3:62:c5:
         60:05:c5:e2:b1:68:81:22:b6:c8:2f:ab:c3:3e:4f:51:73:5e:
         b8:17:42:36:48:c9:16:80:d2:a7:16:24:c6:84:0a:7c:bc:ec:
         4a:35:bf:4d:5b:71:33:1d:d8:bf:c3:c5:0f:c3:fb:1f:73:67:
         d0:d8:b9:e6:a2:66:72:63:50:33:ff:b0:fe:43:f3:69:08:4d:
         38:30:c3:9a:91:72:3b:97:40:4a:c8:9e:63:cd:3a:1d:b7:14:
         93:52:a4:5d:a1:2d:3c:5d:86:e4:f5:00:0e:3a:d8:23:65:8b:
         ea:8a:b7:16:11:ee:cb:99:56:f3:6b:7d:42:ae:51:de:50:f7:
         01:93:8e:02:88:e2:6d:5b:ee:9e:46:26:0d:05:a2:6e:9a:87:
         ca:83:6f:77:ed:15:16:0e:71:84:ff:07:46:fc:6b:65:d0:51:
         b7:cb:9d:55:5a:ce:f9:de:f3:6d:d6:ce:78:c0:16:89:3a:b4:
         1a:54:4b:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5FDYacaRfSGP5Ww6EgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTFmNmFiZTBiYjI2YmZlNDg1OWU1NGRlZTBmZGM5YTVi
NzhhMDUwHhcNMjYwMzAxMjIwMTE5WhcNMjYwMzAyMjIwMTE5WjAzMTEwLwYDVQQD
Eyg4N2I1ZWQzNTU4Njc4NWZjYmNlMDE0YmRlYTRkMjlkYmJkYzdmZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ58JprxrSJ8kAnVklIOknbDrQQe
TaR/lqc4YAMTWNr9EoBW8gUOIKN2o87HVylPy6odxm61aXcwBqijwO+YQO9qJy3L
orDet2CosTW9ESgTTdANP18yMGx5FWyqnkptc0djX3YJzXsytNYjJnK5s8maYNYg
Hflr9lx3lFe7/HW4iSf2YlUu5w7KsdmGSUpYKcUijc9XbRL7sHo2lD4l5Cn1I/9J
dCpHZGf32DbtqkoIUaaPjix6HGKe4Mjj9yTQyg9pYJd3AWOCTTj/xRJHMbEz/yyU
8SbmDCMTbnLvxO4EUaGq7htkG16sybmIkaS+AFIKF8/SyNGYuiNBHLQrowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIe17TVYZ4X8vOAUvepNKdu9x/0aMB8GA1UdIwQY
MBaAFAJR9qvguya/5IWeVN7g/cmlt4oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgt
MmY0ZWI5YzA2MDM1LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgtMmY0ZWI5YzA2MDM1
LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtdGx+Vuv
q/coVZ7Yf//oPgxtWJZNHVrgVO5hc4g3UTl4T30jkFN8jwUHcq0wNeUhYnVfL9yd
MRX3k9vJO/cHmDY2YLr802LFYAXF4rFogSK2yC+rwz5PUXNeuBdCNkjJFoDSpxYk
xoQKfLzsSjW/TVtxMx3Yv8PFD8P7H3Nn0Ni55qJmcmNQM/+w/kPzaQhNODDDmpFy
O5dASsieY806HbcUk1KkXaEtPF2G5PUADjrYI2WL6oq3FhHuy5lW82t9Qq5R3lD3
AZOOAojibVvunkYmDQWibpqHyoNvd+0VFg5xhP8HRvxrZdBRt8udVVrO+d7zbdbO
eMAWiTq0GlRL3Q==
-----END CERTIFICATE-----