Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
File:                     bgC7pk9Ra41jNaAc8wS4It7hrtA.mft (raw, json)
Hash identifier:          FDBXcIUftk6awx0ulCo9WFS71HBiV/AFSIxaqPzuvJo=
Subject key identifier:   AA:BC:FF:9E:44:93:74:31:E9:D2:85:BC:1B:F7:DA:1B:53:E1:CE:94
Authority key identifier: 6E:00:BB:A6:4F:51:6B:8D:63:35:A0:1C:F3:04:B8:22:DE:E1:AE:D0
Certificate issuer:       /CN=6e00bba64f516b8d6335a01cf304b822dee1aed0
Certificate serial:       019CAC4775E35790CE4828D4A9E081AE3744
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
Manifest number:          1844
Signing time:             Mon 02 Mar 2026 02:01:30 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:30 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:30 +0000
Files and hashes:         1: bgC7pk9Ra41jNaAc8wS4It7hrtA.crl (hash: F1XqwKiC/BTrPZ4azNxUGJt9+BCGH65ZY3wdnINXCU0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:75:e3:57:90:ce:48:28:d4:a9:e0:81:ae:37:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6e00bba64f516b8d6335a01cf304b822dee1aed0
        Validity
            Not Before: Mar  2 02:01:30 2026 GMT
            Not After : Mar  3 02:01:30 2026 GMT
        Subject: CN=aabcff9e44937431e9d285bc1bf7da1b53e1ce94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:4e:74:e0:a0:08:ec:8d:82:3e:37:83:07:41:
                    c1:0a:8a:4f:b1:3f:72:3f:2a:c2:7e:ce:c1:4b:0f:
                    b5:64:c2:e2:38:a0:d5:00:0f:56:4f:82:5e:38:d3:
                    b0:4c:4b:ea:fb:e0:9b:d0:c7:44:3a:7f:83:31:44:
                    7e:ce:d1:09:57:8a:4b:97:f1:b2:50:34:24:e4:74:
                    8f:a2:e3:86:dd:3a:8f:63:a1:6b:f4:96:24:c3:e7:
                    91:3c:88:88:18:53:f8:84:a5:10:9e:97:40:33:e9:
                    2d:78:2e:ef:cb:8b:f3:1f:51:8f:d9:78:4b:d3:e3:
                    54:ee:d2:66:69:e6:e8:27:fb:ed:14:1a:04:88:9b:
                    93:2f:a1:a6:69:c8:20:b5:bd:5e:0e:ef:53:02:d7:
                    b5:0d:75:e5:85:f1:34:86:87:b5:f8:9a:9a:d9:fc:
                    ee:4e:55:86:5d:1a:2f:2d:c4:75:a9:d8:82:fe:93:
                    8d:ee:01:c5:ee:ca:b1:de:32:32:3d:5d:fb:35:33:
                    e3:2d:33:92:d7:57:8d:8a:50:14:3b:c6:fc:6c:50:
                    72:a7:44:e0:e0:c6:39:9f:6d:58:cd:c2:d7:5f:e6:
                    09:70:0d:f8:dc:00:17:23:a3:75:74:ed:1c:b2:24:
                    f6:25:c8:db:0d:33:a5:cb:d6:82:ce:d8:2d:0a:e3:
                    21:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:BC:FF:9E:44:93:74:31:E9:D2:85:BC:1B:F7:DA:1B:53:E1:CE:94
            X509v3 Authority Key Identifier:
                keyid:6E:00:BB:A6:4F:51:6B:8D:63:35:A0:1C:F3:04:B8:22:DE:E1:AE:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bgC7pk9Ra41jNaAc8wS4It7hrtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ae5e6c-c70f-40f2-890d-575cf5d335e4/1/bgC7pk9Ra41jNaAc8wS4It7hrtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:78:ed:6c:99:83:cf:0d:fb:4c:91:18:db:27:60:91:46:c8:
         7b:e3:f6:14:75:22:2b:38:5d:da:bd:31:4a:c2:93:fc:85:84:
         b7:b4:f8:15:b0:d3:c6:eb:7b:c2:15:aa:0a:14:20:e1:66:a0:
         e5:79:8a:18:77:bf:a1:3a:d0:9c:e2:59:29:dc:e8:8a:21:c0:
         b8:14:74:51:c9:ee:d4:8a:48:38:c9:d5:7d:ff:73:c0:0f:8d:
         63:ca:67:2d:fa:91:77:2b:ec:09:86:e3:25:b1:a5:48:8c:8e:
         db:bc:9e:05:15:15:5e:5e:f4:6b:2c:1e:45:f3:57:ac:d1:04:
         4b:6b:68:ba:24:13:80:65:c9:cc:8d:2a:33:0c:28:3e:ed:c7:
         b6:6c:ee:ed:e0:bf:5d:42:64:7d:cf:48:c0:c7:39:62:94:d4:
         c0:d0:d8:7e:0d:79:2f:a7:75:5c:ba:9b:c9:a7:68:e9:74:8f:
         3a:f4:d7:76:75:b7:f3:a2:f6:e1:90:6a:01:f5:51:9b:a9:2a:
         b2:27:45:1a:e7:24:56:22:71:99:f6:f8:27:d6:5a:45:2f:7d:
         4b:76:78:6f:17:a1:fb:6f:8d:43:0e:04:bb:c8:6b:1d:8f:83:
         90:a2:5d:31:92:77:c7:28:5c:55:81:9b:5a:0c:7f:9b:e9:89:
         54:50:53:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR3XjV5DOSCjUqeCBrjdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMDBiYmE2NGY1MTZiOGQ2MzM1YTAxY2YzMDRiODIyZGVl
MWFlZDAwHhcNMjYwMzAyMDIwMTMwWhcNMjYwMzAzMDIwMTMwWjAzMTEwLwYDVQQD
EyhhYWJjZmY5ZTQ0OTM3NDMxZTlkMjg1YmMxYmY3ZGExYjUzZTFjZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8E504KAI7I2CPjeDB0HBCopPsT9y
PyrCfs7BSw+1ZMLiOKDVAA9WT4JeONOwTEvq++Cb0MdEOn+DMUR+ztEJV4pLl/Gy
UDQk5HSPouOG3TqPY6Fr9JYkw+eRPIiIGFP4hKUQnpdAM+kteC7vy4vzH1GP2XhL
0+NU7tJmaeboJ/vtFBoEiJuTL6Gmacggtb1eDu9TAte1DXXlhfE0hoe1+Jqa2fzu
TlWGXRovLcR1qdiC/pON7gHF7sqx3jIyPV37NTPjLTOS11eNilAUO8b8bFByp0Tg
4MY5n21YzcLXX+YJcA343AAXI6N1dO0csiT2JcjbDTOly9aCztgtCuMhFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKq8/55Ek3Qx6dKFvBv32htT4c6UMB8GA1UdIwQY
MBaAFG4Au6ZPUWuNYzWgHPMEuCLe4a7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZTVlNmMtYzcwZi00MGYyLTg5MGQt
NTc1Y2Y1ZDMzNWU0LzEvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hZTVlNmMtYzcwZi00MGYyLTg5MGQtNTc1Y2Y1ZDMzNWU0
LzEvYmdDN3BrOVJhNDFqTmFBYzh3UzRJdDdocnRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXXjtbJmD
zw37TJEY2ydgkUbIe+P2FHUiKzhd2r0xSsKT/IWEt7T4FbDTxut7whWqChQg4Wag
5XmKGHe/oTrQnOJZKdzoiiHAuBR0Ucnu1IpIOMnVff9zwA+NY8pnLfqRdyvsCYbj
JbGlSIyO27yeBRUVXl70ayweRfNXrNEES2touiQTgGXJzI0qMwwoPu3Htmzu7eC/
XUJkfc9IwMc5YpTUwNDYfg15L6d1XLqbyado6XSPOvTXdnW386L24ZBqAfVRm6kq
sidFGuckViJxmfb4J9ZaRS99S3Z4bxeh+2+NQw4Eu8hrHY+DkKJdMZJ3xyhcVYGb
Wgx/m+mJVFBTeA==
-----END CERTIFICATE-----