Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
File:                     20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json)
Hash identifier:          22GzQLtqAhT+Ekl4WXSML3tmjvtWZyJOBRKqpAzHHdw=
Subject key identifier:   93:8D:3A:FD:EE:70:D5:64:B9:AF:47:0E:2C:B8:42:36:9B:E5:7E:98
Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
Certificate issuer:       /CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Certificate serial:       019CAC0FEFFE96919F81D7D96F0562475AB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 01:00:51 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:51 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:51 +0000
Files and hashes:         1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: tVNSlyzthHqP7KueqE2w5rLhHIrdr1oRi/u0XPxlNGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:ef:fe:96:91:9f:81:d7:d9:6f:05:62:47:5a:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852
        Validity
            Not Before: Mar  2 01:00:51 2026 GMT
            Not After : Mar  3 01:00:51 2026 GMT
        Subject: CN=938d3afdee70d564b9af470e2cb842369be57e98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c5:ff:7b:47:c2:25:80:24:84:eb:7b:7c:8b:
                    c7:f0:41:a9:b7:f9:71:3d:ea:d4:e6:4f:aa:ce:20:
                    1b:b6:52:9d:70:a8:6f:48:0e:40:51:cd:5d:01:c6:
                    53:41:5a:64:bc:e5:05:9f:00:f3:9c:97:92:a2:b0:
                    cb:77:26:45:ed:bc:b9:52:79:72:eb:79:ce:d8:b3:
                    6f:43:f6:38:9d:e8:38:e4:8c:5a:41:33:02:11:4f:
                    e8:bd:ec:4d:e2:f5:ba:5a:24:4f:51:40:ef:f9:38:
                    8c:37:f6:19:c4:30:ec:9c:eb:5d:cd:0d:d5:10:f0:
                    78:81:fd:a6:d3:4c:2a:70:9e:14:f1:9a:18:50:c5:
                    0c:46:17:25:fc:db:bd:3d:27:f9:0d:8d:f6:33:0c:
                    f0:e0:7d:25:ee:78:45:25:ad:bc:a8:71:df:32:2e:
                    b9:a5:98:2b:28:13:63:44:3d:70:c1:58:76:57:06:
                    4d:89:0a:d7:86:0a:fa:cb:1b:93:7f:c4:53:d6:12:
                    ad:9b:a4:dc:b9:80:51:86:f9:6c:95:6b:16:d9:e0:
                    18:3b:bc:8a:4b:f7:de:c5:ff:fe:ce:94:3d:e5:88:
                    ef:02:d0:e2:fb:cf:33:b0:1c:b0:e5:dd:ec:69:b8:
                    b7:db:b6:1b:94:bb:7f:63:bd:94:1a:d2:26:e8:27:
                    79:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:8D:3A:FD:EE:70:D5:64:B9:AF:47:0E:2C:B8:42:36:9B:E5:7E:98
            X509v3 Authority Key Identifier:
                keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:62:75:f0:63:4a:3b:d5:8f:26:3a:8b:9f:46:cc:68:e7:61:
         33:46:36:80:4d:c6:da:f2:2e:e0:6e:ba:c4:4d:4b:b0:06:9d:
         80:44:4f:34:50:cb:d8:cb:92:5e:44:cc:32:db:c4:15:97:40:
         39:b5:57:fc:26:24:55:0c:e7:db:88:c4:df:6f:ee:aa:5e:b7:
         72:72:44:3c:af:df:6c:c2:52:28:2b:f9:5a:8e:10:a1:ea:44:
         de:a7:6e:a0:e2:ae:ee:4f:12:cb:d8:b7:79:cf:16:50:61:64:
         e6:20:26:f0:e0:b1:41:de:51:a4:21:a5:f9:80:39:6e:ee:f3:
         4b:47:9d:69:a7:fa:2d:4e:9d:4d:9b:75:46:6a:ae:69:ab:00:
         06:3e:0e:38:e0:05:85:8a:b6:f3:07:ed:b7:3c:0e:f2:d0:31:
         aa:a8:86:af:35:5f:6e:8a:36:cd:4c:50:36:66:41:a8:fc:f6:
         78:e5:6b:a3:cb:29:ea:c9:1b:8b:3f:8f:38:ee:ba:10:bf:79:
         77:1c:c1:50:d7:79:18:76:ca:0d:b3:3a:99:2b:b7:a3:b9:85:
         8e:51:e9:bc:66:25:d9:e2:73:8a:27:4d:f0:3f:14:20:24:01:
         f7:0c:94:50:38:a2:04:92:e7:40:9e:15:1b:e7:0e:0c:7a:29:
         aa:21:18:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD+/+lpGfgdfZbwViR1qyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4
Yjc4NTIwHhcNMjYwMzAyMDEwMDUxWhcNMjYwMzAzMDEwMDUxWjAzMTEwLwYDVQQD
Eyg5MzhkM2FmZGVlNzBkNTY0YjlhZjQ3MGUyY2I4NDIzNjliZTU3ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcX/e0fCJYAkhOt7fIvH8EGpt/lx
PerU5k+qziAbtlKdcKhvSA5AUc1dAcZTQVpkvOUFnwDznJeSorDLdyZF7by5Unly
63nO2LNvQ/Y4neg45IxaQTMCEU/ovexN4vW6WiRPUUDv+TiMN/YZxDDsnOtdzQ3V
EPB4gf2m00wqcJ4U8ZoYUMUMRhcl/Nu9PSf5DY32Mwzw4H0l7nhFJa28qHHfMi65
pZgrKBNjRD1wwVh2VwZNiQrXhgr6yxuTf8RT1hKtm6TcuYBRhvlslWsW2eAYO7yK
S/fexf/+zpQ95YjvAtDi+88zsByw5d3sabi327YblLt/Y72UGtIm6Cd5cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJONOv3ucNVkua9HDiy4Qjab5X6YMB8GA1UdIwQY
MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut
ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3
LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2J18GNK
O9WPJjqLn0bMaOdhM0Y2gE3G2vIu4G66xE1LsAadgERPNFDL2MuSXkTMMtvEFZdA
ObVX/CYkVQzn24jE32/uql63cnJEPK/fbMJSKCv5Wo4QoepE3qduoOKu7k8Sy9i3
ec8WUGFk5iAm8OCxQd5RpCGl+YA5bu7zS0edaaf6LU6dTZt1RmquaasABj4OOOAF
hYq28wfttzwO8tAxqqiGrzVfboo2zUxQNmZBqPz2eOVro8sp6skbiz+POO66EL95
dxzBUNd5GHbKDbM6mSu3o7mFjlHpvGYl2eJziidN8D8UICQB9wyUUDiiBJLnQJ4V
G+cODHopqiEYag==
-----END CERTIFICATE-----