Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
File:                     aBHhJcs1cHby-jE4yT6aJoGxeJM.mft (raw, json)
Hash identifier:          gymmGO1vpBnOM2WxDq3LT56BIN0aLCW16wr1I0w8nR0=
Subject key identifier:   B7:DD:C3:9C:9D:63:7D:A6:16:44:15:8E:45:C8:38:F7:78:48:10:63
Authority key identifier: 68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
Certificate issuer:       /CN=6811e125cb357076f2fa3138c93e9a2681b17893
Certificate serial:       019CA97D82D704E5AEAEB293DE25E650E2DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
Manifest number:          1845
Signing time:             Sun 01 Mar 2026 13:01:40 +0000
Manifest this update:     Sun 01 Mar 2026 13:01:40 +0000
Manifest next update:     Mon 02 Mar 2026 13:01:40 +0000
Files and hashes:         1: aBHhJcs1cHby-jE4yT6aJoGxeJM.crl (hash: Bl7HGltd0NGoqyKjWV6EgLnJP5mSTQhCtcN3H2KxgpA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7d:82:d7:04:e5:ae:ae:b2:93:de:25:e6:50:e2:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6811e125cb357076f2fa3138c93e9a2681b17893
        Validity
            Not Before: Mar  1 13:01:40 2026 GMT
            Not After : Mar  2 13:01:40 2026 GMT
        Subject: CN=b7ddc39c9d637da61644158e45c838f778481063
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:48:84:9f:15:e5:a1:5b:5e:8e:5d:f6:d7:2c:
                    d7:67:f7:43:03:8a:33:ac:3f:3c:8f:c0:b8:8a:d6:
                    c2:30:c4:ae:20:fb:c6:02:ae:30:38:94:19:02:ca:
                    08:93:e4:ce:24:f9:0a:eb:ea:4a:d0:cd:6f:c2:26:
                    aa:84:27:dd:09:a0:32:e9:c7:54:a2:c8:db:b6:58:
                    97:9d:9e:80:85:11:35:6f:81:35:b2:61:ba:9c:aa:
                    b6:e0:ba:ef:8f:5d:b5:b3:59:4b:5d:f3:9a:df:e0:
                    e0:26:a0:82:53:fb:fa:53:6f:8e:62:ba:1c:8f:7f:
                    ab:4a:06:d5:7e:c8:0d:25:7c:2c:99:a7:f3:2e:08:
                    b6:35:da:ee:00:d4:b1:a9:f2:b0:03:52:43:a5:66:
                    4e:cf:29:91:89:2a:b6:0b:22:ac:6f:8c:1a:fb:4c:
                    66:f2:b3:99:44:71:f3:a8:0e:68:a5:16:3b:46:f7:
                    db:c2:3f:11:22:e3:ca:80:43:1f:5d:b7:94:7e:ea:
                    f5:78:7e:a9:ef:02:c8:87:67:79:15:92:37:0d:8b:
                    7e:14:4d:53:b5:41:63:b8:28:32:8b:4b:22:f1:5c:
                    ae:ab:dc:c6:cb:26:ee:86:2d:78:0c:37:75:2a:17:
                    cb:9a:ab:3a:5d:10:fd:62:5d:87:8f:67:92:3c:34:
                    a5:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:DD:C3:9C:9D:63:7D:A6:16:44:15:8E:45:C8:38:F7:78:48:10:63
            X509v3 Authority Key Identifier:
                keyid:68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:32:de:74:70:3d:e0:a3:6e:d0:bc:8b:57:dc:80:2a:b4:44:
         04:72:9f:21:56:27:9d:8f:13:9b:a0:0c:44:b5:8d:26:fc:28:
         7e:da:d0:f7:a2:a0:7c:27:8e:8e:5e:7a:34:32:94:c5:52:8a:
         3e:52:39:a7:9a:47:ec:01:a8:6a:54:41:6f:f1:62:a3:0a:45:
         2d:3b:9b:0f:aa:37:0d:41:47:aa:ce:2a:93:68:ba:b6:7a:c1:
         55:f9:40:68:5b:be:a6:19:69:b4:35:b6:c2:a6:86:6a:79:47:
         7a:17:06:a1:c6:d7:d7:7f:8b:cd:63:71:90:3e:ec:0b:e1:0e:
         c1:06:72:a1:2b:77:6a:7e:89:f2:85:d4:2a:d8:94:ab:21:03:
         f4:99:de:f3:68:8c:02:7e:e0:13:eb:32:89:3d:fb:3e:f7:b4:
         b2:41:84:09:f4:76:ea:e8:14:42:be:c9:64:71:d9:6d:3c:a3:
         d4:d2:13:23:a5:56:29:2b:62:e3:a4:17:b2:19:b5:9a:79:6f:
         05:f9:dd:33:f9:8f:1b:97:e0:ce:07:1b:96:ab:05:23:ac:f8:
         50:6d:cd:bc:7a:13:bc:e2:13:3e:f8:b6:dc:88:f5:e4:bf:af:
         c6:45:01:ba:f3:3e:01:c9:10:d3:b6:4e:9c:cc:f4:58:b1:f2:
         07:94:5f:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfYLXBOWurrKT3iXmUOLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTFlMTI1Y2IzNTcwNzZmMmZhMzEzOGM5M2U5YTI2ODFi
MTc4OTMwHhcNMjYwMzAxMTMwMTQwWhcNMjYwMzAyMTMwMTQwWjAzMTEwLwYDVQQD
EyhiN2RkYzM5YzlkNjM3ZGE2MTY0NDE1OGU0NWM4MzhmNzc4NDgxMDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUiEnxXloVtejl321yzXZ/dDA4oz
rD88j8C4itbCMMSuIPvGAq4wOJQZAsoIk+TOJPkK6+pK0M1vwiaqhCfdCaAy6cdU
osjbtliXnZ6AhRE1b4E1smG6nKq24Lrvj121s1lLXfOa3+DgJqCCU/v6U2+OYroc
j3+rSgbVfsgNJXwsmafzLgi2NdruANSxqfKwA1JDpWZOzymRiSq2CyKsb4wa+0xm
8rOZRHHzqA5opRY7Rvfbwj8RIuPKgEMfXbeUfur1eH6p7wLIh2d5FZI3DYt+FE1T
tUFjuCgyi0si8Vyuq9zGyybuhi14DDd1KhfLmqs6XRD9Yl2Hj2eSPDSlyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLfdw5ydY32mFkQVjkXIOPd4SBBjMB8GA1UdIwQY
MBaAFGgR4SXLNXB28voxOMk+miaBsXiTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2Et
Y2Q0Mzk0OTJiN2FlLzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2EtY2Q0Mzk0OTJiN2Fl
LzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGTLedHA9
4KNu0LyLV9yAKrREBHKfIVYnnY8Tm6AMRLWNJvwoftrQ96KgfCeOjl56NDKUxVKK
PlI5p5pH7AGoalRBb/FiowpFLTubD6o3DUFHqs4qk2i6tnrBVflAaFu+phlptDW2
wqaGanlHehcGocbX13+LzWNxkD7sC+EOwQZyoSt3an6J8oXUKtiUqyED9Jne82iM
An7gE+syiT37Pve0skGECfR26ugUQr7JZHHZbTyj1NITI6VWKSti46QXshm1mnlv
BfndM/mPG5fgzgcblqsFI6z4UG3NvHoTvOITPvi23Ij15L+vxkUBuvM+AckQ07ZO
nMz0WLHyB5RfKw==
-----END CERTIFICATE-----