Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
File:                     AquPiJLQHdTIQHJMu6uQwMpglDI.mft (raw, json)
Hash identifier:          2zYqPmGU0ImSu4ASghx2azkzEd48lrXN1Fg9907E7ks=
Subject key identifier:   C2:12:A3:A1:51:AA:5D:AF:EF:E5:1D:0C:8B:05:29:85:CE:81:A6:1A
Authority key identifier: 02:AB:8F:88:92:D0:1D:D4:C8:40:72:4C:BB:AB:90:C0:CA:60:94:32
Certificate issuer:       /CN=02ab8f8892d01dd4c840724cbbab90c0ca609432
Certificate serial:       019CAB6B92BECFDF3CDBEA622FBCC6E01B4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
Manifest number:          1841
Signing time:             Sun 01 Mar 2026 22:01:19 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:19 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:19 +0000
Files and hashes:         1: AquPiJLQHdTIQHJMu6uQwMpglDI.crl (hash: Kc9sE68SEJbFi2RYaScDlVf+xyd2R+rip0+xi8oFqaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:92:be:cf:df:3c:db:ea:62:2f:bc:c6:e0:1b:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02ab8f8892d01dd4c840724cbbab90c0ca609432
        Validity
            Not Before: Mar  1 22:01:19 2026 GMT
            Not After : Mar  2 22:01:19 2026 GMT
        Subject: CN=c212a3a151aa5dafefe51d0c8b052985ce81a61a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:f1:bc:39:03:9e:4d:d0:dc:2c:12:5d:30:64:
                    fc:54:d3:36:b6:2c:8f:e6:e0:23:ea:c2:c8:b5:f8:
                    42:43:d0:24:5e:cf:d9:55:16:40:c3:d6:eb:2d:04:
                    f1:c9:d0:5a:2c:05:59:7d:36:4c:e0:45:f1:94:a9:
                    27:4d:32:16:dc:7b:96:f8:b3:52:af:42:6c:2b:ba:
                    1b:a9:29:eb:59:7e:ee:50:45:bb:fe:44:db:ad:d9:
                    04:dc:bb:ae:de:10:f4:db:8f:d3:58:f9:3b:ec:9d:
                    40:71:8b:3e:25:36:78:ff:f8:38:04:ba:02:63:f3:
                    81:47:a9:6d:82:73:5d:21:b0:15:65:47:f5:b9:b2:
                    11:6c:59:96:bd:bf:ce:8d:ad:ba:38:fa:78:68:43:
                    ea:83:c1:64:f4:6b:81:4f:06:bf:3b:ff:c0:3b:2e:
                    c3:d9:27:73:3a:b5:4e:c3:82:80:2d:29:d7:99:6d:
                    f9:77:c4:4a:60:46:25:d5:ad:e9:eb:f8:b5:6a:d5:
                    3d:89:80:58:97:73:2c:98:6d:3c:97:f8:e1:ba:9c:
                    92:1f:e4:fe:a8:3f:87:fc:b0:80:a8:ba:56:a2:7c:
                    1b:ca:f4:88:5a:92:93:02:5a:d0:02:83:f1:0d:ec:
                    48:6e:b5:2c:39:bb:14:c7:18:c1:83:b9:66:b2:23:
                    3f:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:12:A3:A1:51:AA:5D:AF:EF:E5:1D:0C:8B:05:29:85:CE:81:A6:1A
            X509v3 Authority Key Identifier:
                keyid:02:AB:8F:88:92:D0:1D:D4:C8:40:72:4C:BB:AB:90:C0:CA:60:94:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:0d:cf:bd:e3:58:92:0b:8b:98:a1:c8:20:a0:a2:35:ab:83:
         6a:c6:60:03:3b:73:bd:e0:3a:02:fd:62:23:ad:68:bd:f2:cc:
         87:0a:15:a9:3c:b3:3d:19:da:c9:50:f5:9e:51:2c:2a:75:f1:
         1a:1c:08:b6:e1:a4:b9:03:7e:ab:a1:a0:7e:f4:df:af:4c:38:
         5c:ef:81:5f:93:78:3e:f0:41:db:1b:6d:94:37:63:4d:d2:03:
         c4:0c:90:85:ae:0a:27:af:61:b4:1e:36:0c:df:ef:d6:3b:58:
         ff:78:4b:d6:6b:07:a6:d1:7f:9f:2c:62:38:b5:a5:21:17:00:
         86:e2:5e:c2:01:7b:77:81:6d:49:d4:13:7d:5c:e2:a3:72:8e:
         c2:3e:5b:e6:88:34:80:f4:39:6e:41:44:d6:d0:c0:56:c9:ba:
         5f:73:63:d4:b4:de:63:1b:fa:fc:73:07:e6:66:68:af:f5:f4:
         c5:86:5c:ad:b4:dc:67:72:d3:a0:4d:07:fa:1c:66:27:f2:85:
         28:21:cb:9a:d4:9f:00:cb:ed:c2:a4:fe:14:74:92:65:60:d1:
         c7:e3:e0:9c:61:e7:af:0e:b6:0f:91:62:6f:0b:98:87:fa:76:
         23:5a:6e:8b:ae:51:e5:d1:a2:0d:8d:15:3f:7e:c2:8b:04:8d:
         55:80:ea:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5K+z9882+piL7zG4BtMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYWI4Zjg4OTJkMDFkZDRjODQwNzI0Y2JiYWI5MGMwY2E2
MDk0MzIwHhcNMjYwMzAxMjIwMTE5WhcNMjYwMzAyMjIwMTE5WjAzMTEwLwYDVQQD
EyhjMjEyYTNhMTUxYWE1ZGFmZWZlNTFkMGM4YjA1Mjk4NWNlODFhNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fG8OQOeTdDcLBJdMGT8VNM2tiyP
5uAj6sLItfhCQ9AkXs/ZVRZAw9brLQTxydBaLAVZfTZM4EXxlKknTTIW3HuW+LNS
r0JsK7obqSnrWX7uUEW7/kTbrdkE3Luu3hD024/TWPk77J1AcYs+JTZ4//g4BLoC
Y/OBR6ltgnNdIbAVZUf1ubIRbFmWvb/Oja26OPp4aEPqg8Fk9GuBTwa/O//AOy7D
2SdzOrVOw4KALSnXmW35d8RKYEYl1a3p6/i1atU9iYBYl3MsmG08l/jhupySH+T+
qD+H/LCAqLpWonwbyvSIWpKTAlrQAoPxDexIbrUsObsUxxjBg7lmsiM/+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMISo6FRql2v7+UdDIsFKYXOgaYaMB8GA1UdIwQY
MBaAFAKrj4iS0B3UyEByTLurkMDKYJQyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTNhOTUtYjA1YS00ZmM0LTlkOTEt
ZTNiNzcwMTNmZGI3LzEvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTNhOTUtYjA1YS00ZmM0LTlkOTEtZTNiNzcwMTNmZGI3
LzEvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANQ3PveNY
kguLmKHIIKCiNauDasZgAztzveA6Av1iI61ovfLMhwoVqTyzPRnayVD1nlEsKnXx
GhwItuGkuQN+q6GgfvTfr0w4XO+BX5N4PvBB2xttlDdjTdIDxAyQha4KJ69htB42
DN/v1jtY/3hL1msHptF/nyxiOLWlIRcAhuJewgF7d4FtSdQTfVzio3KOwj5b5og0
gPQ5bkFE1tDAVsm6X3Nj1LTeYxv6/HMH5mZor/X0xYZcrbTcZ3LToE0H+hxmJ/KF
KCHLmtSfAMvtwqT+FHSSZWDRx+PgnGHnrw62D5FibwuYh/p2I1pui65R5dGiDY0V
P37CiwSNVYDqOA==
-----END CERTIFICATE-----