Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          Nsa3lpOtqA/WZM8FaApjI9eenUUe0z76Iy6NLTyEagU=
Subject key identifier:   1B:6A:9B:8F:4B:EB:7D:DC:E9:CF:22:6A:2F:40:3C:7F:2A:B2:3D:DB
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       019CAB6B4C4DC65AED04706E727EDCE2A876
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          0CA8
Signing time:             Sun 01 Mar 2026 22:01:01 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:01 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:01 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: 0RjkcrI2W6/z1eXwDW5vYGnyBeC4uwlmZPChThwJuRM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:4c:4d:c6:5a:ed:04:70:6e:72:7e:dc:e2:a8:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Mar  1 22:01:01 2026 GMT
            Not After : Mar  2 22:01:01 2026 GMT
        Subject: CN=1b6a9b8f4beb7ddce9cf226a2f403c7f2ab23ddb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:49:95:4f:68:8a:fb:40:24:09:54:ac:0d:c1:
                    29:e8:5f:2a:e5:24:11:8c:e7:f3:b1:70:1a:0a:d9:
                    dd:47:a6:eb:9b:17:de:69:c0:bc:90:17:fe:bb:59:
                    1b:8f:dc:c2:d2:c5:54:89:e2:88:98:0b:fc:6d:53:
                    8a:c0:c2:41:76:16:69:7a:fd:08:00:0c:75:92:d7:
                    53:59:2f:40:8c:69:7b:9f:83:86:ff:61:f3:84:c3:
                    48:f5:4e:bf:e5:24:d0:15:15:21:23:ad:5c:f1:18:
                    e0:bb:4a:ee:e9:50:0f:32:98:27:3c:22:c9:d1:56:
                    86:c4:63:6e:72:93:31:4e:93:1b:7d:cf:f6:41:02:
                    ed:0f:b2:a9:b0:f3:bf:99:51:cb:dd:c1:3c:2d:73:
                    ee:26:e5:79:fd:0a:3b:7a:b6:49:af:e5:68:07:a2:
                    c9:75:3d:9f:9b:77:90:d4:61:f9:ac:97:db:e9:b9:
                    18:5b:5b:a3:31:23:4e:10:cc:74:f2:2c:d8:34:77:
                    71:6a:22:9c:f0:cc:15:df:f8:b1:26:9c:f7:73:45:
                    a1:19:37:f1:4d:77:3d:6f:90:22:ae:ec:9e:73:e5:
                    92:d1:b5:2c:9e:50:0a:7f:3d:ba:20:ac:15:d2:4a:
                    aa:a3:12:ed:f3:d9:45:39:df:c6:b7:23:04:1f:5f:
                    ad:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:6A:9B:8F:4B:EB:7D:DC:E9:CF:22:6A:2F:40:3C:7F:2A:B2:3D:DB
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:fb:99:6c:09:9a:12:b3:61:5b:c1:7d:2a:9c:b9:88:a9:23:
         96:29:b9:01:a9:46:4b:ea:dc:71:9f:95:01:fa:75:7f:2c:83:
         d9:41:70:73:09:da:e8:e8:10:d0:aa:af:07:26:9e:ec:92:50:
         1e:de:2c:5c:8b:39:b8:ed:d5:81:4b:6f:6d:92:52:c4:3e:03:
         05:e2:a4:1e:15:11:32:97:77:48:b2:c9:da:97:fc:a3:c4:ed:
         9a:6a:40:3a:78:02:3b:19:1d:7a:96:62:fa:b2:e1:54:52:c0:
         f1:08:44:06:ee:e4:74:c8:26:6b:40:73:8f:c1:ab:c6:25:42:
         db:43:ad:24:e9:72:86:9d:bc:ff:b8:d0:90:27:7d:fd:83:e1:
         da:04:4d:9e:74:55:63:fe:9e:f8:d6:08:e2:30:1b:32:ba:a4:
         b2:50:fe:dc:04:5a:6a:18:75:62:71:df:0d:60:05:ab:db:07:
         f5:c0:0a:cd:03:e2:eb:ce:09:10:a6:f1:33:a7:75:40:ce:a4:
         a7:3d:40:54:9f:37:25:85:9a:4e:99:86:92:3b:e5:85:c7:10:
         6e:61:57:06:2f:49:37:57:89:da:4b:27:3e:13:77:36:b2:27:
         e9:1f:eb:07:35:b3:61:8f:2b:9e:f3:99:3c:15:ac:77:6b:71:
         0d:3b:58:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra0xNxlrtBHBucn7c4qh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjYwMzAxMjIwMTAxWhcNMjYwMzAyMjIwMTAxWjAzMTEwLwYDVQQD
EygxYjZhOWI4ZjRiZWI3ZGRjZTljZjIyNmEyZjQwM2M3ZjJhYjIzZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0mVT2iK+0AkCVSsDcEp6F8q5SQR
jOfzsXAaCtndR6brmxfeacC8kBf+u1kbj9zC0sVUieKImAv8bVOKwMJBdhZpev0I
AAx1ktdTWS9AjGl7n4OG/2HzhMNI9U6/5STQFRUhI61c8Rjgu0ru6VAPMpgnPCLJ
0VaGxGNucpMxTpMbfc/2QQLtD7KpsPO/mVHL3cE8LXPuJuV5/Qo7erZJr+VoB6LJ
dT2fm3eQ1GH5rJfb6bkYW1ujMSNOEMx08izYNHdxaiKc8MwV3/ixJpz3c0WhGTfx
TXc9b5Airuyec+WS0bUsnlAKfz26IKwV0kqqoxLt89lFOd/GtyMEH1+thwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtqm49L633c6c8iai9APH8qsj3bMB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOvuZbAma
ErNhW8F9Kpy5iKkjlim5AalGS+rccZ+VAfp1fyyD2UFwcwna6OgQ0KqvByae7JJQ
Ht4sXIs5uO3VgUtvbZJSxD4DBeKkHhURMpd3SLLJ2pf8o8TtmmpAOngCOxkdepZi
+rLhVFLA8QhEBu7kdMgma0Bzj8GrxiVC20OtJOlyhp28/7jQkCd9/YPh2gRNnnRV
Y/6e+NYI4jAbMrqkslD+3ARaahh1YnHfDWAFq9sH9cAKzQPi684JEKbxM6d1QM6k
pz1AVJ83JYWaTpmGkjvlhccQbmFXBi9JN1eJ2ksnPhN3NrIn6R/rBzWzYY8rnvOZ
PBWsd2txDTtYLw==
-----END CERTIFICATE-----