Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft
File:                     8z9sz1fxxI8RwU_QBUBazONtA7g.mft (raw, json)
Hash identifier:          XyLky0Q9JSSOF/c8mnfT5Os8F/miidNZuP9wC08sVFw=
Subject key identifier:   24:DD:E5:2E:31:C3:F3:14:5F:DE:5A:90:CC:B3:32:8C:BF:31:25:AE
Authority key identifier: F3:3F:6C:CF:57:F1:C4:8F:11:C1:4F:D0:05:40:5A:CC:E3:6D:03:B8
Certificate issuer:       /CN=f33f6ccf57f1c48f11c14fd005405acce36d03b8
Certificate serial:       019CADC7EFEA0A1400ACC3E7151CC47C2714
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8z9sz1fxxI8RwU_QBUBazONtA7g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 09:01:27 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:27 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:27 +0000
Files and hashes:         1: 8z9sz1fxxI8RwU_QBUBazONtA7g.crl (hash: wVP2WQWAOdx5d7vnj9XV2ZMDuMZ0oGxX0RbHYr/rZIQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8z9sz1fxxI8RwU_QBUBazONtA7g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:ef:ea:0a:14:00:ac:c3:e7:15:1c:c4:7c:27:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f33f6ccf57f1c48f11c14fd005405acce36d03b8
        Validity
            Not Before: Mar  2 09:01:27 2026 GMT
            Not After : Mar  3 09:01:27 2026 GMT
        Subject: CN=24dde52e31c3f3145fde5a90ccb3328cbf3125ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:ea:5a:23:31:a0:ca:fb:bd:1e:2f:e3:f6:8d:
                    7e:42:59:4d:bf:5b:54:db:f0:a5:bd:80:80:02:f1:
                    db:5b:f1:54:19:19:9b:fc:73:99:e9:b4:ef:a4:14:
                    12:ea:12:6d:6b:74:d9:69:4d:82:85:e5:1b:49:a6:
                    14:9d:1e:2d:3c:19:f6:e9:d2:56:f8:a2:f8:df:35:
                    88:6f:92:a2:f5:e3:6e:48:f7:07:52:37:06:cf:97:
                    c1:f5:9e:c8:05:11:39:76:23:1d:c6:0f:88:b2:93:
                    94:e9:c2:6a:0a:1c:36:4c:52:76:c7:56:d3:96:d2:
                    1f:36:95:3d:e0:39:d6:34:ab:06:24:af:92:af:be:
                    de:7c:78:fd:b6:7b:19:28:7c:92:c1:8f:e3:4b:46:
                    8f:fc:e4:e9:16:4c:c5:2c:35:97:ee:d4:07:7c:09:
                    90:fe:f3:d7:2d:8a:04:ac:0a:b9:d5:cf:a8:62:69:
                    6b:a4:e3:04:7d:50:ff:62:bc:ee:68:12:87:95:53:
                    61:1c:e0:85:33:a5:22:b4:ec:36:cd:09:7f:88:65:
                    7c:0f:58:e2:fe:96:fd:26:2d:31:99:39:30:d3:28:
                    7d:72:e5:91:af:2f:af:10:fe:ac:a4:a9:a0:52:6b:
                    97:a0:f1:ee:73:14:fb:1b:33:c0:69:4f:47:07:2f:
                    3a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:DD:E5:2E:31:C3:F3:14:5F:DE:5A:90:CC:B3:32:8C:BF:31:25:AE
            X509v3 Authority Key Identifier:
                keyid:F3:3F:6C:CF:57:F1:C4:8F:11:C1:4F:D0:05:40:5A:CC:E3:6D:03:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8z9sz1fxxI8RwU_QBUBazONtA7g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cdc2ec-d0ee-436a-8d11-f5d6b492394b/1/8z9sz1fxxI8RwU_QBUBazONtA7g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:7f:e7:37:46:8a:1c:be:89:c1:18:e3:47:92:1d:37:24:b0:
         d3:37:5a:ed:de:1b:50:fe:0b:e3:be:77:6b:24:33:1e:e3:60:
         1a:75:88:f7:32:e6:45:e8:dc:77:fe:e6:a7:84:d6:88:9f:5b:
         0e:cb:22:21:7f:36:a5:e9:08:48:f0:1a:c0:25:06:6a:f2:39:
         9b:41:86:c0:80:90:38:ac:af:60:98:f9:92:c9:7f:40:e7:94:
         de:c0:d7:57:f8:9c:66:96:6c:fb:ad:44:5d:e0:f6:71:bc:38:
         8e:73:26:03:04:ac:2b:eb:7c:f1:5a:94:24:57:95:02:31:ea:
         4f:03:e9:3c:38:55:9e:93:89:6a:38:b3:f2:5a:09:75:4d:ac:
         97:bc:c8:d8:c3:e1:62:e5:17:74:37:7b:dd:5e:fd:1a:0f:5d:
         3d:bb:de:ef:2d:2f:35:35:f6:3d:4a:1c:46:68:23:ad:37:ee:
         e6:2f:f2:da:b2:c1:31:cc:64:67:89:2c:b1:2e:23:45:eb:3d:
         cb:cc:ce:8b:d8:c2:2b:5c:5e:0c:6e:aa:73:c2:85:ea:6a:68:
         79:55:d1:07:c2:97:65:8a:c3:cf:2f:60:6e:a2:26:a2:11:1b:
         2d:9b:6f:35:6a:f4:c9:3a:61:b8:f4:5a:47:3d:51:a1:fc:05:
         3e:76:1c:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx+/qChQArMPnFRzEfCcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzM2Y2Y2NmNTdmMWM0OGYxMWMxNGZkMDA1NDA1YWNjZTM2
ZDAzYjgwHhcNMjYwMzAyMDkwMTI3WhcNMjYwMzAzMDkwMTI3WjAzMTEwLwYDVQQD
EygyNGRkZTUyZTMxYzNmMzE0NWZkZTVhOTBjY2IzMzI4Y2JmMzEyNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2upaIzGgyvu9Hi/j9o1+QllNv1tU
2/ClvYCAAvHbW/FUGRmb/HOZ6bTvpBQS6hJta3TZaU2CheUbSaYUnR4tPBn26dJW
+KL43zWIb5Ki9eNuSPcHUjcGz5fB9Z7IBRE5diMdxg+IspOU6cJqChw2TFJ2x1bT
ltIfNpU94DnWNKsGJK+Sr77efHj9tnsZKHySwY/jS0aP/OTpFkzFLDWX7tQHfAmQ
/vPXLYoErAq51c+oYmlrpOMEfVD/YrzuaBKHlVNhHOCFM6UitOw2zQl/iGV8D1ji
/pb9Ji0xmTkw0yh9cuWRry+vEP6spKmgUmuXoPHucxT7GzPAaU9HBy86bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTd5S4xw/MUX95akMyzMoy/MSWuMB8GA1UdIwQY
MBaAFPM/bM9X8cSPEcFP0AVAWszjbQO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHo5c3oxZnh4SThSd1VfUUJVQmF6T050QTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jZGMyZWMtZDBlZS00MzZhLThkMTEt
ZjVkNmI0OTIzOTRiLzEvOHo5c3oxZnh4SThSd1VfUUJVQmF6T050QTdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jZGMyZWMtZDBlZS00MzZhLThkMTEtZjVkNmI0OTIzOTRi
LzEvOHo5c3oxZnh4SThSd1VfUUJVQmF6T050QTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZn/nN0aK
HL6JwRjjR5IdNySw0zda7d4bUP4L4753ayQzHuNgGnWI9zLmRejcd/7mp4TWiJ9b
DssiIX82pekISPAawCUGavI5m0GGwICQOKyvYJj5ksl/QOeU3sDXV/icZpZs+61E
XeD2cbw4jnMmAwSsK+t88VqUJFeVAjHqTwPpPDhVnpOJajiz8loJdU2sl7zI2MPh
YuUXdDd73V79Gg9dPbve7y0vNTX2PUocRmgjrTfu5i/y2rLBMcxkZ4kssS4jRes9
y8zOi9jCK1xeDG6qc8KF6mpoeVXRB8KXZYrDzy9gbqImohEbLZtvNWr0yTphuPRa
Rz1RofwFPnYcKg==
-----END CERTIFICATE-----