Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          iVJiPTFQK+vw4jpwmGbSU8MPfEnT7RPjkuwd4X2V7Do=
Subject key identifier:   54:00:81:BA:5F:7E:63:43:CB:F3:DA:DC:21:06:30:BA:59:3B:A8:B7
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       019CAA58932F4AF1B4C1C6CE6F8C20AED16E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          1444
Signing time:             Sun 01 Mar 2026 17:00:57 +0000
Manifest this update:     Sun 01 Mar 2026 17:00:57 +0000
Manifest next update:     Mon 02 Mar 2026 17:00:57 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: UXDDoxZ0gJ9mk67wQOAEideEZdCDpB/Mi9GQsBW6fCQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:93:2f:4a:f1:b4:c1:c6:ce:6f:8c:20:ae:d1:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Mar  1 17:00:57 2026 GMT
            Not After : Mar  2 17:00:57 2026 GMT
        Subject: CN=540081ba5f7e6343cbf3dadc210630ba593ba8b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d8:90:61:73:2a:92:6b:4c:6d:fd:0b:a2:7b:
                    73:6d:24:29:83:d9:68:64:3b:2c:22:1d:8b:ea:55:
                    36:eb:6a:63:3c:ee:c6:f0:25:4a:b9:16:da:b3:1e:
                    14:e4:aa:4f:69:78:63:3a:87:66:26:bd:ff:e8:01:
                    49:1c:38:79:55:6a:06:0f:56:e0:40:0c:5d:fe:25:
                    ba:f9:5e:d1:d5:25:5f:0c:76:e7:15:ec:c5:12:8f:
                    73:fa:4a:e1:6c:c7:35:0a:f6:05:af:73:f6:4b:46:
                    2c:b3:d3:25:78:9e:95:5f:7b:f8:df:83:44:bc:a7:
                    8f:ba:9d:e0:77:85:46:8f:90:b4:b8:2c:16:10:14:
                    e1:06:de:11:53:ca:48:87:79:72:d2:76:9d:17:c8:
                    a4:2d:fa:0e:f7:7f:33:13:1c:41:37:2a:be:1c:e6:
                    21:5c:9f:f7:40:13:1b:f2:d7:b4:92:ac:fc:64:c3:
                    a4:34:93:55:a3:d8:d6:44:04:25:bc:75:30:0c:a9:
                    8b:5a:8f:6a:5d:71:54:1f:5a:2a:6d:b3:7d:61:e5:
                    b1:b7:e3:07:ef:e4:37:07:cc:68:90:55:4e:0f:0b:
                    c5:75:9f:c7:54:46:3f:d8:48:4b:11:4a:34:84:04:
                    2f:d9:87:0f:1b:fa:82:5b:56:de:53:8d:cd:38:6e:
                    10:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:00:81:BA:5F:7E:63:43:CB:F3:DA:DC:21:06:30:BA:59:3B:A8:B7
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:99:4b:64:42:70:11:c1:33:5e:b7:6b:3d:49:1f:30:ec:c3:
         62:db:85:f4:f6:12:de:ed:b8:23:b5:49:c4:6e:73:f6:a6:64:
         ff:e9:8d:ff:05:84:47:01:0b:7e:bc:5b:f0:23:d7:84:b4:12:
         fb:b6:cb:3c:a1:0b:1a:0f:50:d0:49:87:b1:52:6e:97:f9:25:
         0d:1a:b5:39:d3:94:93:7e:52:b5:c9:50:d7:4a:13:4b:fa:4a:
         86:8e:ef:00:1d:20:df:bb:0a:8c:eb:82:70:ea:7a:7e:a4:91:
         2f:2c:aa:79:79:37:76:2f:73:cf:e8:26:fa:97:0c:d7:e7:17:
         02:10:1e:eb:42:db:cf:dd:98:9d:8d:81:0a:c3:f4:36:c0:b4:
         b4:44:2a:52:f8:a6:98:69:78:2f:10:c7:2b:87:0a:bd:96:82:
         06:6d:50:7f:ff:db:6d:32:5d:39:2d:78:b7:c5:01:85:2d:bd:
         82:6c:8b:f8:04:20:f2:41:8b:48:09:b0:27:e1:89:8c:ef:f6:
         8d:af:61:e0:55:c1:9c:fe:97:8c:69:c2:34:ba:f8:40:d4:2b:
         eb:be:72:ca:0d:65:f5:52:79:dc:5a:5c:a5:8a:6a:c5:76:97:
         cb:2a:00:48:99:21:a4:86:8c:5c:c8:2e:fb:1d:46:86:06:c6:
         13:53:7d:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWJMvSvG0wcbOb4wgrtFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjYwMzAxMTcwMDU3WhcNMjYwMzAyMTcwMDU3WjAzMTEwLwYDVQQD
Eyg1NDAwODFiYTVmN2U2MzQzY2JmM2RhZGMyMTA2MzBiYTU5M2JhOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNiQYXMqkmtMbf0LontzbSQpg9lo
ZDssIh2L6lU262pjPO7G8CVKuRbasx4U5KpPaXhjOodmJr3/6AFJHDh5VWoGD1bg
QAxd/iW6+V7R1SVfDHbnFezFEo9z+krhbMc1CvYFr3P2S0Yss9MleJ6VX3v434NE
vKePup3gd4VGj5C0uCwWEBThBt4RU8pIh3ly0nadF8ikLfoO938zExxBNyq+HOYh
XJ/3QBMb8te0kqz8ZMOkNJNVo9jWRAQlvHUwDKmLWo9qXXFUH1oqbbN9YeWxt+MH
7+Q3B8xokFVODwvFdZ/HVEY/2EhLEUo0hAQv2YcPG/qCW1beU43NOG4QTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQAgbpffmNDy/Pa3CEGMLpZO6i3MB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZlLZEJw
EcEzXrdrPUkfMOzDYtuF9PYS3u24I7VJxG5z9qZk/+mN/wWERwELfrxb8CPXhLQS
+7bLPKELGg9Q0EmHsVJul/klDRq1OdOUk35StclQ10oTS/pKho7vAB0g37sKjOuC
cOp6fqSRLyyqeXk3di9zz+gm+pcM1+cXAhAe60Lbz92YnY2BCsP0NsC0tEQqUvim
mGl4LxDHK4cKvZaCBm1Qf//bbTJdOS14t8UBhS29gmyL+AQg8kGLSAmwJ+GJjO/2
ja9h4FXBnP6XjGnCNLr4QNQr675yyg1l9VJ53FpcpYpqxXaXyyoASJkhpIaMXMgu
+x1GhgbGE1N95A==
-----END CERTIFICATE-----