Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
File:                     cLqzJoCFMIofjVcIS52qHr-V4Nw.mft (raw, json)
Hash identifier:          CC9auj9esmRoRaf76+YUGSIfh1E6OIc1TmPER4qNsAk=
Subject key identifier:   54:E3:9A:ED:E3:85:DC:E1:38:ED:26:2D:9A:E4:E4:4F:24:E1:68:AD
Authority key identifier: 70:BA:B3:26:80:85:30:8A:1F:8D:57:08:4B:9D:AA:1E:BF:95:E0:DC
Certificate issuer:       /CN=70bab3268085308a1f8d57084b9daa1ebf95e0dc
Certificate serial:       019CAB6B2519B3B9F4E6104DB9463E06F1D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
Manifest number:          1840
Signing time:             Sun 01 Mar 2026 22:00:51 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:51 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:51 +0000
Files and hashes:         1: cLqzJoCFMIofjVcIS52qHr-V4Nw.crl (hash: 0Oi4zNRccSP8eb4p4p0JVPHfLhKSItgziASNVDAkN+w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:25:19:b3:b9:f4:e6:10:4d:b9:46:3e:06:f1:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70bab3268085308a1f8d57084b9daa1ebf95e0dc
        Validity
            Not Before: Mar  1 22:00:51 2026 GMT
            Not After : Mar  2 22:00:51 2026 GMT
        Subject: CN=54e39aede385dce138ed262d9ae4e44f24e168ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:d8:d5:59:87:75:cb:c4:34:03:16:94:0d:f6:
                    df:78:00:64:17:eb:33:66:56:31:af:85:0a:0f:95:
                    86:19:3b:53:26:57:39:e8:3c:a4:9e:57:db:52:57:
                    b0:f0:a8:df:59:8f:80:48:51:19:f5:99:7e:f8:44:
                    58:6e:66:c1:ed:32:85:82:d8:ac:9e:67:56:8f:6b:
                    1b:2d:da:ed:c8:b6:3d:72:b4:cb:51:20:3b:91:18:
                    e3:e0:0f:7a:b9:90:2e:36:bf:a1:f8:7b:cc:15:b7:
                    89:cd:35:10:aa:c2:71:27:3a:97:5a:62:51:11:0f:
                    b6:3a:ae:ed:a8:c1:33:29:12:85:4d:fb:b7:74:4e:
                    74:ec:d3:5b:14:2e:ae:a0:62:bc:88:fe:65:b5:0c:
                    12:98:52:52:ed:b5:f4:13:65:c5:a8:fb:99:2d:17:
                    d4:36:4a:26:b5:f5:d2:95:56:98:d9:19:c8:9f:e0:
                    9c:5a:51:4f:3d:d3:41:3d:eb:91:9c:e9:06:45:ce:
                    39:e6:53:58:a6:2a:07:5a:2b:0f:ad:be:d2:d1:7a:
                    6a:d6:05:ca:97:4f:22:5c:7c:1a:99:88:98:33:d5:
                    ce:00:62:da:7f:be:f3:be:13:31:b0:ba:4e:b7:5b:
                    9f:6f:b1:b6:21:47:3a:dd:bb:8b:1e:8b:35:94:7a:
                    80:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:E3:9A:ED:E3:85:DC:E1:38:ED:26:2D:9A:E4:E4:4F:24:E1:68:AD
            X509v3 Authority Key Identifier:
                keyid:70:BA:B3:26:80:85:30:8A:1F:8D:57:08:4B:9D:AA:1E:BF:95:E0:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLqzJoCFMIofjVcIS52qHr-V4Nw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6fd3ef-d558-4e70-a214-52aefb6568ae/1/cLqzJoCFMIofjVcIS52qHr-V4Nw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:0f:aa:e3:d8:e7:ca:75:82:1c:bc:74:63:5b:3f:aa:20:6e:
         df:bd:20:01:e0:7d:16:06:cc:2f:ce:5c:10:dc:3d:8a:8f:53:
         8f:02:c6:3b:c3:be:ef:e4:79:8a:89:76:20:7f:10:95:46:19:
         5f:65:bd:64:0f:55:c7:33:35:bc:1f:19:50:b0:79:07:a0:39:
         3c:e1:47:c8:8e:81:88:88:aa:8f:62:c4:13:56:ba:19:9a:ea:
         6b:2a:7c:f3:12:14:8a:75:68:26:b7:72:22:68:53:96:ba:eb:
         e5:c9:85:d0:d0:6c:be:8c:68:c3:44:e8:5d:c1:36:35:96:a7:
         42:0a:ac:4e:d0:e0:2d:93:04:cf:1f:0b:1f:4e:e9:9e:98:1c:
         d4:2a:b3:07:47:3d:ac:cf:ac:35:eb:29:f1:4c:98:5d:76:1f:
         0d:fe:94:ce:9f:1f:d9:01:71:43:91:46:e6:ae:30:55:86:cc:
         89:03:55:0e:cd:d0:ce:d7:d7:26:99:f0:d6:b5:fc:6a:c5:3a:
         32:e8:30:f9:54:94:4c:1e:07:81:98:3a:7b:32:89:be:6b:e2:
         44:8f:91:bf:c6:74:25:1d:5e:c7:67:99:42:6c:4a:ca:c0:58:
         3f:41:8f:9e:f3:20:c8:e9:70:a4:28:1d:e1:64:8c:53:51:4f:
         fd:27:34:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrayUZs7n05hBNuUY+BvHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmFiMzI2ODA4NTMwOGExZjhkNTcwODRiOWRhYTFlYmY5
NWUwZGMwHhcNMjYwMzAxMjIwMDUxWhcNMjYwMzAyMjIwMDUxWjAzMTEwLwYDVQQD
Eyg1NGUzOWFlZGUzODVkY2UxMzhlZDI2MmQ5YWU0ZTQ0ZjI0ZTE2OGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NjVWYd1y8Q0AxaUDfbfeABkF+sz
ZlYxr4UKD5WGGTtTJlc56DyknlfbUlew8KjfWY+ASFEZ9Zl++ERYbmbB7TKFgtis
nmdWj2sbLdrtyLY9crTLUSA7kRjj4A96uZAuNr+h+HvMFbeJzTUQqsJxJzqXWmJR
EQ+2Oq7tqMEzKRKFTfu3dE507NNbFC6uoGK8iP5ltQwSmFJS7bX0E2XFqPuZLRfU
NkomtfXSlVaY2RnIn+CcWlFPPdNBPeuRnOkGRc455lNYpioHWisPrb7S0Xpq1gXK
l08iXHwamYiYM9XOAGLaf77zvhMxsLpOt1ufb7G2IUc63buLHos1lHqAJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTjmu3jhdzhOO0mLZrk5E8k4WitMB8GA1UdIwQY
MBaAFHC6syaAhTCKH41XCEudqh6/leDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82ZmQzZWYtZDU1OC00ZTcwLWEyMTQt
NTJhZWZiNjU2OGFlLzEvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82ZmQzZWYtZDU1OC00ZTcwLWEyMTQtNTJhZWZiNjU2OGFl
LzEvY0xxekpvQ0ZNSW9malZjSVM1MnFIci1WNE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgQ+q49jn
ynWCHLx0Y1s/qiBu370gAeB9FgbML85cENw9io9TjwLGO8O+7+R5iol2IH8QlUYZ
X2W9ZA9VxzM1vB8ZULB5B6A5POFHyI6BiIiqj2LEE1a6GZrqayp88xIUinVoJrdy
ImhTlrrr5cmF0NBsvoxow0ToXcE2NZanQgqsTtDgLZMEzx8LH07pnpgc1CqzB0c9
rM+sNesp8UyYXXYfDf6Uzp8f2QFxQ5FG5q4wVYbMiQNVDs3QztfXJpnw1rX8asU6
Mugw+VSUTB4HgZg6ezKJvmviRI+Rv8Z0JR1ex2eZQmxKysBYP0GPnvMgyOlwpCgd
4WSMU1FP/Sc07Q==
-----END CERTIFICATE-----