Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
File:                     2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft (raw, json)
Hash identifier:          I3149oEQCzfMwlX4r49peNKpVppsOtksyWsw1SvARDA=
Subject key identifier:   F3:6A:A7:C5:EB:42:97:E3:3D:2F:74:01:28:FD:49:C3:D8:F7:8F:ED
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Certificate issuer:       /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial:       019CAA21D2A266CEDB6BDED972E44A170701
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
Manifest number:          185D
Signing time:             Sun 01 Mar 2026 16:01:09 +0000
Manifest this update:     Sun 01 Mar 2026 16:01:09 +0000
Manifest next update:     Mon 02 Mar 2026 16:01:09 +0000
Files and hashes:         1: 2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl (hash: ELpS3Ph/6Zpnzm9V/n9pquWNYLO1YWMPY21Wh5eeSJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:d2:a2:66:ce:db:6b:de:d9:72:e4:4a:17:07:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
        Validity
            Not Before: Mar  1 16:01:09 2026 GMT
            Not After : Mar  2 16:01:09 2026 GMT
        Subject: CN=f36aa7c5eb4297e33d2f740128fd49c3d8f78fed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:a9:40:60:fb:d0:e7:8c:0d:b1:ca:90:ca:c8:
                    85:f5:22:40:71:5d:68:29:74:b7:2f:dc:91:8e:02:
                    2e:2e:17:e9:85:f3:c1:a3:37:c2:04:5b:d7:4e:43:
                    60:49:c1:29:ff:c3:22:b3:15:de:51:b7:3b:77:b1:
                    c3:21:ad:8e:80:76:9a:80:cd:fd:d1:b9:cc:5e:03:
                    fd:bd:56:a3:82:ff:75:3a:ed:35:39:03:a9:a1:b2:
                    c3:52:9c:1a:b2:17:0e:0f:87:a2:1f:23:1f:4b:1a:
                    88:04:55:f5:a9:df:b5:2e:9a:83:4d:6f:86:90:94:
                    45:2f:6d:71:52:a6:9e:0a:81:55:7e:91:02:21:bb:
                    e8:4f:50:5c:52:e2:d5:23:52:b6:a0:2c:04:c2:2c:
                    e8:cb:f5:5c:44:69:fa:9e:ef:73:db:f8:8e:b3:0b:
                    88:e1:2c:f5:b8:3d:2f:6c:31:2b:7b:5d:45:c2:c9:
                    90:49:80:49:d1:d9:b2:f2:c0:b0:3a:b1:ee:c0:77:
                    74:eb:7a:3e:30:18:a1:34:84:b3:fd:ed:5a:e7:c4:
                    dd:61:ce:60:3d:78:4a:22:79:9d:cb:76:2d:20:a9:
                    81:b5:33:87:b3:4e:6f:45:05:0a:21:39:2e:3e:54:
                    36:14:bb:ba:4e:03:be:cb:10:86:4d:14:fa:b8:c3:
                    a6:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:6A:A7:C5:EB:42:97:E3:3D:2F:74:01:28:FD:49:C3:D8:F7:8F:ED
            X509v3 Authority Key Identifier:
                keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:4e:31:8c:dc:e1:bb:81:98:6f:f1:ca:3d:f6:ad:29:e2:9c:
         4d:db:78:d2:47:b0:b6:60:58:9b:0c:7b:b8:54:fc:57:88:27:
         a8:e2:c7:b0:29:f5:0d:14:f2:1b:94:b3:76:13:92:16:a4:4c:
         e2:e3:a8:2a:8b:a4:26:f9:fd:ec:3c:b2:78:68:40:c1:a4:7e:
         09:4e:cc:b0:7b:c3:17:03:b1:78:0a:24:b1:7f:e8:cc:77:14:
         e1:ae:c6:b8:be:d7:75:e9:a7:4a:e3:70:e7:58:8c:73:68:c5:
         3a:a7:7b:ac:8a:98:39:52:bd:c9:a2:2a:ee:bb:11:da:22:73:
         f1:a0:73:e0:fb:be:74:b1:0b:14:eb:0c:dd:86:cd:e2:4d:2a:
         8d:96:99:b5:a4:a7:5f:f2:bf:0f:e3:83:af:34:ed:84:45:f1:
         f7:c3:1d:c8:f9:e4:db:26:03:5b:a4:62:25:e2:87:5f:37:0c:
         ae:b3:f0:a4:4b:07:d7:1a:42:6b:99:a4:2d:3a:04:b7:68:6c:
         b6:c7:cd:14:7e:c5:e0:87:c6:ee:5d:82:dd:54:bb:39:44:d8:
         a5:88:a3:0f:1b:99:6a:e2:29:27:5c:ab:ef:f8:0e:cb:d3:ec:
         df:51:59:d6:54:50:12:a2:93:82:52:99:c4:84:d1:7c:88:53:
         eb:c9:4b:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIdKiZs7ba97ZcuRKFwcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjYwMzAxMTYwMTA5WhcNMjYwMzAyMTYwMTA5WjAzMTEwLwYDVQQD
EyhmMzZhYTdjNWViNDI5N2UzM2QyZjc0MDEyOGZkNDljM2Q4Zjc4ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsalAYPvQ54wNscqQysiF9SJAcV1o
KXS3L9yRjgIuLhfphfPBozfCBFvXTkNgScEp/8MisxXeUbc7d7HDIa2OgHaagM39
0bnMXgP9vVajgv91Ou01OQOpobLDUpwashcOD4eiHyMfSxqIBFX1qd+1LpqDTW+G
kJRFL21xUqaeCoFVfpECIbvoT1BcUuLVI1K2oCwEwizoy/VcRGn6nu9z2/iOswuI
4Sz1uD0vbDEre11FwsmQSYBJ0dmy8sCwOrHuwHd063o+MBihNISz/e1a58TdYc5g
PXhKInmdy3YtIKmBtTOHs05vRQUKITkuPlQ2FLu6TgO+yxCGTRT6uMOmPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNqp8XrQpfjPS90ASj9ScPY94/tMB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEU4xjNzh
u4GYb/HKPfatKeKcTdt40kewtmBYmwx7uFT8V4gnqOLHsCn1DRTyG5SzdhOSFqRM
4uOoKoukJvn97DyyeGhAwaR+CU7MsHvDFwOxeAoksX/ozHcU4a7GuL7XdemnSuNw
51iMc2jFOqd7rIqYOVK9yaIq7rsR2iJz8aBz4Pu+dLELFOsM3YbN4k0qjZaZtaSn
X/K/D+ODrzTthEXx98MdyPnk2yYDW6RiJeKHXzcMrrPwpEsH1xpCa5mkLToEt2hs
tsfNFH7F4IfG7l2C3VS7OUTYpYijDxuZauIpJ1yr7/gOy9Ps31FZ1lRQEqKTglKZ
xITRfIhT68lLJA==
-----END CERTIFICATE-----