Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          +pKwa7iM5L/ldUCyBcvxzcPAZGIjUzfqnX2HyuxuWg4=
Subject key identifier:   FA:E6:EA:E8:B0:1E:72:19:F8:C9:F4:C8:9F:41:BB:18:94:66:7B:FE
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       019CAAC68267E13E5E6CB7210391E6BC10EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          093A
Signing time:             Sun 01 Mar 2026 19:01:02 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:02 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:02 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: uOoMXSdke/7MJ0e6xcjQzEpqlOTFkkLnBfFaCqE42iE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:82:67:e1:3e:5e:6c:b7:21:03:91:e6:bc:10:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: Mar  1 19:01:02 2026 GMT
            Not After : Mar  2 19:01:02 2026 GMT
        Subject: CN=fae6eae8b01e7219f8c9f4c89f41bb1894667bfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:5a:1f:14:72:3f:70:97:51:f6:f5:8d:28:ba:
                    95:1c:4a:7e:c9:62:30:fd:61:65:22:e3:9c:0d:ee:
                    a0:32:7a:dc:92:8a:1c:8b:2d:bd:6f:fd:79:16:2d:
                    25:b3:f9:ee:a1:b1:09:50:91:72:1a:51:1d:bb:d3:
                    cc:f5:6b:97:2f:87:b8:10:b2:b8:ff:cb:e5:b8:a4:
                    53:d9:42:7f:d8:16:0b:61:1d:c7:9e:01:a4:53:d5:
                    9e:9f:3e:fe:cf:ed:1d:90:77:ac:d8:b0:08:9b:2a:
                    47:52:aa:05:b8:37:20:03:e4:c3:a5:62:1f:0f:92:
                    ac:4d:2e:dd:d1:d0:de:7c:e0:bc:c1:20:82:0b:e5:
                    4a:e5:55:b5:73:92:03:68:c8:65:d0:1b:7b:97:5b:
                    14:ca:39:01:01:49:70:8b:e1:90:87:63:8b:d7:68:
                    ae:c8:27:a2:c4:a3:bd:3b:85:31:7d:6f:65:39:a3:
                    f2:c1:fc:a9:d4:12:61:04:99:b8:c3:b6:47:2f:41:
                    82:ee:81:c6:2d:ae:78:97:ff:1a:07:f1:26:29:46:
                    73:07:94:b3:73:8c:e0:aa:cd:4c:ca:b2:74:b1:81:
                    14:38:49:20:d6:f4:91:57:90:60:af:10:0c:49:7e:
                    50:27:eb:b9:d1:d4:b0:ed:40:a2:ee:5a:e3:40:ca:
                    e0:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:E6:EA:E8:B0:1E:72:19:F8:C9:F4:C8:9F:41:BB:18:94:66:7B:FE
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:36:6a:4d:fd:30:0b:da:47:8a:5d:ed:ae:9c:f8:6d:1e:94:
         81:cc:67:6b:01:1b:4e:e0:e1:38:c7:fd:61:6b:d2:16:3f:17:
         6e:fc:a3:f4:7d:8c:26:95:01:50:dd:03:83:5e:3b:69:ec:36:
         41:b2:24:b5:a1:60:b8:be:06:5b:0e:a7:02:1f:d9:af:f5:39:
         b4:d7:78:9c:99:e4:83:3f:ef:6f:34:94:98:39:c4:f4:a5:bd:
         2e:ca:38:a6:09:48:d8:9d:c1:0c:ad:ac:cc:77:cd:40:37:96:
         19:0f:23:3f:e3:b2:72:80:a9:36:25:af:b9:8e:42:fe:69:a6:
         f6:4e:9f:8f:40:e1:d1:f1:f1:8b:69:38:79:cc:12:0a:d7:9c:
         d2:b0:0a:8c:d0:60:08:1f:d7:ea:5d:42:3b:24:b9:6b:c4:7b:
         7e:a7:20:ad:e5:bc:10:36:bd:2e:9f:dd:74:09:1f:3e:2d:0d:
         49:b7:b7:3a:b3:df:a8:79:f8:50:5f:df:b3:55:4d:ac:4f:ad:
         aa:6b:af:65:56:74:09:3a:5a:ca:87:13:b9:fa:b0:3b:f4:c5:
         f3:bb:e4:ff:20:46:47:78:cc:6c:e9:d7:58:46:b8:b0:15:43:
         29:61:c0:f6:bb:34:81:7d:73:fa:6d:7b:f6:b1:e6:b0:54:62:
         03:ab:ef:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxoJn4T5ebLchA5HmvBDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjYwMzAxMTkwMTAyWhcNMjYwMzAyMTkwMTAyWjAzMTEwLwYDVQQD
EyhmYWU2ZWFlOGIwMWU3MjE5ZjhjOWY0Yzg5ZjQxYmIxODk0NjY3YmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1ofFHI/cJdR9vWNKLqVHEp+yWIw
/WFlIuOcDe6gMnrckoociy29b/15Fi0ls/nuobEJUJFyGlEdu9PM9WuXL4e4ELK4
/8vluKRT2UJ/2BYLYR3HngGkU9Wenz7+z+0dkHes2LAImypHUqoFuDcgA+TDpWIf
D5KsTS7d0dDefOC8wSCCC+VK5VW1c5IDaMhl0Bt7l1sUyjkBAUlwi+GQh2OL12iu
yCeixKO9O4UxfW9lOaPywfyp1BJhBJm4w7ZHL0GC7oHGLa54l/8aB/EmKUZzB5Sz
c4zgqs1MyrJ0sYEUOEkg1vSRV5BgrxAMSX5QJ+u50dSw7UCi7lrjQMrgiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrm6uiwHnIZ+Mn0yJ9BuxiUZnv+MB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApTZqTf0w
C9pHil3trpz4bR6UgcxnawEbTuDhOMf9YWvSFj8Xbvyj9H2MJpUBUN0Dg147aew2
QbIktaFguL4GWw6nAh/Zr/U5tNd4nJnkgz/vbzSUmDnE9KW9Lso4pglI2J3BDK2s
zHfNQDeWGQ8jP+OycoCpNiWvuY5C/mmm9k6fj0Dh0fHxi2k4ecwSCtec0rAKjNBg
CB/X6l1COyS5a8R7fqcgreW8EDa9Lp/ddAkfPi0NSbe3OrPfqHn4UF/fs1VNrE+t
qmuvZVZ0CTpayocTufqwO/TF87vk/yBGR3jMbOnXWEa4sBVDKWHA9rs0gX1z+m17
9rHmsFRiA6vvdw==
-----END CERTIFICATE-----