Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft
File:                     iwUOQskY3jwnNm3vQzph8Tw7FrI.mft (raw, json)
Hash identifier:          c9OhNPvptAjZGDYShhrM9oLm2TY1jOfQv0JBZfjl0R8=
Subject key identifier:   3B:BB:FD:E2:3A:18:9A:65:91:C3:0A:A0:65:38:AA:57:B2:48:E5:B7
Authority key identifier: 8B:05:0E:42:C9:18:DE:3C:27:36:6D:EF:43:3A:61:F1:3C:3B:16:B2
Certificate issuer:       /CN=8b050e42c918de3c27366def433a61f13c3b16b2
Certificate serial:       019CAB6BC4749E1F479B269DA317353E9702
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iwUOQskY3jwnNm3vQzph8Tw7FrI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 22:01:32 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:32 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:32 +0000
Files and hashes:         1: iwUOQskY3jwnNm3vQzph8Tw7FrI.crl (hash: ACvfFyz1h5ZDtT0ATDCh8RTe6bowFen96ZdKZlkTYbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iwUOQskY3jwnNm3vQzph8Tw7FrI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:c4:74:9e:1f:47:9b:26:9d:a3:17:35:3e:97:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b050e42c918de3c27366def433a61f13c3b16b2
        Validity
            Not Before: Mar  1 22:01:32 2026 GMT
            Not After : Mar  2 22:01:32 2026 GMT
        Subject: CN=3bbbfde23a189a6591c30aa06538aa57b248e5b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a2:72:00:50:06:bf:07:18:53:4b:63:18:99:
                    04:c6:38:fa:cc:d2:9e:04:d9:37:26:b8:aa:9b:66:
                    40:73:c9:87:a4:6c:25:d3:21:c4:c8:94:18:82:3f:
                    c4:c5:6e:1d:90:a5:51:bb:15:17:87:0b:e9:44:57:
                    e8:16:5d:60:a4:a3:a5:1c:e9:66:83:02:cd:6b:19:
                    09:22:12:07:66:35:45:c0:b1:d6:56:db:ac:5c:5d:
                    ce:12:d9:93:bf:cb:d4:b8:8c:c1:e5:23:7a:99:2a:
                    cc:21:14:9a:a5:e7:c3:17:e6:69:0f:aa:61:1b:00:
                    0b:d5:7e:78:d1:b6:b6:ad:3e:a9:2c:a7:74:6a:a0:
                    74:27:a8:2d:de:54:72:06:14:ba:04:40:13:5e:02:
                    d8:ed:c2:77:ce:df:64:cb:f9:8f:16:49:50:28:49:
                    8b:76:7b:4c:3b:aa:1b:fa:fc:93:a9:6e:93:07:b5:
                    7b:9b:c8:23:23:31:91:0f:d0:3c:8a:8c:95:dd:be:
                    99:c5:2c:7b:e2:7f:52:41:1e:62:05:0a:54:14:6f:
                    77:da:93:66:0e:17:3b:08:de:df:59:32:ef:66:21:
                    b5:52:69:4f:eb:9c:f1:f6:b8:ea:20:f7:cf:1f:48:
                    77:05:d1:89:c2:02:84:a8:67:06:db:1e:18:ae:89:
                    41:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:BB:FD:E2:3A:18:9A:65:91:C3:0A:A0:65:38:AA:57:B2:48:E5:B7
            X509v3 Authority Key Identifier:
                keyid:8B:05:0E:42:C9:18:DE:3C:27:36:6D:EF:43:3A:61:F1:3C:3B:16:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwUOQskY3jwnNm3vQzph8Tw7FrI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4a6c6d-b855-4b46-b32f-cac2cfff6779/1/iwUOQskY3jwnNm3vQzph8Tw7FrI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:dc:0b:5d:a5:95:53:a8:31:b6:b3:38:b6:6a:3f:db:0c:cc:
         4c:85:2e:69:ff:10:bf:d1:b0:d8:73:1e:8b:27:44:61:94:9c:
         26:9d:49:a0:48:ae:76:a3:52:d8:5d:5a:fe:89:94:14:42:fb:
         35:e1:46:a9:1c:eb:76:78:ca:18:d0:4d:8b:df:3f:e7:6b:db:
         ed:90:72:13:94:96:fc:50:53:89:41:d3:8c:57:cd:34:49:29:
         66:c1:39:35:d9:65:25:d0:76:db:ca:80:6d:eb:2e:13:04:2c:
         48:f0:9c:61:36:da:05:e4:98:35:f3:65:d0:92:1e:0f:d6:9b:
         a8:b0:4a:ec:64:de:78:cc:c2:7b:22:f1:96:71:ea:cd:bd:a9:
         42:45:55:80:7f:2c:c5:c0:95:2d:6a:4a:b5:b0:27:2b:ea:20:
         7c:df:cd:12:df:51:3d:90:58:e1:e8:6b:49:3e:70:69:dc:2e:
         53:8b:02:88:4a:e6:ac:a4:37:73:26:a0:9e:a9:7c:69:5d:b8:
         40:3f:67:ce:78:6f:d1:b0:5f:e7:be:4f:d0:35:f2:ec:8c:76:
         c7:2b:d2:d6:29:cf:9c:c9:4a:37:5e:5f:71:e6:70:98:fb:9b:
         22:f7:5d:d0:93:d8:05:b8:33:e4:c8:ac:f4:7a:a8:68:f5:31:
         f9:b4:c7:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra8R0nh9Hmyadoxc1PpcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDUwZTQyYzkxOGRlM2MyNzM2NmRlZjQzM2E2MWYxM2Mz
YjE2YjIwHhcNMjYwMzAxMjIwMTMyWhcNMjYwMzAyMjIwMTMyWjAzMTEwLwYDVQQD
EygzYmJiZmRlMjNhMTg5YTY1OTFjMzBhYTA2NTM4YWE1N2IyNDhlNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qJyAFAGvwcYU0tjGJkExjj6zNKe
BNk3Jriqm2ZAc8mHpGwl0yHEyJQYgj/ExW4dkKVRuxUXhwvpRFfoFl1gpKOlHOlm
gwLNaxkJIhIHZjVFwLHWVtusXF3OEtmTv8vUuIzB5SN6mSrMIRSapefDF+ZpD6ph
GwAL1X540ba2rT6pLKd0aqB0J6gt3lRyBhS6BEATXgLY7cJ3zt9ky/mPFklQKEmL
dntMO6ob+vyTqW6TB7V7m8gjIzGRD9A8ioyV3b6ZxSx74n9SQR5iBQpUFG932pNm
Dhc7CN7fWTLvZiG1UmlP65zx9rjqIPfPH0h3BdGJwgKEqGcG2x4YrolBXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDu7/eI6GJplkcMKoGU4qleySOW3MB8GA1UdIwQY
MBaAFIsFDkLJGN48JzZt70M6YfE8OxayMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdVT1Fza1kzanduTm0zdlF6cGg4VHc3RnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80YTZjNmQtYjg1NS00YjQ2LWIzMmYt
Y2FjMmNmZmY2Nzc5LzEvaXdVT1Fza1kzanduTm0zdlF6cGg4VHc3RnJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80YTZjNmQtYjg1NS00YjQ2LWIzMmYtY2FjMmNmZmY2Nzc5
LzEvaXdVT1Fza1kzanduTm0zdlF6cGg4VHc3RnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxtwLXaWV
U6gxtrM4tmo/2wzMTIUuaf8Qv9Gw2HMeiydEYZScJp1JoEiudqNS2F1a/omUFEL7
NeFGqRzrdnjKGNBNi98/52vb7ZByE5SW/FBTiUHTjFfNNEkpZsE5NdllJdB228qA
besuEwQsSPCcYTbaBeSYNfNl0JIeD9abqLBK7GTeeMzCeyLxlnHqzb2pQkVVgH8s
xcCVLWpKtbAnK+ogfN/NEt9RPZBY4ehrST5wadwuU4sCiErmrKQ3cyagnql8aV24
QD9nznhv0bBf575P0DXy7Ix2xyvS1inPnMlKN15fceZwmPubIvdd0JPYBbgz5Mis
9HqoaPUx+bTHdQ==
-----END CERTIFICATE-----