Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
File:                     clOCbDGl92CXvNwqL2UZiKE2flM.mft (raw, json)
Hash identifier:          XeaHc/ZrB6Vc/EUuYlCfmqya4QOIiKan6n7MKbxYKGc=
Subject key identifier:   D4:01:91:5A:7E:48:35:97:2E:4F:D2:0F:CC:FE:E3:77:F1:B2:E6:3C
Authority key identifier: 72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
Certificate issuer:       /CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Certificate serial:       019CADC7F69149D58A2555BE0CE6FF56442C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
Manifest number:          0B1F
Signing time:             Mon 02 Mar 2026 09:01:28 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:28 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:28 +0000
Files and hashes:         1: clOCbDGl92CXvNwqL2UZiKE2flM.crl (hash: wO5vKo75968YQ6cKuhaj3wMD6xeLObebLGYcONLfCns=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:f6:91:49:d5:8a:25:55:be:0c:e6:ff:56:44:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7253826c31a5f76097bcdc2a2f651988a1367e53
        Validity
            Not Before: Mar  2 09:01:28 2026 GMT
            Not After : Mar  3 09:01:28 2026 GMT
        Subject: CN=d401915a7e4835972e4fd20fccfee377f1b2e63c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:89:5a:e9:bd:26:e1:ca:b5:56:8f:a4:4a:bf:
                    63:b2:0a:4b:75:57:49:cc:e0:38:c2:d5:be:92:81:
                    5c:23:dc:05:f5:15:63:f6:1b:ec:8d:18:49:5f:7a:
                    48:d7:74:72:90:b3:b4:cb:23:cb:a9:0e:9c:d2:c9:
                    b5:51:73:1d:4f:a4:bf:a0:fe:5b:b2:c4:c0:ba:7e:
                    51:d1:19:ef:f7:a4:0f:55:c2:b8:35:56:b1:09:1c:
                    0b:eb:34:38:55:b6:25:74:c1:96:9e:3f:d1:31:a8:
                    0a:3b:52:83:f8:63:da:7c:4b:ea:a0:20:ba:1a:a2:
                    3b:c9:33:9d:fb:ea:5f:cb:41:7a:c3:2f:9d:c0:f3:
                    20:4e:64:76:7c:a4:39:06:94:bc:dd:b7:b6:22:54:
                    0e:c1:7c:99:42:a7:48:92:f5:da:73:55:d7:bd:c7:
                    fa:de:62:c3:2b:92:f0:a5:c5:56:f0:22:ea:f1:23:
                    99:b0:e2:f5:1c:b0:15:65:cf:57:e6:7d:a3:39:90:
                    fe:70:c3:09:a8:d6:07:e2:8d:06:c6:c7:dd:d9:6b:
                    40:df:65:41:08:f7:8c:da:46:14:86:b8:eb:fa:cd:
                    08:00:25:15:06:aa:63:0a:e8:02:2e:15:ea:4f:a6:
                    0c:bc:ba:57:d2:9f:ac:9b:3a:85:e4:9e:6c:d0:94:
                    3c:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:01:91:5A:7E:48:35:97:2E:4F:D2:0F:CC:FE:E3:77:F1:B2:E6:3C
            X509v3 Authority Key Identifier:
                keyid:72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:74:8d:bf:c7:e5:dd:0c:fe:80:b3:4e:3a:b6:ad:f7:63:bc:
         c0:4b:be:8a:5d:67:65:a0:3d:31:05:33:86:97:d0:c9:ff:b8:
         40:47:fd:19:27:cd:72:f2:08:4c:d9:c8:ca:59:1b:b5:16:34:
         0c:bc:f5:cd:1d:99:a7:e2:de:dc:56:37:e9:3f:2d:54:62:1b:
         9d:00:70:54:74:55:82:e6:5c:bb:02:6c:3c:64:c5:3c:13:8c:
         04:ae:df:ba:a1:95:cd:30:df:bf:b7:11:1a:b2:84:6c:d7:86:
         67:04:16:b5:44:a7:80:b4:44:10:9e:c8:de:1a:c0:16:cd:58:
         13:04:fc:4a:aa:82:96:6e:6d:4f:47:dd:31:3f:e7:4b:7a:0d:
         2b:b6:68:b4:a8:c4:86:d6:7b:b6:96:64:6a:58:6b:aa:08:6a:
         f5:4f:af:81:85:d4:fd:8a:26:0b:d9:77:23:71:17:1b:e0:6d:
         b9:3c:0e:98:d0:19:00:5b:9a:a4:15:63:2e:f5:df:32:79:f7:
         ce:51:77:17:bd:c2:ac:e3:e7:40:9a:6c:2f:72:c7:49:23:c2:
         8a:92:36:e0:5b:74:70:a9:e7:54:90:a0:f4:f9:3b:4c:b8:47:
         cc:40:ca:84:50:63:be:44:1f:a0:84:75:6d:cb:c3:fa:15:96:
         93:a3:40:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx/aRSdWKJVW+DOb/VkQsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTM4MjZjMzFhNWY3NjA5N2JjZGMyYTJmNjUxOTg4YTEz
NjdlNTMwHhcNMjYwMzAyMDkwMTI4WhcNMjYwMzAzMDkwMTI4WjAzMTEwLwYDVQQD
EyhkNDAxOTE1YTdlNDgzNTk3MmU0ZmQyMGZjY2ZlZTM3N2YxYjJlNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYla6b0m4cq1Vo+kSr9jsgpLdVdJ
zOA4wtW+koFcI9wF9RVj9hvsjRhJX3pI13RykLO0yyPLqQ6c0sm1UXMdT6S/oP5b
ssTAun5R0Rnv96QPVcK4NVaxCRwL6zQ4VbYldMGWnj/RMagKO1KD+GPafEvqoCC6
GqI7yTOd++pfy0F6wy+dwPMgTmR2fKQ5BpS83be2IlQOwXyZQqdIkvXac1XXvcf6
3mLDK5LwpcVW8CLq8SOZsOL1HLAVZc9X5n2jOZD+cMMJqNYH4o0Gxsfd2WtA32VB
CPeM2kYUhrjr+s0IACUVBqpjCugCLhXqT6YMvLpX0p+smzqF5J5s0JQ8owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQBkVp+SDWXLk/SD8z+43fxsuY8MB8GA1UdIwQY
MBaAFHJTgmwxpfdgl7zcKi9lGYihNn5TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGIt
ZjNmNTFjMTA3MGI5LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGItZjNmNTFjMTA3MGI5
LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALnSNv8fl
3Qz+gLNOOrat92O8wEu+il1nZaA9MQUzhpfQyf+4QEf9GSfNcvIITNnIylkbtRY0
DLz1zR2Zp+Le3FY36T8tVGIbnQBwVHRVguZcuwJsPGTFPBOMBK7fuqGVzTDfv7cR
GrKEbNeGZwQWtUSngLREEJ7I3hrAFs1YEwT8SqqClm5tT0fdMT/nS3oNK7ZotKjE
htZ7tpZkalhrqghq9U+vgYXU/YomC9l3I3EXG+BtuTwOmNAZAFuapBVjLvXfMnn3
zlF3F73CrOPnQJpsL3LHSSPCipI24Ft0cKnnVJCg9Pk7TLhHzEDKhFBjvkQfoIR1
bcvD+hWWk6NAIg==
-----END CERTIFICATE-----