Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          uAbfW3chM8eNaSePsII8MOXrgGmGiQRO12vkqvEeeBg=
Subject key identifier:   24:B5:B0:A4:D4:CF:C3:99:C7:66:C1:34:F7:B8:36:75:D0:01:8A:7A
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       019CAAC6D9763F2212137CDF1DE4E765A7A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 19:01:24 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:24 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:24 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: 7AKlVzFHDWOV8YKUrrw5xhPQQI9M5lr0EBZfsY1tTi4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 19:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:d9:76:3f:22:12:13:7c:df:1d:e4:e7:65:a7:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: Mar  1 19:01:24 2026 GMT
            Not After : Mar  2 19:01:24 2026 GMT
        Subject: CN=24b5b0a4d4cfc399c766c134f7b83675d0018a7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:4b:89:01:16:13:fb:3f:44:e1:33:cf:d1:d3:
                    af:24:c9:a0:01:2d:4f:e8:d1:41:22:c7:12:f7:a3:
                    2c:8c:ff:8c:45:e3:12:6d:8d:6c:6c:18:a3:35:59:
                    fe:94:87:2b:14:24:b1:5f:67:77:24:f5:82:e9:4f:
                    c6:57:61:34:f8:12:a8:f9:8e:5f:d4:36:8a:c1:3b:
                    8d:64:d4:4e:cd:a2:b3:f0:90:06:41:44:3e:31:db:
                    e4:41:e1:6e:02:35:95:46:41:82:f0:39:14:2d:d1:
                    03:46:a7:1f:f8:60:eb:69:33:90:b7:af:5b:ba:11:
                    3b:ca:5f:80:ab:76:9e:e2:f0:45:b5:78:b5:30:2d:
                    ac:94:13:f0:11:33:86:8f:23:51:a8:95:9f:0b:19:
                    ab:65:89:ee:b2:c8:bc:6c:a5:f7:b6:8c:02:6b:46:
                    ab:e5:04:ae:a8:1a:2e:05:74:c1:6b:05:e4:86:c7:
                    84:3a:dd:c1:59:fd:bc:6e:61:bd:71:55:8a:54:3f:
                    26:b6:93:c3:01:2d:84:18:2d:56:ff:d5:01:f9:9c:
                    39:45:3b:6b:49:e5:1f:c5:1e:7c:32:cd:72:3b:07:
                    85:ec:2b:0e:a5:9c:d0:2c:42:b0:40:f7:a6:c5:03:
                    09:d8:7c:21:b0:c4:3c:b4:1b:08:88:34:1d:6d:b6:
                    7a:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:B5:B0:A4:D4:CF:C3:99:C7:66:C1:34:F7:B8:36:75:D0:01:8A:7A
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:cb:6c:03:c8:4e:5c:26:ae:4b:6e:77:74:36:6f:52:08:d1:
         19:86:fe:0b:cb:14:7d:f0:ca:82:77:b7:a3:a7:8f:2e:67:d6:
         26:43:04:82:64:54:9e:65:c1:5a:34:d5:5e:a1:e2:4c:07:3c:
         65:3a:2f:30:fe:c8:f5:f0:63:87:cd:49:fd:41:15:62:b6:4b:
         06:84:1d:22:ce:18:b0:a1:6e:f2:e0:64:b2:9d:9f:b8:db:25:
         c9:83:20:f1:cb:3e:fb:d8:d0:7d:a2:9f:a6:74:92:2d:ce:9f:
         0d:88:01:75:cc:8f:ad:4e:e0:d2:73:03:b6:1d:7a:e9:26:95:
         62:53:c2:ed:3b:a1:51:ff:20:90:00:0a:11:da:ed:e0:c9:b4:
         0d:60:f6:92:6c:02:79:78:e4:42:c6:37:e6:3e:63:12:29:b2:
         0d:93:b4:f0:cb:78:7d:be:52:26:ab:d4:e2:e0:a8:4c:5b:e1:
         64:99:e3:36:05:98:1c:92:70:e7:96:52:a2:6e:b9:8e:d5:f6:
         c9:98:3f:39:ca:3b:cf:64:24:e1:9e:d1:3c:4a:74:1d:00:d6:
         d0:43:7d:81:2f:4c:7e:84:49:79:e9:4d:a0:4d:e2:75:c2:6a:
         10:44:b7:01:8c:10:48:04:7c:a0:ce:be:25:0c:33:da:e3:b1:
         71:9a:ba:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxtl2PyISE3zfHeTnZaeoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjYwMzAxMTkwMTI0WhcNMjYwMzAyMTkwMTI0WjAzMTEwLwYDVQQD
EygyNGI1YjBhNGQ0Y2ZjMzk5Yzc2NmMxMzRmN2I4MzY3NWQwMDE4YTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUuJARYT+z9E4TPP0dOvJMmgAS1P
6NFBIscS96MsjP+MReMSbY1sbBijNVn+lIcrFCSxX2d3JPWC6U/GV2E0+BKo+Y5f
1DaKwTuNZNROzaKz8JAGQUQ+MdvkQeFuAjWVRkGC8DkULdEDRqcf+GDraTOQt69b
uhE7yl+Aq3ae4vBFtXi1MC2slBPwETOGjyNRqJWfCxmrZYnussi8bKX3towCa0ar
5QSuqBouBXTBawXkhseEOt3BWf28bmG9cVWKVD8mtpPDAS2EGC1W/9UB+Zw5RTtr
SeUfxR58Ms1yOweF7CsOpZzQLEKwQPemxQMJ2HwhsMQ8tBsIiDQdbbZ6AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCS1sKTUz8OZx2bBNPe4NnXQAYp6MB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF8tsA8hO
XCauS253dDZvUgjRGYb+C8sUffDKgne3o6ePLmfWJkMEgmRUnmXBWjTVXqHiTAc8
ZTovMP7I9fBjh81J/UEVYrZLBoQdIs4YsKFu8uBksp2fuNslyYMg8cs++9jQfaKf
pnSSLc6fDYgBdcyPrU7g0nMDth166SaVYlPC7TuhUf8gkAAKEdrt4Mm0DWD2kmwC
eXjkQsY35j5jEimyDZO08Mt4fb5SJqvU4uCoTFvhZJnjNgWYHJJw55ZSom65jtX2
yZg/Oco7z2Qk4Z7RPEp0HQDW0EN9gS9MfoRJeelNoE3idcJqEES3AYwQSAR8oM6+
JQwz2uOxcZq65A==
-----END CERTIFICATE-----