Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          XjxNYEZuo8IpQIKlbwvL0BnGHYq2B/Ivtubio8fksrM=
Subject key identifier:   A3:08:79:08:37:20:A8:DF:CD:81:5E:C5:E4:6E:69:15:BF:36:E4:B1
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       019CAA215AB1F817A2780B29E9EF2EFA13A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 16:00:38 +0000
Manifest this update:     Sun 01 Mar 2026 16:00:38 +0000
Manifest next update:     Mon 02 Mar 2026 16:00:38 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: 0NAtsIp8NMAr4sdlfEE51xEGLjzsTdrTUQjpeSM+PtE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:5a:b1:f8:17:a2:78:0b:29:e9:ef:2e:fa:13:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: Mar  1 16:00:38 2026 GMT
            Not After : Mar  2 16:00:38 2026 GMT
        Subject: CN=a30879083720a8dfcd815ec5e46e6915bf36e4b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:d1:48:99:47:d7:8a:e4:8c:6a:8e:83:b8:1b:
                    b8:60:0d:b1:09:23:1c:3a:42:4e:91:d0:66:88:69:
                    ca:04:eb:83:ac:87:31:98:3a:0d:69:07:f7:da:75:
                    52:4a:0b:9f:d6:04:c6:76:c2:d0:1b:28:84:a0:ba:
                    2c:bc:d2:55:e8:00:1f:cd:7e:71:93:f1:fa:76:a1:
                    83:a7:14:d0:69:c2:a7:77:7d:a9:f2:98:f2:16:f2:
                    ac:ba:3d:6a:86:53:94:6d:a7:71:d4:3f:21:b8:ae:
                    b5:20:6c:f9:5c:43:44:f9:1f:f2:42:bc:55:2a:52:
                    32:07:69:0f:a9:eb:87:b7:5b:5f:bf:c9:09:40:d9:
                    0b:62:2c:a0:4d:97:96:83:78:a0:6b:d9:47:40:09:
                    e4:25:b1:c3:74:4a:f3:42:3a:a4:ef:5f:e4:e6:40:
                    b8:b0:2f:a7:f1:c9:90:1f:8a:35:34:c1:da:fa:07:
                    e4:46:40:74:ba:d0:9e:7f:fe:33:73:2e:b9:37:ad:
                    80:17:aa:98:98:97:98:6c:51:4c:e6:b5:66:d1:66:
                    6f:c3:6e:d6:5c:96:7e:7b:09:e0:71:1d:db:99:22:
                    11:3f:df:92:7d:93:12:f4:5a:6f:31:b3:3f:71:d1:
                    e9:38:9d:84:32:ee:ec:fe:04:bb:8d:90:20:b8:3b:
                    c5:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:08:79:08:37:20:A8:DF:CD:81:5E:C5:E4:6E:69:15:BF:36:E4:B1
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:4b:ee:74:2f:a8:c2:d4:cb:22:5d:07:75:30:87:13:21:63:
         6a:c5:87:97:72:b7:ae:e0:0a:ef:d6:4f:3c:2a:bb:04:1c:9e:
         e6:4a:e1:cf:2e:23:bf:e9:12:04:9f:bd:d3:da:0a:8a:51:9d:
         67:47:3f:ab:71:10:16:5d:83:25:a3:02:13:b3:0c:c3:93:ab:
         86:1d:6d:8b:52:a1:37:95:1b:90:c1:1b:65:49:d3:42:9c:9d:
         f5:83:75:e6:b4:7a:7a:ff:cc:23:3d:c1:85:30:8d:f2:e8:b6:
         ff:f9:89:4a:66:01:0b:1e:c6:2b:84:fc:c4:9d:a9:7a:96:7f:
         83:0c:ba:69:e8:29:c0:b5:48:77:0f:5e:7f:8b:a1:79:dc:aa:
         70:37:5a:1a:89:db:a7:d9:77:cd:c7:a3:4a:6d:ea:a6:44:78:
         a0:c5:e5:ad:9d:19:1d:06:f4:ee:bf:62:52:69:a0:b8:b1:0c:
         47:82:f8:39:18:5e:3e:94:a6:85:88:2b:63:43:a3:bb:b5:37:
         9e:cb:cd:5b:10:9c:8f:7f:d4:76:64:c6:5e:54:e0:fc:01:4d:
         84:fb:4f:75:66:b6:8e:70:fc:48:6b:db:01:0e:96:5d:b5:f6:
         f9:ef:d8:01:b1:0c:10:47:a7:46:d3:07:b4:33:94:bc:a8:9d:
         a2:f1:eb:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIVqx+BeieAsp6e8u+hOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjYwMzAxMTYwMDM4WhcNMjYwMzAyMTYwMDM4WjAzMTEwLwYDVQQD
EyhhMzA4NzkwODM3MjBhOGRmY2Q4MTVlYzVlNDZlNjkxNWJmMzZlNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tFImUfXiuSMao6DuBu4YA2xCSMc
OkJOkdBmiGnKBOuDrIcxmDoNaQf32nVSSguf1gTGdsLQGyiEoLosvNJV6AAfzX5x
k/H6dqGDpxTQacKnd32p8pjyFvKsuj1qhlOUbadx1D8huK61IGz5XENE+R/yQrxV
KlIyB2kPqeuHt1tfv8kJQNkLYiygTZeWg3iga9lHQAnkJbHDdErzQjqk71/k5kC4
sC+n8cmQH4o1NMHa+gfkRkB0utCef/4zcy65N62AF6qYmJeYbFFM5rVm0WZvw27W
XJZ+ewngcR3bmSIRP9+SfZMS9FpvMbM/cdHpOJ2EMu7s/gS7jZAguDvF4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMIeQg3IKjfzYFexeRuaRW/NuSxMB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQkvudC+o
wtTLIl0HdTCHEyFjasWHl3K3ruAK79ZPPCq7BBye5krhzy4jv+kSBJ+909oKilGd
Z0c/q3EQFl2DJaMCE7MMw5Orhh1ti1KhN5UbkMEbZUnTQpyd9YN15rR6ev/MIz3B
hTCN8ui2//mJSmYBCx7GK4T8xJ2pepZ/gwy6aegpwLVIdw9ef4uhedyqcDdaGonb
p9l3zcejSm3qpkR4oMXlrZ0ZHQb07r9iUmmguLEMR4L4ORhePpSmhYgrY0Oju7U3
nsvNWxCcj3/UdmTGXlTg/AFNhPtPdWa2jnD8SGvbAQ6WXbX2+e/YAbEMEEenRtMH
tDOUvKidovHr+g==
-----END CERTIFICATE-----