Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
File:                     I0AYtVE7d50uHjrBqGpZO92XTKc.mft (raw, json)
Hash identifier:          TuNCR3Ja3+X9u/mEFzpwvaPrlM3jowUyJ7L4S6V5Q/Y=
Subject key identifier:   08:35:4E:B6:B7:04:1D:17:B1:F2:88:67:94:53:78:9B:30:76:F2:EC
Authority key identifier: 23:40:18:B5:51:3B:77:9D:2E:1E:3A:C1:A8:6A:59:3B:DD:97:4C:A7
Certificate issuer:       /CN=234018b5513b779d2e1e3ac1a86a593bdd974ca7
Certificate serial:       019CA9EB9C5C2BD2609E2517FAC1B0B71019
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
Manifest number:          0426
Signing time:             Sun 01 Mar 2026 15:01:56 +0000
Manifest this update:     Sun 01 Mar 2026 15:01:56 +0000
Manifest next update:     Mon 02 Mar 2026 15:01:56 +0000
Files and hashes:         1: I0AYtVE7d50uHjrBqGpZO92XTKc.crl (hash: SRzBvs4AUBF7dk+fDTR+zxrM1sY5yO6EgDnr+hpkroI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:eb:9c:5c:2b:d2:60:9e:25:17:fa:c1:b0:b7:10:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=234018b5513b779d2e1e3ac1a86a593bdd974ca7
        Validity
            Not Before: Mar  1 15:01:56 2026 GMT
            Not After : Mar  2 15:01:56 2026 GMT
        Subject: CN=08354eb6b7041d17b1f288679453789b3076f2ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:f5:c7:70:9b:92:e3:7e:d4:06:f5:12:ce:73:
                    9b:ca:c1:19:75:fe:2d:a0:f2:76:39:ca:df:00:5a:
                    d9:71:05:10:72:b8:c6:65:67:9b:f5:8f:5a:2a:73:
                    80:9a:f9:8d:0b:61:81:3c:45:56:5a:af:78:3f:de:
                    f5:69:a4:af:9d:20:91:f5:85:02:b0:e5:87:50:2d:
                    36:b9:c7:cb:16:58:93:ff:9b:27:bf:87:e3:8e:b9:
                    75:25:36:e9:a0:1c:3a:b8:f6:bd:32:3a:ad:1b:41:
                    bc:45:4c:24:6a:29:1b:86:93:62:76:39:9c:4c:8d:
                    57:34:cc:40:e2:d3:2f:b2:c3:1d:08:28:91:03:3b:
                    41:57:92:1e:f6:d7:2b:9b:e7:de:0f:b7:f5:07:cc:
                    2c:cd:bc:2f:ea:cb:86:15:53:72:bd:aa:d5:1e:c4:
                    ad:4f:e5:f1:c9:8f:18:62:5e:c6:98:79:75:8b:b3:
                    eb:6a:73:1b:60:87:0e:db:ea:e6:2e:02:dc:c1:6a:
                    b8:41:bb:8c:45:a9:35:ee:91:bb:09:bf:02:a7:60:
                    0c:3e:7c:4e:2c:b8:78:d7:6b:55:45:a1:29:ee:98:
                    f3:27:e2:e8:3d:4a:ef:46:c5:c5:32:1a:7a:a8:3a:
                    f8:99:07:1f:c9:ba:22:86:e8:5d:34:28:22:3f:64:
                    42:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:35:4E:B6:B7:04:1D:17:B1:F2:88:67:94:53:78:9B:30:76:F2:EC
            X509v3 Authority Key Identifier:
                keyid:23:40:18:B5:51:3B:77:9D:2E:1E:3A:C1:A8:6A:59:3B:DD:97:4C:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0AYtVE7d50uHjrBqGpZO92XTKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b18080-e3c9-4114-a174-c3d6c7c8ba8a/1/I0AYtVE7d50uHjrBqGpZO92XTKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:d0:4c:08:00:fe:ae:82:dc:e5:d1:0d:7c:28:c6:72:c0:3f:
         75:22:f1:25:73:85:9e:fb:27:9c:84:d8:3c:db:29:2f:aa:15:
         6c:49:de:19:fc:64:35:b0:ca:c7:7b:5f:b5:b3:96:21:5e:31:
         cc:b3:47:69:69:8a:4f:cd:2a:86:42:2d:15:dd:7a:cf:89:c3:
         c3:a1:43:16:2d:3a:e3:1b:23:24:1d:30:01:aa:ab:16:21:0d:
         b9:49:ce:60:16:53:42:b2:f2:81:b2:bb:06:c6:4c:5a:0c:2f:
         27:03:d5:13:cf:99:c7:bb:6c:e4:54:8a:2e:c8:85:0e:e7:df:
         0b:31:ac:3a:4d:8b:e6:f7:a5:16:a9:85:4a:c8:62:12:f1:62:
         c8:1d:e0:da:4b:d8:9b:19:bf:be:71:c7:f2:01:5a:d4:f8:f9:
         98:e0:ab:bd:1c:4f:5a:ca:90:51:a3:d0:fd:2e:90:6f:33:4f:
         58:78:a3:60:b6:66:d7:6a:14:b3:16:30:15:07:f7:2e:36:e3:
         5f:e7:31:32:d0:a0:02:8b:04:84:98:8c:fd:0c:ac:78:7f:cf:
         f1:71:58:59:81:e0:bd:42:6d:e4:30:51:c9:ec:db:b1:ea:60:
         e4:44:e8:8b:f3:57:92:0b:c0:f5:bd:c9:cd:f0:df:1c:3d:0c:
         3d:a9:cc:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp65xcK9JgniUX+sGwtxAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDAxOGI1NTEzYjc3OWQyZTFlM2FjMWE4NmE1OTNiZGQ5
NzRjYTcwHhcNMjYwMzAxMTUwMTU2WhcNMjYwMzAyMTUwMTU2WjAzMTEwLwYDVQQD
EygwODM1NGViNmI3MDQxZDE3YjFmMjg4Njc5NDUzNzg5YjMwNzZmMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fXHcJuS437UBvUSznObysEZdf4t
oPJ2OcrfAFrZcQUQcrjGZWeb9Y9aKnOAmvmNC2GBPEVWWq94P971aaSvnSCR9YUC
sOWHUC02ucfLFliT/5snv4fjjrl1JTbpoBw6uPa9MjqtG0G8RUwkaikbhpNidjmc
TI1XNMxA4tMvssMdCCiRAztBV5Ie9tcrm+feD7f1B8wszbwv6suGFVNyvarVHsSt
T+XxyY8YYl7GmHl1i7PranMbYIcO2+rmLgLcwWq4QbuMRak17pG7Cb8Cp2AMPnxO
LLh412tVRaEp7pjzJ+LoPUrvRsXFMhp6qDr4mQcfyboihuhdNCgiP2RCbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAg1Tra3BB0XsfKIZ5RTeJswdvLsMB8GA1UdIwQY
MBaAFCNAGLVRO3edLh46wahqWTvdl0ynMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9iMTgwODAtZTNjOS00MTE0LWExNzQt
YzNkNmM3YzhiYThhLzEvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9iMTgwODAtZTNjOS00MTE0LWExNzQtYzNkNmM3YzhiYThh
LzEvSTBBWXRWRTdkNTB1SGpyQnFHcFpPOTJYVEtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWdBMCAD+
roLc5dENfCjGcsA/dSLxJXOFnvsnnITYPNspL6oVbEneGfxkNbDKx3tftbOWIV4x
zLNHaWmKT80qhkItFd16z4nDw6FDFi064xsjJB0wAaqrFiENuUnOYBZTQrLygbK7
BsZMWgwvJwPVE8+Zx7ts5FSKLsiFDuffCzGsOk2L5velFqmFSshiEvFiyB3g2kvY
mxm/vnHH8gFa1Pj5mOCrvRxPWsqQUaPQ/S6QbzNPWHijYLZm12oUsxYwFQf3Ljbj
X+cxMtCgAosEhJiM/QyseH/P8XFYWYHgvUJt5DBRyezbsepg5EToi/NXkgvA9b3J
zfDfHD0MPanMyg==
-----END CERTIFICATE-----