Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          hgZtxQdQ0rGku+Iz7+IKBWXKqkSG7aHjT6/vzA2Sq+s=
Subject key identifier:   FC:52:23:1E:B7:56:C6:5A:50:43:5E:66:4A:45:16:5A:00:E6:A0:D3
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       019CAD599C3234C6D6A11A8FFEF4A80346D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          086B
Signing time:             Mon 02 Mar 2026 07:00:56 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:56 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:56 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: TA2mEUw6vjaisx43fZYZcUsiNwD1rEGA/Io/LHNQEGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:9c:32:34:c6:d6:a1:1a:8f:fe:f4:a8:03:46:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: Mar  2 07:00:56 2026 GMT
            Not After : Mar  3 07:00:56 2026 GMT
        Subject: CN=fc52231eb756c65a50435e664a45165a00e6a0d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e6:74:22:2c:25:8c:f7:5b:d5:01:61:bd:2a:
                    b3:e1:4c:2e:33:cd:06:86:68:6f:1d:13:ed:e1:5c:
                    f8:76:7c:43:44:74:bc:fb:69:75:c6:8c:ee:2e:c6:
                    ce:68:2e:07:be:d6:6a:c1:9b:e1:81:4c:f5:ac:cd:
                    ce:c8:ab:a3:7e:f8:04:43:bd:d5:99:b8:5b:fb:14:
                    7b:2a:3b:12:2a:1d:eb:34:f9:a7:ce:08:ba:41:05:
                    94:23:a9:a9:36:4d:cf:d0:4a:18:e7:fc:b1:fd:11:
                    1c:89:7e:a2:40:b8:c8:6e:c5:b7:2f:51:7e:e0:93:
                    dc:1d:f8:bc:53:cf:6e:ea:b6:ea:18:70:46:d2:19:
                    98:ae:f1:e1:6c:1a:19:f3:98:6a:ba:1c:26:43:2d:
                    4d:c1:75:a5:c2:e1:d3:a6:16:a5:96:1c:bd:50:a1:
                    09:2a:7e:42:59:84:df:e4:7f:7e:ee:a0:5b:31:94:
                    cf:50:2a:12:91:c1:a3:62:75:d1:3f:a4:c1:db:f1:
                    10:a0:62:81:b1:51:79:ec:84:6b:3b:28:79:57:3d:
                    f7:3c:dc:10:e0:4d:e0:59:62:6a:b6:cf:72:31:a7:
                    23:59:1a:c5:af:6e:26:9a:ce:19:a4:ff:ad:cb:33:
                    00:1d:be:14:ea:38:8f:c3:85:b9:4b:a8:af:aa:63:
                    c6:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:52:23:1E:B7:56:C6:5A:50:43:5E:66:4A:45:16:5A:00:E6:A0:D3
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:83:3c:c8:b6:a1:8b:e8:6e:2c:70:8a:e7:2e:8c:2b:6a:cd:
         87:fe:ce:b1:df:08:11:5d:a1:89:fd:48:63:1e:bf:c0:cc:36:
         fa:35:c2:b2:25:93:8f:35:fd:ba:cb:36:fe:c3:72:6c:e9:72:
         77:be:03:28:a9:08:a7:36:56:6b:15:88:53:6f:f3:1e:77:d3:
         08:63:da:fa:13:9e:9c:66:4e:4f:0f:17:98:2b:e0:9b:b0:41:
         f5:51:89:55:43:54:14:78:c8:dd:b1:42:47:94:56:dd:eb:b9:
         6a:72:c4:b1:06:72:8f:52:45:76:15:2c:7c:c2:38:c4:8c:b0:
         ed:a6:57:ed:0b:50:5d:6e:d6:4d:e1:b3:2f:28:48:e2:45:09:
         45:10:34:7b:b9:46:be:05:53:5b:fd:2f:27:e3:8d:51:40:b9:
         bd:85:79:80:4c:21:bb:f7:9c:c4:af:c4:37:43:9e:15:23:28:
         5f:de:d7:d9:6d:d3:78:d3:4e:ee:c7:86:5e:02:46:1f:bf:d9:
         f7:e2:cc:77:7e:13:0e:2a:a8:4e:ee:91:9b:6b:aa:0e:67:9a:
         c9:73:88:fe:81:a6:0c:48:2e:af:aa:bf:32:c2:4c:71:b2:38:
         3f:d4:37:4c:5c:f8:2a:6c:57:0d:e2:b5:62:fc:4c:cc:64:2b:
         30:e1:e1:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWZwyNMbWoRqP/vSoA0bQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjYwMzAyMDcwMDU2WhcNMjYwMzAzMDcwMDU2WjAzMTEwLwYDVQQD
EyhmYzUyMjMxZWI3NTZjNjVhNTA0MzVlNjY0YTQ1MTY1YTAwZTZhMGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOZ0IiwljPdb1QFhvSqz4UwuM80G
hmhvHRPt4Vz4dnxDRHS8+2l1xozuLsbOaC4HvtZqwZvhgUz1rM3OyKujfvgEQ73V
mbhb+xR7KjsSKh3rNPmnzgi6QQWUI6mpNk3P0EoY5/yx/REciX6iQLjIbsW3L1F+
4JPcHfi8U89u6rbqGHBG0hmYrvHhbBoZ85hquhwmQy1NwXWlwuHTphallhy9UKEJ
Kn5CWYTf5H9+7qBbMZTPUCoSkcGjYnXRP6TB2/EQoGKBsVF57IRrOyh5Vz33PNwQ
4E3gWWJqts9yMacjWRrFr24mms4ZpP+tyzMAHb4U6jiPw4W5S6ivqmPGaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPxSIx63VsZaUENeZkpFFloA5qDTMB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIIM8yLah
i+huLHCK5y6MK2rNh/7Osd8IEV2hif1IYx6/wMw2+jXCsiWTjzX9uss2/sNybOly
d74DKKkIpzZWaxWIU2/zHnfTCGPa+hOenGZOTw8XmCvgm7BB9VGJVUNUFHjI3bFC
R5RW3eu5anLEsQZyj1JFdhUsfMI4xIyw7aZX7QtQXW7WTeGzLyhI4kUJRRA0e7lG
vgVTW/0vJ+ONUUC5vYV5gEwhu/ecxK/EN0OeFSMoX97X2W3TeNNO7seGXgJGH7/Z
9+LMd34TDiqoTu6Rm2uqDmeayXOI/oGmDEgur6q/MsJMcbI4P9Q3TFz4KmxXDeK1
YvxMzGQrMOHhPA==
-----END CERTIFICATE-----