Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
File:                     leN5E1KsgsnSB0NCTNxhcAlvT68.mft (raw, json)
Hash identifier:          zOQ5CB2qT/Mf23VNF229mgxD0lcblmH5JEcgwrpbEL4=
Subject key identifier:   12:1D:4B:3F:91:23:E5:61:9C:39:6E:E5:92:7F:2C:5B:40:53:E2:FD
Authority key identifier: 95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF
Certificate issuer:       /CN=95e3791352ac82c9d20743424cdc6170096f4faf
Certificate serial:       019CAB6BD4F06DCBD31D6C0D01769F34B8AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 22:01:36 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:36 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:36 +0000
Files and hashes:         1: leN5E1KsgsnSB0NCTNxhcAlvT68.crl (hash: vtqfDAT22l3V5ZGR7JKYLu65qeXxlF8TBoOLM2djs40=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:d4:f0:6d:cb:d3:1d:6c:0d:01:76:9f:34:b8:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95e3791352ac82c9d20743424cdc6170096f4faf
        Validity
            Not Before: Mar  1 22:01:36 2026 GMT
            Not After : Mar  2 22:01:36 2026 GMT
        Subject: CN=121d4b3f9123e5619c396ee5927f2c5b4053e2fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:53:66:ff:6e:b7:b1:6e:09:af:6e:22:9b:bf:
                    8f:3e:a9:64:39:55:a6:a9:f5:47:c6:e1:18:a7:5d:
                    08:9f:4e:97:ae:58:af:de:49:cc:be:9c:70:99:c8:
                    28:6d:60:e1:03:cb:da:c1:0a:c4:ad:b3:f7:71:1b:
                    67:3c:24:03:ae:c7:ba:2b:73:c7:ed:df:f5:ca:b3:
                    12:9c:11:97:e3:8e:c4:f1:7b:da:ed:1d:fb:6e:b2:
                    c0:c3:17:63:b3:ee:ce:3d:94:fc:c8:24:11:4c:76:
                    1a:7e:6b:24:66:10:46:7f:7a:19:48:25:cd:b8:fe:
                    41:5c:1e:84:72:ac:e1:0d:2c:11:af:e5:b9:16:c0:
                    43:f9:97:1a:17:03:f9:43:99:6c:7a:2e:ac:a4:5a:
                    55:e1:21:a1:af:11:7e:5c:0b:9c:91:ae:71:6f:d8:
                    e8:df:c7:e9:bd:5e:92:bf:34:07:57:b8:04:a3:02:
                    bf:02:80:55:56:59:dd:10:67:0d:e1:1a:8f:b4:fa:
                    81:46:27:2b:98:7f:3d:7c:ff:39:a3:f0:8c:97:ac:
                    7f:f2:ac:ea:7c:4a:d7:e1:73:db:df:50:db:e9:ab:
                    b4:e1:a3:44:a2:ac:71:1f:55:eb:5c:c2:8b:de:c2:
                    f2:81:8a:07:4f:5f:04:77:32:fa:22:30:db:0d:95:
                    4b:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:1D:4B:3F:91:23:E5:61:9C:39:6E:E5:92:7F:2C:5B:40:53:E2:FD
            X509v3 Authority Key Identifier:
                keyid:95:E3:79:13:52:AC:82:C9:D2:07:43:42:4C:DC:61:70:09:6F:4F:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/leN5E1KsgsnSB0NCTNxhcAlvT68.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1a472f-a137-42c9-ac9f-4c2c0c8f2462/1/leN5E1KsgsnSB0NCTNxhcAlvT68.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:b6:d4:a4:20:1e:ca:04:66:62:45:6f:70:3e:30:75:da:06:
         82:8e:f1:3c:6f:0f:85:f6:4c:e4:11:a5:47:98:1f:51:85:a0:
         fe:ee:3f:3c:a3:8b:6e:4b:f1:f6:6f:77:ff:45:9a:4e:39:b3:
         22:31:e2:1b:f4:91:1a:8e:d1:15:c1:bf:b2:be:23:33:b0:08:
         8e:2c:8e:74:70:a5:2a:09:ed:5a:c4:86:88:99:8d:39:5c:84:
         ce:49:24:50:7b:91:f8:87:2d:21:e7:11:00:e4:95:54:0a:fc:
         cf:2f:97:60:30:c7:f1:84:15:dc:48:f2:af:c3:7c:bf:15:8e:
         92:79:bb:d6:c1:87:38:37:2c:64:57:f2:75:86:3a:fc:bc:92:
         47:82:1f:ca:ca:36:f0:c0:e4:95:1b:66:44:96:e0:65:c3:d8:
         f1:60:0c:26:0e:15:61:74:1a:8b:da:20:0f:ce:4e:71:c2:e1:
         27:64:39:8c:cb:d0:ab:ed:5f:c7:61:b6:3e:b9:84:e4:1f:3b:
         db:98:2e:69:de:48:be:ac:14:ad:c0:13:9e:42:7d:90:ea:9c:
         0b:b5:c3:09:91:85:0c:d9:98:f3:d9:76:86:21:4e:2a:43:43:
         5a:be:f0:51:66:3d:85:a9:a3:59:19:c5:bc:3d:98:c4:a0:60:
         e6:c5:f5:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra9TwbcvTHWwNAXafNLisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZTM3OTEzNTJhYzgyYzlkMjA3NDM0MjRjZGM2MTcwMDk2
ZjRmYWYwHhcNMjYwMzAxMjIwMTM2WhcNMjYwMzAyMjIwMTM2WjAzMTEwLwYDVQQD
EygxMjFkNGIzZjkxMjNlNTYxOWMzOTZlZTU5MjdmMmM1YjQwNTNlMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+FNm/263sW4Jr24im7+PPqlkOVWm
qfVHxuEYp10In06Xrliv3knMvpxwmcgobWDhA8vawQrErbP3cRtnPCQDrse6K3PH
7d/1yrMSnBGX447E8Xva7R37brLAwxdjs+7OPZT8yCQRTHYafmskZhBGf3oZSCXN
uP5BXB6EcqzhDSwRr+W5FsBD+ZcaFwP5Q5lsei6spFpV4SGhrxF+XAucka5xb9jo
38fpvV6SvzQHV7gEowK/AoBVVlndEGcN4RqPtPqBRicrmH89fP85o/CMl6x/8qzq
fErX4XPb31Db6au04aNEoqxxH1XrXMKL3sLygYoHT18EdzL6IjDbDZVLwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBIdSz+RI+VhnDlu5ZJ/LFtAU+L9MB8GA1UdIwQY
MBaAFJXjeRNSrILJ0gdDQkzcYXAJb0+vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYt
NGMyYzBjOGYyNDYyLzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xYTQ3MmYtYTEzNy00MmM5LWFjOWYtNGMyYzBjOGYyNDYy
LzEvbGVONUUxS3Nnc25TQjBOQ1ROeGhjQWx2VDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe7bUpCAe
ygRmYkVvcD4wddoGgo7xPG8PhfZM5BGlR5gfUYWg/u4/PKOLbkvx9m93/0WaTjmz
IjHiG/SRGo7RFcG/sr4jM7AIjiyOdHClKgntWsSGiJmNOVyEzkkkUHuR+IctIecR
AOSVVAr8zy+XYDDH8YQV3Ejyr8N8vxWOknm71sGHODcsZFfydYY6/LySR4Ifyso2
8MDklRtmRJbgZcPY8WAMJg4VYXQai9ogD85OccLhJ2Q5jMvQq+1fx2G2PrmE5B87
25guad5IvqwUrcATnkJ9kOqcC7XDCZGFDNmY89l2hiFOKkNDWr7wUWY9hamjWRnF
vD2YxKBg5sX1AQ==
-----END CERTIFICATE-----