Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft
File:                     Rii90MjhtQTSlPijkEyNV65jg_Q.mft (raw, json)
Hash identifier:          DG8ZAuQkZWoJCfHiUC/6Stn9TntTAbTY3gQi8qD4mV4=
Subject key identifier:   37:3D:59:25:12:98:0A:DE:9B:15:E8:13:5D:CE:13:8E:67:E8:B2:CF
Authority key identifier: 46:28:BD:D0:C8:E1:B5:04:D2:94:F8:A3:90:4C:8D:57:AE:63:83:F4
Certificate issuer:       /CN=4628bdd0c8e1b504d294f8a3904c8d57ae6383f4
Certificate serial:       019CA97D6634B414D88CE2BE0E86BD1CBF9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rii90MjhtQTSlPijkEyNV65jg_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft
Manifest number:          1841
Signing time:             Sun 01 Mar 2026 13:01:33 +0000
Manifest this update:     Sun 01 Mar 2026 13:01:33 +0000
Manifest next update:     Mon 02 Mar 2026 13:01:33 +0000
Files and hashes:         1: Rii90MjhtQTSlPijkEyNV65jg_Q.crl (hash: dg4kqhSOA5Ry41lTpHRh6TQOoEkig3J4tXtQTWe+Ljg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rii90MjhtQTSlPijkEyNV65jg_Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7d:66:34:b4:14:d8:8c:e2:be:0e:86:bd:1c:bf:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4628bdd0c8e1b504d294f8a3904c8d57ae6383f4
        Validity
            Not Before: Mar  1 13:01:33 2026 GMT
            Not After : Mar  2 13:01:33 2026 GMT
        Subject: CN=373d592512980ade9b15e8135dce138e67e8b2cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:0e:7f:75:3a:71:b3:04:e2:34:7f:60:7c:ca:
                    21:38:4b:4b:8b:e1:ef:90:72:9f:b8:0e:a2:3e:0f:
                    d3:86:f3:61:15:6d:fd:97:c2:8a:52:b4:01:a3:3b:
                    a4:bb:f1:d8:6e:81:df:f7:6c:c4:26:77:7c:21:6b:
                    b8:9f:6f:74:d3:08:c8:9e:4f:01:0c:15:d6:28:ec:
                    ba:7a:52:c8:18:9d:0f:c0:ed:19:e8:fb:22:bb:c9:
                    25:d6:e9:b3:48:16:5a:e5:f3:9a:27:a3:90:c6:49:
                    33:85:d1:f8:85:65:8d:7f:89:ba:5c:dd:5f:3c:91:
                    2d:80:71:b2:b0:5d:f7:69:a0:7a:60:4a:8c:1e:76:
                    83:c0:f6:be:f0:0c:10:1e:ce:5d:9e:b8:2c:5e:d6:
                    a3:d6:9d:c3:96:a9:1d:66:71:f6:2e:46:ac:63:61:
                    52:00:c2:fc:c0:00:b2:31:15:0a:57:51:a3:1d:cb:
                    64:ed:b6:3b:b3:b7:62:3d:c7:23:48:6b:7e:82:b0:
                    f9:6c:b3:0c:fd:c9:b6:b9:ad:f5:fb:d1:90:ac:02:
                    4e:62:75:ab:c5:d5:e5:1a:81:87:93:4e:a4:57:2a:
                    3e:6a:60:b9:4f:0d:38:4f:3d:7c:86:f4:0d:e6:01:
                    ca:82:ea:78:d9:8e:3b:e3:5e:94:32:67:af:07:86:
                    4c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:3D:59:25:12:98:0A:DE:9B:15:E8:13:5D:CE:13:8E:67:E8:B2:CF
            X509v3 Authority Key Identifier:
                keyid:46:28:BD:D0:C8:E1:B5:04:D2:94:F8:A3:90:4C:8D:57:AE:63:83:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rii90MjhtQTSlPijkEyNV65jg_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2a7573-9161-45ba-b93b-5f8b63b11f0b/1/Rii90MjhtQTSlPijkEyNV65jg_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:c5:fc:6f:a5:c4:7b:fb:97:67:11:a2:94:fa:22:ea:83:0c:
         c1:1f:aa:03:eb:77:49:71:6b:fd:4d:c3:da:d3:35:c1:da:8d:
         1a:7b:3c:65:73:d9:7d:99:56:64:99:d4:24:61:65:e9:45:5a:
         a1:72:6c:46:6a:db:67:53:8f:48:08:94:6b:22:88:a0:54:80:
         e1:d0:2e:a3:e4:cd:cc:f3:47:c7:71:88:55:b1:1a:1d:50:a9:
         1a:71:7c:4a:57:ce:e2:f3:51:8d:58:ad:0e:5d:97:f8:44:dd:
         f1:65:92:2e:19:a7:3d:22:85:3c:a3:75:db:3f:e0:48:82:e7:
         e6:73:42:35:b3:16:2f:1e:67:e7:ac:61:43:44:0a:5b:2b:8a:
         18:de:fa:c7:bd:ce:db:6c:79:73:43:f3:f2:c1:4d:36:cf:36:
         1b:43:fc:56:31:d2:ae:2d:de:41:12:b9:3a:3b:ba:51:81:4c:
         54:c1:23:73:70:67:c5:8f:55:35:11:88:40:e9:e3:71:44:50:
         12:d8:fc:dc:79:d2:e3:c9:69:cf:11:fe:7c:54:76:21:eb:33:
         0a:a8:02:95:ed:18:7c:e8:f5:cd:09:20:81:eb:c1:ae:11:19:
         7e:8f:4d:d0:81:ee:52:d5:49:42:6c:8c:0f:f5:b3:c0:df:a0:
         4a:cc:ca:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfWY0tBTYjOK+Doa9HL+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MjhiZGQwYzhlMWI1MDRkMjk0ZjhhMzkwNGM4ZDU3YWU2
MzgzZjQwHhcNMjYwMzAxMTMwMTMzWhcNMjYwMzAyMTMwMTMzWjAzMTEwLwYDVQQD
EygzNzNkNTkyNTEyOTgwYWRlOWIxNWU4MTM1ZGNlMTM4ZTY3ZThiMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw5/dTpxswTiNH9gfMohOEtLi+Hv
kHKfuA6iPg/ThvNhFW39l8KKUrQBozuku/HYboHf92zEJnd8IWu4n2900wjInk8B
DBXWKOy6elLIGJ0PwO0Z6Psiu8kl1umzSBZa5fOaJ6OQxkkzhdH4hWWNf4m6XN1f
PJEtgHGysF33aaB6YEqMHnaDwPa+8AwQHs5dnrgsXtaj1p3DlqkdZnH2LkasY2FS
AML8wACyMRUKV1GjHctk7bY7s7diPccjSGt+grD5bLMM/cm2ua31+9GQrAJOYnWr
xdXlGoGHk06kVyo+amC5Tw04Tz18hvQN5gHKgup42Y47416UMmevB4ZMRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDc9WSUSmAremxXoE13OE45n6LLPMB8GA1UdIwQY
MBaAFEYovdDI4bUE0pT4o5BMjVeuY4P0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmlpOTBNamh0UVRTbFBpamtFeU5WNjVqZ19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYTc1NzMtOTE2MS00NWJhLWI5M2It
NWY4YjYzYjExZjBiLzEvUmlpOTBNamh0UVRTbFBpamtFeU5WNjVqZ19RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYTc1NzMtOTE2MS00NWJhLWI5M2ItNWY4YjYzYjExZjBi
LzEvUmlpOTBNamh0UVRTbFBpamtFeU5WNjVqZ19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACsX8b6XE
e/uXZxGilPoi6oMMwR+qA+t3SXFr/U3D2tM1wdqNGns8ZXPZfZlWZJnUJGFl6UVa
oXJsRmrbZ1OPSAiUayKIoFSA4dAuo+TNzPNHx3GIVbEaHVCpGnF8SlfO4vNRjVit
Dl2X+ETd8WWSLhmnPSKFPKN12z/gSILn5nNCNbMWLx5n56xhQ0QKWyuKGN76x73O
22x5c0Pz8sFNNs82G0P8VjHSri3eQRK5Oju6UYFMVMEjc3BnxY9VNRGIQOnjcURQ
Etj83HnS48lpzxH+fFR2IeszCqgCle0YfOj1zQkggevBrhEZfo9N0IHuUtVJQmyM
D/WzwN+gSszK4A==
-----END CERTIFICATE-----