Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
File:                     PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft (raw, json)
Hash identifier:          406TrI0AqfBAbRWA8npCHz2suti1oLnRipnnq0k55ac=
Subject key identifier:   4C:23:CE:8C:87:2F:FB:DB:91:47:5C:46:1A:AA:B6:71:8F:B9:AB:AD
Authority key identifier: 3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91
Certificate issuer:       /CN=3c0fed6e0d142a2f09c040c99af1c93560209291
Certificate serial:       019CAC0FB39603F34193E45F97C6F45FEFDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
Manifest number:          12C9
Signing time:             Mon 02 Mar 2026 01:00:36 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:36 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:36 +0000
Files and hashes:         1: PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl (hash: 9afMBhH605yJk8/Q68kOt5xGp2O0q7iPS7gnq99c9FQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:b3:96:03:f3:41:93:e4:5f:97:c6:f4:5f:ef:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c0fed6e0d142a2f09c040c99af1c93560209291
        Validity
            Not Before: Mar  2 01:00:36 2026 GMT
            Not After : Mar  3 01:00:36 2026 GMT
        Subject: CN=4c23ce8c872ffbdb91475c461aaab6718fb9abad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:15:33:0e:77:98:fa:16:fb:ef:dc:d2:59:7c:
                    b7:bd:33:49:cb:4f:d2:26:f2:f5:18:eb:ae:91:bd:
                    6f:4a:14:7c:00:db:b7:5c:83:7f:96:6f:9f:20:1a:
                    f1:aa:b8:48:39:7b:f0:39:79:e0:81:fa:5a:b5:a4:
                    55:89:75:6f:59:db:98:f6:c2:75:6b:4b:f4:1c:d3:
                    95:a6:89:38:2e:d6:df:93:d7:f7:4e:3b:c0:48:8f:
                    8c:1d:70:9b:98:bd:b2:4a:c9:ce:84:5a:9e:f1:5b:
                    36:9b:e2:91:cf:68:d5:ec:1b:1c:2b:ae:15:fe:ca:
                    eb:da:1d:55:be:ec:4a:49:61:d5:08:fc:ec:10:e4:
                    a8:ea:0d:fd:39:6f:00:cd:22:04:22:fa:1e:76:10:
                    93:ea:38:43:b9:b3:67:80:10:d8:29:e4:a4:d1:d9:
                    7e:f9:e4:fc:30:0d:dd:0c:e7:13:0e:0d:df:fd:52:
                    52:42:6f:e7:59:d3:00:95:5b:f0:e9:77:36:78:34:
                    23:b3:d3:ef:ff:4b:dd:48:32:8e:5d:a2:c7:f8:23:
                    02:1d:98:4e:5a:98:66:41:10:d6:d4:47:47:dd:8b:
                    0a:09:1a:86:cc:87:9e:50:1d:22:a7:4e:ac:32:89:
                    fd:dc:e0:35:1e:b4:96:0b:c4:9c:07:d5:8f:c0:ee:
                    3c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:23:CE:8C:87:2F:FB:DB:91:47:5C:46:1A:AA:B6:71:8F:B9:AB:AD
            X509v3 Authority Key Identifier:
                keyid:3C:0F:ED:6E:0D:14:2A:2F:09:C0:40:C9:9A:F1:C9:35:60:20:92:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PA_tbg0UKi8JwEDJmvHJNWAgkpE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/18a5c2-25f4-45fc-bb41-9afdc345e3d3/1/PA_tbg0UKi8JwEDJmvHJNWAgkpE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:04:51:fb:f6:df:9c:df:a6:7f:7e:d5:81:d8:30:48:bf:22:
         e8:57:0c:d7:3d:02:36:79:f5:dd:53:aa:53:c9:7a:4d:d9:3d:
         3e:4b:c0:e3:b9:be:59:a1:9b:78:0b:ab:72:21:94:4b:ca:3c:
         b7:3d:ac:2e:71:df:e8:65:f9:24:3d:bc:34:49:f0:00:69:5e:
         d0:57:38:6d:22:93:e3:4f:87:5d:c9:f2:a0:4a:0f:86:c3:e3:
         ab:54:33:ed:f5:dc:0c:34:52:20:51:67:30:61:9a:d0:4d:0b:
         2c:ef:40:a3:bc:1f:6b:8f:e4:5a:07:e0:6c:d8:22:c7:fb:10:
         8c:2a:73:c9:59:88:7b:7a:89:cc:3a:1b:d4:8d:34:09:d8:71:
         9c:d1:fd:e2:90:e1:15:5c:40:cf:7e:38:76:ba:c3:94:d1:3e:
         9e:0b:f7:11:c0:c2:36:d1:0f:04:e5:56:41:59:2f:dd:20:97:
         4c:f0:e1:c9:74:bd:1c:6c:7a:69:9f:64:c9:fe:be:82:98:e9:
         7b:27:90:b3:a0:21:76:31:99:59:f3:de:20:79:d6:34:b1:8d:
         fc:dd:34:f5:2f:6d:7b:1f:e7:b9:cc:be:63:a8:6b:bc:a8:e9:
         0c:9a:d5:6d:a4:8d:43:92:76:8a:b8:e1:2a:91:27:6c:bb:17:
         4c:fc:ba:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD7OWA/NBk+Rfl8b0X+/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMGZlZDZlMGQxNDJhMmYwOWMwNDBjOTlhZjFjOTM1NjAy
MDkyOTEwHhcNMjYwMzAyMDEwMDM2WhcNMjYwMzAzMDEwMDM2WjAzMTEwLwYDVQQD
Eyg0YzIzY2U4Yzg3MmZmYmRiOTE0NzVjNDYxYWFhYjY3MThmYjlhYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRUzDneY+hb779zSWXy3vTNJy0/S
JvL1GOuukb1vShR8ANu3XIN/lm+fIBrxqrhIOXvwOXnggfpataRViXVvWduY9sJ1
a0v0HNOVpok4Ltbfk9f3TjvASI+MHXCbmL2ySsnOhFqe8Vs2m+KRz2jV7BscK64V
/srr2h1VvuxKSWHVCPzsEOSo6g39OW8AzSIEIvoedhCT6jhDubNngBDYKeSk0dl+
+eT8MA3dDOcTDg3f/VJSQm/nWdMAlVvw6Xc2eDQjs9Pv/0vdSDKOXaLH+CMCHZhO
WphmQRDW1EdH3YsKCRqGzIeeUB0ip06sMon93OA1HrSWC8ScB9WPwO486QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwjzoyHL/vbkUdcRhqqtnGPuautMB8GA1UdIwQY
MBaAFDwP7W4NFCovCcBAyZrxyTVgIJKRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEt
OWFmZGMzNDVlM2QzLzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8xOGE1YzItMjVmNC00NWZjLWJiNDEtOWFmZGMzNDVlM2Qz
LzEvUEFfdGJnMFVLaThKd0VESm12SEpOV0Fna3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANgRR+/bf
nN+mf37VgdgwSL8i6FcM1z0CNnn13VOqU8l6Tdk9PkvA47m+WaGbeAurciGUS8o8
tz2sLnHf6GX5JD28NEnwAGle0Fc4bSKT40+HXcnyoEoPhsPjq1Qz7fXcDDRSIFFn
MGGa0E0LLO9Ao7wfa4/kWgfgbNgix/sQjCpzyVmIe3qJzDob1I00CdhxnNH94pDh
FVxAz344drrDlNE+ngv3EcDCNtEPBOVWQVkv3SCXTPDhyXS9HGx6aZ9kyf6+gpjp
eyeQs6AhdjGZWfPeIHnWNLGN/N009S9tex/nucy+Y6hrvKjpDJrVbaSNQ5J2irjh
KpEnbLsXTPy6nQ==
-----END CERTIFICATE-----