Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
File:                     _oN5mWfs0ExTYUie5M-gmM5DaHE.mft (raw, json)
Hash identifier:          +lk/c5tMhbAzS5pQ6qlXZ2PxHMuDjv56W7ZHLWcgA3I=
Subject key identifier:   3C:DE:02:63:A2:95:E8:45:A4:4F:D7:B4:9A:CA:FE:55:02:7E:60:90
Authority key identifier: FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71
Certificate issuer:       /CN=fe83799967ecd04c5361489ee4cfa098ce436871
Certificate serial:       019CAB6BAC621B940B8A80C45EF1C05287FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 22:01:26 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:26 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:26 +0000
Files and hashes:         1: _oN5mWfs0ExTYUie5M-gmM5DaHE.crl (hash: 0jHrbXjo/iRG3XAp9P6AeEFsUi+YpB1aytg9TD/DpK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:ac:62:1b:94:0b:8a:80:c4:5e:f1:c0:52:87:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe83799967ecd04c5361489ee4cfa098ce436871
        Validity
            Not Before: Mar  1 22:01:26 2026 GMT
            Not After : Mar  2 22:01:26 2026 GMT
        Subject: CN=3cde0263a295e845a44fd7b49acafe55027e6090
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:bf:4a:74:ce:16:67:8c:7f:8a:c4:3f:a6:d1:
                    5b:8d:53:65:4e:20:01:77:2c:0f:0b:1b:35:c7:d1:
                    e6:eb:c0:df:46:20:9d:1d:39:e5:5f:84:f1:f6:6a:
                    c9:e1:3a:30:db:e9:45:25:10:9b:98:71:74:14:f0:
                    6a:bc:44:b8:dc:23:96:c9:47:12:00:ca:34:cc:f1:
                    63:fd:8e:94:d0:3f:80:7b:e4:e9:a1:92:62:12:25:
                    e4:3c:cf:7b:0d:58:4b:7d:0f:8e:1a:14:07:6e:69:
                    17:ab:19:56:f7:5e:67:16:63:c2:e0:27:ad:40:bd:
                    fb:d7:eb:84:a8:b4:36:86:45:69:5c:24:14:a8:eb:
                    36:11:b3:a9:2d:39:75:b7:9c:8a:b9:14:26:86:09:
                    37:dd:22:f8:c9:c0:bf:0e:c7:d3:d9:90:64:90:7b:
                    95:2a:a4:93:14:10:80:c0:04:fb:d7:74:08:4e:57:
                    ba:e4:ea:6b:9b:95:32:48:66:af:c6:ef:bc:d9:91:
                    10:98:8d:45:e7:f2:60:1e:66:a6:ac:57:c2:a5:7b:
                    d8:ed:95:66:e3:90:1b:f5:b1:6d:9b:80:dc:5a:58:
                    00:b2:77:b5:71:e5:24:4c:65:93:1e:75:c3:24:69:
                    84:91:4a:b5:ec:ac:ba:8d:71:0e:bc:4c:72:ff:5b:
                    ba:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:DE:02:63:A2:95:E8:45:A4:4F:D7:B4:9A:CA:FE:55:02:7E:60:90
            X509v3 Authority Key Identifier:
                keyid:FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:e7:c4:44:63:51:97:19:09:7d:2f:7d:c7:ce:bf:94:95:26:
         d0:6e:4c:12:cc:7e:a4:6d:ea:12:cc:1a:ec:7f:23:45:3f:28:
         3b:e6:d1:d2:c2:46:82:a5:c5:7a:65:16:82:f4:fa:cd:6c:b4:
         40:92:d7:18:48:39:75:94:db:06:52:0a:d0:d2:78:f3:67:0b:
         83:84:60:5f:3c:8d:d5:8e:30:e4:c5:52:b9:1a:bf:a2:c6:a4:
         ff:89:78:4f:b4:20:6f:a8:02:38:f8:d9:ee:2b:45:4f:ec:2d:
         ca:98:4a:91:de:b3:c2:40:5e:55:4a:c7:2f:82:b7:c2:33:e4:
         9e:14:65:60:79:ac:ef:5b:c8:3c:e6:b4:17:03:5c:cc:3a:b3:
         7b:3d:85:ec:84:20:81:b8:0e:a9:8b:34:5c:00:27:f1:1f:e9:
         28:09:20:72:29:6e:e1:b0:68:0c:37:53:3e:08:a9:3a:22:e2:
         cd:a2:13:cd:f8:43:5e:97:cb:2e:b8:b8:e7:9c:a2:1e:35:67:
         d5:ab:07:02:ac:35:40:9a:a7:46:54:21:b8:30:19:92:21:23:
         fc:b3:a2:e1:e9:ba:c0:7c:be:e5:81:57:e7:03:f0:81:7d:54:
         61:c1:0f:80:8c:c4:58:7c:47:56:69:8d:d4:84:26:10:42:42:
         8a:52:31:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra6xiG5QLioDEXvHAUof+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODM3OTk5NjdlY2QwNGM1MzYxNDg5ZWU0Y2ZhMDk4Y2U0
MzY4NzEwHhcNMjYwMzAxMjIwMTI2WhcNMjYwMzAyMjIwMTI2WjAzMTEwLwYDVQQD
EygzY2RlMDI2M2EyOTVlODQ1YTQ0ZmQ3YjQ5YWNhZmU1NTAyN2U2MDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9r9KdM4WZ4x/isQ/ptFbjVNlTiAB
dywPCxs1x9Hm68DfRiCdHTnlX4Tx9mrJ4Tow2+lFJRCbmHF0FPBqvES43COWyUcS
AMo0zPFj/Y6U0D+Ae+TpoZJiEiXkPM97DVhLfQ+OGhQHbmkXqxlW915nFmPC4Cet
QL371+uEqLQ2hkVpXCQUqOs2EbOpLTl1t5yKuRQmhgk33SL4ycC/DsfT2ZBkkHuV
KqSTFBCAwAT713QITle65Oprm5UySGavxu+82ZEQmI1F5/JgHmamrFfCpXvY7ZVm
45Ab9bFtm4DcWlgAsne1ceUkTGWTHnXDJGmEkUq17Ky6jXEOvExy/1u6vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzeAmOilehFpE/XtJrK/lUCfmCQMB8GA1UdIwQY
MBaAFP6DeZln7NBMU2FInuTPoJjOQ2hxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYt
YzczYmVkY2RjYTZkLzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYtYzczYmVkY2RjYTZk
LzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt+fERGNR
lxkJfS99x86/lJUm0G5MEsx+pG3qEswa7H8jRT8oO+bR0sJGgqXFemUWgvT6zWy0
QJLXGEg5dZTbBlIK0NJ482cLg4RgXzyN1Y4w5MVSuRq/osak/4l4T7Qgb6gCOPjZ
7itFT+wtyphKkd6zwkBeVUrHL4K3wjPknhRlYHms71vIPOa0FwNczDqzez2F7IQg
gbgOqYs0XAAn8R/pKAkgcilu4bBoDDdTPgipOiLizaITzfhDXpfLLri455yiHjVn
1asHAqw1QJqnRlQhuDAZkiEj/LOi4em6wHy+5YFX5wPwgX1UYcEPgIzEWHxHVmmN
1IQmEEJCilIxSg==
-----END CERTIFICATE-----