Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
File:                     1PhqmjxCnBvCbsBqOuTkF8p0394.mft (raw, json)
Hash identifier:          4kaahEQRB96ImaRWTa+Aca0K/62m6BbYgj3+EkvjvpA=
Subject key identifier:   7C:E0:81:57:74:DC:DE:95:32:9A:36:69:3E:7C:38:CF:B4:D5:86:4A
Authority key identifier: D4:F8:6A:9A:3C:42:9C:1B:C2:6E:C0:6A:3A:E4:E4:17:CA:74:DF:DE
Certificate issuer:       /CN=d4f86a9a3c429c1bc26ec06a3ae4e417ca74dfde
Certificate serial:       019CAE354B8F37DE9CE221F9B8067C0B3CB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
Manifest number:          0ACF
Signing time:             Mon 02 Mar 2026 11:00:54 +0000
Manifest this update:     Mon 02 Mar 2026 11:00:54 +0000
Manifest next update:     Tue 03 Mar 2026 11:00:54 +0000
Files and hashes:         1: 1PhqmjxCnBvCbsBqOuTkF8p0394.crl (hash: bXmqsH6l/CwMzU+wUNCiS/C4d7JIwvi4/W7uPtm4Cwk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:35:4b:8f:37:de:9c:e2:21:f9:b8:06:7c:0b:3c:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4f86a9a3c429c1bc26ec06a3ae4e417ca74dfde
        Validity
            Not Before: Mar  2 11:00:54 2026 GMT
            Not After : Mar  3 11:00:54 2026 GMT
        Subject: CN=7ce0815774dcde95329a36693e7c38cfb4d5864a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:60:48:3f:7e:59:ef:63:4d:d3:5d:90:cd:00:
                    8f:24:94:dd:7b:da:52:60:f2:71:a7:29:d6:0c:a5:
                    93:7e:71:a3:e7:71:d7:bd:65:29:67:08:b6:0d:3c:
                    bb:90:9c:17:c9:5a:7e:9f:98:73:d2:66:9d:31:2b:
                    b3:93:d9:72:63:46:2b:ba:b4:14:0f:14:8c:41:8f:
                    27:3b:f6:12:bf:49:a5:25:18:bb:c1:f5:97:5e:f6:
                    50:2f:ac:b8:e6:0c:8f:58:6e:d0:20:32:84:21:7c:
                    14:77:f3:5d:db:da:12:68:c0:b1:54:3d:4a:6c:05:
                    16:2c:9b:03:e8:3b:42:33:74:de:c0:93:05:6f:1a:
                    d7:bd:aa:4e:83:75:0a:18:b4:e1:8c:14:7c:58:9b:
                    d8:bd:d4:07:cd:db:0c:e1:f9:ed:ea:c1:ab:0c:52:
                    e1:5b:24:f7:67:8d:51:5d:f5:83:bf:67:c4:48:f3:
                    82:5e:d8:46:58:84:93:e6:d5:49:84:14:34:03:67:
                    55:94:1a:a8:6f:08:09:b3:05:fe:20:4e:53:10:3e:
                    69:5f:a0:b2:1e:ec:48:4c:68:c1:09:00:a7:ef:b3:
                    08:24:79:8c:4c:eb:aa:86:2a:e0:1c:d8:67:3e:4f:
                    95:e4:4e:63:31:b9:41:b7:f8:c8:be:05:ab:f3:5f:
                    06:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:E0:81:57:74:DC:DE:95:32:9A:36:69:3E:7C:38:CF:B4:D5:86:4A
            X509v3 Authority Key Identifier:
                keyid:D4:F8:6A:9A:3C:42:9C:1B:C2:6E:C0:6A:3A:E4:E4:17:CA:74:DF:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PhqmjxCnBvCbsBqOuTkF8p0394.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/a5e531-1a08-4336-b0d8-4832659994cb/1/1PhqmjxCnBvCbsBqOuTkF8p0394.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:4d:db:38:22:4b:68:b3:91:fe:38:b0:c2:8f:25:62:8a:91:
         30:e9:c6:22:cf:ec:85:fd:01:5a:23:ab:ef:dc:e0:70:50:c2:
         c3:60:d2:5b:33:47:62:47:c9:60:da:9b:43:8f:43:c2:6e:c0:
         18:50:62:d1:22:de:9c:c6:cb:74:2e:ff:ee:b6:94:f8:9c:d4:
         10:73:49:b9:05:d9:f8:48:5e:8c:f0:48:e9:71:81:c6:55:2d:
         64:d4:8e:8c:8c:75:d7:6a:05:ea:ed:93:f9:80:a2:da:9e:34:
         ea:f9:51:e3:9f:d6:ec:71:37:9b:a7:66:fc:9d:72:31:72:0c:
         3c:15:2d:ac:f7:5a:f4:66:62:f9:1f:52:b7:2c:d3:2a:42:85:
         ec:be:c6:16:ba:ad:30:9a:5c:aa:af:b6:f8:15:df:83:6d:d9:
         94:9f:01:a1:7a:4c:3e:f2:9c:02:c0:4a:a5:c7:91:1e:a6:5a:
         74:99:84:b7:19:5b:a6:9d:75:cd:e4:1c:a5:b4:34:2b:8f:77:
         02:c3:6e:18:89:b0:61:d9:ff:72:cd:36:12:70:b8:fa:f0:7a:
         18:7c:b2:d6:6a:c4:43:28:e1:d6:70:66:a0:1f:fe:a8:c5:3d:
         de:3e:ac:13:71:85:11:24:0f:0b:ff:05:cd:5f:75:5c:6c:f9:
         bb:a4:04:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNUuPN96c4iH5uAZ8CzyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Zjg2YTlhM2M0MjljMWJjMjZlYzA2YTNhZTRlNDE3Y2E3
NGRmZGUwHhcNMjYwMzAyMTEwMDU0WhcNMjYwMzAzMTEwMDU0WjAzMTEwLwYDVQQD
Eyg3Y2UwODE1Nzc0ZGNkZTk1MzI5YTM2NjkzZTdjMzhjZmI0ZDU4NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmBIP35Z72NN012QzQCPJJTde9pS
YPJxpynWDKWTfnGj53HXvWUpZwi2DTy7kJwXyVp+n5hz0madMSuzk9lyY0YrurQU
DxSMQY8nO/YSv0mlJRi7wfWXXvZQL6y45gyPWG7QIDKEIXwUd/Nd29oSaMCxVD1K
bAUWLJsD6DtCM3TewJMFbxrXvapOg3UKGLThjBR8WJvYvdQHzdsM4fnt6sGrDFLh
WyT3Z41RXfWDv2fESPOCXthGWIST5tVJhBQ0A2dVlBqobwgJswX+IE5TED5pX6Cy
HuxITGjBCQCn77MIJHmMTOuqhirgHNhnPk+V5E5jMblBt/jIvgWr818GyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHzggVd03N6VMpo2aT58OM+01YZKMB8GA1UdIwQY
MBaAFNT4apo8Qpwbwm7Aajrk5BfKdN/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hNWU1MzEtMWEwOC00MzM2LWIwZDgt
NDgzMjY1OTk5NGNiLzEvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hNWU1MzEtMWEwOC00MzM2LWIwZDgtNDgzMjY1OTk5NGNi
LzEvMVBocW1qeENuQnZDYnNCcU91VGtGOHAwMzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeE3bOCJL
aLOR/jiwwo8lYoqRMOnGIs/shf0BWiOr79zgcFDCw2DSWzNHYkfJYNqbQ49Dwm7A
GFBi0SLenMbLdC7/7raU+JzUEHNJuQXZ+EhejPBI6XGBxlUtZNSOjIx112oF6u2T
+YCi2p406vlR45/W7HE3m6dm/J1yMXIMPBUtrPda9GZi+R9StyzTKkKF7L7GFrqt
MJpcqq+2+BXfg23ZlJ8BoXpMPvKcAsBKpceRHqZadJmEtxlbpp11zeQcpbQ0K493
AsNuGImwYdn/cs02EnC4+vB6GHyy1mrEQyjh1nBmoB/+qMU93j6sE3GFESQPC/8F
zV91XGz5u6QEOA==
-----END CERTIFICATE-----