Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File:                     u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier:          AVo/vm2J7cQxFm5vP9cQZMSvOMKUZJWnTfP8uBNXh60=
Subject key identifier:   CD:19:BE:9A:8B:F0:69:2F:72:DE:B2:2C:40:17:3B:55:11:AC:3E:E7
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer:       /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial:       019CAB6B00FF53909771D6491205F9D6060C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number:          1844
Signing time:             Sun 01 Mar 2026 22:00:42 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:42 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:42 +0000
Files and hashes:         1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: aOGQYK/asNZmAnulYnivjUU+RajMSEvOigfUtirmr8o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:00:ff:53:90:97:71:d6:49:12:05:f9:d6:06:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
        Validity
            Not Before: Mar  1 22:00:42 2026 GMT
            Not After : Mar  2 22:00:42 2026 GMT
        Subject: CN=cd19be9a8bf0692f72deb22c40173b5511ac3ee7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:2b:d8:3e:02:d4:88:ce:cd:4a:74:b7:26:de:
                    6e:b0:58:e1:47:f4:20:34:02:73:95:20:54:18:6f:
                    c0:68:f0:17:27:ab:d9:2e:84:95:9e:60:7b:1f:95:
                    a4:c8:0f:3f:3e:e8:1c:39:fa:ce:d5:ed:df:ea:af:
                    39:83:60:6f:97:d4:0c:ba:a2:4f:39:f4:0f:de:d1:
                    6d:45:48:cc:1e:7c:57:fa:97:22:d6:0b:d8:f4:b0:
                    3e:25:fa:19:63:bf:b6:10:14:92:06:4a:5c:a9:04:
                    21:01:01:ad:28:44:e7:83:07:9b:0d:5c:33:21:83:
                    bd:dd:76:b6:03:0a:82:3f:c2:be:20:ec:24:59:ef:
                    99:4e:c6:4c:23:f4:11:21:55:06:f2:fe:71:da:b7:
                    b7:3c:f6:25:d8:de:76:a1:4c:51:73:b3:b2:75:20:
                    44:8d:2a:94:33:ea:03:9d:c9:d8:6b:a5:22:e9:16:
                    f5:1e:f5:18:31:23:28:a6:7e:8c:4b:30:fd:0d:3d:
                    05:2c:3e:d4:e0:34:4b:92:aa:d0:0d:8a:dc:eb:29:
                    91:62:69:b0:0f:65:89:7c:b8:5b:de:7e:f4:d5:3e:
                    ab:22:da:d4:19:2c:25:45:f0:55:1f:4c:a8:fd:50:
                    7f:78:f3:37:70:d8:7d:e2:86:6b:37:66:4d:b9:d2:
                    66:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:19:BE:9A:8B:F0:69:2F:72:DE:B2:2C:40:17:3B:55:11:AC:3E:E7
            X509v3 Authority Key Identifier:
                keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:21:f6:2d:8d:5e:fd:bc:5a:27:d9:aa:4c:84:ff:44:db:36:
         f9:34:90:ee:4b:81:6d:9e:9d:02:c6:df:ee:73:55:e9:1f:b5:
         e7:ac:c8:77:ca:e9:fa:7a:4f:40:42:4a:4d:8b:87:57:a6:77:
         eb:0e:be:98:03:91:73:d8:4e:36:10:b5:df:50:6d:58:81:42:
         ec:5e:56:ad:f9:df:d0:71:a1:d9:05:b0:8a:8f:c1:03:ff:e8:
         29:19:fb:34:bd:74:25:41:47:b1:95:53:f8:4d:8d:46:9b:99:
         f1:f5:e6:80:5b:ac:30:b0:39:b6:9b:6c:ea:f7:4c:3b:ad:e2:
         bc:44:ef:25:20:17:4f:ae:ad:01:c6:f7:5f:05:85:b0:9a:ab:
         57:81:af:95:53:7c:98:8f:ca:da:4c:6c:6f:bf:fe:17:ba:60:
         f4:b6:db:8e:78:93:50:d3:bc:1b:b4:6b:a8:e8:34:78:5e:e9:
         75:65:fb:c1:f7:a1:55:c7:67:b5:36:3d:15:75:a7:03:d3:69:
         41:e8:71:1e:ac:dd:ea:4a:19:96:fa:42:66:76:3e:33:4e:63:
         f2:c2:94:61:70:09:bf:41:5c:36:a9:55:4e:26:5d:0f:a7:e9:
         fc:20:2a:48:7b:16:2d:fa:21:c0:e6:e8:a6:f8:3d:59:a3:ae:
         16:d0:3f:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrawD/U5CXcdZJEgX51gYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjYwMzAxMjIwMDQyWhcNMjYwMzAyMjIwMDQyWjAzMTEwLwYDVQQD
EyhjZDE5YmU5YThiZjA2OTJmNzJkZWIyMmM0MDE3M2I1NTExYWMzZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CvYPgLUiM7NSnS3Jt5usFjhR/Qg
NAJzlSBUGG/AaPAXJ6vZLoSVnmB7H5WkyA8/PugcOfrO1e3f6q85g2Bvl9QMuqJP
OfQP3tFtRUjMHnxX+pci1gvY9LA+JfoZY7+2EBSSBkpcqQQhAQGtKETngwebDVwz
IYO93Xa2AwqCP8K+IOwkWe+ZTsZMI/QRIVUG8v5x2re3PPYl2N52oUxRc7OydSBE
jSqUM+oDncnYa6Ui6Rb1HvUYMSMopn6MSzD9DT0FLD7U4DRLkqrQDYrc6ymRYmmw
D2WJfLhb3n701T6rItrUGSwlRfBVH0yo/VB/ePM3cNh94oZrN2ZNudJmBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0ZvpqL8Gkvct6yLEAXO1URrD7nMB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwSH2LY1e
/bxaJ9mqTIT/RNs2+TSQ7kuBbZ6dAsbf7nNV6R+156zId8rp+npPQEJKTYuHV6Z3
6w6+mAORc9hONhC131BtWIFC7F5Wrfnf0HGh2QWwio/BA//oKRn7NL10JUFHsZVT
+E2NRpuZ8fXmgFusMLA5tpts6vdMO63ivETvJSAXT66tAcb3XwWFsJqrV4GvlVN8
mI/K2kxsb7/+F7pg9LbbjniTUNO8G7RrqOg0eF7pdWX7wfehVcdntTY9FXWnA9Np
QehxHqzd6koZlvpCZnY+M05j8sKUYXAJv0FcNqlVTiZdD6fp/CAqSHsWLfohwObo
pvg9WaOuFtA/5Q==
-----END CERTIFICATE-----