Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
File:                     ICsQHBBwOrYDIfxj3NZpClJNuxA.mft (raw, json)
Hash identifier:          vOtYdCclyQbTmkBUP3iXwLOBK3NPEJfmW98j+1n+K9A=
Subject key identifier:   2C:8C:95:3D:F2:32:9C:5A:97:DA:35:EA:99:29:30:25:25:67:8D:10
Authority key identifier: 20:2B:10:1C:10:70:3A:B6:03:21:FC:63:DC:D6:69:0A:52:4D:BB:10
Certificate issuer:       /CN=202b101c10703ab60321fc63dcd6690a524dbb10
Certificate serial:       019CAD59EDB9AD3C93D0B6F8C31E7D703BEC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
Manifest number:          0BBA
Signing time:             Mon 02 Mar 2026 07:01:17 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:17 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:17 +0000
Files and hashes:         1: ICsQHBBwOrYDIfxj3NZpClJNuxA.crl (hash: f35RLE/ua/aUyjUP2Bdox1Hzp6Og0whxMaJCMlCxfIs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:ed:b9:ad:3c:93:d0:b6:f8:c3:1e:7d:70:3b:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202b101c10703ab60321fc63dcd6690a524dbb10
        Validity
            Not Before: Mar  2 07:01:17 2026 GMT
            Not After : Mar  3 07:01:17 2026 GMT
        Subject: CN=2c8c953df2329c5a97da35ea9929302525678d10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:aa:44:10:46:bd:f3:00:57:fd:27:00:e7:4c:
                    46:e7:47:81:7b:fc:cf:35:2c:c1:97:9a:b8:f4:ff:
                    e7:e5:d0:be:ff:0c:2b:4a:14:8f:8f:6e:10:e6:47:
                    b1:ea:b4:22:dd:7c:c5:a3:52:9b:cf:51:5b:d7:e1:
                    64:43:45:fe:6c:5a:3f:89:fe:be:50:a5:95:f2:67:
                    53:2b:3c:4a:58:32:2d:ea:65:48:f5:69:f7:04:ff:
                    8d:e0:d6:b2:42:af:d9:85:e3:48:c1:d0:f4:47:3a:
                    d3:1d:cf:fe:d9:ba:4a:49:12:71:7c:00:15:95:be:
                    3f:be:7a:29:6a:41:17:6e:50:49:cb:41:3f:ea:13:
                    58:a7:a2:77:ac:ad:a7:f8:c9:36:27:19:50:8c:b8:
                    89:88:fe:a7:07:bb:07:32:18:5e:41:48:61:bc:22:
                    26:7d:b1:87:c1:cc:b9:fc:d5:89:d8:94:bc:77:0a:
                    c8:97:38:9f:71:05:a8:70:9a:6d:cb:21:a9:6c:21:
                    8b:c2:55:42:69:f7:88:89:95:5a:74:e5:fc:4b:92:
                    fd:36:c0:dc:ea:f0:16:2c:dd:db:5e:a9:02:63:ab:
                    6a:9e:d1:26:12:57:62:95:b5:4d:41:07:ef:9c:5f:
                    38:68:d2:27:d0:bf:e7:3a:cc:c1:0e:62:53:05:14:
                    2c:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:8C:95:3D:F2:32:9C:5A:97:DA:35:EA:99:29:30:25:25:67:8D:10
            X509v3 Authority Key Identifier:
                keyid:20:2B:10:1C:10:70:3A:B6:03:21:FC:63:DC:D6:69:0A:52:4D:BB:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICsQHBBwOrYDIfxj3NZpClJNuxA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b98adc-ede0-4c2a-8c56-a44c8e654df6/1/ICsQHBBwOrYDIfxj3NZpClJNuxA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:f1:54:64:01:6f:b3:3f:b4:73:e4:45:b8:23:8a:47:3e:71:
         45:1d:3e:99:d5:a9:7e:4f:48:60:3e:5f:cf:46:2f:bd:bd:03:
         da:de:3e:9c:3a:cb:4d:75:55:76:29:94:01:5a:dd:95:39:2a:
         60:c8:50:c0:7f:d2:69:6f:9c:da:ab:e0:2b:a4:a4:c4:0e:1a:
         62:ab:46:a2:63:61:79:b3:b1:0c:19:68:83:82:b9:3c:04:21:
         26:14:47:bd:dc:af:3e:f3:30:aa:ff:fc:37:29:8c:66:ff:3b:
         48:78:53:5c:0a:02:b2:57:6d:ac:e4:c7:4d:a7:13:57:29:19:
         5d:1c:61:2a:38:33:98:80:64:7e:5d:39:ba:94:70:d8:e4:a6:
         a6:ed:e6:ae:30:f2:c5:8c:25:b7:34:9b:aa:29:3c:e1:35:fe:
         2e:4f:b8:bc:94:e3:3a:73:57:8f:d6:2e:54:66:a8:a0:47:53:
         63:17:17:20:0f:fb:79:d4:b5:f8:95:60:2d:9a:60:bc:55:c9:
         34:7a:f3:1b:73:13:15:ce:09:b6:05:23:3c:e7:66:15:8c:99:
         ef:a8:0a:75:36:f9:55:2f:30:fa:30:95:ab:e8:1d:ca:ad:71:
         06:62:9e:78:e2:80:7a:4c:8b:dc:25:2c:a4:3b:52:d6:40:ce:
         e6:d8:8f:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWe25rTyT0Lb4wx59cDvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMmIxMDFjMTA3MDNhYjYwMzIxZmM2M2RjZDY2OTBhNTI0
ZGJiMTAwHhcNMjYwMzAyMDcwMTE3WhcNMjYwMzAzMDcwMTE3WjAzMTEwLwYDVQQD
EygyYzhjOTUzZGYyMzI5YzVhOTdkYTM1ZWE5OTI5MzAyNTI1Njc4ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6pEEEa98wBX/ScA50xG50eBe/zP
NSzBl5q49P/n5dC+/wwrShSPj24Q5kex6rQi3XzFo1Kbz1Fb1+FkQ0X+bFo/if6+
UKWV8mdTKzxKWDIt6mVI9Wn3BP+N4NayQq/ZheNIwdD0RzrTHc/+2bpKSRJxfAAV
lb4/vnopakEXblBJy0E/6hNYp6J3rK2n+Mk2JxlQjLiJiP6nB7sHMhheQUhhvCIm
fbGHwcy5/NWJ2JS8dwrIlzifcQWocJptyyGpbCGLwlVCafeIiZVadOX8S5L9NsDc
6vAWLN3bXqkCY6tqntEmEldilbVNQQfvnF84aNIn0L/nOszBDmJTBRQsBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCyMlT3yMpxal9o16pkpMCUlZ40QMB8GA1UdIwQY
MBaAFCArEBwQcDq2AyH8Y9zWaQpSTbsQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iOThhZGMtZWRlMC00YzJhLThjNTYt
YTQ0YzhlNjU0ZGY2LzEvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iOThhZGMtZWRlMC00YzJhLThjNTYtYTQ0YzhlNjU0ZGY2
LzEvSUNzUUhCQndPcllESWZ4ajNOWnBDbEpOdXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKfFUZAFv
sz+0c+RFuCOKRz5xRR0+mdWpfk9IYD5fz0Yvvb0D2t4+nDrLTXVVdimUAVrdlTkq
YMhQwH/SaW+c2qvgK6SkxA4aYqtGomNhebOxDBlog4K5PAQhJhRHvdyvPvMwqv/8
NymMZv87SHhTXAoCsldtrOTHTacTVykZXRxhKjgzmIBkfl05upRw2OSmpu3mrjDy
xYwltzSbqik84TX+Lk+4vJTjOnNXj9YuVGaooEdTYxcXIA/7edS1+JVgLZpgvFXJ
NHrzG3MTFc4JtgUjPOdmFYyZ76gKdTb5VS8w+jCVq+gdyq1xBmKeeOKAekyL3CUs
pDtS1kDO5tiPDg==
-----END CERTIFICATE-----