Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          4ODQIZHVgajCTS1RKHsJ5iTU1iunSTPup61jCjYilDQ=
Subject key identifier:   0C:A7:3B:60:C2:2B:0F:0C:79:B1:23:81:28:9E:DB:3F:F8:F5:78:E3
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       019CAD594E2CF10884CED6F7195B803B4315
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          1817
Signing time:             Mon 02 Mar 2026 07:00:36 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:36 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:36 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: RCiokaMHIoFR5tQUHdRa4W2ad9N0EMgzWZgNlQxCdK8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:4e:2c:f1:08:84:ce:d6:f7:19:5b:80:3b:43:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: Mar  2 07:00:36 2026 GMT
            Not After : Mar  3 07:00:36 2026 GMT
        Subject: CN=0ca73b60c22b0f0c79b12381289edb3ff8f578e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:73:c3:7f:e7:fb:0d:d9:b5:70:07:e2:cc:1a:
                    22:09:a1:dc:23:ba:2f:78:54:45:e4:c7:3b:22:52:
                    6e:69:6f:8c:58:21:66:be:b8:a7:d2:70:53:ba:65:
                    12:37:1b:c4:53:03:91:fb:ad:ae:17:df:08:1c:9e:
                    44:cc:a5:3c:3d:57:75:64:ce:ca:49:7c:25:49:26:
                    6c:76:b5:5a:1c:46:66:17:73:a0:9c:27:c2:9d:9c:
                    d4:ac:d5:65:00:93:1e:80:8f:51:f8:12:b0:eb:c6:
                    85:7a:49:67:08:4e:e7:a7:a1:fa:87:43:01:3b:d4:
                    3f:30:50:cd:fa:70:1d:a3:cd:81:da:ac:83:69:1c:
                    f5:c0:ef:2a:8d:7d:a6:01:35:13:61:39:b8:3e:78:
                    40:de:44:33:8f:5e:ac:a0:db:c0:24:97:b2:da:2b:
                    50:a6:4d:91:f0:c4:e7:4e:1a:97:bd:3a:41:ce:a5:
                    84:5a:96:73:ad:d8:5d:38:92:e2:9d:db:19:ce:17:
                    5e:0c:8d:47:1c:20:5c:b8:ad:91:d7:f5:bc:3d:bb:
                    73:34:9c:ab:c0:2d:84:52:d1:18:9e:26:04:5f:0b:
                    30:be:b5:60:60:09:33:70:ba:39:34:f0:fb:76:4f:
                    90:2d:7d:1e:b1:ca:4a:04:7a:d5:ad:99:d3:78:a0:
                    ac:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:A7:3B:60:C2:2B:0F:0C:79:B1:23:81:28:9E:DB:3F:F8:F5:78:E3
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:2d:a0:26:3d:96:80:71:79:c6:40:41:e3:88:13:c6:0f:d8:
         bf:c7:b1:84:5d:cd:0b:3d:b7:3b:f5:1f:3c:fd:f3:c8:18:80:
         a5:2d:ab:f0:e9:56:17:4b:10:f1:5d:90:87:76:70:9f:94:4b:
         6c:c6:4f:15:55:94:41:b7:0c:6d:6a:db:4d:4b:3f:7b:a2:b1:
         9b:76:b9:00:aa:db:75:d2:e8:95:db:6f:a7:19:2b:0a:3a:63:
         c7:cb:6b:d5:b0:d7:9a:3a:e2:72:e5:35:56:f6:5a:b7:f7:bb:
         a3:4b:80:94:5f:0a:d6:a7:90:89:fd:15:0d:5b:31:6e:12:e4:
         be:5a:14:65:c8:38:48:c4:c4:8f:8b:63:71:3d:a9:1b:db:f1:
         74:76:e4:23:0c:cc:1a:44:a0:bd:d6:19:0a:34:ae:69:0f:f2:
         8e:b1:47:9c:91:70:0c:ac:62:9b:b7:65:21:31:6e:c7:0a:4c:
         9b:9a:3f:5e:a9:c7:8f:4f:c5:1d:95:4c:2c:80:fb:49:b2:a5:
         71:c7:3a:c8:33:f6:0e:54:40:9e:a8:11:96:96:0a:51:30:32:
         2d:b8:bf:3d:76:4a:20:39:97:b7:39:01:96:9d:f4:ea:fa:35:
         a8:9d:6b:3d:75:8a:06:c1:40:41:6d:b1:01:e4:31:06:19:bb:
         24:cc:5e:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWU4s8QiEztb3GVuAO0MVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjYwMzAyMDcwMDM2WhcNMjYwMzAzMDcwMDM2WjAzMTEwLwYDVQQD
EygwY2E3M2I2MGMyMmIwZjBjNzliMTIzODEyODllZGIzZmY4ZjU3OGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXPDf+f7Ddm1cAfizBoiCaHcI7ov
eFRF5Mc7IlJuaW+MWCFmvrin0nBTumUSNxvEUwOR+62uF98IHJ5EzKU8PVd1ZM7K
SXwlSSZsdrVaHEZmF3OgnCfCnZzUrNVlAJMegI9R+BKw68aFeklnCE7np6H6h0MB
O9Q/MFDN+nAdo82B2qyDaRz1wO8qjX2mATUTYTm4PnhA3kQzj16soNvAJJey2itQ
pk2R8MTnThqXvTpBzqWEWpZzrdhdOJLindsZzhdeDI1HHCBcuK2R1/W8PbtzNJyr
wC2EUtEYniYEXwswvrVgYAkzcLo5NPD7dk+QLX0escpKBHrVrZnTeKCsrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAynO2DCKw8MebEjgSie2z/49XjjMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmS2gJj2W
gHF5xkBB44gTxg/Yv8exhF3NCz23O/UfPP3zyBiApS2r8OlWF0sQ8V2Qh3Zwn5RL
bMZPFVWUQbcMbWrbTUs/e6Kxm3a5AKrbddLoldtvpxkrCjpjx8tr1bDXmjricuU1
VvZat/e7o0uAlF8K1qeQif0VDVsxbhLkvloUZcg4SMTEj4tjcT2pG9vxdHbkIwzM
GkSgvdYZCjSuaQ/yjrFHnJFwDKxim7dlITFuxwpMm5o/XqnHj0/FHZVMLID7SbKl
ccc6yDP2DlRAnqgRlpYKUTAyLbi/PXZKIDmXtzkBlp306vo1qJ1rPXWKBsFAQW2x
AeQxBhm7JMxeew==
-----END CERTIFICATE-----