Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
File:                     Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json)
Hash identifier:          xOb0UYJv0OBoPZBd/CoShGu9R63P2xB+7JnhBSiySdE=
Subject key identifier:   93:78:86:C4:A7:3A:91:CB:59:F9:14:93:2C:57:C1:43:51:2E:4A:25
Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91
Certificate issuer:       /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
Certificate serial:       019CAD5A3396323599E060FDD2D1A7E1C1DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 07:01:35 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:35 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:35 +0000
Files and hashes:         1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: 0D15kXhsdo3i5unDy/UBRqTMM/5FgTqhwVKBqrHkPaQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:33:96:32:35:99:e0:60:fd:d2:d1:a7:e1:c1:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
        Validity
            Not Before: Mar  2 07:01:35 2026 GMT
            Not After : Mar  3 07:01:35 2026 GMT
        Subject: CN=937886c4a73a91cb59f914932c57c143512e4a25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c6:f2:89:21:a3:5e:81:0c:d6:ec:8b:d5:26:
                    c8:c2:82:1a:03:db:7a:51:31:c6:cb:3b:49:45:96:
                    d0:17:0d:58:92:a7:fb:4c:4c:00:61:f9:cb:25:58:
                    da:e0:81:29:13:bb:e8:90:1e:0e:32:18:1f:8b:6f:
                    97:9c:ff:c4:8b:cb:d6:f2:08:fa:fe:37:8b:d5:6b:
                    34:41:c7:3b:14:a1:4e:d2:fe:57:23:93:22:a6:67:
                    20:1d:54:78:4f:ac:2f:cc:c3:d4:4d:b5:95:ee:e5:
                    e4:7a:6d:b0:fc:9d:89:5e:5b:91:d0:45:bc:7a:f8:
                    4e:39:46:24:11:45:e4:4e:8f:0b:99:03:3b:04:e7:
                    6a:d8:ef:b8:f1:0b:a2:56:44:96:bb:be:bb:13:d6:
                    ad:87:b8:03:69:3d:0d:cd:7e:6a:cd:2b:d3:73:c8:
                    85:62:f9:fc:66:8a:5d:3b:e3:ef:85:65:12:23:54:
                    e8:e8:17:6e:0c:6c:26:57:fc:31:d7:da:c9:63:94:
                    84:1e:13:96:37:eb:6b:61:5d:88:fa:12:75:81:77:
                    4d:65:10:c1:e1:1a:16:ff:eb:b3:57:03:55:7b:43:
                    36:87:41:4b:a6:e0:3a:f5:e6:4d:06:5d:40:92:65:
                    03:0a:5b:11:f6:2a:53:17:9e:a4:0e:e2:de:41:e7:
                    a8:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:78:86:C4:A7:3A:91:CB:59:F9:14:93:2C:57:C1:43:51:2E:4A:25
            X509v3 Authority Key Identifier:
                keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:b6:ef:bc:54:94:99:49:9a:48:14:4b:ac:3e:4c:fd:96:18:
         16:03:8b:b4:0b:c4:79:1e:7d:66:6e:4e:b2:26:fb:c3:1e:f0:
         43:d7:aa:23:a2:f5:e9:83:e2:d1:e2:6e:86:bc:51:1e:e3:d6:
         9e:2c:a2:46:99:e1:04:2f:4e:17:73:47:dc:f0:51:6d:16:b5:
         05:6c:cb:01:4d:c4:96:51:08:a8:27:b7:2d:9d:06:38:bc:8b:
         61:6d:39:cc:f2:64:f3:a2:a7:7a:b7:a3:b1:91:63:34:ee:f3:
         52:79:fe:6c:0f:5e:2d:37:28:08:37:4e:98:53:00:40:e1:e1:
         34:b0:19:0a:39:c3:34:00:3a:ec:15:8a:91:5a:2c:3b:bc:98:
         19:c4:08:c0:24:75:ec:a4:2c:04:c2:77:64:3c:6a:cc:a3:28:
         3e:3b:ac:f2:03:71:7c:7d:0a:88:fb:ab:3d:ae:7d:e6:95:20:
         70:30:1a:9f:42:de:c5:25:58:72:cd:7f:95:cf:0b:96:7f:cc:
         a0:44:72:dd:35:d9:06:17:c4:08:d9:59:5a:97:39:f6:69:de:
         d1:ef:42:c7:b4:af:1b:26:a6:7f:c9:4f:55:62:63:a0:97:69:
         cd:c7:cb:b5:47:63:61:54:6c:ef:f7:6c:60:71:c0:1e:bf:f8:
         b6:4b:86:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWjOWMjWZ4GD90tGn4cHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5
OWM0OTEwHhcNMjYwMzAyMDcwMTM1WhcNMjYwMzAzMDcwMTM1WjAzMTEwLwYDVQQD
Eyg5Mzc4ODZjNGE3M2E5MWNiNTlmOTE0OTMyYzU3YzE0MzUxMmU0YTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8byiSGjXoEM1uyL1SbIwoIaA9t6
UTHGyztJRZbQFw1Ykqf7TEwAYfnLJVja4IEpE7vokB4OMhgfi2+XnP/Ei8vW8gj6
/jeL1Ws0Qcc7FKFO0v5XI5MipmcgHVR4T6wvzMPUTbWV7uXkem2w/J2JXluR0EW8
evhOOUYkEUXkTo8LmQM7BOdq2O+48QuiVkSWu767E9ath7gDaT0NzX5qzSvTc8iF
Yvn8ZopdO+PvhWUSI1To6BduDGwmV/wx19rJY5SEHhOWN+trYV2I+hJ1gXdNZRDB
4RoW/+uzVwNVe0M2h0FLpuA69eZNBl1AkmUDClsR9ipTF56kDuLeQeeosQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJN4hsSnOpHLWfkUkyxXwUNRLkolMB8GA1UdIwQY
MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt
ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1
LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJLbvvFSU
mUmaSBRLrD5M/ZYYFgOLtAvEeR59Zm5Osib7wx7wQ9eqI6L16YPi0eJuhrxRHuPW
niyiRpnhBC9OF3NH3PBRbRa1BWzLAU3EllEIqCe3LZ0GOLyLYW05zPJk86Knerej
sZFjNO7zUnn+bA9eLTcoCDdOmFMAQOHhNLAZCjnDNAA67BWKkVosO7yYGcQIwCR1
7KQsBMJ3ZDxqzKMoPjus8gNxfH0KiPurPa595pUgcDAan0LexSVYcs1/lc8Lln/M
oERy3TXZBhfECNlZWpc59mne0e9Cx7SvGyamf8lPVWJjoJdpzcfLtUdjYVRs7/ds
YHHAHr/4tkuGSQ==
-----END CERTIFICATE-----