Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.mft
File:                     sLQvCUy6l0wfrsa97BVg9mOHiRE.mft (raw, json)
Hash identifier:          fQjD1D/BvAFhQTT+9RxTlyFhoEruRGDkH6IhWFR3Ack=
Subject key identifier:   F9:CE:F2:C8:17:ED:E5:7E:2C:65:98:D1:6D:CB:9E:8B:23:2D:07:50
Authority key identifier: B0:B4:2F:09:4C:BA:97:4C:1F:AE:C6:BD:EC:15:60:F6:63:87:89:11
Certificate issuer:       /CN=b0b42f094cba974c1faec6bdec1560f663878911
Certificate serial:       019CAB6B933C1700BF2FB4A5CD9446E1AAF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sLQvCUy6l0wfrsa97BVg9mOHiRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.mft
Manifest number:          14D7
Signing time:             Sun 01 Mar 2026 22:01:19 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:19 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:19 +0000
Files and hashes:         1: sLQvCUy6l0wfrsa97BVg9mOHiRE.crl (hash: mn1KGZWXtxLrx46D6eKgkNWs/5iRMgB8FNehxTAxOtU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sLQvCUy6l0wfrsa97BVg9mOHiRE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:93:3c:17:00:bf:2f:b4:a5:cd:94:46:e1:aa:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0b42f094cba974c1faec6bdec1560f663878911
        Validity
            Not Before: Mar  1 22:01:19 2026 GMT
            Not After : Mar  2 22:01:19 2026 GMT
        Subject: CN=f9cef2c817ede57e2c6598d16dcb9e8b232d0750
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5f:13:b1:3c:f6:e1:0e:3a:5e:8b:c9:6d:5e:
                    b4:5b:c4:84:99:ae:3f:81:b5:88:8c:28:3a:57:c9:
                    f2:3e:c7:cb:f0:ed:4a:6b:50:a3:50:29:e2:68:a6:
                    d2:3f:11:dd:69:86:c3:64:36:de:4e:69:57:26:f8:
                    12:64:e8:98:b3:61:31:bc:e9:ad:7c:4b:55:f5:f2:
                    03:fb:2f:2b:c0:83:96:ef:b0:35:7c:3d:fa:ce:f5:
                    3c:58:cf:5a:53:92:3f:46:b6:1b:3d:a6:db:07:b6:
                    1a:81:8e:92:60:6d:dc:2c:0b:5f:7a:78:1c:f3:1b:
                    b5:06:89:b2:c2:1c:93:4d:33:5e:67:71:c8:cc:e4:
                    1a:b6:48:e9:eb:1c:dc:4f:af:62:4e:e7:c1:0f:7d:
                    4b:99:2e:18:05:8c:5f:05:a4:77:20:29:43:b6:33:
                    e4:73:9a:0b:cc:25:bf:08:87:ca:c5:32:1b:09:f6:
                    87:62:57:1c:42:65:0f:9e:ff:98:5c:98:7f:0a:26:
                    8f:e6:11:71:db:3e:79:e3:9f:a7:29:a9:9c:ff:5d:
                    74:02:e7:41:ee:4f:85:72:c7:16:ce:e0:96:6b:7c:
                    7a:87:52:db:e3:46:f5:bd:ff:eb:54:10:11:a8:ef:
                    dc:96:1b:1d:0c:71:99:a3:29:fa:1e:70:6e:0a:0b:
                    36:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:CE:F2:C8:17:ED:E5:7E:2C:65:98:D1:6D:CB:9E:8B:23:2D:07:50
            X509v3 Authority Key Identifier:
                keyid:B0:B4:2F:09:4C:BA:97:4C:1F:AE:C6:BD:EC:15:60:F6:63:87:89:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLQvCUy6l0wfrsa97BVg9mOHiRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1a07b0-9976-4d55-b722-a2a11a0a6d74/1/sLQvCUy6l0wfrsa97BVg9mOHiRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:65:7d:1b:75:85:e1:19:5a:b0:22:13:eb:84:0a:86:0e:21:
         9e:60:fd:bc:e7:c0:41:77:f8:3e:13:a3:da:b3:0d:80:6a:47:
         6a:de:27:71:8d:72:9a:6b:f1:a6:71:05:cb:cf:2c:d7:3f:b6:
         32:78:ec:b0:c6:17:3b:aa:0e:df:ae:ee:ad:cf:5b:8f:12:3d:
         f8:41:ff:86:3f:61:13:1a:5a:04:a8:86:a6:3b:5e:2b:b4:2f:
         80:f8:87:f6:49:b7:1f:ae:5d:fb:e8:7c:38:23:15:4d:2e:ee:
         80:7b:3f:4f:5f:74:bc:b8:ad:c3:71:9f:a9:8e:91:77:75:03:
         61:f2:41:be:c4:0b:27:ce:12:c8:f0:d8:09:53:3f:4c:aa:c2:
         9a:46:65:ce:6a:d6:48:51:ce:cb:bd:ae:48:09:32:46:4f:5d:
         53:d3:11:b2:6b:4d:16:77:9a:61:14:0d:94:a7:4e:0f:25:bb:
         6b:52:b8:9e:3f:2c:f3:54:7c:89:47:14:8f:69:27:e9:be:fe:
         42:59:02:41:ee:a3:24:7a:a3:7c:9b:32:10:86:07:ee:78:e0:
         37:05:1c:61:1a:de:af:8a:6c:7d:3f:ba:ea:9e:95:ec:25:03:
         cd:15:5e:a4:73:b4:de:81:82:7f:29:92:0d:2a:7c:1b:16:19:
         64:40:56:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5M8FwC/L7SlzZRG4ar1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjQyZjA5NGNiYTk3NGMxZmFlYzZiZGVjMTU2MGY2NjM4
Nzg5MTEwHhcNMjYwMzAxMjIwMTE5WhcNMjYwMzAyMjIwMTE5WjAzMTEwLwYDVQQD
EyhmOWNlZjJjODE3ZWRlNTdlMmM2NTk4ZDE2ZGNiOWU4YjIzMmQwNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA018TsTz24Q46XovJbV60W8SEma4/
gbWIjCg6V8nyPsfL8O1Ka1CjUCniaKbSPxHdaYbDZDbeTmlXJvgSZOiYs2ExvOmt
fEtV9fID+y8rwIOW77A1fD36zvU8WM9aU5I/RrYbPabbB7YagY6SYG3cLAtfengc
8xu1BomywhyTTTNeZ3HIzOQatkjp6xzcT69iTufBD31LmS4YBYxfBaR3IClDtjPk
c5oLzCW/CIfKxTIbCfaHYlccQmUPnv+YXJh/CiaP5hFx2z5545+nKamc/110AudB
7k+FcscWzuCWa3x6h1Lb40b1vf/rVBARqO/clhsdDHGZoyn6HnBuCgs2uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPnO8sgX7eV+LGWY0W3LnosjLQdQMB8GA1UdIwQY
MBaAFLC0LwlMupdMH67GvewVYPZjh4kRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xRdkNVeTZsMHdmcnNhOTdCVmc5bU9IaVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYTA3YjAtOTk3Ni00ZDU1LWI3MjIt
YTJhMTFhMGE2ZDc0LzEvc0xRdkNVeTZsMHdmcnNhOTdCVmc5bU9IaVJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYTA3YjAtOTk3Ni00ZDU1LWI3MjItYTJhMTFhMGE2ZDc0
LzEvc0xRdkNVeTZsMHdmcnNhOTdCVmc5bU9IaVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiWV9G3WF
4RlasCIT64QKhg4hnmD9vOfAQXf4PhOj2rMNgGpHat4ncY1ymmvxpnEFy88s1z+2
MnjssMYXO6oO367urc9bjxI9+EH/hj9hExpaBKiGpjteK7QvgPiH9km3H65d++h8
OCMVTS7ugHs/T190vLitw3GfqY6Rd3UDYfJBvsQLJ84SyPDYCVM/TKrCmkZlzmrW
SFHOy72uSAkyRk9dU9MRsmtNFneaYRQNlKdODyW7a1K4nj8s81R8iUcUj2kn6b7+
QlkCQe6jJHqjfJsyEIYH7njgNwUcYRrer4psfT+66p6V7CUDzRVepHO03oGCfymS
DSp8GxYZZEBWMQ==
-----END CERTIFICATE-----