Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
File:                     AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json)
Hash identifier:          2Ug+QxICxMJ/gHPZMnLuubpWD+VxOeOHeAXyyBDGWC4=
Subject key identifier:   DE:4D:F1:55:A1:EA:06:5F:8A:63:E0:55:2E:0D:26:58:60:B8:7C:0E
Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C
Certificate issuer:       /CN=0248417c7fe9ccec5b9daacc08fce799d673088c
Certificate serial:       019CAB6B908D1F53668227D31E5136DE5500
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
Manifest number:          107C
Signing time:             Sun 01 Mar 2026 22:01:19 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:19 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:19 +0000
Files and hashes:         1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: xgVJevjkxW4cf+pkiDA3QW7rxpxkmSGE4enQpgHRNi0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:90:8d:1f:53:66:82:27:d3:1e:51:36:de:55:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c
        Validity
            Not Before: Mar  1 22:01:19 2026 GMT
            Not After : Mar  2 22:01:19 2026 GMT
        Subject: CN=de4df155a1ea065f8a63e0552e0d265860b87c0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:a6:98:0c:e4:c4:1d:f0:c4:a2:f0:e5:22:10:
                    3d:f3:01:98:b6:80:27:c0:99:6f:35:7c:f3:3d:47:
                    21:17:62:06:e2:9c:e7:26:09:9d:37:65:07:5e:44:
                    10:bc:5e:c0:9b:fc:bf:9c:7f:d0:2a:07:a5:84:50:
                    fb:80:a4:23:06:4d:f4:5b:76:ef:89:73:f1:8f:6f:
                    04:48:27:80:ee:8b:ac:12:8f:54:92:56:f2:46:42:
                    2c:ed:a8:5a:78:6e:04:86:90:2d:0c:cc:60:da:cc:
                    4d:ac:f4:76:85:be:b3:b6:15:de:34:7f:81:6e:fa:
                    ba:e5:43:e6:7e:98:79:7d:f2:cf:26:96:55:20:30:
                    4e:dc:cc:f9:04:d1:9c:b7:68:c9:b1:6e:0b:2b:f8:
                    8d:3a:8b:e4:8c:96:78:9f:1c:57:38:94:a6:7d:97:
                    bf:92:2f:7b:80:ea:f3:3d:08:a2:18:ea:cf:cd:27:
                    0a:4c:54:9d:da:aa:d4:d8:1f:2a:32:5d:bf:3e:13:
                    bf:2f:20:10:9d:e7:83:47:fd:fd:b4:5f:9d:fc:44:
                    cd:25:10:75:fd:3c:a7:00:2e:18:c2:49:bd:29:3c:
                    fd:dd:11:16:7c:6e:f1:2d:9a:8a:81:60:7c:49:44:
                    35:55:2a:f1:65:b3:fe:5d:c3:93:0c:81:00:a0:c6:
                    f1:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:4D:F1:55:A1:EA:06:5F:8A:63:E0:55:2E:0D:26:58:60:B8:7C:0E
            X509v3 Authority Key Identifier:
                keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:4d:ae:81:b2:de:da:b6:57:05:63:24:c5:7e:18:3a:b5:39:
         17:44:c5:fe:b9:18:6e:31:82:80:53:25:71:b9:6c:28:91:aa:
         cd:5f:c1:ce:5f:e7:a3:a6:ce:43:e5:e9:19:2a:21:95:d2:49:
         0f:55:8c:6b:33:d1:15:4f:64:e5:63:ba:f1:62:54:ae:8b:b8:
         5d:70:59:e0:ca:4c:ce:44:d1:de:1d:13:eb:ca:f5:2c:89:85:
         4b:36:99:5d:62:0c:83:33:57:36:eb:7c:db:f2:97:79:4b:ed:
         09:71:a8:63:cc:d9:42:c2:d2:e4:02:60:a7:01:0b:f4:74:4e:
         da:30:4a:3d:c3:33:e8:af:71:fb:c2:3f:3e:89:12:ae:f0:50:
         17:7d:89:3a:60:ba:a0:61:b9:91:3f:ae:de:d1:03:66:eb:8f:
         d2:ee:e2:33:97:9e:dd:eb:c3:02:4d:ef:83:dc:82:04:49:b4:
         ff:ed:1a:58:65:d7:8e:25:82:06:17:f9:24:fb:5b:33:b9:1a:
         94:52:9d:8d:b3:c0:84:08:53:b9:47:f6:87:ce:02:98:f8:64:
         52:d2:c7:ff:93:59:32:07:6a:24:bf:0e:53:21:8c:95:e3:20:
         ac:54:25:ef:89:d2:bc:1f:10:41:3a:cf:91:9a:08:58:e1:00:
         86:b0:e3:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5CNH1NmgifTHlE23lUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3
MzA4OGMwHhcNMjYwMzAxMjIwMTE5WhcNMjYwMzAyMjIwMTE5WjAzMTEwLwYDVQQD
EyhkZTRkZjE1NWExZWEwNjVmOGE2M2UwNTUyZTBkMjY1ODYwYjg3YzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaaYDOTEHfDEovDlIhA98wGYtoAn
wJlvNXzzPUchF2IG4pznJgmdN2UHXkQQvF7Am/y/nH/QKgelhFD7gKQjBk30W3bv
iXPxj28ESCeA7ousEo9UklbyRkIs7ahaeG4EhpAtDMxg2sxNrPR2hb6zthXeNH+B
bvq65UPmfph5ffLPJpZVIDBO3Mz5BNGct2jJsW4LK/iNOovkjJZ4nxxXOJSmfZe/
ki97gOrzPQiiGOrPzScKTFSd2qrU2B8qMl2/PhO/LyAQneeDR/39tF+d/ETNJRB1
/TynAC4Ywkm9KTz93REWfG7xLZqKgWB8SUQ1VSrxZbP+XcOTDIEAoMbxgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5N8VWh6gZfimPgVS4NJlhguHwOMB8GA1UdIwQY
MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt
NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2
LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkk2ugbLe
2rZXBWMkxX4YOrU5F0TF/rkYbjGCgFMlcblsKJGqzV/Bzl/no6bOQ+XpGSohldJJ
D1WMazPRFU9k5WO68WJUrou4XXBZ4MpMzkTR3h0T68r1LImFSzaZXWIMgzNXNut8
2/KXeUvtCXGoY8zZQsLS5AJgpwEL9HRO2jBKPcMz6K9x+8I/PokSrvBQF32JOmC6
oGG5kT+u3tEDZuuP0u7iM5ee3evDAk3vg9yCBEm0/+0aWGXXjiWCBhf5JPtbM7ka
lFKdjbPAhAhTuUf2h84CmPhkUtLH/5NZMgdqJL8OUyGMleMgrFQl74nSvB8QQTrP
kZoIWOEAhrDj9Q==
-----END CERTIFICATE-----