Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          N0+s46Ky35j/6VUKyXhF1H3TC1p4hs4ZhEdCqfV95b0=
Subject key identifier:   0C:51:6B:3A:9F:BD:90:B8:24:39:9E:2C:9C:E7:AE:2A:71:92:ED:16
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       019CABD95615109E010E6CE392A5897A029A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 00:01:13 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:13 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:13 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: tjh9y5cUbKs8zOfhYcKQn0WK9/LveVOJ5WLWV3/NCVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:56:15:10:9e:01:0e:6c:e3:92:a5:89:7a:02:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: Mar  2 00:01:13 2026 GMT
            Not After : Mar  3 00:01:13 2026 GMT
        Subject: CN=0c516b3a9fbd90b824399e2c9ce7ae2a7192ed16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:60:0a:ad:d8:cf:d9:19:5e:32:77:a4:c5:64:
                    b8:02:c1:18:97:b4:a5:5b:9c:64:e3:42:fe:f8:81:
                    be:71:24:18:fd:c5:d2:d6:f1:68:08:f7:00:cc:e2:
                    c2:ed:b4:00:84:57:80:05:b7:d0:f0:da:7c:5e:ad:
                    60:8f:0f:a7:56:61:97:37:24:f7:16:b9:ad:53:3f:
                    0d:d1:50:17:29:42:4f:c6:ff:10:c5:f6:fb:3e:3b:
                    7b:2b:02:b4:80:bc:f0:1d:c8:d6:ca:b6:c7:03:c6:
                    da:2d:50:e1:70:d3:72:c6:da:77:b2:6d:41:ef:3e:
                    19:9f:81:cc:a9:6a:af:52:1c:d0:41:f6:b2:40:55:
                    0a:fa:cf:e0:46:04:f6:bd:5c:a7:eb:70:b7:91:1e:
                    a4:f6:1f:4e:c7:ff:8f:1d:4a:e5:db:bc:81:ab:63:
                    37:5f:c9:d6:fc:23:0a:d3:de:ae:d5:58:e6:da:04:
                    7c:6c:60:43:89:9f:f8:4b:ab:d6:cb:d2:8c:ad:98:
                    d1:11:8f:88:03:d4:14:3e:b1:eb:a5:05:89:79:8b:
                    ee:80:1d:43:4b:ac:ed:13:3e:41:9d:fe:60:5a:53:
                    50:72:43:f9:23:27:17:2a:47:24:c8:3c:77:84:d5:
                    a9:66:f6:f1:c1:d0:62:1a:53:b1:7f:88:45:7c:a7:
                    50:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:51:6B:3A:9F:BD:90:B8:24:39:9E:2C:9C:E7:AE:2A:71:92:ED:16
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:7b:65:84:8f:97:7f:ac:da:02:db:a5:81:ab:d6:4e:87:36:
         e0:1b:3e:ab:98:03:b6:24:15:5d:7d:2f:4c:09:a2:3a:b5:b4:
         2c:d4:2f:1a:20:ae:5d:36:3c:67:2e:14:73:af:3c:d2:f9:c4:
         38:5b:7b:86:ff:d6:15:75:01:84:71:ec:eb:63:9b:50:95:a4:
         36:b5:45:35:f2:29:99:5d:a7:53:33:be:63:84:a7:6a:1d:3b:
         84:2e:6c:9a:18:93:1e:3f:e3:da:11:8f:4f:90:d1:39:89:ef:
         d5:be:91:8b:f6:ac:fa:77:d2:69:0c:2b:78:84:08:71:8a:27:
         26:59:5a:51:ab:fb:65:ca:37:d4:c9:a6:82:8c:41:79:ff:73:
         7d:05:ab:23:50:60:09:d3:88:61:16:b4:ab:d8:48:22:88:fd:
         a0:c9:4e:83:a3:19:e5:ec:f7:ae:d4:17:26:ab:16:ea:d7:bf:
         ab:b3:09:f9:f8:5d:53:89:cf:f0:ab:47:ab:0e:84:c9:cd:26:
         4c:4a:ce:42:38:de:d2:78:a0:9a:05:df:96:90:dc:db:d6:7d:
         20:3c:27:7f:cc:21:0d:a1:3e:0b:e5:76:c1:4f:dc:b5:3f:2d:
         74:69:80:2b:07:fc:00:5f:9b:af:f1:e6:1e:db:89:e0:a8:0f:
         eb:6e:8a:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2VYVEJ4BDmzjkqWJegKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjYwMzAyMDAwMTEzWhcNMjYwMzAzMDAwMTEzWjAzMTEwLwYDVQQD
EygwYzUxNmIzYTlmYmQ5MGI4MjQzOTllMmM5Y2U3YWUyYTcxOTJlZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmAKrdjP2RleMnekxWS4AsEYl7Sl
W5xk40L++IG+cSQY/cXS1vFoCPcAzOLC7bQAhFeABbfQ8Np8Xq1gjw+nVmGXNyT3
FrmtUz8N0VAXKUJPxv8Qxfb7Pjt7KwK0gLzwHcjWyrbHA8baLVDhcNNyxtp3sm1B
7z4Zn4HMqWqvUhzQQfayQFUK+s/gRgT2vVyn63C3kR6k9h9Ox/+PHUrl27yBq2M3
X8nW/CMK096u1Vjm2gR8bGBDiZ/4S6vWy9KMrZjREY+IA9QUPrHrpQWJeYvugB1D
S6ztEz5Bnf5gWlNQckP5IycXKkckyDx3hNWpZvbxwdBiGlOxf4hFfKdQdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxRazqfvZC4JDmeLJznripxku0WMB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnntlhI+X
f6zaAtulgavWToc24Bs+q5gDtiQVXX0vTAmiOrW0LNQvGiCuXTY8Zy4Uc6880vnE
OFt7hv/WFXUBhHHs62ObUJWkNrVFNfIpmV2nUzO+Y4Snah07hC5smhiTHj/j2hGP
T5DROYnv1b6Ri/as+nfSaQwreIQIcYonJllaUav7Zco31MmmgoxBef9zfQWrI1Bg
CdOIYRa0q9hIIoj9oMlOg6MZ5ez3rtQXJqsW6te/q7MJ+fhdU4nP8KtHqw6Eyc0m
TErOQjje0nigmgXflpDc29Z9IDwnf8whDaE+C+V2wU/ctT8tdGmAKwf8AF+br/Hm
HtuJ4KgP626KoQ==
-----END CERTIFICATE-----