Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          1SaDXosKGhNHZGqFSkOlcjvV6V+mW0+8LPKbmktTOs8=
Subject key identifier:   46:CD:1C:E0:5F:79:C0:1F:D5:12:96:07:A7:61:FD:2B:B8:69:5D:ED
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       019CAB6B731F5B6019EA3C659D35B29BD08A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          1841
Signing time:             Sun 01 Mar 2026 22:01:11 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:11 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:11 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: ovPpB6vAHw3tLOaon/WH6DorqzQNKt3OAcBVikN0yp4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:73:1f:5b:60:19:ea:3c:65:9d:35:b2:9b:d0:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: Mar  1 22:01:11 2026 GMT
            Not After : Mar  2 22:01:11 2026 GMT
        Subject: CN=46cd1ce05f79c01fd5129607a761fd2bb8695ded
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a0:21:49:4a:01:8a:ee:b9:5b:ae:05:04:f7:
                    e1:d2:c9:22:3c:a3:42:c7:41:b0:bc:ff:cc:97:03:
                    aa:32:88:32:ef:cb:ff:12:7e:f3:b3:55:ed:07:84:
                    66:d5:e1:b6:9c:17:7d:9e:b6:57:36:a8:1a:76:6a:
                    94:e6:ed:68:b2:96:16:3d:54:8c:9b:a2:4a:85:59:
                    98:1e:d1:00:26:24:dd:24:e4:11:ed:a4:32:84:8b:
                    4b:30:14:d7:b2:9d:b1:f3:8a:26:97:a2:20:4a:b5:
                    63:57:8f:6d:be:71:0b:0f:3c:46:7c:72:4c:1f:e4:
                    f4:36:4d:f0:e5:a0:60:a9:2c:24:02:3e:79:ac:6c:
                    47:96:ce:1c:93:93:aa:3b:ca:75:46:33:f3:37:b6:
                    d9:85:93:3e:d5:0c:8c:89:17:e2:13:28:48:17:52:
                    cb:ad:cc:83:16:39:20:29:38:9b:d2:d7:c8:af:30:
                    0b:aa:c9:4f:51:a5:05:74:97:3b:6b:a3:ad:ba:7f:
                    c0:8e:0f:85:0c:a2:e7:bd:48:bc:53:dd:f5:c2:18:
                    cd:13:d6:2a:bf:a0:16:77:0f:f8:c9:6a:89:f8:1a:
                    bc:d4:ce:56:2a:69:d4:c3:67:45:7f:41:48:9e:76:
                    1b:54:c7:43:72:ae:2e:97:9b:2c:4f:a2:9f:0f:26:
                    2e:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:CD:1C:E0:5F:79:C0:1F:D5:12:96:07:A7:61:FD:2B:B8:69:5D:ED
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:2b:5b:64:49:83:12:32:3d:c5:00:39:e6:3a:63:a8:b6:7b:
         a1:6b:28:c7:cc:cc:fe:b7:71:ec:13:e1:36:cd:a4:1a:28:10:
         02:66:2d:da:b9:62:05:65:33:c4:ca:bf:cc:52:9b:58:e7:4e:
         f1:b0:1c:3f:49:06:fe:97:9e:3c:b2:e5:d0:3b:5d:67:a3:a9:
         51:9a:32:3c:46:fc:e1:c4:b9:38:c9:e6:6e:34:ba:c8:2a:45:
         d1:3c:fe:9e:64:5a:b6:33:47:5b:b3:88:26:7b:2f:27:ee:b7:
         8f:26:1d:77:d3:13:81:b0:a1:28:9b:6e:0a:26:03:c5:13:5b:
         69:9a:49:67:c2:c7:f0:aa:58:b9:44:49:84:ac:55:64:19:f5:
         01:f9:d5:8c:1b:74:0b:29:59:ed:66:b3:bf:7c:94:2f:55:07:
         c0:c1:ff:17:ab:28:5e:37:c3:e2:16:ac:7d:82:93:6d:df:62:
         5f:41:29:e3:3a:85:c2:ec:15:b7:94:f2:59:d5:48:18:f7:90:
         47:b8:e5:5d:eb:5d:c7:cd:91:53:cc:ff:d2:88:d6:08:37:9a:
         d1:90:22:30:ce:6d:34:44:77:91:35:9b:83:7f:87:8c:b4:79:
         05:7d:67:25:0d:43:95:f2:7d:57:0c:f5:f7:86:2f:d6:1c:25:
         d2:0a:6d:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra3MfW2AZ6jxlnTWym9CKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjYwMzAxMjIwMTExWhcNMjYwMzAyMjIwMTExWjAzMTEwLwYDVQQD
Eyg0NmNkMWNlMDVmNzljMDFmZDUxMjk2MDdhNzYxZmQyYmI4Njk1ZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaAhSUoBiu65W64FBPfh0skiPKNC
x0GwvP/MlwOqMogy78v/En7zs1XtB4Rm1eG2nBd9nrZXNqgadmqU5u1ospYWPVSM
m6JKhVmYHtEAJiTdJOQR7aQyhItLMBTXsp2x84oml6IgSrVjV49tvnELDzxGfHJM
H+T0Nk3w5aBgqSwkAj55rGxHls4ck5OqO8p1RjPzN7bZhZM+1QyMiRfiEyhIF1LL
rcyDFjkgKTib0tfIrzALqslPUaUFdJc7a6Otun/Ajg+FDKLnvUi8U931whjNE9Yq
v6AWdw/4yWqJ+Bq81M5WKmnUw2dFf0FInnYbVMdDcq4ul5ssT6KfDyYuiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbNHOBfecAf1RKWB6dh/Su4aV3tMB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxitbZEmD
EjI9xQA55jpjqLZ7oWsox8zM/rdx7BPhNs2kGigQAmYt2rliBWUzxMq/zFKbWOdO
8bAcP0kG/peePLLl0DtdZ6OpUZoyPEb84cS5OMnmbjS6yCpF0Tz+nmRatjNHW7OI
JnsvJ+63jyYdd9MTgbChKJtuCiYDxRNbaZpJZ8LH8KpYuURJhKxVZBn1AfnVjBt0
CylZ7Wazv3yUL1UHwMH/F6soXjfD4hasfYKTbd9iX0Ep4zqFwuwVt5TyWdVIGPeQ
R7jlXetdx82RU8z/0ojWCDea0ZAiMM5tNER3kTWbg3+HjLR5BX1nJQ1DlfJ9Vwz1
94Yv1hwl0gpt3g==
-----END CERTIFICATE-----