Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
File:                     4tNxxKeqqFX4zDsa6oAilCCoDyA.mft (raw, json)
Hash identifier:          C1SnrZJ2nJFtuE+zrcYtK2fnfXG7BSnDkl23onV2WMM=
Subject key identifier:   6E:2A:F7:A4:82:2C:32:2F:81:19:1D:36:5D:C7:65:41:92:1E:0B:86
Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
Certificate issuer:       /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Certificate serial:       019CADC7E8AE98CE9538B354E5C5070CEE82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
Manifest number:          1849
Signing time:             Mon 02 Mar 2026 09:01:25 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:25 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:25 +0000
Files and hashes:         1: 4tNxxKeqqFX4zDsa6oAilCCoDyA.crl (hash: x3/8PBQr2qOnJX1EoC+ruIWxKqOlmaqa9pAgIBUyVA4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:e8:ae:98:ce:95:38:b3:54:e5:c5:07:0c:ee:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
        Validity
            Not Before: Mar  2 09:01:25 2026 GMT
            Not After : Mar  3 09:01:25 2026 GMT
        Subject: CN=6e2af7a4822c322f81191d365dc76541921e0b86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:48:46:08:ce:a1:17:a3:40:6d:c8:bd:1c:3e:
                    15:75:48:04:e1:14:6d:9f:90:be:28:43:1f:a8:01:
                    f3:29:9d:28:b7:e3:39:4d:c5:61:26:8c:fd:e1:33:
                    b6:43:c3:db:4d:ab:ef:03:0b:f7:4b:fd:5d:33:1f:
                    33:fb:21:cb:f1:dd:16:06:aa:60:cf:c0:6e:ee:dd:
                    58:a0:bc:a3:6a:73:0c:7f:ad:92:01:cc:78:78:b7:
                    c4:61:57:ce:c2:05:de:61:98:dc:d6:8e:56:76:0f:
                    20:42:a4:23:51:81:06:f4:84:f6:97:b4:ee:4c:fc:
                    e6:88:f2:ed:9d:1b:54:df:7b:2a:29:24:55:90:c3:
                    0a:78:3a:ab:e8:1e:af:49:fb:c4:eb:c9:6c:8c:ff:
                    d2:9d:ac:fb:ca:03:83:9e:63:57:2a:8f:9b:c4:26:
                    e5:de:2e:f1:1a:2f:dd:ef:77:a2:7e:8b:8f:b6:f4:
                    9f:3f:a6:ba:7e:05:34:d6:5c:8f:c4:3a:68:d1:99:
                    83:2d:7a:4a:2d:ae:80:f5:eb:ab:47:75:02:6a:e8:
                    4a:57:bf:8b:5c:9e:f7:e6:ee:78:49:c9:8d:3c:73:
                    f1:d3:d7:96:99:f7:e7:36:11:a9:d6:82:81:a9:36:
                    5e:62:c3:b5:dc:56:3b:0e:8b:11:81:17:f0:45:0d:
                    12:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:2A:F7:A4:82:2C:32:2F:81:19:1D:36:5D:C7:65:41:92:1E:0B:86
            X509v3 Authority Key Identifier:
                keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:10:54:76:27:f3:47:0e:84:32:77:72:72:1d:96:e4:26:d1:
         0f:eb:6d:df:86:88:fd:98:7f:f8:bc:c3:5d:6b:63:89:6e:9d:
         5e:3f:20:86:ec:99:fb:81:7e:e4:25:c0:98:dd:61:ab:d5:10:
         ab:f9:1c:51:65:e0:57:82:d7:23:dc:59:cb:16:60:9b:94:46:
         fa:ba:bd:07:47:14:4b:7e:df:74:9b:c6:c4:d0:5d:75:04:e6:
         ec:c1:8b:40:99:0b:99:27:ad:be:1d:56:ce:a5:1d:46:e5:20:
         ca:64:10:4c:50:57:91:f6:1e:24:fe:aa:67:f2:c7:45:37:9b:
         81:c9:c9:1a:ea:a3:fe:39:dd:7d:fe:0d:a4:7f:cb:0b:68:d4:
         43:83:73:07:f1:e3:c0:fe:e3:b4:fd:92:58:85:af:88:b7:5b:
         4a:0f:dd:82:38:8c:9e:56:eb:0f:ba:ba:73:5f:88:04:65:fc:
         4b:d2:8f:d3:c7:13:13:f2:e3:61:71:31:4f:21:68:f1:1d:1e:
         d4:ec:ee:25:e0:97:f3:1e:ca:fb:1c:68:a9:d4:d9:c6:8e:36:
         fd:d2:f2:c5:de:64:89:b3:6d:ec:7e:b7:9c:a2:ec:16:e0:9a:
         a2:bd:bc:ab:9f:d3:21:c4:df:ae:fb:47:06:7b:d1:3d:2f:19:
         68:6d:f0:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx+iumM6VOLNU5cUHDO6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh
ODBmMjAwHhcNMjYwMzAyMDkwMTI1WhcNMjYwMzAzMDkwMTI1WjAzMTEwLwYDVQQD
Eyg2ZTJhZjdhNDgyMmMzMjJmODExOTFkMzY1ZGM3NjU0MTkyMWUwYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkhGCM6hF6NAbci9HD4VdUgE4RRt
n5C+KEMfqAHzKZ0ot+M5TcVhJoz94TO2Q8PbTavvAwv3S/1dMx8z+yHL8d0WBqpg
z8Bu7t1YoLyjanMMf62SAcx4eLfEYVfOwgXeYZjc1o5Wdg8gQqQjUYEG9IT2l7Tu
TPzmiPLtnRtU33sqKSRVkMMKeDqr6B6vSfvE68lsjP/Snaz7ygODnmNXKo+bxCbl
3i7xGi/d73eifouPtvSfP6a6fgU01lyPxDpo0ZmDLXpKLa6A9eurR3UCauhKV7+L
XJ735u54ScmNPHPx09eWmffnNhGp1oKBqTZeYsO13FY7DosRgRfwRQ0SBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG4q96SCLDIvgRkdNl3HZUGSHguGMB8GA1UdIwQY
MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt
OTA3YTU4Yzk5NGMyLzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy
LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfRBUdifz
Rw6EMndych2W5CbRD+tt34aI/Zh/+LzDXWtjiW6dXj8ghuyZ+4F+5CXAmN1hq9UQ
q/kcUWXgV4LXI9xZyxZgm5RG+rq9B0cUS37fdJvGxNBddQTm7MGLQJkLmSetvh1W
zqUdRuUgymQQTFBXkfYeJP6qZ/LHRTebgcnJGuqj/jndff4NpH/LC2jUQ4NzB/Hj
wP7jtP2SWIWviLdbSg/dgjiMnlbrD7q6c1+IBGX8S9KP08cTE/LjYXExTyFo8R0e
1OzuJeCX8x7K+xxoqdTZxo42/dLyxd5kibNt7H63nKLsFuCaor28q5/TIcTfrvtH
BnvRPS8ZaG3wvA==
-----END CERTIFICATE-----