Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File:                     Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier:          3kphW8amxVddA8zPv+KppGJh1xINZSJHqiivixcmhHo=
Subject key identifier:   95:50:8B:92:CC:AB:D2:5C:FC:D4:9F:59:08:F3:6D:C7:39:AF:0A:09
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer:       /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial:       019CAA59299DD99CDE652B6D22E2A583ECC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 17:01:35 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:35 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:35 +0000
Files and hashes:         1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: FVGXcwoiaZDn8tcPMKJtbezekq8vNVH8ftrL71lRao4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:59:29:9d:d9:9c:de:65:2b:6d:22:e2:a5:83:ec:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
        Validity
            Not Before: Mar  1 17:01:35 2026 GMT
            Not After : Mar  2 17:01:35 2026 GMT
        Subject: CN=95508b92ccabd25cfcd49f5908f36dc739af0a09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:eb:52:19:61:34:d5:54:0f:eb:2a:8d:58:18:
                    85:bb:3f:58:63:97:cc:71:13:81:e0:27:8d:0a:37:
                    b8:b7:c6:bc:b4:32:5c:57:b5:78:cc:5e:e9:e1:e3:
                    b0:ab:0b:0c:f9:0f:1f:f0:19:a6:66:8a:18:31:dc:
                    4a:c4:b9:a1:af:53:e3:fd:a4:7a:e9:89:87:92:13:
                    9f:ba:50:d2:f0:6c:2d:34:9a:d2:d0:f1:54:48:84:
                    f9:4e:3f:59:eb:f1:99:8a:16:93:b4:63:3c:5b:53:
                    3c:fe:8d:16:04:63:5c:63:82:d1:fa:2e:90:31:83:
                    7f:4c:37:8d:1a:d5:92:72:e1:b6:9f:5a:b1:88:00:
                    7c:dc:aa:12:19:5e:23:c8:3c:86:c6:df:f1:e9:a0:
                    b4:09:20:62:e5:17:66:d4:8c:17:b6:14:c5:84:b7:
                    a3:be:d6:b8:61:da:fa:cf:fb:6d:83:86:86:5f:5d:
                    5e:a3:69:6d:8e:db:ca:80:e2:49:ef:26:9e:2a:fe:
                    90:53:e9:8e:ea:32:59:5d:88:f5:1b:d9:1b:bd:57:
                    d9:ca:55:05:99:90:15:97:a4:e3:d1:b3:a4:26:42:
                    93:20:e5:97:f6:8f:9a:01:a2:3d:3c:9f:8f:d4:d8:
                    fd:09:4c:b5:4b:ac:ba:82:8f:92:25:54:b8:f9:e9:
                    94:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:50:8B:92:CC:AB:D2:5C:FC:D4:9F:59:08:F3:6D:C7:39:AF:0A:09
            X509v3 Authority Key Identifier:
                keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:9b:2b:c1:50:f6:62:d7:5c:ab:fe:92:18:61:6c:82:13:c2:
         ce:00:c6:dc:42:79:9a:c9:68:c3:ca:c2:8a:88:8a:16:61:b9:
         23:16:b7:a9:51:59:17:50:b2:9b:4e:68:9c:e0:93:a8:70:f6:
         ea:37:cb:9a:22:a5:ca:79:02:5d:72:65:9a:3d:3c:c5:5e:19:
         38:c4:0e:2e:5d:33:06:13:28:b8:37:a3:69:88:90:dc:4b:cd:
         e8:31:5b:3a:0b:1f:52:01:ea:32:e8:d4:39:4f:cd:ab:3d:4c:
         e6:92:57:78:b0:ee:0b:0a:45:7d:a0:01:96:19:38:d9:b2:76:
         5e:4a:df:9a:0d:e7:91:21:0c:d5:9a:bc:66:84:64:5c:94:d6:
         2e:84:25:a4:9c:31:c3:24:d7:e9:87:9d:10:59:dc:17:41:a0:
         fa:e4:a1:8e:f0:6c:c0:3d:26:f3:94:6f:e1:eb:38:a7:76:a6:
         41:17:de:36:79:9f:73:df:f3:cf:27:74:dc:5b:08:f2:dd:c4:
         61:dd:05:59:fb:c9:05:e1:0c:10:1d:24:ce:c7:02:07:26:e7:
         ea:2e:3d:07:3c:d3:34:6f:cc:c5:e5:f5:cf:52:d7:f4:cf:88:
         89:4d:10:6d:84:85:64:32:8c:9f:42:5c:0c:25:ae:9c:dc:fd:
         bc:ea:63:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWSmd2ZzeZSttIuKlg+zBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjYwMzAxMTcwMTM1WhcNMjYwMzAyMTcwMTM1WjAzMTEwLwYDVQQD
Eyg5NTUwOGI5MmNjYWJkMjVjZmNkNDlmNTkwOGYzNmRjNzM5YWYwYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOtSGWE01VQP6yqNWBiFuz9YY5fM
cROB4CeNCje4t8a8tDJcV7V4zF7p4eOwqwsM+Q8f8BmmZooYMdxKxLmhr1Pj/aR6
6YmHkhOfulDS8GwtNJrS0PFUSIT5Tj9Z6/GZihaTtGM8W1M8/o0WBGNcY4LR+i6Q
MYN/TDeNGtWScuG2n1qxiAB83KoSGV4jyDyGxt/x6aC0CSBi5Rdm1IwXthTFhLej
vta4Ydr6z/ttg4aGX11eo2ltjtvKgOJJ7yaeKv6QU+mO6jJZXYj1G9kbvVfZylUF
mZAVl6Tj0bOkJkKTIOWX9o+aAaI9PJ+P1Nj9CUy1S6y6go+SJVS4+emU4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVQi5LMq9Jc/NSfWQjzbcc5rwoJMB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD5srwVD2
Ytdcq/6SGGFsghPCzgDG3EJ5mslow8rCioiKFmG5Ixa3qVFZF1Cym05onOCTqHD2
6jfLmiKlynkCXXJlmj08xV4ZOMQOLl0zBhMouDejaYiQ3EvN6DFbOgsfUgHqMujU
OU/Nqz1M5pJXeLDuCwpFfaABlhk42bJ2Xkrfmg3nkSEM1Zq8ZoRkXJTWLoQlpJwx
wyTX6YedEFncF0Gg+uShjvBswD0m85Rv4es4p3amQRfeNnmfc9/zzyd03FsI8t3E
Yd0FWfvJBeEMEB0kzscCBybn6i49BzzTNG/MxeX1z1LX9M+IiU0QbYSFZDKMn0Jc
DCWunNz9vOpjwQ==
-----END CERTIFICATE-----