Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          fMpcn8vPjfDR6jevzh9RzPAXTX54Ad0W+fqfD95ral0=
Subject key identifier:   A9:F3:75:42:0F:36:D7:A9:7A:2D:88:42:02:2B:B0:58:6E:D7:53:AB
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       019CAD596B9C9828A9E6591A1FAD44B0C5D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          1844
Signing time:             Mon 02 Mar 2026 07:00:44 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:44 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:44 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: zpbDhoBxfbuHVPu9gZBGsfeqle1Sd+TN0S+W4I1w7/Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:6b:9c:98:28:a9:e6:59:1a:1f:ad:44:b0:c5:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Mar  2 07:00:44 2026 GMT
            Not After : Mar  3 07:00:44 2026 GMT
        Subject: CN=a9f375420f36d7a97a2d8842022bb0586ed753ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:66:65:d8:68:bf:af:c6:2a:3e:85:fb:0b:e6:
                    66:64:30:86:66:e5:9f:c5:2c:52:13:e0:51:f2:d3:
                    59:04:90:87:db:4a:68:37:2c:24:ac:74:57:11:e9:
                    6c:bd:0c:b8:3b:48:11:41:b8:ce:08:64:58:f9:c4:
                    d7:c2:6e:7a:d7:dc:58:55:1a:34:40:0a:d9:08:f6:
                    86:e5:01:eb:36:45:98:9d:5d:94:9f:00:e6:2f:57:
                    09:b9:e8:94:d7:5b:5e:0d:7c:05:38:63:85:65:46:
                    50:20:52:47:92:ce:10:ef:b5:88:e9:ee:bb:e6:25:
                    f6:b6:72:a1:39:ab:c6:96:05:22:0e:2f:55:fe:84:
                    2c:d5:fd:12:07:92:47:d9:cd:74:ab:c3:cf:a0:d4:
                    0d:d7:33:c4:48:b0:b9:06:9c:05:2a:eb:e8:35:cf:
                    46:a7:fa:c2:e1:d3:22:b5:c8:d7:9c:d1:ff:2e:16:
                    5a:49:e0:15:dc:83:f7:ca:16:a8:5e:bc:87:c6:1c:
                    20:f3:8a:e5:65:18:df:9a:42:0b:41:5d:a5:c3:78:
                    e5:58:d5:77:0d:4f:16:a3:30:e3:64:e7:f5:71:e2:
                    c9:4f:97:0c:48:c6:cd:bb:14:bd:84:b9:05:e0:ed:
                    81:89:d4:58:c0:b1:92:0c:60:96:9c:fe:0f:47:12:
                    f5:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:F3:75:42:0F:36:D7:A9:7A:2D:88:42:02:2B:B0:58:6E:D7:53:AB
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:fc:ff:20:cc:d3:aa:98:3e:4b:22:4f:26:87:b2:58:d4:aa:
         26:5b:0c:13:f6:10:d1:a7:62:22:be:ea:94:38:32:b5:82:97:
         13:03:1f:25:1b:a5:d8:c3:1f:de:90:f6:3b:ce:a3:ab:62:c6:
         15:4e:51:9a:fd:a7:76:83:88:b9:65:38:48:e2:9d:c0:c1:90:
         53:1c:8e:9c:c4:a0:43:cb:ba:ab:7c:48:63:b9:cc:ff:ed:fc:
         3b:01:e7:25:a1:43:bf:ce:f6:e7:12:aa:c9:71:7c:9a:fb:34:
         31:fa:66:92:9f:ed:7f:70:dc:dc:69:a0:49:80:70:1f:48:df:
         a2:67:99:9d:6f:b8:65:3b:02:eb:c7:b2:ac:b8:5e:cc:0b:f5:
         20:9f:3a:89:e6:78:d7:1c:69:d7:c6:57:8c:eb:d5:cd:69:9f:
         09:fc:d4:66:e8:80:07:40:42:45:13:f3:c6:08:ad:b0:53:98:
         f4:c9:bf:a0:87:67:60:53:89:e9:c9:03:22:aa:6e:ea:af:d6:
         04:fe:96:ad:80:65:1a:68:4c:4c:a2:39:8a:67:5f:e9:8e:ad:
         ba:2f:15:6b:75:ba:86:3e:1e:21:bf:23:06:2f:e3:c0:23:b0:
         9e:84:fc:03:db:86:22:ee:47:31:3a:43:45:ed:6e:1c:c3:0d:
         07:4c:64:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWWucmCip5lkaH61EsMXYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjYwMzAyMDcwMDQ0WhcNMjYwMzAzMDcwMDQ0WjAzMTEwLwYDVQQD
EyhhOWYzNzU0MjBmMzZkN2E5N2EyZDg4NDIwMjJiYjA1ODZlZDc1M2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymZl2Gi/r8YqPoX7C+ZmZDCGZuWf
xSxSE+BR8tNZBJCH20poNywkrHRXEelsvQy4O0gRQbjOCGRY+cTXwm5619xYVRo0
QArZCPaG5QHrNkWYnV2UnwDmL1cJueiU11teDXwFOGOFZUZQIFJHks4Q77WI6e67
5iX2tnKhOavGlgUiDi9V/oQs1f0SB5JH2c10q8PPoNQN1zPESLC5BpwFKuvoNc9G
p/rC4dMitcjXnNH/LhZaSeAV3IP3yhaoXryHxhwg84rlZRjfmkILQV2lw3jlWNV3
DU8WozDjZOf1ceLJT5cMSMbNuxS9hLkF4O2BidRYwLGSDGCWnP4PRxL1uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKnzdUIPNtepei2IQgIrsFhu11OrMB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ/z/IMzT
qpg+SyJPJoeyWNSqJlsME/YQ0adiIr7qlDgytYKXEwMfJRul2MMf3pD2O86jq2LG
FU5Rmv2ndoOIuWU4SOKdwMGQUxyOnMSgQ8u6q3xIY7nM/+38OwHnJaFDv8725xKq
yXF8mvs0Mfpmkp/tf3Dc3GmgSYBwH0jfomeZnW+4ZTsC68eyrLhezAv1IJ86ieZ4
1xxp18ZXjOvVzWmfCfzUZuiAB0BCRRPzxgitsFOY9Mm/oIdnYFOJ6ckDIqpu6q/W
BP6WrYBlGmhMTKI5imdf6Y6tui8Va3W6hj4eIb8jBi/jwCOwnoT8A9uGIu5HMTpD
Re1uHMMNB0xk/A==
-----END CERTIFICATE-----