Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          eW+l9AyPcW8LHXvM8qKXs9Sciyr11slhMwOaBWYZdcw=
Subject key identifier:   4E:73:AB:53:E9:4F:DF:1B:0B:A7:E6:44:E0:C4:37:97:AC:4D:C2:36
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       019CABD94AB93E7DAE9100E0057D277BD809
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          1840
Signing time:             Mon 02 Mar 2026 00:01:10 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:10 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:10 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: xcihig2m0cim3kLI1w2gvHDrjVPKhsb4+A48qhvo/iw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:4a:b9:3e:7d:ae:91:00:e0:05:7d:27:7b:d8:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: Mar  2 00:01:10 2026 GMT
            Not After : Mar  3 00:01:10 2026 GMT
        Subject: CN=4e73ab53e94fdf1b0ba7e644e0c43797ac4dc236
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:62:36:14:0f:75:d9:ec:a4:52:24:52:c3:19:
                    62:b0:2d:f8:4f:08:3e:f2:3d:a2:51:98:1c:18:92:
                    5a:83:94:bd:7b:0c:70:e6:62:38:b5:8c:60:c6:67:
                    16:2d:97:a9:27:8a:fa:d2:59:4d:63:e7:16:79:59:
                    e1:9b:a2:b6:ed:11:5a:ef:b0:e0:0a:b3:3e:48:b2:
                    51:08:f9:d0:cc:8b:8b:06:12:b8:54:53:72:17:e4:
                    86:9a:bf:f6:66:fa:63:6a:52:8c:ab:de:14:26:da:
                    b5:69:a3:c7:b5:b4:e3:5e:80:d1:a2:a3:7f:83:d3:
                    0e:4b:45:8c:f5:87:bc:6d:3d:3c:b6:de:e2:d7:e4:
                    2d:95:e0:cf:d7:7d:30:aa:80:57:f0:64:e7:f1:36:
                    8d:c4:73:a2:df:ab:e8:da:d3:d0:46:66:2a:74:d2:
                    8b:bb:c3:0d:5d:10:e8:cd:12:87:ca:0f:e2:58:66:
                    d4:41:51:64:97:8d:db:17:e5:b8:f2:9f:8f:b9:84:
                    fc:bc:70:69:45:cb:ce:3f:9d:b1:d4:88:f5:3d:2f:
                    58:40:9b:65:16:34:0e:e0:02:97:73:bd:5d:64:fd:
                    70:d8:ea:62:a1:75:28:de:e5:e6:62:1c:3e:dc:99:
                    96:e4:15:0e:95:fd:e9:47:d3:f7:0f:57:45:2e:fb:
                    3c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:73:AB:53:E9:4F:DF:1B:0B:A7:E6:44:E0:C4:37:97:AC:4D:C2:36
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:eb:4c:79:3c:9a:85:00:1e:f7:ef:3a:5c:08:7c:b7:fe:99:
         25:be:e7:f4:00:c5:27:ae:96:21:16:b7:28:24:94:c7:ef:b3:
         58:53:6c:46:3d:1b:2d:9b:2d:b3:d2:cb:87:65:ad:4e:bc:ab:
         84:c2:3a:4b:0c:81:0a:de:2b:f6:63:2c:26:ee:40:cf:d1:ce:
         f2:2a:a4:a5:5e:9a:8b:f1:0d:5c:cd:c3:0f:ea:3f:42:75:c0:
         e7:3a:57:dd:ea:22:e2:16:21:e8:dd:3b:fc:e2:60:4f:d9:91:
         ba:e7:00:31:ef:81:fb:06:f3:b8:c8:b2:5a:da:78:fd:f3:72:
         3d:9b:22:af:bc:c3:b1:58:20:dc:0d:80:42:88:cf:16:1c:64:
         76:91:47:51:26:41:90:4b:8b:87:77:f3:74:3f:6c:de:1a:d5:
         56:af:cd:b3:62:0d:9e:f2:2e:ca:6c:e7:d1:68:75:01:44:0e:
         82:d9:4a:0c:b9:b6:78:cc:da:84:0b:f4:b2:2d:9c:f9:4d:da:
         bf:26:21:3f:fa:87:6e:9a:e6:78:46:56:58:64:2c:a6:82:1c:
         91:54:6e:f1:76:e9:05:3a:60:b8:18:17:bd:68:87:8e:bb:a6:
         f5:a1:32:f1:61:68:7d:f1:d6:20:a5:75:e0:46:5f:00:5b:b8:
         d5:48:b9:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2Uq5Pn2ukQDgBX0ne9gJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjYwMzAyMDAwMTEwWhcNMjYwMzAzMDAwMTEwWjAzMTEwLwYDVQQD
Eyg0ZTczYWI1M2U5NGZkZjFiMGJhN2U2NDRlMGM0Mzc5N2FjNGRjMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2I2FA912eykUiRSwxlisC34Twg+
8j2iUZgcGJJag5S9ewxw5mI4tYxgxmcWLZepJ4r60llNY+cWeVnhm6K27RFa77Dg
CrM+SLJRCPnQzIuLBhK4VFNyF+SGmr/2ZvpjalKMq94UJtq1aaPHtbTjXoDRoqN/
g9MOS0WM9Ye8bT08tt7i1+QtleDP130wqoBX8GTn8TaNxHOi36vo2tPQRmYqdNKL
u8MNXRDozRKHyg/iWGbUQVFkl43bF+W48p+PuYT8vHBpRcvOP52x1Ij1PS9YQJtl
FjQO4AKXc71dZP1w2OpioXUo3uXmYhw+3JmW5BUOlf3pR9P3D1dFLvs8TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5zq1PpT98bC6fmRODEN5esTcI2MB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMOtMeTya
hQAe9+86XAh8t/6ZJb7n9ADFJ66WIRa3KCSUx++zWFNsRj0bLZsts9LLh2WtTryr
hMI6SwyBCt4r9mMsJu5Az9HO8iqkpV6ai/ENXM3DD+o/QnXA5zpX3eoi4hYh6N07
/OJgT9mRuucAMe+B+wbzuMiyWtp4/fNyPZsir7zDsVgg3A2AQojPFhxkdpFHUSZB
kEuLh3fzdD9s3hrVVq/Ns2INnvIuymzn0Wh1AUQOgtlKDLm2eMzahAv0si2c+U3a
vyYhP/qHbprmeEZWWGQspoIckVRu8XbpBTpguBgXvWiHjrum9aEy8WFoffHWIKV1
4EZfAFu41Ui5GQ==
-----END CERTIFICATE-----