Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.mft
File:                     EQ8FOm21SxvzlvhQY6b8ygo0bsM.mft (raw, json)
Hash identifier:          7dXA9jcDUkT4Wkj2hENs4dvItQERai81pRkYqD/pWRo=
Subject key identifier:   D4:92:E3:BC:33:A9:C7:1F:0B:F0:0E:E4:98:40:7B:3C:5E:31:62:D5
Authority key identifier: 11:0F:05:3A:6D:B5:4B:1B:F3:96:F8:50:63:A6:FC:CA:0A:34:6E:C3
Certificate issuer:       /CN=110f053a6db54b1bf396f85063a6fcca0a346ec3
Certificate serial:       019CAB343ABC2DB3B4238E3191ABE2639268
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EQ8FOm21SxvzlvhQY6b8ygo0bsM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.mft
Manifest number:          1845
Signing time:             Sun 01 Mar 2026 21:00:52 +0000
Manifest this update:     Sun 01 Mar 2026 21:00:52 +0000
Manifest next update:     Mon 02 Mar 2026 21:00:52 +0000
Files and hashes:         1: EQ8FOm21SxvzlvhQY6b8ygo0bsM.crl (hash: pRFvyif7oFWsSUPuxWgsFzIHAay9RAP+8nN322RPe+U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EQ8FOm21SxvzlvhQY6b8ygo0bsM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 21:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:34:3a:bc:2d:b3:b4:23:8e:31:91:ab:e2:63:92:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=110f053a6db54b1bf396f85063a6fcca0a346ec3
        Validity
            Not Before: Mar  1 21:00:52 2026 GMT
            Not After : Mar  2 21:00:52 2026 GMT
        Subject: CN=d492e3bc33a9c71f0bf00ee498407b3c5e3162d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:79:33:ef:c4:96:d7:d7:19:2c:fb:c4:2d:83:
                    1b:9e:cc:71:c5:1d:28:0a:0b:68:ef:8a:3c:e3:25:
                    88:79:74:00:ea:67:17:65:27:9e:5e:bc:b1:c9:fe:
                    16:a8:24:1b:8e:e2:df:c2:e4:69:c8:61:81:1d:fe:
                    c7:ca:10:c9:c1:22:35:d9:56:da:c5:fb:4d:c7:80:
                    92:37:02:58:2f:59:5a:ba:2e:6b:c6:5f:73:db:cb:
                    e4:0e:67:e9:0f:4c:35:9b:01:cc:45:98:b7:e0:33:
                    5d:95:f3:be:fc:b3:3c:b7:1d:bd:55:a3:8b:96:95:
                    21:b4:44:13:08:51:b6:3d:73:63:90:56:e3:07:71:
                    b6:03:2f:35:c3:13:09:3d:d0:f4:f7:aa:b5:91:34:
                    6b:7d:8d:e3:fb:c5:0d:83:a5:4c:23:d2:42:22:12:
                    c0:f3:90:82:df:ca:9d:60:1a:97:77:2d:ab:05:a5:
                    ae:42:67:f3:49:d8:62:94:c1:16:77:87:b0:a4:1e:
                    fa:ff:32:23:29:12:39:44:f5:3b:7c:23:ab:19:ce:
                    c6:ba:9c:2b:5a:b5:ce:bd:dc:c3:5b:83:85:62:32:
                    fc:e6:c6:84:fb:53:49:16:6f:42:59:71:b1:7a:a2:
                    e7:f5:bf:ba:be:86:e8:a4:c0:12:c6:90:03:a5:21:
                    f5:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:92:E3:BC:33:A9:C7:1F:0B:F0:0E:E4:98:40:7B:3C:5E:31:62:D5
            X509v3 Authority Key Identifier:
                keyid:11:0F:05:3A:6D:B5:4B:1B:F3:96:F8:50:63:A6:FC:CA:0A:34:6E:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EQ8FOm21SxvzlvhQY6b8ygo0bsM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/53d18e-cace-4ea4-9a08-38bfbd34799e/1/EQ8FOm21SxvzlvhQY6b8ygo0bsM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:31:6b:82:1f:6c:f0:44:23:67:d2:94:fe:ea:a6:0c:3f:7b:
         41:e9:a8:31:de:6a:43:87:14:20:94:84:aa:22:11:3b:89:09:
         ca:03:96:05:cd:80:db:5b:4f:22:74:5b:28:5f:2e:c1:e5:77:
         06:46:3f:a3:ff:3f:8d:c6:7b:b8:f2:d5:69:1e:e6:a5:9b:7e:
         f2:25:08:03:f7:d1:72:f4:34:c0:ff:71:63:0c:d9:3c:24:fe:
         bb:96:8c:02:8e:4b:b2:0e:1e:50:20:4b:4e:40:c8:23:0a:04:
         0a:8e:a3:d0:e4:b3:17:f3:99:eb:9c:0a:23:af:e2:3d:37:62:
         a2:4f:53:25:87:32:d8:54:e4:26:ff:00:3c:e6:9a:c1:9d:59:
         d9:82:95:2c:25:ae:6b:f2:8e:37:b3:3b:d5:8a:f0:c1:1a:4b:
         c1:3b:06:94:64:53:e4:55:8e:f7:4b:96:c9:ad:28:07:1b:5c:
         87:b9:09:02:cb:51:3d:28:44:2d:23:82:ef:91:67:72:c5:ad:
         e9:9d:f1:19:06:2d:5b:d6:69:71:59:b5:27:96:3f:c2:61:a6:
         a5:35:97:3c:f8:ac:53:7a:ba:6a:3e:a2:4c:c0:14:d3:88:ef:
         bc:ec:02:98:ad:68:6c:12:d8:d2:b5:47:4e:e7:34:9e:8a:e3:
         95:51:29:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNDq8LbO0I44xkaviY5JoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMGYwNTNhNmRiNTRiMWJmMzk2Zjg1MDYzYTZmY2NhMGEz
NDZlYzMwHhcNMjYwMzAxMjEwMDUyWhcNMjYwMzAyMjEwMDUyWjAzMTEwLwYDVQQD
EyhkNDkyZTNiYzMzYTljNzFmMGJmMDBlZTQ5ODQwN2IzYzVlMzE2MmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXkz78SW19cZLPvELYMbnsxxxR0o
Cgto74o84yWIeXQA6mcXZSeeXryxyf4WqCQbjuLfwuRpyGGBHf7HyhDJwSI12Vba
xftNx4CSNwJYL1laui5rxl9z28vkDmfpD0w1mwHMRZi34DNdlfO+/LM8tx29VaOL
lpUhtEQTCFG2PXNjkFbjB3G2Ay81wxMJPdD096q1kTRrfY3j+8UNg6VMI9JCIhLA
85CC38qdYBqXdy2rBaWuQmfzSdhilMEWd4ewpB76/zIjKRI5RPU7fCOrGc7Gupwr
WrXOvdzDW4OFYjL85saE+1NJFm9CWXGxeqLn9b+6vobopMASxpADpSH1wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNSS47wzqccfC/AO5JhAezxeMWLVMB8GA1UdIwQY
MBaAFBEPBTpttUsb85b4UGOm/MoKNG7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVE4Rk9tMjFTeHZ6bHZoUVk2Yjh5Z28wYnNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81M2QxOGUtY2FjZS00ZWE0LTlhMDgt
MzhiZmJkMzQ3OTllLzEvRVE4Rk9tMjFTeHZ6bHZoUVk2Yjh5Z28wYnNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81M2QxOGUtY2FjZS00ZWE0LTlhMDgtMzhiZmJkMzQ3OTll
LzEvRVE4Rk9tMjFTeHZ6bHZoUVk2Yjh5Z28wYnNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAczFrgh9s
8EQjZ9KU/uqmDD97QemoMd5qQ4cUIJSEqiIRO4kJygOWBc2A21tPInRbKF8uweV3
BkY/o/8/jcZ7uPLVaR7mpZt+8iUIA/fRcvQ0wP9xYwzZPCT+u5aMAo5Lsg4eUCBL
TkDIIwoECo6j0OSzF/OZ65wKI6/iPTdiok9TJYcy2FTkJv8APOaawZ1Z2YKVLCWu
a/KON7M71YrwwRpLwTsGlGRT5FWO90uWya0oBxtch7kJAstRPShELSOC75FncsWt
6Z3xGQYtW9ZpcVm1J5Y/wmGmpTWXPPisU3q6aj6iTMAU04jvvOwCmK1obBLY0rVH
Tuc0norjlVEpvw==
-----END CERTIFICATE-----