Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
File:                     CIAqhiH4eCf9WXI85my1nDj5HyE.mft (raw, json)
Hash identifier:          KO5BJrK9GC9612bPHOPY4Pi14DKgM7ZK3HXXk4/sBgg=
Subject key identifier:   2B:92:56:36:00:B1:86:0C:CD:2A:88:C1:76:0F:0A:89:F2:D4:40:5E
Authority key identifier: 08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21
Certificate issuer:       /CN=08802a8621f87827fd59723ce66cb59c38f91f21
Certificate serial:       019CABD94FAA45C828BE4828FFC5C1C2016F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
Manifest number:          0B9E
Signing time:             Mon 02 Mar 2026 00:01:11 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:11 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:11 +0000
Files and hashes:         1: CIAqhiH4eCf9WXI85my1nDj5HyE.crl (hash: 3uRJ/wF3o4X7CtmfwWhJGW3y71D5xBSIc5H4sl2Xc6k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:4f:aa:45:c8:28:be:48:28:ff:c5:c1:c2:01:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08802a8621f87827fd59723ce66cb59c38f91f21
        Validity
            Not Before: Mar  2 00:01:11 2026 GMT
            Not After : Mar  3 00:01:11 2026 GMT
        Subject: CN=2b92563600b1860ccd2a88c1760f0a89f2d4405e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:bc:38:4a:42:e4:7c:48:3d:a9:23:d3:90:ec:
                    d9:e7:05:0c:21:63:8e:17:d2:ed:28:5a:4a:2a:e5:
                    35:cd:5b:80:a5:1d:ad:48:88:f9:50:78:4e:ec:6b:
                    48:93:89:e1:78:5f:bf:5e:6c:5d:48:17:df:b2:de:
                    1c:3c:be:30:89:ee:96:39:a2:0c:92:b2:ca:5c:9d:
                    dd:b6:21:9e:36:2e:0e:e5:da:ab:0b:92:a6:6d:50:
                    69:f8:91:b3:38:9b:24:1b:63:d9:5e:3a:f2:6b:c5:
                    27:b5:d4:7c:8e:a1:e6:16:ed:be:e9:49:0a:6e:27:
                    a4:ed:60:9d:26:4d:de:c1:94:f0:52:7c:a6:fb:c7:
                    a3:c7:dd:57:c1:3a:62:26:4d:b3:9c:4b:ff:1d:47:
                    db:fd:a9:df:db:95:19:1f:cd:2d:17:ec:e5:87:a5:
                    8a:6d:ac:77:43:b9:10:6c:ca:8c:00:61:fe:c2:97:
                    5a:24:22:49:b1:fc:f9:31:ca:c2:c9:27:fd:7a:d3:
                    23:92:76:d8:95:ea:0d:fd:44:3e:1d:ec:e3:aa:55:
                    78:aa:ee:00:8c:df:09:c2:ae:68:50:25:88:f8:59:
                    0d:61:19:33:c4:8c:95:47:8c:e6:bb:b6:1d:35:a7:
                    47:ad:ad:1d:1c:1b:6a:98:f4:30:d4:a5:9b:b4:44:
                    13:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:92:56:36:00:B1:86:0C:CD:2A:88:C1:76:0F:0A:89:F2:D4:40:5E
            X509v3 Authority Key Identifier:
                keyid:08:80:2A:86:21:F8:78:27:FD:59:72:3C:E6:6C:B5:9C:38:F9:1F:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIAqhiH4eCf9WXI85my1nDj5HyE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/6bc0f1-d1ea-4900-98ca-f16f994ecf43/1/CIAqhiH4eCf9WXI85my1nDj5HyE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:f3:d2:8d:fa:ad:37:f9:11:45:5f:1a:bf:b4:2f:bb:6b:82:
         35:e6:d2:a1:e4:83:73:b5:ee:d0:36:7a:90:64:37:8e:44:d1:
         df:32:92:e1:c9:1a:4b:a5:bd:da:b3:92:14:79:bb:04:ac:fa:
         ac:f3:99:e5:8e:bc:f0:81:80:e9:b7:3c:a4:b3:57:3e:5d:cb:
         8f:1a:44:ab:7f:59:20:db:d0:88:6c:4b:61:a4:cb:a9:4f:03:
         5d:42:42:53:de:fa:ce:9a:f2:4f:95:46:15:50:6e:b9:4d:c3:
         a5:3c:b1:ad:14:91:d8:22:ba:57:f8:91:a3:4e:7c:9e:7d:39:
         e3:d9:6f:bc:d6:3f:6e:8b:4b:91:72:e2:4e:0c:20:db:c5:76:
         45:cf:2b:78:df:b7:26:82:96:08:58:7b:62:cd:41:a1:c7:99:
         1f:9f:9c:c2:c2:4f:92:50:b2:a2:e4:1d:66:69:82:1b:3a:36:
         42:52:33:71:f4:23:22:27:c6:11:c2:1d:41:fe:62:ef:14:b2:
         b9:bd:c3:48:b9:ee:ad:88:46:96:40:33:82:ac:bb:65:bb:26:
         fe:78:f9:66:6b:6a:44:02:c1:e1:ad:b4:f8:43:11:b7:04:a2:
         2d:0f:d2:c0:7e:88:ce:cc:0b:88:47:6d:63:4b:c7:4d:4e:6c:
         09:d6:40:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2U+qRcgovkgo/8XBwgFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODAyYTg2MjFmODc4MjdmZDU5NzIzY2U2NmNiNTljMzhm
OTFmMjEwHhcNMjYwMzAyMDAwMTExWhcNMjYwMzAzMDAwMTExWjAzMTEwLwYDVQQD
EygyYjkyNTYzNjAwYjE4NjBjY2QyYTg4YzE3NjBmMGE4OWYyZDQ0MDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbw4SkLkfEg9qSPTkOzZ5wUMIWOO
F9LtKFpKKuU1zVuApR2tSIj5UHhO7GtIk4nheF+/XmxdSBffst4cPL4wie6WOaIM
krLKXJ3dtiGeNi4O5dqrC5KmbVBp+JGzOJskG2PZXjrya8UntdR8jqHmFu2+6UkK
biek7WCdJk3ewZTwUnym+8ejx91XwTpiJk2znEv/HUfb/anf25UZH80tF+zlh6WK
bax3Q7kQbMqMAGH+wpdaJCJJsfz5McrCySf9etMjknbYleoN/UQ+HezjqlV4qu4A
jN8Jwq5oUCWI+FkNYRkzxIyVR4zmu7YdNadHra0dHBtqmPQw1KWbtEQTIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuSVjYAsYYMzSqIwXYPCony1EBeMB8GA1UdIwQY
MBaAFAiAKoYh+Hgn/VlyPOZstZw4+R8hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2Et
ZjE2Zjk5NGVjZjQzLzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82YmMwZjEtZDFlYS00OTAwLTk4Y2EtZjE2Zjk5NGVjZjQz
LzEvQ0lBcWhpSDRlQ2Y5V1hJODVteTFuRGo1SHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARvPSjfqt
N/kRRV8av7Qvu2uCNebSoeSDc7Xu0DZ6kGQ3jkTR3zKS4ckaS6W92rOSFHm7BKz6
rPOZ5Y688IGA6bc8pLNXPl3LjxpEq39ZINvQiGxLYaTLqU8DXUJCU976zpryT5VG
FVBuuU3DpTyxrRSR2CK6V/iRo058nn0549lvvNY/botLkXLiTgwg28V2Rc8reN+3
JoKWCFh7Ys1BoceZH5+cwsJPklCyouQdZmmCGzo2QlIzcfQjIifGEcIdQf5i7xSy
ub3DSLnurYhGlkAzgqy7Zbsm/nj5ZmtqRALB4a20+EMRtwSiLQ/SwH6IzswLiEdt
Y0vHTU5sCdZAvw==
-----END CERTIFICATE-----