Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          0fxdhCskz1xeLMSkHcv5PIWgiqvoB7kO19ar/uzAAs0=
Subject key identifier:   0E:DD:B0:C4:44:BB:1E:AD:F9:D7:2C:FE:76:CE:64:BD:C8:C7:DD:3C
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       019CAB6BAEEB2324269B007EB922D7D494DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          1841
Signing time:             Sun 01 Mar 2026 22:01:26 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:26 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:26 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: 2bwbcAToxRZja8ow8opjzVBh92wkue5HC5Ux3OSXWpk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:ae:eb:23:24:26:9b:00:7e:b9:22:d7:d4:94:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: Mar  1 22:01:26 2026 GMT
            Not After : Mar  2 22:01:26 2026 GMT
        Subject: CN=0eddb0c444bb1eadf9d72cfe76ce64bdc8c7dd3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:20:b0:aa:72:98:98:01:c4:5a:3a:25:dd:ce:
                    1e:11:2f:a5:5f:cd:cc:6f:13:76:ed:a1:bc:95:36:
                    45:4a:a9:40:73:49:c9:c2:4f:a3:94:be:e5:d1:8f:
                    bb:35:00:6c:46:c8:24:bd:80:79:88:0e:9b:87:a6:
                    d1:3c:49:e0:8f:3d:5b:44:42:ed:fa:7a:5c:e0:1c:
                    e0:f8:89:99:08:6a:20:6d:93:78:65:12:0b:c1:fb:
                    0d:10:f5:28:ce:37:75:21:0f:03:75:56:5f:2b:e0:
                    11:45:39:dd:f7:b4:ba:4a:c3:1f:d3:20:39:0c:d3:
                    d1:2e:d4:94:7f:8b:51:ed:06:8e:e8:73:03:f8:8c:
                    b0:ba:62:a1:c3:73:31:02:b1:d0:6f:2e:b6:21:38:
                    5c:5c:2a:32:24:22:0a:8a:b4:04:86:aa:c3:6a:f6:
                    39:d7:b0:dd:77:cc:28:41:bd:05:7b:56:e5:8d:d7:
                    1c:1e:e0:04:df:99:59:c2:e0:ab:e0:04:94:4c:6f:
                    33:88:50:ad:00:10:1b:15:21:7b:05:04:7e:83:0e:
                    9c:ab:2a:88:88:96:8c:ec:3d:3b:59:f5:fa:d7:28:
                    5a:d9:25:60:77:94:1c:61:8a:d3:f7:c9:3d:0b:4d:
                    2d:cd:b5:9f:55:5f:fb:ee:43:37:5f:44:62:94:0b:
                    2b:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:DD:B0:C4:44:BB:1E:AD:F9:D7:2C:FE:76:CE:64:BD:C8:C7:DD:3C
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e2:47:bc:a4:2e:46:b0:b0:50:51:60:7c:4f:da:4d:b9:d5:99:
         69:e0:3b:43:4a:aa:e7:b3:37:0e:78:d2:dd:3b:62:88:72:e6:
         f5:54:b8:22:39:70:09:93:02:68:50:28:7a:63:66:13:77:99:
         6f:27:19:a5:ae:d9:1e:bb:32:2e:04:03:07:a5:b9:c6:7b:99:
         4b:62:d8:46:ce:5f:a2:39:85:02:30:18:61:85:cb:b4:92:1e:
         cc:94:28:a5:27:e9:87:50:a9:99:83:f2:42:07:29:44:15:51:
         09:e7:53:59:3c:a8:61:e5:e8:e1:a9:02:16:09:9d:54:e5:d7:
         e1:e4:cf:39:7e:fd:9d:7b:16:56:9a:4a:81:dc:3f:15:9c:32:
         ed:5f:ae:7f:07:50:82:da:8b:bd:87:f5:b2:45:8d:8d:67:b1:
         d5:b4:ef:cb:3d:d5:dc:c5:1d:4f:e3:34:c9:d8:fd:9d:f8:c3:
         59:4a:53:b2:7c:ef:28:39:61:a6:32:0c:8f:46:59:05:03:a4:
         7d:be:c6:b8:ab:87:e4:de:c1:a6:97:86:28:d7:dd:11:24:9d:
         80:27:f0:8a:98:96:b6:67:38:9d:32:f6:81:4a:0e:3f:93:b8:
         7b:8a:ef:b0:08:c3:bc:74:8d:2c:a6:ca:02:0a:8d:43:92:cc:
         63:b3:c7:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra67rIyQmmwB+uSLX1JTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjYwMzAxMjIwMTI2WhcNMjYwMzAyMjIwMTI2WjAzMTEwLwYDVQQD
EygwZWRkYjBjNDQ0YmIxZWFkZjlkNzJjZmU3NmNlNjRiZGM4YzdkZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniCwqnKYmAHEWjol3c4eES+lX83M
bxN27aG8lTZFSqlAc0nJwk+jlL7l0Y+7NQBsRsgkvYB5iA6bh6bRPEngjz1bRELt
+npc4Bzg+ImZCGogbZN4ZRILwfsNEPUozjd1IQ8DdVZfK+ARRTnd97S6SsMf0yA5
DNPRLtSUf4tR7QaO6HMD+IywumKhw3MxArHQby62IThcXCoyJCIKirQEhqrDavY5
17Ddd8woQb0Fe1bljdccHuAE35lZwuCr4ASUTG8ziFCtABAbFSF7BQR+gw6cqyqI
iJaM7D07WfX61yha2SVgd5QcYYrT98k9C00tzbWfVV/77kM3X0RilAsrxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7dsMREux6t+dcs/nbOZL3Ix908MB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4ke8pC5G
sLBQUWB8T9pNudWZaeA7Q0qq57M3DnjS3TtiiHLm9VS4IjlwCZMCaFAoemNmE3eZ
bycZpa7ZHrsyLgQDB6W5xnuZS2LYRs5fojmFAjAYYYXLtJIezJQopSfph1CpmYPy
QgcpRBVRCedTWTyoYeXo4akCFgmdVOXX4eTPOX79nXsWVppKgdw/FZwy7V+ufwdQ
gtqLvYf1skWNjWex1bTvyz3V3MUdT+M0ydj9nfjDWUpTsnzvKDlhpjIMj0ZZBQOk
fb7GuKuH5N7BppeGKNfdESSdgCfwipiWtmc4nTL2gUoOP5O4e4rvsAjDvHSNLKbK
AgqNQ5LMY7PHuQ==
-----END CERTIFICATE-----