Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
File:                     ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft (raw, json)
Hash identifier:          ioDNelUByHRx6JWgPIaw81o1pigEO+O83NqwyF44Pgg=
Subject key identifier:   F6:9A:E1:E0:CC:19:D9:ED:18:65:A0:8F:A3:7B:49:B8:D1:C0:B8:EF
Authority key identifier: 8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18
Certificate issuer:       /CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
Certificate serial:       019CA97D6F72C707DF958FC167AD119C8869
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
Manifest number:          1841
Signing time:             Sun 01 Mar 2026 13:01:35 +0000
Manifest this update:     Sun 01 Mar 2026 13:01:35 +0000
Manifest next update:     Mon 02 Mar 2026 13:01:35 +0000
Files and hashes:         1: ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl (hash: Z9qSI11KyCBe65TES2M3jvEZD4sj3PMOzlS1W9wqBUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7d:6f:72:c7:07:df:95:8f:c1:67:ad:11:9c:88:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a41e2f2d1452e7c4cc07dbfa7839d58df57f218
        Validity
            Not Before: Mar  1 13:01:35 2026 GMT
            Not After : Mar  2 13:01:35 2026 GMT
        Subject: CN=f69ae1e0cc19d9ed1865a08fa37b49b8d1c0b8ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:42:c1:58:99:99:a7:a2:c4:c9:c6:e6:fb:82:
                    35:c7:ed:e1:20:c0:f8:c6:97:ea:52:7c:6e:d8:56:
                    47:f4:04:5b:14:d9:47:91:86:04:e4:98:d7:71:10:
                    14:50:b2:84:82:ad:db:ef:57:5e:85:00:54:fc:35:
                    63:7d:5d:b3:f6:42:d6:df:98:fa:7f:79:4f:e3:e1:
                    bc:8a:27:0c:ce:bc:b4:ab:ba:9c:df:ba:03:4e:54:
                    d9:17:2f:b1:98:dd:46:6a:06:1d:43:6c:6e:ca:56:
                    8f:e1:47:19:55:6e:08:c5:46:28:8d:d1:75:c4:94:
                    41:3b:6d:37:56:fc:ac:7f:64:00:ac:57:df:1f:da:
                    95:1d:aa:ea:36:9a:4b:d3:9d:a7:d2:bc:08:c4:47:
                    77:30:6e:15:47:e5:87:49:13:81:c1:18:d8:5e:fa:
                    c5:1a:dd:f0:7a:f1:80:56:90:1f:83:08:35:89:1c:
                    ac:f6:85:6e:ce:88:ed:34:bc:8f:51:27:2f:64:3b:
                    f1:6c:08:aa:58:40:91:48:c2:15:ac:2a:92:2c:72:
                    f5:e2:1a:e3:64:74:8e:b6:71:b3:1f:70:cd:82:38:
                    05:35:2b:34:19:b7:d9:dd:2c:d7:ca:d4:bd:e3:5f:
                    e2:1e:c4:de:8a:7c:49:ad:6a:b1:d7:3c:da:a8:8f:
                    e9:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:9A:E1:E0:CC:19:D9:ED:18:65:A0:8F:A3:7B:49:B8:D1:C0:B8:EF
            X509v3 Authority Key Identifier:
                keyid:8A:41:E2:F2:D1:45:2E:7C:4C:C0:7D:BF:A7:83:9D:58:DF:57:F2:18

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ikHi8tFFLnxMwH2_p4OdWN9X8hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bf69c4-d64a-4340-9bf1-364854cbc0e8/1/ikHi8tFFLnxMwH2_p4OdWN9X8hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:f5:1a:fb:2d:1d:a0:6a:fb:d9:f3:ae:92:81:cd:d7:1c:64:
         b0:b7:85:9f:ad:db:3d:77:90:98:ff:86:a1:e0:8b:3a:0d:35:
         28:6d:0f:b6:75:21:8e:a7:7e:49:6f:07:98:db:a3:65:2f:1d:
         52:eb:cd:b1:78:67:ab:9b:2f:50:d7:47:1d:f9:ae:45:43:2a:
         fa:8b:9f:14:95:62:a9:fe:77:48:af:b7:84:69:68:0d:ae:a9:
         56:38:fb:99:b4:33:9c:71:2d:f3:24:99:7c:ea:d3:db:4a:e1:
         fc:22:4a:75:83:3b:f4:d6:43:41:85:7a:9f:71:56:07:6b:19:
         91:3e:6b:19:c4:ed:be:e1:55:b3:06:f9:ae:0e:26:d8:2d:02:
         72:59:69:92:89:b0:28:b0:75:e8:e2:af:a1:e0:bc:71:a8:53:
         a0:1f:2f:6e:cf:e5:75:4c:45:d2:9e:ff:b1:79:31:bb:3f:01:
         ce:ab:7d:6d:fe:36:79:fd:48:6a:11:16:bf:e8:8d:e2:d3:cd:
         2d:d0:cf:90:57:7a:c5:c5:1c:9c:ec:61:91:2b:bc:52:e9:4e:
         c4:54:1f:3b:39:0f:35:8a:03:3d:a3:45:39:33:b5:d3:fe:bd:
         43:8b:82:ec:92:e0:c8:5b:16:ad:64:86:d2:13:c3:08:79:1c:
         9d:a6:7f:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfW9yxwfflY/BZ60RnIhpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNDFlMmYyZDE0NTJlN2M0Y2MwN2RiZmE3ODM5ZDU4ZGY1
N2YyMTgwHhcNMjYwMzAxMTMwMTM1WhcNMjYwMzAyMTMwMTM1WjAzMTEwLwYDVQQD
EyhmNjlhZTFlMGNjMTlkOWVkMTg2NWEwOGZhMzdiNDliOGQxYzBiOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ELBWJmZp6LEycbm+4I1x+3hIMD4
xpfqUnxu2FZH9ARbFNlHkYYE5JjXcRAUULKEgq3b71dehQBU/DVjfV2z9kLW35j6
f3lP4+G8iicMzry0q7qc37oDTlTZFy+xmN1GagYdQ2xuylaP4UcZVW4IxUYojdF1
xJRBO203Vvysf2QArFffH9qVHarqNppL052n0rwIxEd3MG4VR+WHSROBwRjYXvrF
Gt3wevGAVpAfgwg1iRys9oVuzojtNLyPUScvZDvxbAiqWECRSMIVrCqSLHL14hrj
ZHSOtnGzH3DNgjgFNSs0GbfZ3SzXytS941/iHsTeinxJrWqx1zzaqI/pEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPaa4eDMGdntGGWgj6N7SbjRwLjvMB8GA1UdIwQY
MBaAFIpB4vLRRS58TMB9v6eDnVjfV/IYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEt
MzY0ODU0Y2JjMGU4LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZjY5YzQtZDY0YS00MzQwLTliZjEtMzY0ODU0Y2JjMGU4
LzEvaWtIaTh0RkZMbnhNd0gyX3A0T2RXTjlYOGhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADfUa+y0d
oGr72fOukoHN1xxksLeFn63bPXeQmP+GoeCLOg01KG0PtnUhjqd+SW8HmNujZS8d
UuvNsXhnq5svUNdHHfmuRUMq+oufFJViqf53SK+3hGloDa6pVjj7mbQznHEt8ySZ
fOrT20rh/CJKdYM79NZDQYV6n3FWB2sZkT5rGcTtvuFVswb5rg4m2C0Ccllpkomw
KLB16OKvoeC8cahToB8vbs/ldUxF0p7/sXkxuz8Bzqt9bf42ef1IahEWv+iN4tPN
LdDPkFd6xcUcnOxhkSu8UulOxFQfOzkPNYoDPaNFOTO10/69Q4uC7JLgyFsWrWSG
0hPDCHkcnaZ/gA==
-----END CERTIFICATE-----