Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
File:                     shUnDjtZdrRPOt7OVwR9HgeHunU.mft (raw, json)
Hash identifier:          B6fD++1gQPFKKrLewbmto5O7cua0sCM5M894lGNNTwM=
Subject key identifier:   3A:36:FF:BB:06:B4:BC:03:15:86:84:E9:3B:81:73:5D:63:0A:DD:2C
Authority key identifier: B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
Certificate issuer:       /CN=b215270e3b5976b44f3adece57047d1e0787ba75
Certificate serial:       019CAEA2D42AD30D257D43B27E6F33B9A50A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
Manifest number:          1847
Signing time:             Mon 02 Mar 2026 13:00:32 +0000
Manifest this update:     Mon 02 Mar 2026 13:00:32 +0000
Manifest next update:     Tue 03 Mar 2026 13:00:32 +0000
Files and hashes:         1: shUnDjtZdrRPOt7OVwR9HgeHunU.crl (hash: 31wZPm7LuAqrFmD73MDpiEip9i2PdUkmF1Y940dXtPY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:a2:d4:2a:d3:0d:25:7d:43:b2:7e:6f:33:b9:a5:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b215270e3b5976b44f3adece57047d1e0787ba75
        Validity
            Not Before: Mar  2 13:00:32 2026 GMT
            Not After : Mar  3 13:00:32 2026 GMT
        Subject: CN=3a36ffbb06b4bc03158684e93b81735d630add2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:cd:ca:2b:86:a8:1c:3e:b1:33:7c:a0:29:6d:
                    16:49:72:fa:50:2d:4f:90:16:26:04:ac:f3:26:9d:
                    c0:e9:74:68:46:c9:81:67:3b:f7:15:38:9e:7d:f6:
                    31:cc:bd:c0:e9:c3:f3:ec:e7:a7:e4:00:e4:d1:76:
                    84:9a:d9:b0:e8:b9:62:1b:87:78:0c:d3:ff:85:36:
                    7b:64:ae:8e:99:68:e5:3a:bf:13:23:60:80:c6:49:
                    1b:52:f7:77:87:d0:6f:48:82:a8:af:0f:f1:7c:71:
                    ba:e7:8b:a6:2a:7e:bc:d0:7f:56:65:d4:a3:8e:e7:
                    2a:0d:92:07:c0:9e:08:ac:1a:85:3a:4f:45:7b:92:
                    54:08:73:a1:1c:d2:bd:31:b7:57:99:9b:a5:96:e5:
                    cc:52:e2:9a:3e:7f:28:bc:cd:3c:95:64:f5:1c:5c:
                    6c:23:10:f4:9e:2a:b2:e4:8e:97:5e:28:9e:20:a2:
                    b4:6c:60:4b:1e:57:08:6f:fe:a7:0f:0a:1c:ab:4c:
                    a5:ba:c6:f6:c6:2d:d5:f6:e3:95:44:b0:90:04:5b:
                    34:b8:e4:90:fa:cd:8c:83:d9:de:72:32:48:14:8f:
                    d0:af:df:d0:52:a0:0e:f6:98:52:76:aa:1f:3c:d3:
                    b0:9d:92:d7:ad:98:d7:33:ad:21:33:39:49:ee:3e:
                    97:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:36:FF:BB:06:B4:BC:03:15:86:84:E9:3B:81:73:5D:63:0A:DD:2C
            X509v3 Authority Key Identifier:
                keyid:B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:00:bf:2c:49:d4:28:50:a1:42:89:25:27:cc:da:80:62:31:
         ee:4b:0c:78:06:61:47:3d:c0:46:5e:15:c5:a0:9b:3a:cc:a9:
         0a:8b:fa:cb:2f:bc:45:79:f6:58:97:19:69:97:aa:3a:9e:99:
         83:f0:45:69:43:7d:5d:e1:81:50:28:98:d4:78:ed:87:a1:b1:
         8b:38:3d:fd:22:ea:0b:3b:01:05:30:1b:e6:2b:32:bc:d8:99:
         cb:4c:36:29:14:7e:a2:ce:a9:0c:f1:2c:86:d7:da:cf:07:14:
         2c:44:b9:59:ec:fb:d9:48:bb:5e:68:49:22:53:f2:fa:4b:9e:
         8c:85:71:7d:53:b8:79:db:cc:3a:87:33:8e:75:3f:e6:78:ee:
         5f:01:b9:45:4e:c7:90:98:1f:09:4d:08:fb:bb:17:2c:62:aa:
         e0:64:03:87:ed:46:c8:5e:5d:25:17:31:db:11:6e:ed:c8:a9:
         c4:8b:12:4a:cd:73:dd:4f:20:5b:a5:d7:46:ef:41:77:25:81:
         e0:36:a5:af:b0:c5:87:e1:b1:ca:fe:e0:22:81:88:e1:8c:a7:
         fb:d2:03:68:8c:66:37:37:25:b3:8d:e8:ea:01:15:64:4d:36:
         ce:bc:5b:9f:81:e2:43:19:9c:9d:22:58:61:27:a6:52:6b:4d:
         c3:96:88:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuotQq0w0lfUOyfm8zuaUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTUyNzBlM2I1OTc2YjQ0ZjNhZGVjZTU3MDQ3ZDFlMDc4
N2JhNzUwHhcNMjYwMzAyMTMwMDMyWhcNMjYwMzAzMTMwMDMyWjAzMTEwLwYDVQQD
EygzYTM2ZmZiYjA2YjRiYzAzMTU4Njg0ZTkzYjgxNzM1ZDYzMGFkZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7M3KK4aoHD6xM3ygKW0WSXL6UC1P
kBYmBKzzJp3A6XRoRsmBZzv3FTieffYxzL3A6cPz7Oen5ADk0XaEmtmw6LliG4d4
DNP/hTZ7ZK6OmWjlOr8TI2CAxkkbUvd3h9BvSIKorw/xfHG654umKn680H9WZdSj
jucqDZIHwJ4IrBqFOk9Fe5JUCHOhHNK9MbdXmZulluXMUuKaPn8ovM08lWT1HFxs
IxD0niqy5I6XXiieIKK0bGBLHlcIb/6nDwocq0ylusb2xi3V9uOVRLCQBFs0uOSQ
+s2Mg9necjJIFI/Qr9/QUqAO9phSdqofPNOwnZLXrZjXM60hMzlJ7j6XrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDo2/7sGtLwDFYaE6TuBc11jCt0sMB8GA1UdIwQY
MBaAFLIVJw47WXa0TzrezlcEfR4Hh7p1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQt
MjRiOWU4MjExODg1LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQtMjRiOWU4MjExODg1
LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJwC/LEnU
KFChQoklJ8zagGIx7ksMeAZhRz3ARl4VxaCbOsypCov6yy+8RXn2WJcZaZeqOp6Z
g/BFaUN9XeGBUCiY1Hjth6Gxizg9/SLqCzsBBTAb5isyvNiZy0w2KRR+os6pDPEs
htfazwcULES5Wez72Ui7XmhJIlPy+kuejIVxfVO4edvMOoczjnU/5njuXwG5RU7H
kJgfCU0I+7sXLGKq4GQDh+1GyF5dJRcx2xFu7cipxIsSSs1z3U8gW6XXRu9BdyWB
4Dalr7DFh+Gxyv7gIoGI4Yyn+9IDaIxmNzcls43o6gEVZE02zrxbn4HiQxmcnSJY
YSemUmtNw5aIHQ==
-----END CERTIFICATE-----