Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.mft
File:                     1m3elQ2lbxIDMn5Q4rOVxAIlF5g.mft (raw, json)
Hash identifier:          YxTlfwZASC50b95uMjA95TCPMjbVtnASbxkG8pqD5kY=
Subject key identifier:   F0:44:36:DA:A8:43:40:7B:D7:56:5D:D1:D0:5B:2A:7A:75:D5:29:F6
Authority key identifier: D6:6D:DE:95:0D:A5:6F:12:03:32:7E:50:E2:B3:95:C4:02:25:17:98
Certificate issuer:       /CN=d66dde950da56f1203327e50e2b395c402251798
Certificate serial:       019CAB6B958BB08B3CC6D1D3BB20B10AFD6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:01:20 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:20 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:20 +0000
Files and hashes:         1: 1m3elQ2lbxIDMn5Q4rOVxAIlF5g.crl (hash: O/vt7gHcs8Wt1sr4loaqMHuhfHHy/0hxbx1cYV+MKE4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:95:8b:b0:8b:3c:c6:d1:d3:bb:20:b1:0a:fd:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d66dde950da56f1203327e50e2b395c402251798
        Validity
            Not Before: Mar  1 22:01:20 2026 GMT
            Not After : Mar  2 22:01:20 2026 GMT
        Subject: CN=f04436daa843407bd7565dd1d05b2a7a75d529f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:24:7d:9c:fc:e5:36:97:5b:d4:f3:bd:1a:81:
                    19:59:14:5e:68:7a:f9:84:68:64:ea:73:5f:a0:bb:
                    dc:9e:9a:ae:2b:28:8d:c8:19:bb:f1:41:fe:ef:aa:
                    d0:60:6e:ac:46:0c:1e:2f:b5:01:76:80:1f:2a:5a:
                    f9:2d:99:2a:18:4b:f0:57:ca:03:6f:b0:56:b1:59:
                    eb:83:b4:c1:40:d8:d2:75:bb:d7:d3:02:1c:06:a6:
                    59:fd:8a:14:d9:4a:6e:a5:41:87:62:ca:f5:90:77:
                    14:e7:de:95:cf:3b:38:4b:8f:5b:2f:52:29:b7:ad:
                    7c:f2:d0:89:ed:09:2b:2f:ef:2d:42:91:04:54:db:
                    ea:e1:2d:85:b7:22:e1:2f:8e:b2:f8:8e:4d:5e:a9:
                    7a:f8:a2:d2:30:78:70:e5:93:6a:8e:0c:0a:5c:3f:
                    d5:3a:d0:d9:ab:8a:b5:a7:6b:ed:cc:44:da:1d:50:
                    ec:30:e6:36:6b:f3:1e:1b:f1:20:69:3f:1d:d9:73:
                    a1:5c:9b:03:42:2b:65:21:07:d1:95:7e:86:3c:35:
                    f8:99:3c:9f:c8:0b:be:a6:ed:c0:2b:d1:ee:aa:88:
                    cd:ec:f2:b0:e7:97:6a:60:1a:73:3c:28:01:a0:6c:
                    24:c4:06:e4:9d:35:2d:f3:e8:a4:b3:51:22:cc:ab:
                    c3:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:44:36:DA:A8:43:40:7B:D7:56:5D:D1:D0:5B:2A:7A:75:D5:29:F6
            X509v3 Authority Key Identifier:
                keyid:D6:6D:DE:95:0D:A5:6F:12:03:32:7E:50:E2:B3:95:C4:02:25:17:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/753aa9-a4b0-4f47-8b00-89752e4bf5d3/1/1m3elQ2lbxIDMn5Q4rOVxAIlF5g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:25:9d:02:21:e6:a2:b7:47:10:5f:21:ae:c5:c8:f4:3c:c6:
         d9:bf:1e:cd:6e:cc:22:b6:24:ee:be:9c:87:63:dd:85:25:4a:
         e6:5d:00:bb:32:02:80:6b:ce:d2:c4:42:b6:f9:86:5e:7f:b1:
         9f:46:d6:7b:20:a7:c5:51:a0:fa:65:31:40:e4:9e:74:e1:fc:
         7d:1b:77:20:fd:b2:dd:d6:38:09:b1:02:32:33:05:72:68:69:
         da:b9:eb:ed:23:a3:e7:27:30:fd:07:b2:40:9e:0b:46:6f:ba:
         f1:69:0f:ce:7f:b6:d1:13:c5:69:f0:f6:ce:2e:4c:f7:6b:bc:
         07:67:71:12:90:0d:e5:11:85:80:7e:27:7c:56:2c:b3:8d:c9:
         4d:6a:81:a1:ab:43:8b:06:2c:41:4d:09:2c:8b:35:e2:0e:a9:
         77:6a:29:b0:55:06:35:18:6f:b7:18:ec:49:90:4b:c4:f4:b6:
         e7:c6:67:7b:27:b3:2a:79:6b:ad:1c:53:1d:54:2f:78:de:de:
         d9:91:77:75:2d:34:a9:0d:0a:df:8d:98:f4:0e:d8:0a:24:71:
         96:a0:a8:81:67:ae:f5:7f:a7:bc:30:12:f6:e6:4b:29:be:b4:
         47:22:db:29:23:3b:e9:71:c5:59:30:ea:68:87:45:f7:ab:27:
         8f:93:89:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5WLsIs8xtHTuyCxCv1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NmRkZTk1MGRhNTZmMTIwMzMyN2U1MGUyYjM5NWM0MDIy
NTE3OTgwHhcNMjYwMzAxMjIwMTIwWhcNMjYwMzAyMjIwMTIwWjAzMTEwLwYDVQQD
EyhmMDQ0MzZkYWE4NDM0MDdiZDc1NjVkZDFkMDViMmE3YTc1ZDUyOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCR9nPzlNpdb1PO9GoEZWRReaHr5
hGhk6nNfoLvcnpquKyiNyBm78UH+76rQYG6sRgweL7UBdoAfKlr5LZkqGEvwV8oD
b7BWsVnrg7TBQNjSdbvX0wIcBqZZ/YoU2UpupUGHYsr1kHcU596Vzzs4S49bL1Ip
t6188tCJ7QkrL+8tQpEEVNvq4S2FtyLhL46y+I5NXql6+KLSMHhw5ZNqjgwKXD/V
OtDZq4q1p2vtzETaHVDsMOY2a/MeG/EgaT8d2XOhXJsDQitlIQfRlX6GPDX4mTyf
yAu+pu3AK9HuqojN7PKw55dqYBpzPCgBoGwkxAbknTUt8+iks1EizKvDGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPBENtqoQ0B711Zd0dBbKnp11Sn2MB8GA1UdIwQY
MBaAFNZt3pUNpW8SAzJ+UOKzlcQCJReYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW0zZWxRMmxieElETW41UTRyT1Z4QUlsRjVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83NTNhYTktYTRiMC00ZjQ3LThiMDAt
ODk3NTJlNGJmNWQzLzEvMW0zZWxRMmxieElETW41UTRyT1Z4QUlsRjVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83NTNhYTktYTRiMC00ZjQ3LThiMDAtODk3NTJlNGJmNWQz
LzEvMW0zZWxRMmxieElETW41UTRyT1Z4QUlsRjVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAECWdAiHm
ordHEF8hrsXI9DzG2b8ezW7MIrYk7r6ch2PdhSVK5l0AuzICgGvO0sRCtvmGXn+x
n0bWeyCnxVGg+mUxQOSedOH8fRt3IP2y3dY4CbECMjMFcmhp2rnr7SOj5ycw/Qey
QJ4LRm+68WkPzn+20RPFafD2zi5M92u8B2dxEpAN5RGFgH4nfFYss43JTWqBoatD
iwYsQU0JLIs14g6pd2opsFUGNRhvtxjsSZBLxPS258ZneyezKnlrrRxTHVQveN7e
2ZF3dS00qQ0K342Y9A7YCiRxlqCogWeu9X+nvDAS9uZLKb60RyLbKSM76XHFWTDq
aIdF96snj5OJuw==
-----END CERTIFICATE-----