Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          tzlRf5aLk7B6zv9jQpNeju+m88kFPvzA3b8z1eDalKQ=
Subject key identifier:   4E:95:68:1D:75:79:2E:FC:EE:BB:69:18:92:79:16:DF:30:46:38:37
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       019CAD59F709D2C8237C871F57DBC9177D68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          1845
Signing time:             Mon 02 Mar 2026 07:01:20 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:20 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:20 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: tTeas5kNZpnpWXdd+Y+H3HNtLFQo11daW0Mb5iXaENw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:f7:09:d2:c8:23:7c:87:1f:57:db:c9:17:7d:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: Mar  2 07:01:20 2026 GMT
            Not After : Mar  3 07:01:20 2026 GMT
        Subject: CN=4e95681d75792efceebb6918927916df30463837
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c6:de:23:3e:80:21:6b:23:6c:74:75:de:6a:
                    0f:91:ef:eb:62:1f:eb:49:89:30:94:08:d3:98:e8:
                    c7:81:be:0a:61:46:56:1f:a5:44:d0:c0:23:cf:12:
                    6e:f6:2e:ff:27:91:37:fd:32:7b:14:0b:91:9a:86:
                    40:04:c8:2a:5f:ea:19:61:28:ff:c9:c4:91:b3:c8:
                    00:46:88:d4:37:44:d2:fe:d4:c6:99:5a:20:e0:e5:
                    1c:5b:38:e8:1d:01:3f:d2:07:f3:d7:89:7d:9b:fe:
                    f6:f5:bd:49:4d:30:83:c2:44:29:ca:5d:cd:b8:5d:
                    8a:7d:3f:77:4b:61:55:0b:4f:b3:29:fd:51:e3:a6:
                    d0:6c:1c:b0:ed:90:2e:af:b4:73:8c:20:7d:c9:22:
                    9c:fd:cb:c7:0f:dd:7f:94:4f:69:99:c8:c7:de:45:
                    a1:38:7a:d7:b0:30:91:12:6e:78:1f:17:1c:29:ae:
                    96:26:be:22:8b:9c:a4:37:7b:5f:00:0d:0c:17:0f:
                    00:57:41:43:5c:fb:31:13:31:ef:9b:b6:7a:bd:a8:
                    68:4e:55:69:0b:e6:0d:92:4e:4c:4b:42:63:77:a3:
                    28:36:59:e5:09:8b:eb:f7:35:7b:e8:e1:d5:8e:ff:
                    43:f0:5c:80:58:88:36:e4:f0:3a:99:25:4c:39:87:
                    a6:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:95:68:1D:75:79:2E:FC:EE:BB:69:18:92:79:16:DF:30:46:38:37
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:55:ef:fc:d1:75:c3:01:e1:51:de:ff:4d:8d:c6:ab:e1:16:
         20:6c:92:c3:c7:c6:e0:a1:93:a2:27:2f:94:cd:67:4c:be:d1:
         3c:5a:22:ef:ea:ab:00:3a:10:b6:81:90:94:f5:e8:d0:12:85:
         37:91:b6:47:c8:c2:45:24:ee:ce:66:60:d1:98:a0:d1:86:fa:
         a6:cc:ed:61:00:d3:d6:ff:1e:cc:c3:10:80:98:0a:68:be:e0:
         53:51:09:e4:74:db:5d:a5:41:66:b5:52:44:c7:fd:7d:70:56:
         f0:20:05:75:93:59:dd:df:82:44:59:53:ee:b3:ae:54:81:63:
         50:8a:54:e9:1d:aa:d9:72:99:4b:25:41:68:df:52:8d:a9:7f:
         86:44:b6:43:2c:50:b0:c3:41:e0:a2:c8:e0:a9:14:50:25:5e:
         00:4b:b2:f4:23:8d:9f:03:b5:4a:d2:a1:38:87:1e:4c:3f:c0:
         7b:67:d1:c3:a1:f8:11:53:21:1e:d7:4a:ad:3e:da:c3:f4:04:
         92:85:30:8e:34:a2:39:4e:71:dc:e9:d3:e3:e8:bc:c1:36:0d:
         89:06:40:c8:45:74:95:21:ed:9c:03:32:f9:88:5c:80:14:23:
         eb:cb:0b:b3:2b:16:d8:23:95:29:a1:ca:7e:77:12:09:66:d5:
         1c:7f:17:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWfcJ0sgjfIcfV9vJF31oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjYwMzAyMDcwMTIwWhcNMjYwMzAzMDcwMTIwWjAzMTEwLwYDVQQD
Eyg0ZTk1NjgxZDc1NzkyZWZjZWViYjY5MTg5Mjc5MTZkZjMwNDYzODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMbeIz6AIWsjbHR13moPke/rYh/r
SYkwlAjTmOjHgb4KYUZWH6VE0MAjzxJu9i7/J5E3/TJ7FAuRmoZABMgqX+oZYSj/
ycSRs8gARojUN0TS/tTGmVog4OUcWzjoHQE/0gfz14l9m/729b1JTTCDwkQpyl3N
uF2KfT93S2FVC0+zKf1R46bQbByw7ZAur7RzjCB9ySKc/cvHD91/lE9pmcjH3kWh
OHrXsDCREm54HxccKa6WJr4ii5ykN3tfAA0MFw8AV0FDXPsxEzHvm7Z6vahoTlVp
C+YNkk5MS0Jjd6MoNlnlCYvr9zV76OHVjv9D8FyAWIg25PA6mSVMOYemewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6VaB11eS787rtpGJJ5Ft8wRjg3MB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk1Xv/NF1
wwHhUd7/TY3Gq+EWIGySw8fG4KGToicvlM1nTL7RPFoi7+qrADoQtoGQlPXo0BKF
N5G2R8jCRSTuzmZg0Zig0Yb6psztYQDT1v8ezMMQgJgKaL7gU1EJ5HTbXaVBZrVS
RMf9fXBW8CAFdZNZ3d+CRFlT7rOuVIFjUIpU6R2q2XKZSyVBaN9Sjal/hkS2QyxQ
sMNB4KLI4KkUUCVeAEuy9CONnwO1StKhOIceTD/Ae2fRw6H4EVMhHtdKrT7aw/QE
koUwjjSiOU5x3OnT4+i8wTYNiQZAyEV0lSHtnAMy+YhcgBQj68sLsysW2COVKaHK
fncSCWbVHH8Xkw==
-----END CERTIFICATE-----