Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft
File:                     sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft (raw, json)
Hash identifier:          w9TWPseVHoYfsuJbgpBkNNjNBt3jbxU/Cd9OZjZ6Fm4=
Subject key identifier:   FF:3D:B4:14:4A:E2:24:C3:72:68:76:93:1A:64:DC:57:9E:89:0B:B7
Authority key identifier: B0:BB:87:D2:0C:C4:20:DF:41:E0:90:C3:3B:4C:40:EF:CB:0D:D8:78
Certificate issuer:       /CN=b0bb87d20cc420df41e090c33b4c40efcb0dd878
Certificate serial:       019CAB6C1266FF60EA2689424AA148F8856A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sLuH0gzEIN9B4JDDO0xA78sN2Hg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft
Manifest number:          1844
Signing time:             Sun 01 Mar 2026 22:01:52 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:52 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:52 +0000
Files and hashes:         1: sLuH0gzEIN9B4JDDO0xA78sN2Hg.crl (hash: El3ZmjtfwklnWeq2ILcaWkyMmiOwyQQH5jQ19+l6Gv8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sLuH0gzEIN9B4JDDO0xA78sN2Hg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6c:12:66:ff:60:ea:26:89:42:4a:a1:48:f8:85:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0bb87d20cc420df41e090c33b4c40efcb0dd878
        Validity
            Not Before: Mar  1 22:01:52 2026 GMT
            Not After : Mar  2 22:01:52 2026 GMT
        Subject: CN=ff3db4144ae224c3726876931a64dc579e890bb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e4:ea:96:01:8a:08:fe:1e:b6:eb:74:f5:57:
                    ad:31:75:85:c4:74:71:bd:b0:40:8d:4f:b4:10:5d:
                    35:55:82:4d:98:a7:0b:e5:bf:de:b1:6e:49:e8:30:
                    4f:1d:f8:49:33:14:8a:a3:48:11:85:a3:54:88:33:
                    8a:fb:85:2a:61:98:e5:70:de:a8:09:75:2d:b0:a5:
                    fd:fd:15:3d:6a:9b:87:7b:89:4c:16:70:99:5d:37:
                    0c:27:6b:c3:b5:0e:3d:fe:79:a6:43:9a:ec:ed:0d:
                    8b:0f:7b:7d:a1:3b:a8:0e:e3:15:e2:b9:e3:ab:fc:
                    d5:b9:c7:79:97:c7:d5:05:5d:1c:83:75:7b:fe:d1:
                    77:ab:ce:8d:20:c9:9c:ef:46:fe:5f:30:f4:9f:97:
                    7a:f3:9f:fc:b1:f1:04:64:10:e6:31:18:5d:2f:46:
                    79:2c:aa:c8:da:26:2c:fe:3a:f0:07:02:b0:b2:92:
                    10:e7:e5:20:de:6f:eb:77:22:c0:c9:71:41:3e:f7:
                    71:f7:aa:af:e2:1b:b0:06:1b:51:71:56:3d:1d:b7:
                    ba:17:6a:0d:5d:0d:f9:11:ef:0f:67:a8:1e:15:04:
                    52:5e:eb:c3:2d:59:ca:33:55:32:2e:66:7b:f2:e6:
                    3c:e9:c2:48:06:4c:56:93:48:b6:35:7e:0d:5f:70:
                    f2:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:3D:B4:14:4A:E2:24:C3:72:68:76:93:1A:64:DC:57:9E:89:0B:B7
            X509v3 Authority Key Identifier:
                keyid:B0:BB:87:D2:0C:C4:20:DF:41:E0:90:C3:3B:4C:40:EF:CB:0D:D8:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLuH0gzEIN9B4JDDO0xA78sN2Hg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/4813f2-4c63-4aa0-9b22-37bc8e656eb1/1/sLuH0gzEIN9B4JDDO0xA78sN2Hg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:21:ed:c8:1d:5a:72:56:93:a0:23:5c:4e:b1:10:47:d4:36:
         be:1c:75:18:07:b4:f6:64:29:57:a4:df:f0:f5:c0:6b:4b:22:
         20:ea:6e:29:e7:92:26:aa:3c:1f:77:25:45:f6:d1:e1:83:87:
         52:39:15:13:28:fe:ef:13:55:67:20:d1:e4:0a:2a:7e:42:04:
         4b:ee:a7:d5:92:5e:c8:51:09:58:8f:d6:de:95:11:5b:4c:ee:
         b8:45:bc:80:14:aa:8b:6f:95:4e:9f:d0:f6:bb:ed:57:0f:40:
         0a:1f:24:d8:56:fe:41:51:20:6a:2a:5a:63:e3:ac:27:5c:4a:
         58:ff:a7:a9:2a:e6:f1:0e:9b:cc:bf:5c:a6:32:ab:b3:6b:32:
         1b:e3:1f:6c:a2:77:5f:34:b2:6e:5b:15:2f:52:b4:09:7c:ca:
         a9:7a:41:d7:ac:b0:e0:c5:87:2c:b0:5e:12:97:38:70:fa:c5:
         b6:82:96:26:3c:49:4c:ae:7b:f3:bb:c7:3a:53:59:b8:25:98:
         65:6a:cd:fb:78:ba:f9:7a:38:1d:84:5a:21:90:94:9c:58:f2:
         13:1a:a2:c2:e2:d1:d0:26:71:ee:89:13:6f:37:4a:47:91:e8:
         42:25:08:a5:e7:ce:e5:24:ff:c7:d6:69:45:de:e5:83:70:a2:
         83:d3:07:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrbBJm/2DqJolCSqFI+IVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYmI4N2QyMGNjNDIwZGY0MWUwOTBjMzNiNGM0MGVmY2Iw
ZGQ4NzgwHhcNMjYwMzAxMjIwMTUyWhcNMjYwMzAyMjIwMTUyWjAzMTEwLwYDVQQD
EyhmZjNkYjQxNDRhZTIyNGMzNzI2ODc2OTMxYTY0ZGM1NzllODkwYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuTqlgGKCP4etut09VetMXWFxHRx
vbBAjU+0EF01VYJNmKcL5b/esW5J6DBPHfhJMxSKo0gRhaNUiDOK+4UqYZjlcN6o
CXUtsKX9/RU9apuHe4lMFnCZXTcMJ2vDtQ49/nmmQ5rs7Q2LD3t9oTuoDuMV4rnj
q/zVucd5l8fVBV0cg3V7/tF3q86NIMmc70b+XzD0n5d685/8sfEEZBDmMRhdL0Z5
LKrI2iYs/jrwBwKwspIQ5+Ug3m/rdyLAyXFBPvdx96qv4huwBhtRcVY9Hbe6F2oN
XQ35Ee8PZ6geFQRSXuvDLVnKM1UyLmZ78uY86cJIBkxWk0i2NX4NX3DyNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP89tBRK4iTDcmh2kxpk3FeeiQu3MB8GA1UdIwQY
MBaAFLC7h9IMxCDfQeCQwztMQO/LDdh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0x1SDBnekVJTjlCNEpERE8weEE3OHNOMkhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80ODEzZjItNGM2My00YWEwLTliMjIt
MzdiYzhlNjU2ZWIxLzEvc0x1SDBnekVJTjlCNEpERE8weEE3OHNOMkhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80ODEzZjItNGM2My00YWEwLTliMjItMzdiYzhlNjU2ZWIx
LzEvc0x1SDBnekVJTjlCNEpERE8weEE3OHNOMkhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYiHtyB1a
claToCNcTrEQR9Q2vhx1GAe09mQpV6Tf8PXAa0siIOpuKeeSJqo8H3clRfbR4YOH
UjkVEyj+7xNVZyDR5AoqfkIES+6n1ZJeyFEJWI/W3pURW0zuuEW8gBSqi2+VTp/Q
9rvtVw9ACh8k2Fb+QVEgaipaY+OsJ1xKWP+nqSrm8Q6bzL9cpjKrs2syG+MfbKJ3
XzSyblsVL1K0CXzKqXpB16yw4MWHLLBeEpc4cPrFtoKWJjxJTK5787vHOlNZuCWY
ZWrN+3i6+Xo4HYRaIZCUnFjyExqiwuLR0CZx7okTbzdKR5HoQiUIpefO5ST/x9Zp
Rd7lg3Cig9MHog==
-----END CERTIFICATE-----