Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
File:                     bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json)
Hash identifier:          D3QL5Fb0DT9GYCEt3BKsRkt5EfvTw0H4BrYC16PCNuk=
Subject key identifier:   E4:17:5D:AB:D9:3B:12:C6:9F:B5:99:C4:27:0E:B6:EA:23:09:D2:FF
Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
Certificate issuer:       /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Certificate serial:       019CABD9D44534E1CC3DD7BC9E431D610B31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 00:01:45 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:45 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:45 +0000
Files and hashes:         1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: RWToZzeiH4SmvBwpitPVHpOoRHMgJFdKelLUsmQQs2k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:d4:45:34:e1:cc:3d:d7:bc:9e:43:1d:61:0b:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
        Validity
            Not Before: Mar  2 00:01:45 2026 GMT
            Not After : Mar  3 00:01:45 2026 GMT
        Subject: CN=e4175dabd93b12c69fb599c4270eb6ea2309d2ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:24:b5:ef:43:37:8c:84:10:8e:2e:b6:2c:20:
                    59:fa:54:98:20:5d:67:fd:b2:40:f2:68:df:ed:c7:
                    53:93:1f:85:77:13:ef:d3:09:14:81:0a:36:52:dd:
                    49:4b:f5:ac:8e:b4:9d:37:f5:81:30:32:15:f5:54:
                    fe:86:27:83:d8:14:20:dd:8a:85:07:fe:fb:51:9e:
                    cf:5e:eb:a6:b5:cc:45:e1:8a:ce:1f:32:20:9a:fb:
                    e3:e5:b6:1e:df:39:ef:d8:30:be:2b:0c:95:db:6a:
                    59:c8:1a:5d:6e:ff:ab:60:28:32:50:f3:93:e6:a7:
                    44:0d:4b:1a:04:48:95:b2:54:78:3a:65:89:29:8c:
                    e6:d8:3c:32:1a:26:bb:60:b9:0d:49:1d:d9:d1:0a:
                    a8:d8:8d:6d:17:38:c3:e2:a4:5c:d7:d6:08:9b:db:
                    59:6c:01:e5:f0:8c:77:81:3b:99:07:85:fc:bc:1b:
                    34:d5:6a:c6:22:26:9a:8a:6b:24:56:d7:29:3e:8e:
                    3a:be:63:69:98:e4:67:f7:10:b8:0a:31:d0:96:f4:
                    31:65:d5:66:16:57:a7:37:95:9d:13:d5:20:7c:25:
                    ed:2d:74:3d:2c:39:cf:24:b8:a7:83:d9:2a:7b:7d:
                    d2:7e:3a:b8:34:3f:8a:31:f6:9c:be:f2:b8:7f:7f:
                    04:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:17:5D:AB:D9:3B:12:C6:9F:B5:99:C4:27:0E:B6:EA:23:09:D2:FF
            X509v3 Authority Key Identifier:
                keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:9f:e5:ce:8e:96:78:22:d7:89:f3:0a:83:10:36:76:af:19:
         29:a4:8c:4e:31:fb:c0:01:29:0d:68:03:af:a0:9c:8b:5c:d6:
         df:65:0d:c5:08:02:b4:7f:22:c9:e3:bd:c1:9e:da:05:99:fc:
         36:19:87:d5:8e:fe:89:8d:38:61:74:ea:9d:4b:58:c1:41:e1:
         9f:60:d5:34:8e:5a:c4:7d:c9:8f:16:d0:02:a3:f2:25:97:6b:
         50:47:29:32:b0:42:d3:9b:e0:39:fd:4e:c1:b4:ab:4f:97:ab:
         4f:12:39:68:91:e9:b1:71:c0:a3:81:1e:f7:93:f3:6a:e1:90:
         f6:af:6a:ce:b1:7f:c6:1b:79:b7:93:48:82:6a:a0:b8:ac:43:
         74:29:a9:cb:e7:eb:f6:0f:fc:ca:19:e1:7e:dd:1b:ee:bb:5a:
         2f:ce:d9:ff:5b:f1:89:d0:43:0f:89:83:fe:64:98:8c:e4:d5:
         75:20:c6:cb:ea:78:fc:19:a1:5f:0e:3f:22:f7:bb:2e:8b:f9:
         af:1a:6a:ef:e0:37:b8:6b:3c:01:74:c7:d4:e4:11:c1:5e:26:
         1a:b4:7c:c8:fc:7e:34:bc:29:00:39:2a:06:55:b3:78:5f:39:
         99:55:2a:1d:93:bb:e4:52:5c:b2:11:9b:3f:34:03:73:98:73:
         bd:a8:a5:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2dRFNOHMPde8nkMdYQsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1
MGU0YmQwHhcNMjYwMzAyMDAwMTQ1WhcNMjYwMzAzMDAwMTQ1WjAzMTEwLwYDVQQD
EyhlNDE3NWRhYmQ5M2IxMmM2OWZiNTk5YzQyNzBlYjZlYTIzMDlkMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSS170M3jIQQji62LCBZ+lSYIF1n
/bJA8mjf7cdTkx+FdxPv0wkUgQo2Ut1JS/WsjrSdN/WBMDIV9VT+hieD2BQg3YqF
B/77UZ7PXuumtcxF4YrOHzIgmvvj5bYe3znv2DC+KwyV22pZyBpdbv+rYCgyUPOT
5qdEDUsaBEiVslR4OmWJKYzm2DwyGia7YLkNSR3Z0Qqo2I1tFzjD4qRc19YIm9tZ
bAHl8Ix3gTuZB4X8vBs01WrGIiaaimskVtcpPo46vmNpmORn9xC4CjHQlvQxZdVm
FlenN5WdE9UgfCXtLXQ9LDnPJLing9kqe33Sfjq4ND+KMfacvvK4f38EdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQXXavZOxLGn7WZxCcOtuojCdL/MB8GA1UdIwQY
MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct
YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4
LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoZ/lzo6W
eCLXifMKgxA2dq8ZKaSMTjH7wAEpDWgDr6Cci1zW32UNxQgCtH8iyeO9wZ7aBZn8
NhmH1Y7+iY04YXTqnUtYwUHhn2DVNI5axH3JjxbQAqPyJZdrUEcpMrBC05vgOf1O
wbSrT5erTxI5aJHpsXHAo4Ee95PzauGQ9q9qzrF/xht5t5NIgmqguKxDdCmpy+fr
9g/8yhnhft0b7rtaL87Z/1vxidBDD4mD/mSYjOTVdSDGy+p4/BmhXw4/Ive7Lov5
rxpq7+A3uGs8AXTH1OQRwV4mGrR8yPx+NLwpADkqBlWzeF85mVUqHZO75FJcshGb
PzQDc5hzvailAQ==
-----END CERTIFICATE-----