Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
File:                     GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft (raw, json)
Hash identifier:          oI3O9ZW6oGHISJ5QPaESyy752Nt/RXak8JnDkQNpDdA=
Subject key identifier:   FF:4E:4E:DE:D4:36:3A:BE:E0:50:E4:4B:B6:91:CE:02:04:9A:A9:A4
Authority key identifier: 18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48
Certificate issuer:       /CN=1877b19d4847fc3f495af936c5b1a1928c912748
Certificate serial:       019CABD9B621E0988C3BCB91E68100CB7A58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 00:01:37 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:37 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:37 +0000
Files and hashes:         1: GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl (hash: sBi/81/1fPGIIFtUfSZurvWhaXrrR8odVx8T7SJL7RE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:b6:21:e0:98:8c:3b:cb:91:e6:81:00:cb:7a:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1877b19d4847fc3f495af936c5b1a1928c912748
        Validity
            Not Before: Mar  2 00:01:37 2026 GMT
            Not After : Mar  3 00:01:37 2026 GMT
        Subject: CN=ff4e4eded4363abee050e44bb691ce02049aa9a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:ef:eb:0f:b8:24:14:fd:00:82:cb:f5:53:58:
                    3e:96:08:aa:60:fc:ee:a6:22:21:56:a0:a0:d9:1e:
                    c9:60:87:8b:43:f6:44:fd:2e:e2:ff:76:19:5c:3e:
                    f2:46:ab:0f:3e:04:60:e4:60:1c:41:6c:b0:59:0e:
                    2c:ec:59:d1:21:9d:ab:12:0e:d1:26:2a:86:31:64:
                    4e:07:98:d8:da:3b:73:3f:1c:da:87:72:65:21:89:
                    1b:1c:4f:91:e9:93:79:8b:a1:0d:1f:ae:c2:53:4b:
                    45:ea:76:b9:b1:29:83:a5:59:a8:dd:10:79:bb:17:
                    0d:34:ae:83:94:19:d6:f3:0d:3f:86:50:1a:18:02:
                    55:a2:de:6f:e5:06:8a:96:6e:e4:14:6e:67:42:75:
                    d0:96:ee:70:34:f4:fa:a9:1d:4a:d3:df:f7:5a:da:
                    ca:94:d3:5e:66:b2:4f:ce:de:4c:90:08:aa:53:be:
                    ea:47:0c:ce:7b:20:59:37:14:28:0a:6a:59:a4:79:
                    ed:9b:c5:07:d5:27:e5:fc:47:3f:6b:79:40:de:7e:
                    f2:0e:f0:84:28:c0:cf:c2:31:3c:7c:69:91:6f:c0:
                    51:18:52:2d:a3:70:9e:4f:a7:85:aa:2c:d4:86:c4:
                    b7:19:9a:e0:15:42:3e:3c:0b:66:96:fe:66:9b:50:
                    d8:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:4E:4E:DE:D4:36:3A:BE:E0:50:E4:4B:B6:91:CE:02:04:9A:A9:A4
            X509v3 Authority Key Identifier:
                keyid:18:77:B1:9D:48:47:FC:3F:49:5A:F9:36:C5:B1:A1:92:8C:91:27:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GHexnUhH_D9JWvk2xbGhkoyRJ0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c122a7-5712-4bbd-b638-ac9a93171aa5/1/GHexnUhH_D9JWvk2xbGhkoyRJ0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:e2:56:52:6f:93:88:83:15:30:59:f0:54:73:9a:c8:24:0d:
         e0:47:d4:c4:a0:4b:bc:6f:d3:39:db:54:d2:c8:15:32:2e:c5:
         8a:95:2a:91:7a:61:5c:22:d3:ad:e3:74:ff:19:60:46:90:32:
         e8:1b:d6:18:51:c5:49:17:02:4d:02:de:e4:6d:66:ed:a5:65:
         52:1a:8d:c2:1d:d7:85:cd:c4:77:cd:42:44:33:df:d5:61:4f:
         31:c8:b0:00:dd:c0:7d:35:46:5b:dc:38:04:ba:a1:1e:da:cc:
         92:9b:1d:3c:02:57:5e:e0:c2:dc:37:d3:02:fd:6b:1a:93:17:
         1b:4d:04:84:3a:44:44:4b:05:ed:ca:0f:be:c2:80:56:c0:19:
         0d:70:52:34:b7:2c:73:ab:16:ab:85:3b:3c:f3:13:e9:f8:b9:
         c1:fb:9d:5c:e1:4d:e0:f7:97:8a:6c:4d:0a:c6:cd:50:b4:aa:
         31:a2:9f:68:fa:fe:12:9f:26:b1:c7:08:cf:aa:51:a3:45:13:
         d6:bb:48:01:45:57:91:f6:a6:52:03:89:00:1d:40:c4:26:47:
         83:77:ea:09:c1:6c:b4:8f:1f:86:ce:fc:9d:a7:e6:2a:f2:c2:
         37:c0:87:2f:29:09:ff:bc:a0:4c:fe:90:2a:a5:82:e0:e7:82:
         9e:05:fa:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2bYh4JiMO8uR5oEAy3pYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NzdiMTlkNDg0N2ZjM2Y0OTVhZjkzNmM1YjFhMTkyOGM5
MTI3NDgwHhcNMjYwMzAyMDAwMTM3WhcNMjYwMzAzMDAwMTM3WjAzMTEwLwYDVQQD
EyhmZjRlNGVkZWQ0MzYzYWJlZTA1MGU0NGJiNjkxY2UwMjA0OWFhOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAku/rD7gkFP0Agsv1U1g+lgiqYPzu
piIhVqCg2R7JYIeLQ/ZE/S7i/3YZXD7yRqsPPgRg5GAcQWywWQ4s7FnRIZ2rEg7R
JiqGMWROB5jY2jtzPxzah3JlIYkbHE+R6ZN5i6ENH67CU0tF6na5sSmDpVmo3RB5
uxcNNK6DlBnW8w0/hlAaGAJVot5v5QaKlm7kFG5nQnXQlu5wNPT6qR1K09/3WtrK
lNNeZrJPzt5MkAiqU77qRwzOeyBZNxQoCmpZpHntm8UH1Sfl/Ec/a3lA3n7yDvCE
KMDPwjE8fGmRb8BRGFIto3CeT6eFqizUhsS3GZrgFUI+PAtmlv5mm1DYnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9OTt7UNjq+4FDkS7aRzgIEmqmkMB8GA1UdIwQY
MBaAFBh3sZ1IR/w/SVr5NsWxoZKMkSdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2Mzgt
YWM5YTkzMTcxYWE1LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jMTIyYTctNTcxMi00YmJkLWI2MzgtYWM5YTkzMTcxYWE1
LzEvR0hleG5VaEhfRDlKV3ZrMnhiR2hrb3lSSjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABuJWUm+T
iIMVMFnwVHOayCQN4EfUxKBLvG/TOdtU0sgVMi7FipUqkXphXCLTreN0/xlgRpAy
6BvWGFHFSRcCTQLe5G1m7aVlUhqNwh3Xhc3Ed81CRDPf1WFPMciwAN3AfTVGW9w4
BLqhHtrMkpsdPAJXXuDC3DfTAv1rGpMXG00EhDpEREsF7coPvsKAVsAZDXBSNLcs
c6sWq4U7PPMT6fi5wfudXOFN4PeXimxNCsbNULSqMaKfaPr+Ep8msccIz6pRo0UT
1rtIAUVXkfamUgOJAB1AxCZHg3fqCcFstI8fhs78nafmKvLCN8CHLykJ/7ygTP6Q
KqWC4OeCngX6zg==
-----END CERTIFICATE-----