Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
File:                     tRm7YH6Ot267nMsgIsxkbDzOC2A.mft (raw, json)
Hash identifier:          6HY22384LGBVP48ZVprHfuPfrp5AGMYFMjdyXiPJz3s=
Subject key identifier:   2E:FB:68:BE:8B:7E:01:6F:CE:7A:8B:4E:28:64:C0:E6:39:40:8B:B8
Authority key identifier: B5:19:BB:60:7E:8E:B7:6E:BB:9C:CB:20:22:CC:64:6C:3C:CE:0B:60
Certificate issuer:       /CN=b519bb607e8eb76ebb9ccb2022cc646c3cce0b60
Certificate serial:       019CAB6B382645449F5B39E37D1D083E8D75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 22:00:56 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:56 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:56 +0000
Files and hashes:         1: tRm7YH6Ot267nMsgIsxkbDzOC2A.crl (hash: mJxq/gZSauW7MKHgUYY+Yc38iFWLds3Q+EVdtKfanRU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:38:26:45:44:9f:5b:39:e3:7d:1d:08:3e:8d:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b519bb607e8eb76ebb9ccb2022cc646c3cce0b60
        Validity
            Not Before: Mar  1 22:00:56 2026 GMT
            Not After : Mar  2 22:00:56 2026 GMT
        Subject: CN=2efb68be8b7e016fce7a8b4e2864c0e639408bb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:4d:51:50:b7:3c:bd:4c:ee:ee:b4:f7:de:d5:
                    cd:c7:97:58:dc:40:81:2a:fc:e4:86:67:6e:f8:30:
                    d8:3f:a7:58:39:8f:06:fd:f6:63:4e:1d:d4:d9:d9:
                    76:30:1b:18:8a:91:f8:e2:5e:94:00:a3:c1:bc:1e:
                    a5:ab:54:b5:90:91:fe:d9:0d:2a:67:59:9f:63:ef:
                    d3:4f:39:5f:b8:b0:92:7c:bf:ac:af:30:9f:5e:78:
                    c4:aa:0e:16:ae:a2:d8:65:10:05:78:41:f1:2a:c5:
                    8e:02:a7:cf:38:b7:e3:fa:78:a6:d8:99:7d:e8:07:
                    79:91:90:f4:f8:9c:c6:79:f2:ca:42:3d:21:d9:9f:
                    cd:e1:98:a4:b0:a1:b8:66:f9:0b:e4:55:3b:3f:68:
                    4f:e8:2b:ff:a9:ef:9d:8f:4e:2f:79:a4:59:45:d1:
                    1e:73:9d:15:4d:d8:70:45:4e:2b:3c:3e:a9:33:96:
                    5e:93:0b:cf:00:fd:4f:6b:22:85:ae:c1:f0:31:79:
                    c5:fb:2e:99:c8:ee:a2:7b:a6:4f:cd:4e:16:ff:10:
                    d8:8e:3e:d5:49:e1:d8:38:b0:12:0b:1b:13:57:13:
                    cc:6a:5c:b6:d7:ce:e4:0d:7e:06:0f:92:95:d6:a4:
                    5a:f1:d8:af:99:d2:75:fc:6d:8a:e2:dc:41:56:f4:
                    30:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:FB:68:BE:8B:7E:01:6F:CE:7A:8B:4E:28:64:C0:E6:39:40:8B:B8
            X509v3 Authority Key Identifier:
                keyid:B5:19:BB:60:7E:8E:B7:6E:BB:9C:CB:20:22:CC:64:6C:3C:CE:0B:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRm7YH6Ot267nMsgIsxkbDzOC2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4e5049-856d-4c07-8556-e18184e80258/1/tRm7YH6Ot267nMsgIsxkbDzOC2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:3e:de:21:56:99:37:3d:91:e2:e6:9b:a1:ba:20:59:b4:bf:
         50:ec:d2:eb:0e:5e:48:fe:4b:8e:a4:be:65:88:d9:44:fa:76:
         69:3b:61:7e:d3:e9:c2:7c:29:2f:e1:56:17:db:a0:b2:4d:9b:
         fe:92:db:64:fb:0a:72:cd:38:99:c4:20:23:bc:5e:9b:bd:f6:
         e4:33:f6:80:be:c9:0f:52:c6:d5:87:dd:1c:4c:0b:e8:f9:60:
         9b:43:52:15:c6:93:30:f5:b6:ef:ae:62:68:25:cf:a5:5a:f7:
         3e:7a:0e:89:e7:d2:43:d4:0f:0f:c8:e4:72:36:4b:bb:1d:ea:
         7a:f5:a0:e5:bc:0c:69:78:ca:b4:80:72:0c:e0:40:64:2f:84:
         7d:35:8c:56:1d:0a:32:8c:e5:e1:31:d9:6e:dd:33:4c:f0:50:
         f5:ff:9b:b6:25:21:94:cb:c5:96:6e:56:b0:16:3d:3e:e1:b6:
         f7:cc:ce:b0:a4:a8:d3:7c:f3:b8:27:90:00:24:8b:68:0c:ba:
         ad:0b:12:b2:75:8a:12:99:27:3c:45:e8:7f:14:97:57:c0:75:
         8c:8b:49:4a:fd:80:a5:9e:6b:67:ee:9a:02:09:61:f4:33:24:
         3c:0a:16:c9:73:61:bb:87:a7:56:cc:43:d4:b3:72:6d:c2:35:
         75:33:c3:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrazgmRUSfWznjfR0IPo11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTliYjYwN2U4ZWI3NmViYjljY2IyMDIyY2M2NDZjM2Nj
ZTBiNjAwHhcNMjYwMzAxMjIwMDU2WhcNMjYwMzAyMjIwMDU2WjAzMTEwLwYDVQQD
EygyZWZiNjhiZThiN2UwMTZmY2U3YThiNGUyODY0YzBlNjM5NDA4YmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk1RULc8vUzu7rT33tXNx5dY3ECB
Kvzkhmdu+DDYP6dYOY8G/fZjTh3U2dl2MBsYipH44l6UAKPBvB6lq1S1kJH+2Q0q
Z1mfY+/TTzlfuLCSfL+srzCfXnjEqg4WrqLYZRAFeEHxKsWOAqfPOLfj+nim2Jl9
6Ad5kZD0+JzGefLKQj0h2Z/N4ZiksKG4ZvkL5FU7P2hP6Cv/qe+dj04veaRZRdEe
c50VTdhwRU4rPD6pM5ZekwvPAP1PayKFrsHwMXnF+y6ZyO6ie6ZPzU4W/xDYjj7V
SeHYOLASCxsTVxPMaly2187kDX4GD5KV1qRa8divmdJ1/G2K4txBVvQwLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC77aL6LfgFvznqLTihkwOY5QIu4MB8GA1UdIwQY
MBaAFLUZu2B+jrduu5zLICLMZGw8zgtgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZTUwNDktODU2ZC00YzA3LTg1NTYt
ZTE4MTg0ZTgwMjU4LzEvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZTUwNDktODU2ZC00YzA3LTg1NTYtZTE4MTg0ZTgwMjU4
LzEvdFJtN1lINk90MjY3bk1zZ0lzeGtiRHpPQzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQj7eIVaZ
Nz2R4uabobogWbS/UOzS6w5eSP5LjqS+ZYjZRPp2aTthftPpwnwpL+FWF9ugsk2b
/pLbZPsKcs04mcQgI7xem7325DP2gL7JD1LG1YfdHEwL6Plgm0NSFcaTMPW2765i
aCXPpVr3PnoOiefSQ9QPD8jkcjZLux3qevWg5bwMaXjKtIByDOBAZC+EfTWMVh0K
Mozl4THZbt0zTPBQ9f+btiUhlMvFlm5WsBY9PuG298zOsKSo03zzuCeQACSLaAy6
rQsSsnWKEpknPEXofxSXV8B1jItJSv2ApZ5rZ+6aAglh9DMkPAoWyXNhu4enVsxD
1LNybcI1dTPD1w==
-----END CERTIFICATE-----