Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
File:                     xwy87PJahmXDWnjIIdEes6ZCNiE.mft (raw, json)
Hash identifier:          KUvVNQ7yjHWfe1p1q6ECAAeo8JKLLoJt7tUvQQWFA4A=
Subject key identifier:   DD:CB:D0:6D:A3:8C:CA:85:5A:D9:B6:FE:D2:13:43:91:EE:7A:BF:CC
Authority key identifier: C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21
Certificate issuer:       /CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
Certificate serial:       019CACB465238E59E3C1ED28C30DFF5479E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
Manifest number:          1844
Signing time:             Mon 02 Mar 2026 04:00:29 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:29 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:29 +0000
Files and hashes:         1: xwy87PJahmXDWnjIIdEes6ZCNiE.crl (hash: 51/m5bCIjn2iu/s21vy8DOqZIYS/FdG7gWsVeAZtSa8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:65:23:8e:59:e3:c1:ed:28:c3:0d:ff:54:79:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c70cbcecf25a8665c35a78c821d11eb3a6423621
        Validity
            Not Before: Mar  2 04:00:29 2026 GMT
            Not After : Mar  3 04:00:29 2026 GMT
        Subject: CN=ddcbd06da38cca855ad9b6fed2134391ee7abfcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:9e:c8:1b:a3:62:f1:ab:90:66:e8:a4:56:3f:
                    64:47:ec:da:83:0e:74:34:5f:63:b3:44:7e:4c:01:
                    d2:bc:6a:de:b2:9f:51:31:aa:74:56:c6:7d:57:0a:
                    1b:4a:2a:82:61:3d:84:44:ec:67:35:a2:6c:81:97:
                    4e:e6:76:ad:95:e7:21:71:05:cd:f1:d6:0e:39:ea:
                    fc:cb:f2:b5:a7:b0:67:c4:40:f5:3e:2a:e8:7b:0d:
                    a4:e0:0f:72:a9:0c:17:c3:34:26:36:85:46:d6:11:
                    c3:84:10:00:9e:34:56:d2:92:5b:18:b7:c7:81:aa:
                    d4:4b:06:38:05:fa:99:35:9e:32:bf:61:b0:c1:e1:
                    14:97:cb:86:28:b6:62:e3:ee:6b:3b:8c:a4:45:23:
                    27:18:ee:6f:33:70:6d:b3:90:31:13:c5:9d:3e:e5:
                    80:26:79:83:29:b9:ed:7d:60:9d:4d:8d:0e:9a:70:
                    82:80:92:39:f2:06:29:f2:dd:7c:e0:a7:62:00:e4:
                    00:89:23:dc:c7:8c:5e:c4:f5:07:76:e0:b1:7f:c8:
                    c9:8f:b4:d3:3d:a2:f8:81:0e:2a:4c:d4:9d:61:4f:
                    b7:35:fb:6f:c9:e8:31:36:42:ea:d0:8e:59:c0:ce:
                    36:c4:01:b0:3b:63:33:24:c1:6e:89:63:08:8e:53:
                    d1:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:CB:D0:6D:A3:8C:CA:85:5A:D9:B6:FE:D2:13:43:91:EE:7A:BF:CC
            X509v3 Authority Key Identifier:
                keyid:C7:0C:BC:EC:F2:5A:86:65:C3:5A:78:C8:21:D1:1E:B3:A6:42:36:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xwy87PJahmXDWnjIIdEes6ZCNiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/68e653-18c5-449e-95d8-e697bb5764c3/1/xwy87PJahmXDWnjIIdEes6ZCNiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:0e:9c:11:56:d6:78:46:9e:d5:91:29:da:65:ee:4d:f6:16:
         df:57:49:87:45:ed:9c:9a:c8:d7:0c:af:d6:9d:66:6a:4c:10:
         a1:5e:58:96:d2:70:f5:83:2a:ce:ab:83:94:63:6d:dd:ae:bb:
         be:20:df:45:af:29:f3:c8:bd:b5:f3:aa:bb:3f:c2:a1:bd:84:
         61:73:a6:5d:b4:62:53:ec:57:75:3c:ef:a9:ce:73:0c:6e:ea:
         2d:63:59:e4:25:58:92:e2:a7:86:5e:bb:00:a3:6c:da:ea:3b:
         76:c4:ec:a3:a4:9c:2f:ec:c5:40:cf:2e:d8:10:3e:35:33:7f:
         1b:60:2e:f5:98:f9:46:6a:dc:6c:76:4b:8c:bf:d0:a7:e6:79:
         fa:d2:81:04:0b:09:ca:15:78:c8:c4:54:7f:30:2a:bf:11:ad:
         fd:f5:d3:e6:cb:73:59:53:08:bf:b5:c8:24:fc:41:60:38:ab:
         42:41:8d:0f:b3:ed:ed:ce:2d:4d:c6:99:b1:6e:9e:20:19:78:
         54:41:22:8a:e5:d7:aa:ed:e1:ce:18:e7:4f:8c:56:09:09:4c:
         90:62:49:61:3a:8e:f6:4e:cb:4d:aa:73:b2:b5:0d:b3:1e:1d:
         0b:62:62:0a:29:16:0b:16:17:f2:33:37:ad:04:b1:04:3f:de:
         07:91:1d:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystGUjjlnjwe0oww3/VHnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MGNiY2VjZjI1YTg2NjVjMzVhNzhjODIxZDExZWIzYTY0
MjM2MjEwHhcNMjYwMzAyMDQwMDI5WhcNMjYwMzAzMDQwMDI5WjAzMTEwLwYDVQQD
EyhkZGNiZDA2ZGEzOGNjYTg1NWFkOWI2ZmVkMjEzNDM5MWVlN2FiZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs57IG6Ni8auQZuikVj9kR+zagw50
NF9js0R+TAHSvGresp9RMap0VsZ9VwobSiqCYT2EROxnNaJsgZdO5natlechcQXN
8dYOOer8y/K1p7BnxED1Piroew2k4A9yqQwXwzQmNoVG1hHDhBAAnjRW0pJbGLfH
garUSwY4BfqZNZ4yv2GwweEUl8uGKLZi4+5rO4ykRSMnGO5vM3Bts5AxE8WdPuWA
JnmDKbntfWCdTY0OmnCCgJI58gYp8t184KdiAOQAiSPcx4xexPUHduCxf8jJj7TT
PaL4gQ4qTNSdYU+3NftvyegxNkLq0I5ZwM42xAGwO2MzJMFuiWMIjlPReQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3L0G2jjMqFWtm2/tITQ5Huer/MMB8GA1UdIwQY
MBaAFMcMvOzyWoZlw1p4yCHRHrOmQjYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgt
ZTY5N2JiNTc2NGMzLzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82OGU2NTMtMThjNS00NDllLTk1ZDgtZTY5N2JiNTc2NGMz
LzEveHd5ODdQSmFobVhEV25qSUlkRWVzNlpDTmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACg6cEVbW
eEae1ZEp2mXuTfYW31dJh0XtnJrI1wyv1p1makwQoV5YltJw9YMqzquDlGNt3a67
viDfRa8p88i9tfOquz/Cob2EYXOmXbRiU+xXdTzvqc5zDG7qLWNZ5CVYkuKnhl67
AKNs2uo7dsTso6ScL+zFQM8u2BA+NTN/G2Au9Zj5RmrcbHZLjL/Qp+Z5+tKBBAsJ
yhV4yMRUfzAqvxGt/fXT5stzWVMIv7XIJPxBYDirQkGND7Pt7c4tTcaZsW6eIBl4
VEEiiuXXqu3hzhjnT4xWCQlMkGJJYTqO9k7LTapzsrUNsx4dC2JiCikWCxYX8jM3
rQSxBD/eB5EdvQ==
-----END CERTIFICATE-----