Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
File:                     iaWq49f3LuzoOWtBSSIIrdUhhDU.mft (raw, json)
Hash identifier:          asRFkrSiK1sa5O9w6jQb57+rKrD0MsZM3BlLf/VgT/w=
Subject key identifier:   DE:94:7D:4C:3E:BF:A3:9D:82:15:76:4B:F4:E0:92:E9:E1:EF:A7:2D
Authority key identifier: 89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35
Certificate issuer:       /CN=89a5aae3d7f72eece8396b41492208add5218435
Certificate serial:       019CAC4766B1082FFE1745B3A868C099FDE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
Manifest number:          1737
Signing time:             Mon 02 Mar 2026 02:01:26 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:26 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:26 +0000
Files and hashes:         1: iaWq49f3LuzoOWtBSSIIrdUhhDU.crl (hash: TKbsgfXC4iAoEaSxOuXF9sCEJ9KkA0tuogYdK0idIi4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:66:b1:08:2f:fe:17:45:b3:a8:68:c0:99:fd:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89a5aae3d7f72eece8396b41492208add5218435
        Validity
            Not Before: Mar  2 02:01:26 2026 GMT
            Not After : Mar  3 02:01:26 2026 GMT
        Subject: CN=de947d4c3ebfa39d8215764bf4e092e9e1efa72d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:c5:d9:46:ef:91:c7:b2:ff:da:37:8f:10:2d:
                    73:af:ad:47:0f:d6:0b:cc:dc:50:24:fc:96:2d:75:
                    23:2e:91:42:52:5e:d8:d9:4a:ac:08:7d:49:a7:ef:
                    ab:78:bd:8f:5e:21:c0:8b:10:75:fd:9e:46:34:73:
                    03:d1:2e:d6:5c:52:52:19:d6:87:0d:e2:d0:06:3f:
                    a9:21:e4:70:e0:1f:50:06:e8:e7:93:75:5d:24:dd:
                    59:c5:f0:91:c1:09:f7:d0:a4:59:80:3e:48:50:bf:
                    28:ef:97:e0:cb:cc:cc:4e:88:57:7e:56:17:98:fc:
                    ae:fc:bb:7b:a2:bd:5f:95:41:5e:3b:29:60:44:d2:
                    03:a5:28:90:5a:0f:83:56:9a:54:c0:d2:24:34:09:
                    c8:9e:af:5e:c5:e6:0f:83:6c:10:4b:49:39:2c:c0:
                    6d:31:9d:96:b2:f9:9a:c0:67:79:3d:52:75:94:5c:
                    71:ac:7b:1b:09:02:72:47:5d:d8:86:a7:d0:9a:98:
                    b7:0a:e9:1c:89:69:e5:8c:86:35:28:c1:63:53:92:
                    37:58:54:4f:34:16:72:e8:1d:a9:87:89:06:15:92:
                    a8:64:f2:1a:a9:ee:fa:0e:6c:63:52:ab:69:69:d9:
                    b3:b3:e8:0d:80:8d:ab:ef:0f:b2:bd:f6:90:2d:99:
                    2c:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:94:7D:4C:3E:BF:A3:9D:82:15:76:4B:F4:E0:92:E9:E1:EF:A7:2D
            X509v3 Authority Key Identifier:
                keyid:89:A5:AA:E3:D7:F7:2E:EC:E8:39:6B:41:49:22:08:AD:D5:21:84:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iaWq49f3LuzoOWtBSSIIrdUhhDU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/9145cb-02bd-47e6-b04b-0871152a1aa3/1/iaWq49f3LuzoOWtBSSIIrdUhhDU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:33:a1:6a:88:f1:46:7b:19:83:52:3e:4b:a6:b3:c1:f4:bf:
         c4:ef:a2:69:54:90:6a:dd:6a:a6:fc:ad:41:ba:7c:cb:00:d6:
         08:e2:57:61:80:61:55:24:34:ff:e6:33:d5:63:0c:d7:80:af:
         f6:4c:bd:d2:8a:79:52:2a:9c:db:66:e2:ed:11:9d:a6:20:32:
         16:53:a1:a5:8d:91:c5:7f:4c:08:bd:18:07:dc:8e:9d:73:f5:
         f6:00:67:f6:0a:1e:8a:ff:61:77:b3:03:ec:02:c7:55:9e:30:
         e8:ba:e1:1d:84:ad:0b:51:69:46:14:c7:cb:37:a8:ea:d9:16:
         66:ec:6c:3e:b6:55:7c:fd:b0:8d:5d:23:71:e9:e5:9b:59:dc:
         17:2b:33:8f:19:75:b6:67:d3:d4:6a:b1:32:b6:97:43:9f:0a:
         a2:ff:62:f6:51:da:38:9e:e0:b5:b1:84:d3:9e:18:e7:f4:b7:
         7c:97:47:48:7f:38:e1:fd:12:e6:8c:29:64:37:62:9f:5b:b7:
         9d:6b:d2:33:c2:cf:0a:a9:c6:3e:5e:25:bb:7d:7a:52:21:58:
         ac:ef:a2:33:dc:b9:e1:7e:fe:1f:1b:5c:f9:35:ec:1a:f8:e9:
         22:50:b7:7f:09:3f:60:ab:87:0a:b5:2a:b8:53:9a:90:15:bd:
         01:91:d4:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR2axCC/+F0WzqGjAmf3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTVhYWUzZDdmNzJlZWNlODM5NmI0MTQ5MjIwOGFkZDUy
MTg0MzUwHhcNMjYwMzAyMDIwMTI2WhcNMjYwMzAzMDIwMTI2WjAzMTEwLwYDVQQD
EyhkZTk0N2Q0YzNlYmZhMzlkODIxNTc2NGJmNGUwOTJlOWUxZWZhNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sXZRu+Rx7L/2jePEC1zr61HD9YL
zNxQJPyWLXUjLpFCUl7Y2UqsCH1Jp++reL2PXiHAixB1/Z5GNHMD0S7WXFJSGdaH
DeLQBj+pIeRw4B9QBujnk3VdJN1ZxfCRwQn30KRZgD5IUL8o75fgy8zMTohXflYX
mPyu/Lt7or1flUFeOylgRNIDpSiQWg+DVppUwNIkNAnInq9exeYPg2wQS0k5LMBt
MZ2WsvmawGd5PVJ1lFxxrHsbCQJyR13YhqfQmpi3CukciWnljIY1KMFjU5I3WFRP
NBZy6B2ph4kGFZKoZPIaqe76DmxjUqtpadmzs+gNgI2r7w+yvfaQLZks+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN6UfUw+v6OdghV2S/Tgkunh76ctMB8GA1UdIwQY
MBaAFImlquPX9y7s6DlrQUkiCK3VIYQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGIt
MDg3MTE1MmExYWEzLzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85MTQ1Y2ItMDJiZC00N2U2LWIwNGItMDg3MTE1MmExYWEz
LzEvaWFXcTQ5ZjNMdXpvT1d0QlNTSUlyZFVoaERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUDOhaojx
RnsZg1I+S6azwfS/xO+iaVSQat1qpvytQbp8ywDWCOJXYYBhVSQ0/+Yz1WMM14Cv
9ky90op5Uiqc22bi7RGdpiAyFlOhpY2RxX9MCL0YB9yOnXP19gBn9goeiv9hd7MD
7ALHVZ4w6LrhHYStC1FpRhTHyzeo6tkWZuxsPrZVfP2wjV0jcenlm1ncFyszjxl1
tmfT1GqxMraXQ58Kov9i9lHaOJ7gtbGE054Y5/S3fJdHSH844f0S5owpZDdin1u3
nWvSM8LPCqnGPl4lu316UiFYrO+iM9y54X7+Hxtc+TXsGvjpIlC3fwk/YKuHCrUq
uFOakBW9AZHUIg==
-----END CERTIFICATE-----