Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft
File:                     IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft (raw, json)
Hash identifier:          4kjOLJQ/JUwLBXI6MPF68SmTmTmo3UUT9222TC54dEs=
Subject key identifier:   6E:44:48:E5:50:FA:3D:CC:16:25:5B:F8:63:1D:D3:E6:9F:BA:5E:D0
Authority key identifier: 21:81:C5:B3:CB:7E:EB:1E:49:58:21:55:A1:91:8E:C6:12:F9:5A:C6
Certificate issuer:       /CN=2181c5b3cb7eeb1e49582155a1918ec612f95ac6
Certificate serial:       019CABD9AA30A735989F89A1798EB5DBF012
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft
Manifest number:          01D3
Signing time:             Mon 02 Mar 2026 00:01:34 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:34 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:34 +0000
Files and hashes:         1: IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl (hash: uRwlCMiK8xB64LFa7HAER70CnzpitfnpBzarIcy0ZOo=)
                          2: l8MRszfSe4qexC-9JyLTk4XoVgk.roa (hash: 9EV7cJFTRMkileOYn43dLtuQWD4NKNC4K7WAWUwzDvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:aa:30:a7:35:98:9f:89:a1:79:8e:b5:db:f0:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2181c5b3cb7eeb1e49582155a1918ec612f95ac6
        Validity
            Not Before: Mar  2 00:01:34 2026 GMT
            Not After : Mar  3 00:01:34 2026 GMT
        Subject: CN=6e4448e550fa3dcc16255bf8631dd3e69fba5ed0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:20:2d:8c:da:5d:35:15:fb:f3:58:84:c5:de:
                    d9:d0:14:70:82:c3:30:2d:eb:0f:ac:20:ca:49:34:
                    51:92:52:7e:b3:1c:fa:93:fa:83:bf:01:23:cd:fb:
                    78:01:d8:5c:07:25:6e:e8:6c:47:d9:e5:ca:06:e3:
                    65:09:30:a3:d4:2e:8e:a5:92:2e:34:75:36:63:a6:
                    25:9c:11:26:01:9c:8a:1d:ce:ce:dc:e1:1c:2c:85:
                    99:b9:ef:0c:ca:19:27:4f:fd:36:fd:aa:b7:a9:b3:
                    a7:e4:e5:2d:4e:b7:4d:84:5a:0d:ed:81:c5:90:8e:
                    7c:96:57:65:6f:07:28:33:2b:37:97:ab:eb:0e:44:
                    bc:39:8b:c4:26:37:1f:c9:05:57:22:b9:9f:b9:71:
                    dc:6a:b5:d0:35:0b:07:c3:66:c2:7b:dd:46:a7:f2:
                    75:e1:91:cd:30:e6:f1:a5:a8:f5:fe:12:66:47:8e:
                    7c:44:78:f8:ea:4e:cc:5f:23:85:ff:d8:87:3f:35:
                    91:66:1c:c7:ab:f7:46:7d:68:fe:ad:83:b5:be:17:
                    09:9b:b0:59:9a:99:19:cb:d8:8a:5b:bf:54:f0:5c:
                    df:be:1b:0d:a5:09:fd:7b:b2:dc:4b:6c:8f:b8:29:
                    8e:89:99:99:e5:fe:88:55:9a:c5:8a:9e:59:79:07:
                    57:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:44:48:E5:50:FA:3D:CC:16:25:5B:F8:63:1D:D3:E6:9F:BA:5E:D0
            X509v3 Authority Key Identifier:
                keyid:21:81:C5:B3:CB:7E:EB:1E:49:58:21:55:A1:91:8E:C6:12:F9:5A:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYHFs8t-6x5JWCFVoZGOxhL5WsY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dcd15e-eb12-4631-b220-0226d45a7532/1/IYHFs8t-6x5JWCFVoZGOxhL5WsY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d7:cd:e9:3a:bc:23:29:1e:ad:23:62:1f:b8:a6:bb:96:f8:37:
         cc:ab:95:ae:b5:6b:cb:fe:ce:b1:05:26:f8:ad:6b:5f:6a:af:
         68:b0:c6:7a:61:1d:fc:95:93:37:9d:1e:48:7c:87:ae:d5:69:
         38:1c:23:9a:d2:f4:20:c9:b8:0d:2a:95:ca:43:89:b7:0a:8d:
         77:a4:89:cf:52:ac:ce:08:7b:9b:2c:87:32:68:81:68:b7:39:
         8a:48:10:8d:de:7e:c4:ab:93:eb:cd:aa:5a:9f:26:88:65:67:
         05:46:dd:8d:16:23:5b:d6:ee:85:4a:2b:24:80:10:4a:96:13:
         e2:27:42:43:29:76:b8:48:66:6a:05:09:5d:6a:a1:88:ba:9b:
         22:8b:c8:49:ea:95:d7:1f:fa:fa:cd:fd:12:10:3d:e3:52:a9:
         cb:99:b2:e4:d2:2c:6e:bc:11:07:df:00:04:54:e8:e0:b1:a5:
         cc:58:1e:6b:65:76:55:10:03:cf:2d:15:a1:2b:b1:6e:4c:89:
         c8:fb:0d:62:e5:79:bc:97:b4:29:25:14:43:fd:51:17:43:b0:
         3d:07:18:0d:7c:b4:7a:e6:7c:8b:d8:3e:62:10:5e:36:bd:9a:
         4f:47:2f:14:7d:81:49:91:56:26:05:da:f2:fe:e2:c4:75:da:
         fa:b7:00:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2aowpzWYn4mheY612/ASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxODFjNWIzY2I3ZWViMWU0OTU4MjE1NWExOTE4ZWM2MTJm
OTVhYzYwHhcNMjYwMzAyMDAwMTM0WhcNMjYwMzAzMDAwMTM0WjAzMTEwLwYDVQQD
Eyg2ZTQ0NDhlNTUwZmEzZGNjMTYyNTViZjg2MzFkZDNlNjlmYmE1ZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyAtjNpdNRX781iExd7Z0BRwgsMw
LesPrCDKSTRRklJ+sxz6k/qDvwEjzft4AdhcByVu6GxH2eXKBuNlCTCj1C6OpZIu
NHU2Y6YlnBEmAZyKHc7O3OEcLIWZue8MyhknT/02/aq3qbOn5OUtTrdNhFoN7YHF
kI58lldlbwcoMys3l6vrDkS8OYvEJjcfyQVXIrmfuXHcarXQNQsHw2bCe91Gp/J1
4ZHNMObxpaj1/hJmR458RHj46k7MXyOF/9iHPzWRZhzHq/dGfWj+rYO1vhcJm7BZ
mpkZy9iKW79U8FzfvhsNpQn9e7LcS2yPuCmOiZmZ5f6IVZrFip5ZeQdXPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG5ESOVQ+j3MFiVb+GMd0+aful7QMB8GA1UdIwQY
MBaAFCGBxbPLfuseSVghVaGRjsYS+VrGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kY2QxNWUtZWIxMi00NjMxLWIyMjAt
MDIyNmQ0NWE3NTMyLzEvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kY2QxNWUtZWIxMi00NjMxLWIyMjAtMDIyNmQ0NWE3NTMy
LzEvSVlIRnM4dC02eDVKV0NGVm9aR094aEw1V3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA183pOrwj
KR6tI2IfuKa7lvg3zKuVrrVry/7OsQUm+K1rX2qvaLDGemEd/JWTN50eSHyHrtVp
OBwjmtL0IMm4DSqVykOJtwqNd6SJz1Kszgh7myyHMmiBaLc5ikgQjd5+xKuT682q
Wp8miGVnBUbdjRYjW9buhUorJIAQSpYT4idCQyl2uEhmagUJXWqhiLqbIovISeqV
1x/6+s39EhA941Kpy5my5NIsbrwRB98ABFTo4LGlzFgea2V2VRADzy0VoSuxbkyJ
yPsNYuV5vJe0KSUUQ/1RF0OwPQcYDXy0euZ8i9g+YhBeNr2aT0cvFH2BSZFWJgXa
8v7ixHXa+rcATQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:44:15 2026 by rpki-client