Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
File:                     jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft (raw, json)
Hash identifier:          w/DkzU3TPM/j0pBxjuHkHJAze6l6nJCVDLPdhyxZAwU=
Subject key identifier:   D9:7A:55:ED:E8:18:4E:71:3B:68:B4:5B:17:46:D1:28:7F:A7:BD:54
Authority key identifier: 8C:50:02:F6:39:E8:19:58:D0:F9:B3:58:5A:ED:76:70:7D:26:25:DE
Certificate issuer:       /CN=8c5002f639e81958d0f9b3585aed76707d2625de
Certificate serial:       019CAAC7031265270BAE8FC9D3C7D8A54718
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
Manifest number:          1841
Signing time:             Sun 01 Mar 2026 19:01:34 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:34 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:34 +0000
Files and hashes:         1: jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl (hash: gsbqlv4otPRRMzluTg17+CiLsohpMXExv/f1VmYu7jU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c7:03:12:65:27:0b:ae:8f:c9:d3:c7:d8:a5:47:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c5002f639e81958d0f9b3585aed76707d2625de
        Validity
            Not Before: Mar  1 19:01:34 2026 GMT
            Not After : Mar  2 19:01:34 2026 GMT
        Subject: CN=d97a55ede8184e713b68b45b1746d1287fa7bd54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:65:99:03:81:01:a1:1e:ae:bc:bb:61:6c:fb:
                    62:a4:ab:9d:50:08:1f:44:b7:7c:7b:8b:84:eb:8a:
                    cf:4e:20:73:78:8a:b3:e6:59:b4:f8:03:59:4a:47:
                    97:d0:67:d2:df:42:b5:bf:a8:48:3f:a2:67:5b:8f:
                    2d:74:a5:11:c2:0d:78:25:3a:40:2b:0f:fa:d8:dd:
                    83:7c:55:f1:96:95:68:33:50:0e:d0:b6:cb:33:07:
                    61:c5:11:4e:b3:56:99:fa:a0:c4:c4:21:91:08:3f:
                    86:93:ad:85:34:e9:0a:4a:01:4b:f1:fb:49:9f:d5:
                    39:e6:e4:fa:9f:5b:ef:27:4e:75:7b:0b:25:c1:cb:
                    c6:9b:52:25:e2:aa:f9:90:6f:55:85:74:53:54:15:
                    10:a3:da:5f:0e:20:c5:a6:d1:09:91:54:44:ac:20:
                    37:57:14:c3:38:aa:11:28:2c:da:78:e5:96:78:1b:
                    ff:1a:bd:1a:4e:db:09:1c:7a:69:29:82:3c:65:5b:
                    68:bf:62:40:1b:4b:32:f2:2e:cc:94:7d:9b:8e:aa:
                    84:da:cc:f0:58:74:2d:a0:32:3f:02:90:4f:32:44:
                    c9:a9:2c:9a:14:ac:a5:a8:d9:47:d1:f2:bb:34:ab:
                    1e:3f:44:6c:4b:b5:05:a5:04:1f:91:89:a0:68:30:
                    a0:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:7A:55:ED:E8:18:4E:71:3B:68:B4:5B:17:46:D1:28:7F:A7:BD:54
            X509v3 Authority Key Identifier:
                keyid:8C:50:02:F6:39:E8:19:58:D0:F9:B3:58:5A:ED:76:70:7D:26:25:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jFAC9jnoGVjQ-bNYWu12cH0mJd4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3a6128-bf03-4ca5-a766-6f06191444ac/1/jFAC9jnoGVjQ-bNYWu12cH0mJd4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:01:e4:1d:b7:b6:45:96:3d:0b:8c:b9:51:98:fa:2b:3a:25:
         e7:ed:46:fc:18:a9:94:b6:e2:e4:45:5f:de:16:a1:be:de:e3:
         12:5e:2c:3a:b9:22:6e:d9:3a:43:23:e7:78:c2:e9:d7:5d:83:
         97:c1:72:1c:26:c1:32:84:3d:f1:92:59:f4:0f:72:6e:e2:c4:
         64:c7:dc:27:37:ec:96:cb:46:ad:08:7d:12:4c:ed:91:fa:97:
         09:e5:e8:13:d7:16:52:15:3a:b6:6c:77:98:17:d5:b6:13:2a:
         ec:a9:de:57:d9:0f:ac:35:76:08:07:0d:87:68:d0:3e:92:3a:
         54:d2:d0:e2:ea:53:ab:96:ff:10:df:0e:12:e2:07:c2:0d:c2:
         43:5e:8d:97:06:9e:69:60:59:85:4a:af:57:fc:f8:5c:08:0c:
         15:18:9a:1a:0a:0c:58:91:a2:c3:73:5d:38:b0:6b:f2:c9:8a:
         3e:72:b7:2d:39:8c:d2:61:e3:5b:0a:e6:7b:12:5d:8f:9c:ba:
         54:d7:f4:a3:4c:5d:db:fa:01:da:8d:5c:68:07:83:73:43:45:
         44:07:ec:80:89:fa:55:99:47:3d:05:2a:96:b5:70:ab:ac:59:
         9d:d3:0c:12:38:49:d6:6a:08:17:a0:e1:f9:04:7d:2d:b3:e0:
         97:68:53:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxwMSZScLro/J08fYpUcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNTAwMmY2MzllODE5NThkMGY5YjM1ODVhZWQ3NjcwN2Qy
NjI1ZGUwHhcNMjYwMzAxMTkwMTM0WhcNMjYwMzAyMTkwMTM0WjAzMTEwLwYDVQQD
EyhkOTdhNTVlZGU4MTg0ZTcxM2I2OGI0NWIxNzQ2ZDEyODdmYTdiZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWWZA4EBoR6uvLthbPtipKudUAgf
RLd8e4uE64rPTiBzeIqz5lm0+ANZSkeX0GfS30K1v6hIP6JnW48tdKURwg14JTpA
Kw/62N2DfFXxlpVoM1AO0LbLMwdhxRFOs1aZ+qDExCGRCD+Gk62FNOkKSgFL8ftJ
n9U55uT6n1vvJ051ewslwcvGm1Il4qr5kG9VhXRTVBUQo9pfDiDFptEJkVRErCA3
VxTDOKoRKCzaeOWWeBv/Gr0aTtsJHHppKYI8ZVtov2JAG0sy8i7MlH2bjqqE2szw
WHQtoDI/ApBPMkTJqSyaFKylqNlH0fK7NKseP0RsS7UFpQQfkYmgaDCgcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNl6Ve3oGE5xO2i0WxdG0Sh/p71UMB8GA1UdIwQY
MBaAFIxQAvY56BlY0PmzWFrtdnB9JiXeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zYTYxMjgtYmYwMy00Y2E1LWE3NjYt
NmYwNjE5MTQ0NGFjLzEvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zYTYxMjgtYmYwMy00Y2E1LWE3NjYtNmYwNjE5MTQ0NGFj
LzEvakZBQzlqbm9HVmpRLWJOWVd1MTJjSDBtSmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWgHkHbe2
RZY9C4y5UZj6Kzol5+1G/BiplLbi5EVf3hahvt7jEl4sOrkibtk6QyPneMLp112D
l8FyHCbBMoQ98ZJZ9A9ybuLEZMfcJzfslstGrQh9EkztkfqXCeXoE9cWUhU6tmx3
mBfVthMq7KneV9kPrDV2CAcNh2jQPpI6VNLQ4upTq5b/EN8OEuIHwg3CQ16Nlwae
aWBZhUqvV/z4XAgMFRiaGgoMWJGiw3NdOLBr8smKPnK3LTmM0mHjWwrmexJdj5y6
VNf0o0xd2/oB2o1caAeDc0NFRAfsgIn6VZlHPQUqlrVwq6xZndMMEjhJ1moIF6Dh
+QR9LbPgl2hTCg==
-----END CERTIFICATE-----