Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
File:                     o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft (raw, json)
Hash identifier:          bFz+HjWUY8Da7oZzCw60VD1BBNQNPkbex9W5ibmF/3c=
Subject key identifier:   F2:7F:0D:D9:B1:11:4C:A4:13:62:18:49:97:ED:4F:29:03:CC:96:0D
Authority key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64
Certificate issuer:       /CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
Certificate serial:       019CAD59C8D5CBE4B1EC4D86B71E4D99E90E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
Manifest number:          1844
Signing time:             Mon 02 Mar 2026 07:01:08 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:08 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:08 +0000
Files and hashes:         1: o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl (hash: bee2F0w438Dua3orcm7qY8Fqc0xl93wDvtELuXnqeAE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:c8:d5:cb:e4:b1:ec:4d:86:b7:1e:4d:99:e9:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
        Validity
            Not Before: Mar  2 07:01:08 2026 GMT
            Not After : Mar  3 07:01:08 2026 GMT
        Subject: CN=f27f0dd9b1114ca41362184997ed4f2903cc960d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:66:a7:89:a8:8c:e8:b2:a2:0e:95:0e:85:54:
                    b3:53:d4:73:c0:1f:69:4e:a5:15:fd:a3:09:fe:1c:
                    a5:c7:0e:98:4b:b8:b5:06:de:4f:0a:40:49:84:1d:
                    77:af:a1:51:28:a5:1f:2f:13:96:b0:81:9c:0f:f8:
                    79:10:c2:3e:a0:37:f2:eb:79:bd:cd:a6:12:bd:10:
                    eb:0c:cf:e0:1a:af:e0:07:c4:ca:cf:a7:98:00:84:
                    55:6a:c1:a7:c9:85:99:ab:82:03:a2:71:f8:5a:59:
                    66:24:b5:7c:b5:0e:c0:4e:8a:dc:7b:8b:e6:06:90:
                    e9:1a:75:80:92:1d:02:4f:f7:99:33:af:ad:2e:2c:
                    a9:6f:df:d7:97:a0:4b:71:f2:ed:5c:eb:50:f3:e0:
                    1b:56:ed:b3:d2:b0:f5:83:34:c2:a0:50:34:d9:f7:
                    ae:06:8e:29:5c:ef:ea:43:5b:fc:5e:2c:48:9d:8e:
                    28:46:c5:8e:a0:9e:1e:a2:0c:f3:c4:48:6b:86:4d:
                    70:a1:3d:89:3a:0a:98:ca:a2:84:e1:44:52:a8:45:
                    e1:df:88:00:e6:b4:be:29:32:25:56:49:04:5c:f5:
                    84:9e:8b:a3:30:44:ca:40:96:9e:32:8d:ad:8f:80:
                    5d:64:2e:e9:55:5b:37:01:57:7e:0d:cb:17:a8:0f:
                    aa:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:7F:0D:D9:B1:11:4C:A4:13:62:18:49:97:ED:4F:29:03:CC:96:0D
            X509v3 Authority Key Identifier:
                keyid:A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:3b:80:9a:22:ad:78:38:c1:d2:b2:18:ff:61:07:d9:1a:80:
         0e:e5:bb:88:33:8d:ea:98:68:61:13:94:d4:34:ac:11:3c:ef:
         76:dc:2f:fc:d2:a2:41:5f:5c:6e:05:8d:79:6e:9a:81:1d:77:
         17:dc:a3:e8:79:60:b2:09:a1:f3:99:63:cf:fc:10:28:23:ac:
         41:49:2b:15:7f:56:3d:61:92:44:49:76:1d:93:72:d0:2f:32:
         e0:e6:c2:3f:e8:7d:f4:28:02:7d:b1:1c:c6:7a:b3:05:d9:26:
         27:dc:5a:11:18:14:ae:2c:7d:be:9f:d6:99:93:fb:12:8d:2c:
         7c:a0:71:34:50:b2:d9:a3:ef:2a:f4:11:60:1f:c4:65:8e:19:
         e6:61:a9:6b:10:8b:2f:d0:33:92:56:cd:0b:49:df:9e:7d:c1:
         d4:65:8a:98:d7:b0:7c:37:f4:f1:e4:07:b0:b1:d6:07:71:ba:
         d8:e4:d9:06:22:f7:b5:c9:2d:33:a1:80:2c:66:63:0f:b4:d3:
         6b:fc:69:d3:01:b1:96:86:bc:68:1c:28:fe:29:ff:d7:4d:0a:
         06:12:73:25:8e:99:62:6b:c5:a4:d9:6b:16:b5:d3:a1:52:ad:
         6c:ed:ac:a0:8b:fc:c5:78:67:ac:ab:1d:06:22:4f:9f:10:ba:
         b6:d3:5c:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWcjVy+Sx7E2Gtx5NmekOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYThjYWY2MjE3Y2ViMTBkZDhjMTQ2Zjk2YjlkNzczZWRk
ODg4NjQwHhcNMjYwMzAyMDcwMTA4WhcNMjYwMzAzMDcwMTA4WjAzMTEwLwYDVQQD
EyhmMjdmMGRkOWIxMTE0Y2E0MTM2MjE4NDk5N2VkNGYyOTAzY2M5NjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2aniaiM6LKiDpUOhVSzU9RzwB9p
TqUV/aMJ/hylxw6YS7i1Bt5PCkBJhB13r6FRKKUfLxOWsIGcD/h5EMI+oDfy63m9
zaYSvRDrDM/gGq/gB8TKz6eYAIRVasGnyYWZq4IDonH4WllmJLV8tQ7ATorce4vm
BpDpGnWAkh0CT/eZM6+tLiypb9/Xl6BLcfLtXOtQ8+AbVu2z0rD1gzTCoFA02feu
Bo4pXO/qQ1v8XixInY4oRsWOoJ4eogzzxEhrhk1woT2JOgqYyqKE4URSqEXh34gA
5rS+KTIlVkkEXPWEnoujMETKQJaeMo2tj4BdZC7pVVs3AVd+DcsXqA+qEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPJ/DdmxEUykE2IYSZftTykDzJYNMB8GA1UdIwQY
MBaAFKOoyvYhfOsQ3YwUb5a513Pt2IhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAt
ZTVjYmEyMTM3MzA4LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAtZTVjYmEyMTM3MzA4
LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABjuAmiKt
eDjB0rIY/2EH2RqADuW7iDON6phoYROU1DSsETzvdtwv/NKiQV9cbgWNeW6agR13
F9yj6Hlgsgmh85ljz/wQKCOsQUkrFX9WPWGSREl2HZNy0C8y4ObCP+h99CgCfbEc
xnqzBdkmJ9xaERgUrix9vp/WmZP7Eo0sfKBxNFCy2aPvKvQRYB/EZY4Z5mGpaxCL
L9AzklbNC0nfnn3B1GWKmNewfDf08eQHsLHWB3G62OTZBiL3tcktM6GALGZjD7TT
a/xp0wGxloa8aBwo/in/100KBhJzJY6ZYmvFpNlrFrXToVKtbO2soIv8xXhnrKsd
BiJPnxC6ttNcEA==
-----END CERTIFICATE-----