Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
File:                     aaEKEpVYyDgLwT2axFQB0h2rnfA.mft (raw, json)
Hash identifier:          3+1OfmFVsOe52OyjmfO+Y7XNmsvGvtp73eWUyX85E5k=
Subject key identifier:   1D:8B:1E:C4:09:92:53:7B:97:14:48:DA:8D:5B:25:DC:3A:41:EA:F7
Authority key identifier: 69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0
Certificate issuer:       /CN=69a10a129558c8380bc13d9ac45401d21dab9df0
Certificate serial:       019CAB6BC946D2337F8D00B596500AE70216
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:01:33 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:33 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:33 +0000
Files and hashes:         1: aaEKEpVYyDgLwT2axFQB0h2rnfA.crl (hash: ll5Zp6YeBwdkhNQqd1nEU/p2XtRmFhrN3yRMB2z5MF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:c9:46:d2:33:7f:8d:00:b5:96:50:0a:e7:02:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a10a129558c8380bc13d9ac45401d21dab9df0
        Validity
            Not Before: Mar  1 22:01:33 2026 GMT
            Not After : Mar  2 22:01:33 2026 GMT
        Subject: CN=1d8b1ec40992537b971448da8d5b25dc3a41eaf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:63:9b:25:7f:dc:d4:c8:f0:a7:89:8f:d3:6c:
                    31:47:f4:f2:99:ed:b7:0f:50:e4:98:90:f5:56:16:
                    04:e2:5c:75:3e:33:83:02:04:85:4f:77:22:3d:0f:
                    ef:27:4e:b3:d7:e2:13:2d:35:85:1a:97:e5:ca:99:
                    b1:65:c1:d5:9c:d3:f3:f4:79:10:06:42:0f:61:28:
                    31:e3:2d:cf:d2:5b:f8:c4:02:91:a9:3f:05:53:a4:
                    ff:73:cf:ca:f5:2e:f5:9b:0f:9d:ea:e2:0a:0d:90:
                    ab:a5:66:9c:c1:14:c7:b9:c3:3c:51:db:4b:3a:ce:
                    f8:1e:b3:e0:72:1c:08:77:a1:fb:b3:52:e8:04:bd:
                    db:90:0f:2c:e5:f7:dc:01:5b:2e:a4:7a:ad:5e:09:
                    be:bf:8a:3a:05:98:d3:10:c3:b2:bc:88:91:5e:b9:
                    ce:96:89:e8:1c:4f:0a:07:e3:d1:da:1a:d8:a6:0a:
                    7d:65:9e:14:a6:46:e6:18:27:d6:12:90:98:d6:5b:
                    c8:b8:d5:43:67:ee:1f:47:39:d8:26:02:59:88:33:
                    79:c5:a7:18:21:a7:d1:18:76:b3:b9:d1:c7:aa:66:
                    30:92:46:a3:83:78:ca:79:82:a2:a9:4e:d4:0e:50:
                    72:45:1b:aa:d7:0c:c2:fa:bd:e8:1c:31:48:44:c3:
                    be:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:8B:1E:C4:09:92:53:7B:97:14:48:DA:8D:5B:25:DC:3A:41:EA:F7
            X509v3 Authority Key Identifier:
                keyid:69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:97:77:65:f5:22:54:83:0b:6d:8d:b0:c1:8c:c2:d8:3f:a1:
         0b:5e:bf:c9:b3:16:5b:dc:41:27:04:8e:16:35:7a:89:dd:5c:
         cb:95:24:7d:2a:ba:cb:cd:d2:a4:78:b6:ab:77:be:2b:39:43:
         c1:79:e8:21:fb:35:19:fc:9a:bd:a9:fe:c9:80:d1:63:b3:17:
         75:85:53:1b:de:28:cb:2b:52:10:5c:53:29:06:54:7c:5f:e7:
         0f:f1:f3:24:8d:b5:0b:31:2b:88:32:f7:ce:35:95:a1:85:9c:
         50:40:69:86:d7:30:8c:ac:02:36:9f:ac:2c:89:b3:18:32:57:
         3f:a4:14:d2:8e:68:f6:b0:60:d6:4e:d0:60:6d:11:fe:58:b9:
         89:65:44:40:a0:e6:8f:f0:a5:dc:f2:dd:a7:75:29:fa:2c:1c:
         db:17:23:ba:c8:ba:42:dd:12:97:07:dc:6b:b2:59:63:f0:25:
         b9:3d:69:79:f7:13:98:f0:22:57:96:44:ab:8c:53:3d:ee:9f:
         61:e3:06:33:85:2a:01:66:ed:30:eb:08:03:92:38:4e:39:2b:
         b2:ed:02:97:43:1f:81:b9:b9:f5:3c:cb:34:ca:00:77:2c:aa:
         f6:37:8a:59:b4:56:e1:3a:24:fd:72:d7:9b:82:ab:95:90:2f:
         c6:e4:1b:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra8lG0jN/jQC1llAK5wIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTEwYTEyOTU1OGM4MzgwYmMxM2Q5YWM0NTQwMWQyMWRh
YjlkZjAwHhcNMjYwMzAxMjIwMTMzWhcNMjYwMzAyMjIwMTMzWjAzMTEwLwYDVQQD
EygxZDhiMWVjNDA5OTI1MzdiOTcxNDQ4ZGE4ZDViMjVkYzNhNDFlYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGObJX/c1Mjwp4mP02wxR/Tyme23
D1DkmJD1VhYE4lx1PjODAgSFT3ciPQ/vJ06z1+ITLTWFGpflypmxZcHVnNPz9HkQ
BkIPYSgx4y3P0lv4xAKRqT8FU6T/c8/K9S71mw+d6uIKDZCrpWacwRTHucM8UdtL
Os74HrPgchwId6H7s1LoBL3bkA8s5ffcAVsupHqtXgm+v4o6BZjTEMOyvIiRXrnO
lonoHE8KB+PR2hrYpgp9ZZ4UpkbmGCfWEpCY1lvIuNVDZ+4fRznYJgJZiDN5xacY
IafRGHazudHHqmYwkkajg3jKeYKiqU7UDlByRRuq1wzC+r3oHDFIRMO+uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB2LHsQJklN7lxRI2o1bJdw6Qer3MB8GA1UdIwQY
MBaAFGmhChKVWMg4C8E9msRUAdIdq53wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWIt
ODc3YzY1YjAxNDU2LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWItODc3YzY1YjAxNDU2
LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJpd3ZfUi
VIMLbY2wwYzC2D+hC16/ybMWW9xBJwSOFjV6id1cy5UkfSq6y83SpHi2q3e+KzlD
wXnoIfs1Gfyavan+yYDRY7MXdYVTG94oyytSEFxTKQZUfF/nD/HzJI21CzEriDL3
zjWVoYWcUEBphtcwjKwCNp+sLImzGDJXP6QU0o5o9rBg1k7QYG0R/li5iWVEQKDm
j/Cl3PLdp3Up+iwc2xcjusi6Qt0Slwfca7JZY/AluT1pefcTmPAiV5ZEq4xTPe6f
YeMGM4UqAWbtMOsIA5I4Tjkrsu0Cl0Mfgbm59TzLNMoAdyyq9jeKWbRW4Tok/XLX
m4KrlZAvxuQbqA==
-----END CERTIFICATE-----