Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
File:                     H83UEOElAi3gfKWWP5L3jo-JSG4.mft (raw, json)
Hash identifier:          2Z8XYH0rmY1R3utcaUpaTtzJLe/DMvv6gCwlb1OO4xA=
Subject key identifier:   5D:6B:D9:67:81:F7:03:58:41:57:F6:44:DD:A5:24:C3:F5:2E:D0:BD
Authority key identifier: 1F:CD:D4:10:E1:25:02:2D:E0:7C:A5:96:3F:92:F7:8E:8F:89:48:6E
Certificate issuer:       /CN=1fcdd410e125022de07ca5963f92f78e8f89486e
Certificate serial:       019CABD906AB47C357B1D271FDB290CAC3A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 00:00:52 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:52 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:52 +0000
Files and hashes:         1: H83UEOElAi3gfKWWP5L3jo-JSG4.crl (hash: b6ZBSfzF7Loc0Z8w461O1H8lVtEZEyvT+Dis3kmhLcs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:06:ab:47:c3:57:b1:d2:71:fd:b2:90:ca:c3:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1fcdd410e125022de07ca5963f92f78e8f89486e
        Validity
            Not Before: Mar  2 00:00:52 2026 GMT
            Not After : Mar  3 00:00:52 2026 GMT
        Subject: CN=5d6bd96781f703584157f644dda524c3f52ed0bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:93:98:d5:84:e7:b9:eb:78:35:c5:f5:48:46:
                    55:67:df:25:0e:38:29:4b:0d:d8:0c:c3:38:45:78:
                    2f:01:be:94:9f:11:a7:2d:11:3e:50:4c:d5:df:05:
                    90:cc:83:e7:18:7d:e6:f5:56:68:01:a0:83:53:7b:
                    b2:4e:8f:4a:94:7a:27:1e:ae:5b:0d:25:49:42:d7:
                    8b:a7:cb:87:5f:35:03:c7:26:bc:e6:c7:ef:ec:e6:
                    1c:5b:ea:be:ee:df:96:c7:90:d7:fc:27:b5:4a:6c:
                    60:2b:bf:b9:a2:3b:f1:38:3b:9a:ae:7b:b6:b5:74:
                    01:63:21:15:df:a7:1e:a9:ab:69:7a:db:4a:7f:a1:
                    1b:27:1e:61:24:53:55:93:10:04:03:ab:b6:39:ef:
                    2b:0c:45:55:85:15:87:86:c6:b9:78:f2:aa:29:22:
                    d2:ce:3f:a0:87:e2:26:85:5c:24:4e:35:39:a9:0f:
                    72:5c:01:95:fe:92:4c:ae:ae:3c:f3:a1:a5:6a:5e:
                    fc:c0:59:05:4f:0d:03:91:bc:f5:9e:a0:f2:b1:6b:
                    2b:0d:bd:ff:e5:65:8b:f2:e2:f3:a2:82:c3:29:32:
                    f9:23:bb:aa:74:19:aa:0e:63:60:7b:c5:f7:33:28:
                    b5:8c:47:38:b5:54:9d:82:a3:50:38:8f:33:dd:85:
                    bc:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6B:D9:67:81:F7:03:58:41:57:F6:44:DD:A5:24:C3:F5:2E:D0:BD
            X509v3 Authority Key Identifier:
                keyid:1F:CD:D4:10:E1:25:02:2D:E0:7C:A5:96:3F:92:F7:8E:8F:89:48:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H83UEOElAi3gfKWWP5L3jo-JSG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5fa81b-1f3f-482d-9525-ab69da8f37ec/1/H83UEOElAi3gfKWWP5L3jo-JSG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:b4:3b:16:0d:90:69:73:54:82:80:3b:57:39:7c:65:4e:0e:
         c7:36:90:0b:4b:8e:02:31:b5:c0:41:aa:60:05:26:87:e6:24:
         fa:3d:f1:15:09:23:5d:bf:7b:c8:11:32:73:46:2a:b6:48:da:
         cd:e1:21:7c:d2:1f:8c:cd:53:82:c2:2a:8a:f4:38:95:d7:ea:
         a8:df:58:ed:7d:03:be:76:dd:e4:19:79:28:b2:fd:cf:06:18:
         4f:dd:34:e3:6c:9f:51:9e:f0:e4:f5:14:72:69:45:0e:44:d4:
         a3:c4:f7:8b:db:d3:05:51:8e:bf:a6:31:7a:6b:48:d5:ef:3e:
         37:99:ea:6a:7a:89:b9:c5:91:99:12:b0:a3:5f:40:a3:da:58:
         b1:c8:b7:41:ca:2c:b5:1b:49:df:1b:86:3f:e6:c4:10:f4:c9:
         4b:6b:40:ae:d4:11:a6:ab:22:eb:67:61:7c:24:ad:f6:f6:da:
         8f:17:9f:e6:fb:f0:fe:03:0d:02:d3:6e:45:4c:1c:99:ce:f3:
         8a:63:9f:04:1d:2e:c6:49:65:04:89:fa:ba:48:17:46:b0:0c:
         2b:43:7a:02:80:33:9e:88:b1:61:25:1d:f1:79:b1:c1:47:69:
         04:db:74:0d:b8:c5:93:8d:78:0f:f8:7b:46:05:52:1b:ad:fc:
         3e:af:1c:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2QarR8NXsdJx/bKQysOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmY2RkNDEwZTEyNTAyMmRlMDdjYTU5NjNmOTJmNzhlOGY4
OTQ4NmUwHhcNMjYwMzAyMDAwMDUyWhcNMjYwMzAzMDAwMDUyWjAzMTEwLwYDVQQD
Eyg1ZDZiZDk2NzgxZjcwMzU4NDE1N2Y2NDRkZGE1MjRjM2Y1MmVkMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15OY1YTnuet4NcX1SEZVZ98lDjgp
Sw3YDMM4RXgvAb6UnxGnLRE+UEzV3wWQzIPnGH3m9VZoAaCDU3uyTo9KlHonHq5b
DSVJQteLp8uHXzUDxya85sfv7OYcW+q+7t+Wx5DX/Ce1SmxgK7+5ojvxODuarnu2
tXQBYyEV36ceqatpettKf6EbJx5hJFNVkxAEA6u2Oe8rDEVVhRWHhsa5ePKqKSLS
zj+gh+ImhVwkTjU5qQ9yXAGV/pJMrq4886Glal78wFkFTw0Dkbz1nqDysWsrDb3/
5WWL8uLzooLDKTL5I7uqdBmqDmNge8X3Myi1jEc4tVSdgqNQOI8z3YW8twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1r2WeB9wNYQVf2RN2lJMP1LtC9MB8GA1UdIwQY
MBaAFB/N1BDhJQIt4Hyllj+S946PiUhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZmE4MWItMWYzZi00ODJkLTk1MjUt
YWI2OWRhOGYzN2VjLzEvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZmE4MWItMWYzZi00ODJkLTk1MjUtYWI2OWRhOGYzN2Vj
LzEvSDgzVUVPRWxBaTNnZktXV1A1TDNqby1KU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfLQ7Fg2Q
aXNUgoA7Vzl8ZU4OxzaQC0uOAjG1wEGqYAUmh+Yk+j3xFQkjXb97yBEyc0Yqtkja
zeEhfNIfjM1TgsIqivQ4ldfqqN9Y7X0Dvnbd5Bl5KLL9zwYYT90042yfUZ7w5PUU
cmlFDkTUo8T3i9vTBVGOv6YxemtI1e8+N5nqanqJucWRmRKwo19Ao9pYsci3Qcos
tRtJ3xuGP+bEEPTJS2tArtQRpqsi62dhfCSt9vbajxef5vvw/gMNAtNuRUwcmc7z
imOfBB0uxkllBIn6ukgXRrAMK0N6AoAznoixYSUd8XmxwUdpBNt0DbjFk414D/h7
RgVSG638Pq8cEg==
-----END CERTIFICATE-----