Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
File:                     4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft (raw, json)
Hash identifier:          YbSswz/uov1SV3usT+vygx5b/y3thn/GQy/G+ozp0PI=
Subject key identifier:   24:FF:3C:00:46:6A:EA:4B:08:CF:DE:F4:D6:5F:69:A2:CA:43:A3:6D
Authority key identifier: E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4
Certificate issuer:       /CN=e0b867131100c15de890110063e638a5f02367c4
Certificate serial:       019CAC4794026B3BA0344C35B90234C4CEE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
Manifest number:          1845
Signing time:             Mon 02 Mar 2026 02:01:37 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:37 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:37 +0000
Files and hashes:         1: 4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl (hash: KAZNi9hQC2bAoijTbvQ7Psp/nHR5ox6Il6PNLNFDNjk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 02:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:94:02:6b:3b:a0:34:4c:35:b9:02:34:c4:ce:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0b867131100c15de890110063e638a5f02367c4
        Validity
            Not Before: Mar  2 02:01:37 2026 GMT
            Not After : Mar  3 02:01:37 2026 GMT
        Subject: CN=24ff3c00466aea4b08cfdef4d65f69a2ca43a36d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e9:92:df:5d:9a:c8:1d:98:3d:d3:a7:01:29:
                    df:36:3a:7b:eb:bc:48:bf:ac:5e:fd:f3:73:dc:38:
                    7b:12:c1:31:72:d3:6d:38:e0:08:4d:9a:92:ed:37:
                    dd:92:2e:1e:0c:88:32:6f:bf:63:af:85:6a:4b:4c:
                    88:7e:1d:00:a1:68:5c:e7:42:f3:04:e9:15:aa:f7:
                    5c:05:dd:5e:5b:aa:20:fa:ff:f1:26:24:2c:2f:bd:
                    ba:d4:a7:51:19:64:91:8c:a9:b1:ae:66:26:91:5d:
                    75:29:9b:a6:5f:ab:11:a1:ed:09:db:8b:f1:31:a7:
                    6d:12:a9:62:20:88:58:03:a4:15:49:e8:82:5d:9b:
                    03:d7:d4:d5:20:c3:29:21:85:2e:12:67:09:5f:e4:
                    b6:97:4d:f9:ad:05:c8:6b:6d:7b:85:ea:13:72:e5:
                    73:3b:a6:7b:c0:13:8e:31:aa:48:82:89:9f:0e:48:
                    b8:10:73:d9:3c:0b:8e:83:18:44:f9:df:d0:56:20:
                    2f:dc:c9:b5:aa:2f:e2:88:5e:a3:02:ee:ec:6d:57:
                    ac:a9:c7:36:6b:49:3f:3d:fd:36:03:32:7a:fe:92:
                    0f:c9:44:ed:71:4e:77:ae:dd:41:1f:3a:a6:ec:5d:
                    6d:6d:7c:06:1b:22:f3:cc:0d:0d:97:1c:b4:91:be:
                    fb:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:FF:3C:00:46:6A:EA:4B:08:CF:DE:F4:D6:5F:69:A2:CA:43:A3:6D
            X509v3 Authority Key Identifier:
                keyid:E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:82:f1:1b:38:e9:24:4d:1d:4c:d1:5b:61:9f:73:d7:9a:86:
         29:d2:46:9e:2e:31:bb:c7:08:86:dd:0c:34:e0:41:92:b6:3a:
         cf:a7:4c:7c:cf:9a:d7:e9:f0:77:c2:4b:a7:12:8c:d6:64:97:
         af:a0:03:23:12:f8:62:fd:64:8b:14:35:5e:d2:f7:dd:50:5f:
         e1:6a:d0:c2:dc:73:31:31:e3:2f:46:46:ca:01:3f:f2:54:43:
         0e:c9:d1:5c:77:5c:fe:84:7f:ff:f4:21:39:45:3a:81:f0:73:
         f1:9a:72:9c:28:81:50:eb:da:ed:9b:25:24:b6:7b:13:92:4e:
         46:28:f9:5c:02:e8:11:64:87:f8:cb:39:36:3e:79:4c:2c:c4:
         83:1e:6e:33:96:b4:6b:e5:29:d6:d1:6b:5a:b8:10:05:a3:14:
         2d:29:2d:70:8c:89:82:d9:ec:ee:92:9c:e6:b4:30:1c:19:d3:
         a0:1c:6d:21:eb:a3:df:c4:12:9c:35:1c:20:f8:83:26:41:22:
         e0:a6:67:36:5e:59:ff:bd:48:74:25:c0:c0:27:85:04:dc:b0:
         20:1a:3f:b2:ae:a1:63:0a:14:5d:f3:df:88:82:37:a3:8f:a7:
         13:42:14:79:cc:a5:91:dd:8f:05:aa:0c:f1:3f:33:25:7e:19:
         36:94:78:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR5QCazugNEw1uQI0xM7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjg2NzEzMTEwMGMxNWRlODkwMTEwMDYzZTYzOGE1ZjAy
MzY3YzQwHhcNMjYwMzAyMDIwMTM3WhcNMjYwMzAzMDIwMTM3WjAzMTEwLwYDVQQD
EygyNGZmM2MwMDQ2NmFlYTRiMDhjZmRlZjRkNjVmNjlhMmNhNDNhMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOmS312ayB2YPdOnASnfNjp767xI
v6xe/fNz3Dh7EsExctNtOOAITZqS7Tfdki4eDIgyb79jr4VqS0yIfh0AoWhc50Lz
BOkVqvdcBd1eW6og+v/xJiQsL7261KdRGWSRjKmxrmYmkV11KZumX6sRoe0J24vx
MadtEqliIIhYA6QVSeiCXZsD19TVIMMpIYUuEmcJX+S2l035rQXIa217heoTcuVz
O6Z7wBOOMapIgomfDki4EHPZPAuOgxhE+d/QViAv3Mm1qi/iiF6jAu7sbVesqcc2
a0k/Pf02AzJ6/pIPyUTtcU53rt1BHzqm7F1tbXwGGyLzzA0Nlxy0kb77OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCT/PABGaupLCM/e9NZfaaLKQ6NtMB8GA1UdIwQY
MBaAFOC4ZxMRAMFd6JARAGPmOKXwI2fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEt
MWUwNDQ4MTQ1MThmLzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEtMWUwNDQ4MTQ1MThm
LzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWoLxGzjp
JE0dTNFbYZ9z15qGKdJGni4xu8cIht0MNOBBkrY6z6dMfM+a1+nwd8JLpxKM1mSX
r6ADIxL4Yv1kixQ1XtL33VBf4WrQwtxzMTHjL0ZGygE/8lRDDsnRXHdc/oR///Qh
OUU6gfBz8ZpynCiBUOva7ZslJLZ7E5JORij5XALoEWSH+Ms5Nj55TCzEgx5uM5a0
a+Up1tFrWrgQBaMULSktcIyJgtns7pKc5rQwHBnToBxtIeuj38QSnDUcIPiDJkEi
4KZnNl5Z/71IdCXAwCeFBNywIBo/sq6hYwoUXfPfiII3o4+nE0IUecylkd2PBaoM
8T8zJX4ZNpR4Aw==
-----END CERTIFICATE-----