Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
File:                     OneLgrqpeIoayvLsNothmB71HfI.mft (raw, json)
Hash identifier:          Iq9CPINUo2xJzELdy3/fT6nrcvgLrF25SSapO2TGAzs=
Subject key identifier:   8B:E7:A0:A2:54:65:1F:DD:C2:00:C6:D0:F6:DE:FC:E7:47:08:34:EB
Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
Certificate issuer:       /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Certificate serial:       019CAA21F3A1FCC75AA7B5FCF3E3B9E4D23D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
Manifest number:          184B
Signing time:             Sun 01 Mar 2026 16:01:17 +0000
Manifest this update:     Sun 01 Mar 2026 16:01:17 +0000
Manifest next update:     Mon 02 Mar 2026 16:01:17 +0000
Files and hashes:         1: OneLgrqpeIoayvLsNothmB71HfI.crl (hash: CrX+Jb+awtXKZLR68QT7Wq/wRYCA/KZUo9pPokgcKKA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 16:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:f3:a1:fc:c7:5a:a7:b5:fc:f3:e3:b9:e4:d2:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
        Validity
            Not Before: Mar  1 16:01:17 2026 GMT
            Not After : Mar  2 16:01:17 2026 GMT
        Subject: CN=8be7a0a254651fddc200c6d0f6defce7470834eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:a6:72:68:a3:31:0d:15:e0:a6:f6:ce:47:11:
                    62:a5:c5:94:45:1d:a4:9c:aa:4b:42:89:0b:e7:df:
                    12:96:dc:88:3a:57:7f:3f:a8:63:d7:5f:5c:c0:ef:
                    81:6f:f8:1d:4f:6a:69:68:24:bc:36:82:7f:ff:a3:
                    d6:cd:05:00:8e:6b:a2:ef:2f:eb:3d:b4:32:bc:65:
                    26:7d:e3:5e:04:ee:cf:d8:58:09:73:e2:a1:a1:e1:
                    38:09:ab:81:d9:7e:b3:a4:e5:04:ac:01:94:7c:04:
                    6b:1e:88:e0:96:dd:38:0f:56:18:95:32:81:f8:59:
                    c5:56:8c:9a:29:16:58:30:21:2b:af:e1:12:cf:69:
                    45:f6:a1:f6:00:ce:6a:e2:1f:04:4d:e1:f1:02:07:
                    c7:06:79:b0:fa:37:5d:99:b3:fa:39:b5:c1:13:7d:
                    c0:99:0b:57:42:66:6f:03:35:e6:78:ba:35:5d:7f:
                    4b:49:17:e2:4a:50:10:fe:2a:36:21:b1:fa:37:bd:
                    ea:f1:46:31:55:3c:7f:9d:3f:c5:bb:8d:7c:c5:57:
                    b9:90:53:f1:3b:4f:2e:5d:fc:37:ba:9b:57:e6:b3:
                    3f:5e:a1:b2:98:28:5a:c3:f3:eb:4e:da:e5:96:ee:
                    e4:a5:8f:80:b8:1e:8b:01:1e:4f:b0:96:e6:b3:8e:
                    3f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:E7:A0:A2:54:65:1F:DD:C2:00:C6:D0:F6:DE:FC:E7:47:08:34:EB
            X509v3 Authority Key Identifier:
                keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:ee:a2:e3:ab:d5:d2:38:53:da:f6:bb:a9:cc:a9:55:c9:8e:
         c2:69:b8:b6:41:f9:22:52:04:d0:53:ea:83:7c:5e:a6:8f:c0:
         29:fd:50:72:87:12:dc:9f:23:52:41:d4:6e:e6:a0:32:05:83:
         67:9b:54:e9:12:d7:47:7a:b8:d8:9f:ab:3a:25:7a:8f:bf:2a:
         cd:fe:03:6a:3e:7f:48:6f:62:34:a3:ff:8e:59:4b:84:ad:af:
         cd:b3:19:a5:53:d3:8b:00:bc:6e:91:15:d8:29:6f:41:68:86:
         5c:80:45:c6:eb:ae:b1:4d:34:97:67:d4:98:ba:c0:d8:42:e5:
         b2:89:c4:4c:04:15:01:ca:40:de:1e:0e:77:0b:9f:1f:3a:a7:
         9d:f0:f0:35:f9:15:35:fa:6b:00:86:34:31:87:93:78:d3:73:
         b7:f4:3b:36:8a:cb:a1:f5:bd:1a:e0:6b:fe:58:4d:e0:83:21:
         e4:8b:69:1f:60:93:64:a1:a6:c6:d6:f2:e7:70:85:a7:7e:71:
         ab:7c:0a:2b:06:0a:1f:d3:ae:d9:4d:05:d3:15:80:03:8a:b4:
         8d:f0:58:9a:ae:06:b0:1e:39:52:97:09:2b:17:f3:41:ca:07:
         39:9c:1a:7f:d2:ac:e6:73:80:6a:7e:57:7b:32:f1:dd:72:a2:
         c3:91:b6:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIfOh/Mdap7X88+O55NI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm
NTFkZjIwHhcNMjYwMzAxMTYwMTE3WhcNMjYwMzAyMTYwMTE3WjAzMTEwLwYDVQQD
Eyg4YmU3YTBhMjU0NjUxZmRkYzIwMGM2ZDBmNmRlZmNlNzQ3MDgzNGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqZyaKMxDRXgpvbORxFipcWURR2k
nKpLQokL598SltyIOld/P6hj119cwO+Bb/gdT2ppaCS8NoJ//6PWzQUAjmui7y/r
PbQyvGUmfeNeBO7P2FgJc+KhoeE4CauB2X6zpOUErAGUfARrHojglt04D1YYlTKB
+FnFVoyaKRZYMCErr+ESz2lF9qH2AM5q4h8ETeHxAgfHBnmw+jddmbP6ObXBE33A
mQtXQmZvAzXmeLo1XX9LSRfiSlAQ/io2IbH6N73q8UYxVTx/nT/Fu418xVe5kFPx
O08uXfw3uptX5rM/XqGymChaw/PrTtrllu7kpY+AuB6LAR5PsJbms44/wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIvnoKJUZR/dwgDG0Pbe/OdHCDTrMB8GA1UdIwQY
MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct
MThkMzNiZWI3YzMxLzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx
LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB+6i46vV
0jhT2va7qcypVcmOwmm4tkH5IlIE0FPqg3xepo/AKf1QcocS3J8jUkHUbuagMgWD
Z5tU6RLXR3q42J+rOiV6j78qzf4Daj5/SG9iNKP/jllLhK2vzbMZpVPTiwC8bpEV
2ClvQWiGXIBFxuuusU00l2fUmLrA2ELlsonETAQVAcpA3h4OdwufHzqnnfDwNfkV
NfprAIY0MYeTeNNzt/Q7NorLofW9GuBr/lhN4IMh5ItpH2CTZKGmxtby53CFp35x
q3wKKwYKH9Ou2U0F0xWAA4q0jfBYmq4GsB45UpcJKxfzQcoHOZwaf9Ks5nOAan5X
ezLx3XKiw5G2Zg==
-----END CERTIFICATE-----