Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
File:                     2ggpHPxyjQF2DsQngQlqxrTHSl0.mft (raw, json)
Hash identifier:          u81Tj+66N0WicujS2zzS13fZdTIqKnJewAGbWexQuLM=
Subject key identifier:   49:45:B2:D0:BE:82:45:46:2D:CB:8C:77:B3:08:DA:7C:76:1D:B0:FB
Authority key identifier: DA:08:29:1C:FC:72:8D:01:76:0E:C4:27:81:09:6A:C6:B4:C7:4A:5D
Certificate issuer:       /CN=da08291cfc728d01760ec42781096ac6b4c74a5d
Certificate serial:       019CAB6B8F1BC111416DC21AFBE769D7CB9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:01:18 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:18 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:18 +0000
Files and hashes:         1: 2ggpHPxyjQF2DsQngQlqxrTHSl0.crl (hash: jstRt7JcSkv3RjQJ55QbfBdek//fQGUszd9lFsAQ2KU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:8f:1b:c1:11:41:6d:c2:1a:fb:e7:69:d7:cb:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da08291cfc728d01760ec42781096ac6b4c74a5d
        Validity
            Not Before: Mar  1 22:01:18 2026 GMT
            Not After : Mar  2 22:01:18 2026 GMT
        Subject: CN=4945b2d0be8245462dcb8c77b308da7c761db0fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:84:94:ef:39:55:b4:54:e4:13:67:20:e4:c2:
                    7b:39:72:65:ee:66:f4:2b:17:19:33:6c:f7:78:50:
                    40:3e:a5:2f:22:2d:0b:bc:f0:de:54:98:e3:9c:9d:
                    6a:1b:f0:f1:3e:96:be:3f:16:2a:76:6a:e6:56:9b:
                    ed:b7:c9:8b:8e:92:23:2a:30:95:04:a7:f7:ad:96:
                    44:d9:f0:cc:99:fd:ad:dc:84:80:f2:64:20:90:04:
                    68:eb:c0:95:69:54:f7:f2:88:26:0f:20:fd:27:93:
                    79:7b:59:6f:00:ca:68:8f:48:f0:43:a0:58:0b:d6:
                    68:4d:d0:00:01:47:31:d0:24:b4:ab:3b:c1:2a:70:
                    b8:37:85:60:12:f7:3f:0c:13:6d:b5:ce:69:07:74:
                    60:8c:38:1d:a9:89:f6:e3:da:14:ff:3e:60:1d:46:
                    9a:c0:4c:85:59:30:b8:f3:56:1a:38:eb:cc:79:26:
                    c2:7b:be:8f:1e:d5:5a:08:ad:bd:ea:c9:9a:a7:40:
                    fe:68:44:99:2e:bd:b2:d1:7b:d5:58:0a:3c:83:79:
                    90:c1:5d:a9:b0:6d:f9:ee:af:9e:c8:21:dd:40:a6:
                    67:25:39:f6:19:00:7f:44:26:f4:ad:f5:d1:be:6d:
                    5a:e5:86:e3:35:84:78:37:61:be:af:04:ce:5a:b5:
                    6b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:45:B2:D0:BE:82:45:46:2D:CB:8C:77:B3:08:DA:7C:76:1D:B0:FB
            X509v3 Authority Key Identifier:
                keyid:DA:08:29:1C:FC:72:8D:01:76:0E:C4:27:81:09:6A:C6:B4:C7:4A:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:b4:e7:bf:78:5c:4d:22:b2:67:0d:8e:01:3b:a0:35:bc:68:
         55:23:15:89:59:ca:bf:a0:01:d3:de:c7:91:b2:1c:88:8f:69:
         b5:2c:ec:67:ba:f1:78:d2:3e:3a:bc:fe:5a:c4:8d:a6:00:51:
         65:2d:c8:05:e2:b1:d5:55:4c:3a:14:46:32:e3:5b:a5:37:87:
         c0:a6:04:c1:52:b5:01:83:2b:61:3b:a5:62:84:27:64:1e:3b:
         66:dc:13:9c:0d:3b:ab:f1:6a:0e:18:a9:59:05:21:aa:df:59:
         fc:22:c6:bc:8f:4c:1b:04:ab:ae:f7:c1:06:d8:f3:75:71:f7:
         4b:8f:27:58:f3:98:ba:35:a5:3a:ff:57:2d:5b:a0:f9:fb:c7:
         0f:cf:28:6e:1e:34:d4:aa:e4:5d:6c:09:e3:64:09:eb:6c:00:
         fb:30:44:82:be:2c:0f:b8:63:50:ae:a1:17:ac:06:2e:1a:14:
         7d:56:6f:3c:20:f2:f8:f5:0c:bf:45:2a:26:cf:54:8c:e3:5b:
         aa:87:5a:bf:4b:11:56:c5:f9:ba:70:b0:2c:67:ce:f8:0f:d5:
         ef:59:eb:91:00:38:99:df:0c:ff:ff:ca:9f:0f:55:99:bb:ae:
         fc:3b:c1:33:dd:fc:11:d3:01:c9:d5:76:1c:e7:8c:46:b4:5f:
         c6:cd:92:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra48bwRFBbcIa++dp18ucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDgyOTFjZmM3MjhkMDE3NjBlYzQyNzgxMDk2YWM2YjRj
NzRhNWQwHhcNMjYwMzAxMjIwMTE4WhcNMjYwMzAyMjIwMTE4WjAzMTEwLwYDVQQD
Eyg0OTQ1YjJkMGJlODI0NTQ2MmRjYjhjNzdiMzA4ZGE3Yzc2MWRiMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvISU7zlVtFTkE2cg5MJ7OXJl7mb0
KxcZM2z3eFBAPqUvIi0LvPDeVJjjnJ1qG/DxPpa+PxYqdmrmVpvtt8mLjpIjKjCV
BKf3rZZE2fDMmf2t3ISA8mQgkARo68CVaVT38ogmDyD9J5N5e1lvAMpoj0jwQ6BY
C9ZoTdAAAUcx0CS0qzvBKnC4N4VgEvc/DBNttc5pB3RgjDgdqYn249oU/z5gHUaa
wEyFWTC481YaOOvMeSbCe76PHtVaCK296smap0D+aESZLr2y0XvVWAo8g3mQwV2p
sG357q+eyCHdQKZnJTn2GQB/RCb0rfXRvm1a5YbjNYR4N2G+rwTOWrVrzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElFstC+gkVGLcuMd7MI2nx2HbD7MB8GA1UdIwQY
MBaAFNoIKRz8co0Bdg7EJ4EJasa0x0pdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80NGRhYzAtMTY3YS00OTkzLWI5YTgt
YjA1Y2ZmYjE4N2ZhLzEvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80NGRhYzAtMTY3YS00OTkzLWI5YTgtYjA1Y2ZmYjE4N2Zh
LzEvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaLTnv3hc
TSKyZw2OATugNbxoVSMViVnKv6AB097HkbIciI9ptSzsZ7rxeNI+Orz+WsSNpgBR
ZS3IBeKx1VVMOhRGMuNbpTeHwKYEwVK1AYMrYTulYoQnZB47ZtwTnA07q/FqDhip
WQUhqt9Z/CLGvI9MGwSrrvfBBtjzdXH3S48nWPOYujWlOv9XLVug+fvHD88obh40
1KrkXWwJ42QJ62wA+zBEgr4sD7hjUK6hF6wGLhoUfVZvPCDy+PUMv0UqJs9UjONb
qodav0sRVsX5unCwLGfO+A/V71nrkQA4md8M///Knw9Vmbuu/DvBM938EdMBydV2
HOeMRrRfxs2SwQ==
-----END CERTIFICATE-----