Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
File:                     kVijd10MXrOPIPDvmjYRBhpRlbM.mft (raw, json)
Hash identifier:          +eBZp8w0KVwBGszGwxwimWIQ8DaYwkgOIxGJcdzGF9s=
Subject key identifier:   B8:27:A3:80:3C:C2:A7:6B:FC:E0:84:16:0F:45:23:C3:9C:97:A8:51
Authority key identifier: 91:58:A3:77:5D:0C:5E:B3:8F:20:F0:EF:9A:36:11:06:1A:51:95:B3
Certificate issuer:       /CN=9158a3775d0c5eb38f20f0ef9a3611061a5195b3
Certificate serial:       019CACB4ADEA3F7B6C38ABB15CC82327BC47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
Manifest number:          1844
Signing time:             Mon 02 Mar 2026 04:00:47 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:47 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:47 +0000
Files and hashes:         1: kVijd10MXrOPIPDvmjYRBhpRlbM.crl (hash: 3385UUiyD2yAB6DzxjjJyIioQ8pz9LqCu7C0bDMvpNw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 04:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:ad:ea:3f:7b:6c:38:ab:b1:5c:c8:23:27:bc:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9158a3775d0c5eb38f20f0ef9a3611061a5195b3
        Validity
            Not Before: Mar  2 04:00:47 2026 GMT
            Not After : Mar  3 04:00:47 2026 GMT
        Subject: CN=b827a3803cc2a76bfce084160f4523c39c97a851
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:90:3f:a3:34:46:31:24:25:b6:f7:bc:6d:08:
                    3c:d5:0a:aa:6b:c9:8d:6b:68:1c:17:6d:3d:61:aa:
                    30:44:fc:bd:97:5e:9c:38:fe:40:74:b1:db:6a:c3:
                    d7:2d:04:22:d1:f9:92:5b:14:e2:af:92:db:f3:75:
                    7a:01:ce:3c:93:9d:3b:65:8a:d6:75:d5:bd:ae:42:
                    35:bb:98:ba:61:4d:22:ec:43:d8:56:51:bc:c3:52:
                    db:a6:09:57:1b:db:b6:eb:67:ea:1e:b8:e0:33:21:
                    cb:42:7d:1c:8a:b6:0c:f4:a2:79:31:02:ed:66:ff:
                    28:24:72:f1:d1:c3:56:d8:52:ef:e6:31:f0:76:cb:
                    8b:8b:e1:6a:1a:95:c3:45:47:be:34:96:04:04:a3:
                    01:38:65:82:1e:18:0f:42:c9:fb:82:02:5d:bc:43:
                    ca:40:4a:1e:6c:f0:5f:f9:1f:94:95:11:49:44:10:
                    a3:6c:91:88:aa:aa:8d:d2:6c:17:01:67:e1:f2:40:
                    c1:e4:6e:7e:bf:8e:4e:f9:dc:04:aa:da:84:31:0e:
                    3d:96:a4:b6:b3:22:06:d5:6c:55:c9:8e:9b:74:45:
                    e8:5a:10:cb:ed:d6:99:d2:0e:96:53:d1:c8:12:bb:
                    f0:9b:c2:26:8e:62:81:99:c0:fb:92:29:b5:ce:2f:
                    3f:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:27:A3:80:3C:C2:A7:6B:FC:E0:84:16:0F:45:23:C3:9C:97:A8:51
            X509v3 Authority Key Identifier:
                keyid:91:58:A3:77:5D:0C:5E:B3:8F:20:F0:EF:9A:36:11:06:1A:51:95:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:36:0f:da:f1:a2:cc:c1:cb:51:a9:1e:c8:50:28:bb:a8:68:
         09:42:2c:fc:c0:94:5c:19:a1:4f:8e:6c:3a:3c:02:dd:fc:3f:
         19:68:ac:47:3c:69:2b:f0:1d:84:50:4d:4c:0c:53:06:9b:71:
         7b:d1:12:3c:34:5b:98:b9:e5:50:f3:7c:a5:a0:9e:8d:43:f6:
         86:86:3e:4f:18:c9:48:96:e8:a0:5d:fd:b4:59:30:68:33:8c:
         b4:0b:25:31:ab:de:ce:4f:a7:d6:56:5e:48:2b:25:ee:59:de:
         2e:4c:a8:da:b0:e7:09:e5:70:cd:bd:5b:d7:19:c8:9d:59:12:
         20:0d:73:63:30:c9:c0:2a:e2:e9:7a:11:c9:f3:64:58:86:52:
         b0:ff:74:9c:3b:aa:fa:3f:1e:31:fc:fd:42:fc:e3:f1:01:e2:
         14:14:a6:18:f2:59:30:00:6f:fb:32:d2:d2:a6:7b:56:52:83:
         da:b6:17:37:a6:26:75:30:41:7b:a7:59:bc:c7:9b:0e:9e:94:
         c8:31:c6:7a:8d:6b:4e:36:73:74:73:7b:17:44:80:e3:85:dd:
         82:39:1e:44:62:d3:ad:10:1b:38:e0:a3:c6:6d:93:6f:6b:1c:
         ac:e9:7d:0d:09:8f:78:9c:2e:94:0a:a7:7b:56:65:b5:fa:48:
         89:51:ab:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystK3qP3tsOKuxXMgjJ7xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNThhMzc3NWQwYzVlYjM4ZjIwZjBlZjlhMzYxMTA2MWE1
MTk1YjMwHhcNMjYwMzAyMDQwMDQ3WhcNMjYwMzAzMDQwMDQ3WjAzMTEwLwYDVQQD
EyhiODI3YTM4MDNjYzJhNzZiZmNlMDg0MTYwZjQ1MjNjMzljOTdhODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZA/ozRGMSQltve8bQg81Qqqa8mN
a2gcF209YaowRPy9l16cOP5AdLHbasPXLQQi0fmSWxTir5Lb83V6Ac48k507ZYrW
ddW9rkI1u5i6YU0i7EPYVlG8w1LbpglXG9u262fqHrjgMyHLQn0cirYM9KJ5MQLt
Zv8oJHLx0cNW2FLv5jHwdsuLi+FqGpXDRUe+NJYEBKMBOGWCHhgPQsn7ggJdvEPK
QEoebPBf+R+UlRFJRBCjbJGIqqqN0mwXAWfh8kDB5G5+v45O+dwEqtqEMQ49lqS2
syIG1WxVyY6bdEXoWhDL7daZ0g6WU9HIErvwm8ImjmKBmcD7kim1zi8/8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgno4A8wqdr/OCEFg9FI8Ocl6hRMB8GA1UdIwQY
MBaAFJFYo3ddDF6zjyDw75o2EQYaUZWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81Yzc2NWMtODNmMy00NWQxLTg5MzAt
OGQwNGY4Nzc5NDIzLzEva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81Yzc2NWMtODNmMy00NWQxLTg5MzAtOGQwNGY4Nzc5NDIz
LzEva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJjYP2vGi
zMHLUakeyFAou6hoCUIs/MCUXBmhT45sOjwC3fw/GWisRzxpK/AdhFBNTAxTBptx
e9ESPDRbmLnlUPN8paCejUP2hoY+TxjJSJbooF39tFkwaDOMtAslMavezk+n1lZe
SCsl7lneLkyo2rDnCeVwzb1b1xnInVkSIA1zYzDJwCri6XoRyfNkWIZSsP90nDuq
+j8eMfz9Qvzj8QHiFBSmGPJZMABv+zLS0qZ7VlKD2rYXN6YmdTBBe6dZvMebDp6U
yDHGeo1rTjZzdHN7F0SA44XdgjkeRGLTrRAbOOCjxm2Tb2scrOl9DQmPeJwulAqn
e1ZltfpIiVGrlQ==
-----END CERTIFICATE-----