Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          JIFqCo/EHI+/tp1fucF070XJd/3L3DcCEpxi3B476yo=
Subject key identifier:   CB:2C:66:50:E7:3A:14:93:7E:A0:A5:65:13:24:87:E2:3C:30:8C:AD
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       019CABD983FA524F95BC9CBC26DA39CC30F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          1841
Signing time:             Mon 02 Mar 2026 00:01:24 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:24 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:24 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: JAajMoSaX9whsTqRWh2BNtZX70mL/YEpPT03KSvY8DM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:83:fa:52:4f:95:bc:9c:bc:26:da:39:cc:30:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Mar  2 00:01:24 2026 GMT
            Not After : Mar  3 00:01:24 2026 GMT
        Subject: CN=cb2c6650e73a14937ea0a565132487e23c308cad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:de:87:17:fb:ed:29:80:17:1c:d8:82:d1:d0:
                    b8:36:1d:ee:02:85:92:db:90:1c:d9:cc:e0:06:ea:
                    9a:37:24:fe:07:3f:8a:23:e9:c5:74:49:3a:ef:a1:
                    cc:2d:12:79:af:52:21:d2:ff:74:8f:55:ac:35:49:
                    ed:e6:75:8b:2b:6f:8d:29:8e:0d:9e:de:df:b3:ff:
                    64:56:ab:8c:b5:19:db:c6:60:0b:7f:37:a6:8f:12:
                    c3:0c:f0:4e:d8:e6:1e:9c:eb:eb:04:36:eb:76:69:
                    13:7b:7c:63:a7:5c:02:77:f9:b7:b5:fe:3f:57:18:
                    da:2f:0b:45:96:65:9c:55:05:15:89:fa:99:f8:0f:
                    43:82:17:05:86:3b:82:78:7c:68:af:b1:0b:55:31:
                    92:80:e7:b7:b0:d2:90:67:83:bc:f5:73:ea:3d:b5:
                    86:f9:3a:a6:f4:26:18:2b:22:9c:f7:95:d1:11:50:
                    d4:db:20:d3:fe:d4:de:1c:35:70:7a:3f:f3:0a:8e:
                    0a:7f:c1:90:3e:ff:f3:7f:18:36:87:08:a4:41:6f:
                    2f:e9:ed:8d:f7:44:36:c1:c5:e2:9f:33:89:d2:fb:
                    f8:07:93:1c:4d:16:57:a5:47:21:6b:02:9e:f4:fa:
                    dc:94:64:6d:6f:7a:97:06:8a:1e:17:30:b2:a2:6a:
                    fe:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:2C:66:50:E7:3A:14:93:7E:A0:A5:65:13:24:87:E2:3C:30:8C:AD
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:48:1d:d0:59:75:77:ed:c5:65:74:d2:0c:46:b3:e4:23:bf:
         68:1c:1c:4e:1b:b4:e5:c9:80:cf:20:6d:e8:17:01:a2:f4:67:
         ed:22:28:b0:9c:07:f8:e9:b3:92:fe:69:f9:97:2f:75:4a:bf:
         0f:a7:2c:6b:d3:d7:d6:7c:66:7a:e1:2e:b1:89:83:ac:22:db:
         b8:8f:e1:24:96:09:a2:51:e5:c9:0b:d2:28:47:e8:b1:95:5a:
         ca:27:4b:6c:cb:92:e2:58:3b:03:4f:c6:88:f1:ab:fe:e6:4d:
         28:40:cb:28:f1:f4:b6:42:a4:7f:d7:49:38:b8:54:ff:0b:02:
         99:1a:70:c7:d4:ca:c0:4e:82:c5:fc:ff:e3:26:17:92:37:eb:
         39:c9:18:29:05:0a:7f:3a:55:41:db:19:66:2e:0a:13:ce:4c:
         58:b3:56:b5:3b:de:a3:5b:cc:33:3f:12:50:c2:55:33:af:3e:
         ab:26:42:62:2d:fe:1a:70:0c:3b:40:b7:1a:81:3c:f7:13:f8:
         a6:94:1b:fd:b9:ac:f1:0a:e6:8c:a7:ee:58:34:e4:44:37:d5:
         fa:65:4f:a8:fb:a5:30:bd:cd:14:bb:90:84:af:10:80:0f:28:
         07:e8:e5:3a:f9:24:2a:c9:e6:bf:aa:e7:47:cb:80:5c:25:42:
         00:4d:e8:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2YP6Uk+VvJy8Jto5zDD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjYwMzAyMDAwMTI0WhcNMjYwMzAzMDAwMTI0WjAzMTEwLwYDVQQD
EyhjYjJjNjY1MGU3M2ExNDkzN2VhMGE1NjUxMzI0ODdlMjNjMzA4Y2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN6HF/vtKYAXHNiC0dC4Nh3uAoWS
25Ac2czgBuqaNyT+Bz+KI+nFdEk676HMLRJ5r1Ih0v90j1WsNUnt5nWLK2+NKY4N
nt7fs/9kVquMtRnbxmALfzemjxLDDPBO2OYenOvrBDbrdmkTe3xjp1wCd/m3tf4/
VxjaLwtFlmWcVQUVifqZ+A9DghcFhjuCeHxor7ELVTGSgOe3sNKQZ4O89XPqPbWG
+Tqm9CYYKyKc95XREVDU2yDT/tTeHDVwej/zCo4Kf8GQPv/zfxg2hwikQW8v6e2N
90Q2wcXinzOJ0vv4B5McTRZXpUchawKe9PrclGRtb3qXBooeFzCyomr+gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMssZlDnOhSTfqClZRMkh+I8MIytMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl0gd0Fl1
d+3FZXTSDEaz5CO/aBwcThu05cmAzyBt6BcBovRn7SIosJwH+Omzkv5p+ZcvdUq/
D6csa9PX1nxmeuEusYmDrCLbuI/hJJYJolHlyQvSKEfosZVayidLbMuS4lg7A0/G
iPGr/uZNKEDLKPH0tkKkf9dJOLhU/wsCmRpwx9TKwE6Cxfz/4yYXkjfrOckYKQUK
fzpVQdsZZi4KE85MWLNWtTveo1vMMz8SUMJVM68+qyZCYi3+GnAMO0C3GoE89xP4
ppQb/bms8QrmjKfuWDTkRDfV+mVPqPulML3NFLuQhK8QgA8oB+jlOvkkKsnmv6rn
R8uAXCVCAE3oVQ==
-----END CERTIFICATE-----