Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
File:                     a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft (raw, json)
Hash identifier:          0XV1OJrcNsF1XyXpFTcD1OdWugFFqXP6f5cxR01omdI=
Subject key identifier:   65:C6:6E:6A:F1:49:FB:00:1C:DC:03:AC:1D:E9:05:5D:C4:5C:B7:82
Authority key identifier: 6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB
Certificate issuer:       /CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
Certificate serial:       019CAB6AE8F6089B1FFBC605C585B43019FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
Manifest number:          044B
Signing time:             Sun 01 Mar 2026 22:00:36 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:36 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:36 +0000
Files and hashes:         1: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl (hash: 19rJloSV+hBe4UFs4mzK4SmLVpwuu1WVJq8NcKdy0lg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:e8:f6:08:9b:1f:fb:c6:05:c5:85:b4:30:19:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
        Validity
            Not Before: Mar  1 22:00:36 2026 GMT
            Not After : Mar  2 22:00:36 2026 GMT
        Subject: CN=65c66e6af149fb001cdc03ac1de9055dc45cb782
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:78:35:d1:70:d1:d3:5d:66:be:86:db:76:23:
                    bc:da:d7:5c:f8:7b:b9:5f:60:da:00:34:d2:84:32:
                    7f:7d:f8:90:86:93:c9:19:3f:80:f5:44:dc:98:90:
                    41:3c:a1:69:43:4d:48:02:81:53:1e:8b:47:b4:b7:
                    f1:f2:61:32:da:aa:29:51:36:b9:1c:80:8e:60:90:
                    88:dc:44:7f:e0:b6:8c:b5:a8:cd:69:a6:77:42:be:
                    e3:2b:9f:69:70:1b:14:0f:d5:94:43:4f:ae:16:79:
                    75:6d:30:89:f9:1a:50:57:a1:68:2f:96:95:d0:a6:
                    1a:0f:9f:7f:3e:52:2b:55:ca:e5:5b:b6:17:72:c4:
                    19:87:c6:4d:84:fb:d7:e9:f0:a3:77:cc:75:b3:63:
                    5d:93:5c:d1:4c:a8:ca:6a:1a:d9:cb:28:48:91:fb:
                    00:75:13:12:17:2f:14:ec:01:d9:11:e3:f9:2e:38:
                    14:9f:e2:1b:c3:63:12:af:f0:3e:66:aa:26:b5:fa:
                    f5:35:be:ae:38:d4:96:75:2e:20:ee:a8:12:60:87:
                    e1:37:64:8c:34:e2:59:b6:56:ca:a0:a5:08:59:d9:
                    1a:5d:2d:a3:8a:c2:79:55:2a:a2:65:24:72:25:a3:
                    b7:27:b3:e7:8a:5c:6a:d0:c4:2c:20:20:f9:2d:6c:
                    d8:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:C6:6E:6A:F1:49:FB:00:1C:DC:03:AC:1D:E9:05:5D:C4:5C:B7:82
            X509v3 Authority Key Identifier:
                keyid:6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:40:15:a0:b2:04:8c:5a:08:16:cf:2c:21:0d:fb:df:b8:ae:
         bf:09:06:df:a5:94:4b:67:61:45:04:52:2d:10:27:99:a6:a8:
         9c:30:fe:2e:8f:2d:ea:36:76:28:54:82:53:fc:f3:b2:12:41:
         15:d1:d7:58:9c:3b:6f:f5:38:11:d0:51:87:f1:ec:7a:09:f9:
         1a:e7:f9:34:d1:8e:53:a8:cf:fd:e9:1f:57:30:b3:e1:a0:97:
         fd:fd:fd:f2:a9:23:45:39:87:9a:cb:2a:c9:f7:e1:88:a2:c9:
         da:f5:35:7e:b2:18:65:df:d9:ac:55:82:af:1c:74:be:97:9e:
         af:3e:65:bb:05:bf:86:1d:b9:7d:09:3e:d9:cc:f0:a5:7c:13:
         5f:a0:24:45:8c:40:4e:64:cc:9e:8e:70:cd:95:89:33:06:bb:
         2e:7c:d5:4b:52:8a:e9:e5:4d:2d:3e:54:37:30:09:fa:13:e4:
         68:bd:c8:a5:30:9d:b9:0e:d6:db:ac:c1:c8:90:52:f0:98:0a:
         da:a7:b0:31:ea:0a:20:5b:42:00:d8:bc:55:cb:54:11:e0:76:
         c5:68:26:e8:39:d8:f7:21:33:88:8b:59:ef:1a:79:61:37:c6:
         48:c3:73:b6:87:97:cc:d9:9a:b1:5b:55:50:a9:72:08:68:fe:
         75:a4:3d:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrauj2CJsf+8YFxYW0MBn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmEzNWNjMzBlYzMxMTY0MjBjMGZmMDRjNTllNDc5M2U5
MTkzZmIwHhcNMjYwMzAxMjIwMDM2WhcNMjYwMzAyMjIwMDM2WjAzMTEwLwYDVQQD
Eyg2NWM2NmU2YWYxNDlmYjAwMWNkYzAzYWMxZGU5MDU1ZGM0NWNiNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXg10XDR011mvobbdiO82tdc+Hu5
X2DaADTShDJ/ffiQhpPJGT+A9UTcmJBBPKFpQ01IAoFTHotHtLfx8mEy2qopUTa5
HICOYJCI3ER/4LaMtajNaaZ3Qr7jK59pcBsUD9WUQ0+uFnl1bTCJ+RpQV6FoL5aV
0KYaD59/PlIrVcrlW7YXcsQZh8ZNhPvX6fCjd8x1s2Ndk1zRTKjKahrZyyhIkfsA
dRMSFy8U7AHZEeP5LjgUn+Ibw2MSr/A+Zqomtfr1Nb6uONSWdS4g7qgSYIfhN2SM
NOJZtlbKoKUIWdkaXS2jisJ5VSqiZSRyJaO3J7Pnilxq0MQsICD5LWzYHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXGbmrxSfsAHNwDrB3pBV3EXLeCMB8GA1UdIwQY
MBaAFGtqNcww7DEWQgwP8ExZ5Hk+kZP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYt
NTFmYjgyZWZmM2Q2LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYtNTFmYjgyZWZmM2Q2
LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAckAVoLIE
jFoIFs8sIQ3737iuvwkG36WUS2dhRQRSLRAnmaaonDD+Lo8t6jZ2KFSCU/zzshJB
FdHXWJw7b/U4EdBRh/Hsegn5Guf5NNGOU6jP/ekfVzCz4aCX/f398qkjRTmHmssq
yffhiKLJ2vU1frIYZd/ZrFWCrxx0vpeerz5luwW/hh25fQk+2czwpXwTX6AkRYxA
TmTMno5wzZWJMwa7LnzVS1KK6eVNLT5UNzAJ+hPkaL3IpTCduQ7W26zByJBS8JgK
2qewMeoKIFtCANi8VctUEeB2xWgm6DnY9yEziItZ7xp5YTfGSMNztoeXzNmasVtV
UKlyCGj+daQ9ew==
-----END CERTIFICATE-----