Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
File:                     5IKZWNgAyhrebhPKeygLIpzmYC4.mft (raw, json)
Hash identifier:          pJgnFic9Iw3RgDO/WJBqYIhqVxUw7AWw3MVsHiMSOmg=
Subject key identifier:   3F:7F:3E:3C:A5:7E:36:33:A4:CE:A8:9C:41:E3:9D:1C:6E:F5:D4:7C
Authority key identifier: E4:82:99:58:D8:00:CA:1A:DE:6E:13:CA:7B:28:0B:22:9C:E6:60:2E
Certificate issuer:       /CN=e4829958d800ca1ade6e13ca7b280b229ce6602e
Certificate serial:       019CAB6B3E4DED53CB18FD34077289A2CF14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:00:57 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:57 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:57 +0000
Files and hashes:         1: 5IKZWNgAyhrebhPKeygLIpzmYC4.crl (hash: WzNpSO51oWpqpGjvXmoFJMKy9q5fJZ32F9qT9V2/kG0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:3e:4d:ed:53:cb:18:fd:34:07:72:89:a2:cf:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4829958d800ca1ade6e13ca7b280b229ce6602e
        Validity
            Not Before: Mar  1 22:00:57 2026 GMT
            Not After : Mar  2 22:00:57 2026 GMT
        Subject: CN=3f7f3e3ca57e3633a4cea89c41e39d1c6ef5d47c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6f:c7:e1:f6:c1:d9:7c:bb:6a:45:88:a6:5a:
                    75:95:06:a2:5b:49:38:21:62:fb:22:f6:57:fb:cc:
                    71:48:e7:f7:0c:5e:8e:86:bc:4d:41:65:d1:45:35:
                    0f:2b:ce:43:ae:91:d0:9e:d7:76:bc:9c:d6:d7:fd:
                    54:c7:2f:f1:a1:43:2e:f6:ec:c0:0c:1b:df:3e:de:
                    f5:cd:9d:25:01:44:4d:d4:8c:2e:ec:c8:59:0d:76:
                    c4:d1:a4:2a:ed:f8:fd:21:5e:6b:74:ba:b0:cf:81:
                    15:a7:31:e9:e0:1a:45:0c:36:ef:a4:23:ae:b5:d6:
                    cf:32:cd:2f:36:a6:a2:4f:c9:7b:f3:f7:68:db:9f:
                    0f:d4:be:bd:25:3a:35:b7:b7:cc:38:6f:3c:e8:06:
                    72:38:a4:10:e1:c5:54:b0:28:4d:b6:00:ec:34:a4:
                    e3:af:9a:13:b8:98:de:ef:38:56:c7:a4:63:d9:c7:
                    90:bb:c7:51:ef:ff:61:2f:ae:56:e8:65:b5:b3:c6:
                    88:80:34:75:a0:dc:75:93:fd:f8:e6:92:91:70:cf:
                    fe:15:c7:f3:92:07:6e:35:4d:2a:45:0f:bb:30:e3:
                    68:3b:06:25:98:18:b0:50:42:1a:b1:92:04:7f:19:
                    12:7c:81:63:97:3c:bb:76:a6:6f:1f:c9:b1:2b:ed:
                    e8:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:7F:3E:3C:A5:7E:36:33:A4:CE:A8:9C:41:E3:9D:1C:6E:F5:D4:7C
            X509v3 Authority Key Identifier:
                keyid:E4:82:99:58:D8:00:CA:1A:DE:6E:13:CA:7B:28:0B:22:9C:E6:60:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5IKZWNgAyhrebhPKeygLIpzmYC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/73af7c-5647-42d7-aa1d-1d5bc001a1de/1/5IKZWNgAyhrebhPKeygLIpzmYC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:3b:33:01:6e:dd:5c:bd:1a:60:d0:d6:d0:ae:c3:ff:95:2e:
         85:22:7f:57:7a:9f:cb:ef:9b:c8:c2:fd:82:77:88:a9:f2:97:
         4a:f5:0c:d4:6d:ab:8b:7e:fe:e8:cd:4d:be:d5:c8:79:bf:db:
         ec:6c:46:22:81:80:16:82:35:da:1f:b1:7a:c3:95:e6:fa:16:
         ac:c0:00:98:62:0e:e2:a6:54:49:1c:8b:c7:dc:de:51:41:b6:
         8f:f3:c0:26:43:9a:4a:cd:16:87:69:52:16:e1:d8:b0:51:df:
         c5:7f:70:23:48:55:48:30:ff:0a:7e:97:44:62:2a:58:94:74:
         29:c1:2a:38:1e:58:4b:65:d6:eb:3f:a5:c1:f5:48:ad:f8:63:
         5b:87:d8:9c:29:5d:0c:19:95:fb:1a:2e:ec:3d:e7:77:81:1a:
         99:61:18:4f:57:da:38:3d:b0:29:55:e6:9b:5d:35:ce:89:b8:
         7e:b8:50:26:ca:a5:f6:ae:93:35:ea:ff:b6:a6:0f:f9:0e:a0:
         86:ce:e7:9c:a7:46:59:38:3d:2c:21:18:79:26:12:b7:80:8b:
         e4:e2:28:84:64:01:a0:57:d4:e7:44:c9:27:9f:41:a0:47:03:
         c2:11:7c:01:b0:88:49:3b:54:5e:61:57:12:6f:cf:c1:3f:e2:
         e9:c8:9f:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraz5N7VPLGP00B3KJos8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ODI5OTU4ZDgwMGNhMWFkZTZlMTNjYTdiMjgwYjIyOWNl
NjYwMmUwHhcNMjYwMzAxMjIwMDU3WhcNMjYwMzAyMjIwMDU3WjAzMTEwLwYDVQQD
EygzZjdmM2UzY2E1N2UzNjMzYTRjZWE4OWM0MWUzOWQxYzZlZjVkNDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2/H4fbB2Xy7akWIplp1lQaiW0k4
IWL7IvZX+8xxSOf3DF6OhrxNQWXRRTUPK85DrpHQntd2vJzW1/1Uxy/xoUMu9uzA
DBvfPt71zZ0lAURN1Iwu7MhZDXbE0aQq7fj9IV5rdLqwz4EVpzHp4BpFDDbvpCOu
tdbPMs0vNqaiT8l78/do258P1L69JTo1t7fMOG886AZyOKQQ4cVUsChNtgDsNKTj
r5oTuJje7zhWx6Rj2ceQu8dR7/9hL65W6GW1s8aIgDR1oNx1k/345pKRcM/+Fcfz
kgduNU0qRQ+7MONoOwYlmBiwUEIasZIEfxkSfIFjlzy7dqZvH8mxK+3oiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9/PjylfjYzpM6onEHjnRxu9dR8MB8GA1UdIwQY
MBaAFOSCmVjYAMoa3m4TynsoCyKc5mAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS83M2FmN2MtNTY0Ny00MmQ3LWFhMWQt
MWQ1YmMwMDFhMWRlLzEvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS83M2FmN2MtNTY0Ny00MmQ3LWFhMWQtMWQ1YmMwMDFhMWRl
LzEvNUlLWldOZ0F5aHJlYmhQS2V5Z0xJcHptWUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQzszAW7d
XL0aYNDW0K7D/5UuhSJ/V3qfy++byML9gneIqfKXSvUM1G2ri37+6M1NvtXIeb/b
7GxGIoGAFoI12h+xesOV5voWrMAAmGIO4qZUSRyLx9zeUUG2j/PAJkOaSs0Wh2lS
FuHYsFHfxX9wI0hVSDD/Cn6XRGIqWJR0KcEqOB5YS2XW6z+lwfVIrfhjW4fYnCld
DBmV+xou7D3nd4EamWEYT1faOD2wKVXmm101zom4frhQJsql9q6TNer/tqYP+Q6g
hs7nnKdGWTg9LCEYeSYSt4CL5OIohGQBoFfU50TJJ59BoEcDwhF8AbCISTtUXmFX
Em/PwT/i6cifPA==
-----END CERTIFICATE-----