Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
File:                     pol1o9gy4UUny7or4QujwebGOFY.mft (raw, json)
Hash identifier:          3R2myhoSNT45xtY9s1DPo818NPbE+yyGhqcc5oFzSg4=
Subject key identifier:   AE:CB:90:BC:B6:6C:24:C9:B2:5E:78:42:A2:7C:35:75:88:A3:7A:AC
Authority key identifier: A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56
Certificate issuer:       /CN=a68975a3d832e14527cbba2be10ba3c1e6c63856
Certificate serial:       019CAB6BF9C177D6A24C9077EE3E5CF4B473
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
Manifest number:          081A
Signing time:             Sun 01 Mar 2026 22:01:46 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:46 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:46 +0000
Files and hashes:         1: pol1o9gy4UUny7or4QujwebGOFY.crl (hash: XVRTriJPPPlFBVSQfnfrsR4KOYoaiNBSeTaw3op/0bY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:f9:c1:77:d6:a2:4c:90:77:ee:3e:5c:f4:b4:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a68975a3d832e14527cbba2be10ba3c1e6c63856
        Validity
            Not Before: Mar  1 22:01:46 2026 GMT
            Not After : Mar  2 22:01:46 2026 GMT
        Subject: CN=aecb90bcb66c24c9b25e7842a27c357588a37aac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:59:60:eb:41:f0:a5:b4:81:a1:95:da:72:1d:
                    fb:d6:01:f8:5e:ff:fe:31:ca:e4:ad:51:3b:6e:a4:
                    37:6c:7e:de:f3:f8:28:d0:a5:75:17:b4:67:42:3b:
                    f7:01:ce:ff:64:26:ec:b6:9d:36:65:b6:d1:cc:68:
                    fa:92:bd:41:05:e5:27:70:99:1c:5c:7c:e0:81:e1:
                    b8:f7:45:ad:c8:b9:ca:5b:ec:67:58:6a:7f:bc:ac:
                    09:3a:eb:00:4e:d1:33:a0:1d:b5:77:3d:0c:a7:c9:
                    0c:be:71:92:43:0d:f3:1b:24:2a:87:af:d1:4a:83:
                    fb:8f:c3:b0:ea:0d:0c:bf:e0:6a:cf:bd:bd:d4:8a:
                    26:fa:ec:58:45:ee:71:85:cd:75:c7:87:6d:6c:24:
                    52:68:a5:c0:10:e5:3c:e0:e6:c1:e9:a4:ed:3f:a0:
                    2b:42:81:d7:ed:b9:69:e3:71:bd:32:cf:45:6b:ab:
                    7e:ee:fd:57:cd:29:50:47:76:6c:d8:35:16:c0:bd:
                    c7:89:06:14:62:4d:b0:be:f6:aa:d2:d2:88:37:41:
                    bf:cc:5b:98:c8:ea:c7:bc:7d:ab:d7:34:86:f8:c7:
                    99:cb:56:4e:ce:58:0e:44:1c:63:12:41:84:77:c1:
                    23:b4:71:bf:b4:c8:a2:34:5c:7c:c3:bd:0c:dd:60:
                    33:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:CB:90:BC:B6:6C:24:C9:B2:5E:78:42:A2:7C:35:75:88:A3:7A:AC
            X509v3 Authority Key Identifier:
                keyid:A6:89:75:A3:D8:32:E1:45:27:CB:BA:2B:E1:0B:A3:C1:E6:C6:38:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pol1o9gy4UUny7or4QujwebGOFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0b3cc1-318e-497f-a2b5-1316ad805e64/1/pol1o9gy4UUny7or4QujwebGOFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:c8:14:19:63:50:3c:51:b3:fe:2c:e9:ef:51:56:ea:5c:41:
         e3:21:88:99:6b:7c:8a:60:7c:a5:89:6b:30:c0:ce:5b:8b:eb:
         9e:70:50:83:06:c8:8e:1b:28:1a:93:7d:6a:ec:6f:c3:78:a6:
         3d:29:2a:1b:99:2b:9f:30:e9:d7:af:91:b2:42:e4:b0:08:ab:
         8a:9d:eb:e1:7c:36:96:45:11:49:c9:e8:f2:5b:2d:fe:94:27:
         b8:2b:19:d3:43:f9:2e:99:77:34:47:78:16:c3:75:2e:18:bc:
         8b:eb:04:b8:e1:41:2e:c1:64:c1:1a:bd:c7:e6:8c:6f:9b:5b:
         7a:d3:90:7a:fc:65:05:49:a1:ec:ed:fa:37:46:84:9e:4e:c0:
         4d:73:a7:85:d5:52:e8:b3:e7:0e:b4:14:d5:a2:72:70:dc:12:
         05:ea:81:ca:06:ae:ad:3a:83:e4:af:53:e8:dc:7c:75:8d:8d:
         eb:af:b3:30:8e:4a:3d:f4:ac:fc:0c:a3:40:6c:05:95:d3:66:
         8c:d8:c7:71:d1:79:71:53:07:b8:15:1d:51:e6:9f:74:3c:cb:
         13:e8:9a:f4:f3:ae:57:41:62:d8:21:6c:52:6f:f0:63:b3:3c:
         46:80:ec:af:c1:d0:82:30:b0:78:2a:1e:25:f0:0b:d0:7b:b2:
         cc:18:a0:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra/nBd9aiTJB37j5c9LRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ODk3NWEzZDgzMmUxNDUyN2NiYmEyYmUxMGJhM2MxZTZj
NjM4NTYwHhcNMjYwMzAxMjIwMTQ2WhcNMjYwMzAyMjIwMTQ2WjAzMTEwLwYDVQQD
EyhhZWNiOTBiY2I2NmMyNGM5YjI1ZTc4NDJhMjdjMzU3NTg4YTM3YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1lg60HwpbSBoZXach371gH4Xv/+
McrkrVE7bqQ3bH7e8/go0KV1F7RnQjv3Ac7/ZCbstp02ZbbRzGj6kr1BBeUncJkc
XHzggeG490WtyLnKW+xnWGp/vKwJOusATtEzoB21dz0Mp8kMvnGSQw3zGyQqh6/R
SoP7j8Ow6g0Mv+Bqz7291Iom+uxYRe5xhc11x4dtbCRSaKXAEOU84ObB6aTtP6Ar
QoHX7blp43G9Ms9Fa6t+7v1XzSlQR3Zs2DUWwL3HiQYUYk2wvvaq0tKIN0G/zFuY
yOrHvH2r1zSG+MeZy1ZOzlgORBxjEkGEd8EjtHG/tMiiNFx8w70M3WAzfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7LkLy2bCTJsl54QqJ8NXWIo3qsMB8GA1UdIwQY
MBaAFKaJdaPYMuFFJ8u6K+ELo8HmxjhWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUt
MTMxNmFkODA1ZTY0LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wYjNjYzEtMzE4ZS00OTdmLWEyYjUtMTMxNmFkODA1ZTY0
LzEvcG9sMW85Z3k0VVVueTdvcjRRdWp3ZWJHT0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFMgUGWNQ
PFGz/izp71FW6lxB4yGImWt8imB8pYlrMMDOW4vrnnBQgwbIjhsoGpN9auxvw3im
PSkqG5krnzDp16+RskLksAirip3r4Xw2lkURScno8lst/pQnuCsZ00P5Lpl3NEd4
FsN1Lhi8i+sEuOFBLsFkwRq9x+aMb5tbetOQevxlBUmh7O36N0aEnk7ATXOnhdVS
6LPnDrQU1aJycNwSBeqBygaurTqD5K9T6Nx8dY2N66+zMI5KPfSs/AyjQGwFldNm
jNjHcdF5cVMHuBUdUeafdDzLE+ia9POuV0Fi2CFsUm/wY7M8RoDsr8HQgjCweCoe
JfAL0HuyzBigNw==
-----END CERTIFICATE-----