Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.mft
File:                     9fqTbNBbJl9g8zNAqMY952gvw18.mft (raw, json)
Hash identifier:          LuHCIWZEz9eJzc5eRO46zVvZFlwlDZXxLHX7xnUMWxo=
Subject key identifier:   64:44:E1:3A:5F:E1:99:4B:2C:43:1E:B0:B2:A5:87:E9:DF:2C:63:D6
Authority key identifier: F5:FA:93:6C:D0:5B:26:5F:60:F3:33:40:A8:C6:3D:E7:68:2F:C3:5F
Certificate issuer:       /CN=f5fa936cd05b265f60f33340a8c63de7682fc35f
Certificate serial:       019CAEA3429694062533D093600E102A9617
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9fqTbNBbJl9g8zNAqMY952gvw18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.mft
Manifest number:          0835
Signing time:             Mon 02 Mar 2026 13:01:00 +0000
Manifest this update:     Mon 02 Mar 2026 13:01:00 +0000
Manifest next update:     Tue 03 Mar 2026 13:01:00 +0000
Files and hashes:         1: 9fqTbNBbJl9g8zNAqMY952gvw18.crl (hash: kqvPMDSlv/XiofCOjOGM3ISioG95VYWdpl2yxTJ6Pf0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9fqTbNBbJl9g8zNAqMY952gvw18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 13:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ae:a3:42:96:94:06:25:33:d0:93:60:0e:10:2a:96:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5fa936cd05b265f60f33340a8c63de7682fc35f
        Validity
            Not Before: Mar  2 13:01:00 2026 GMT
            Not After : Mar  3 13:01:00 2026 GMT
        Subject: CN=6444e13a5fe1994b2c431eb0b2a587e9df2c63d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:a0:84:ba:75:51:8b:71:93:39:d4:c3:99:35:
                    e7:c5:e5:e4:5a:50:25:2c:f2:76:7e:b6:3c:51:b9:
                    61:33:6f:94:cc:c4:2b:ba:8c:de:49:e5:b6:8d:0c:
                    cf:fa:dc:24:ea:65:4b:7b:59:be:a0:de:5e:73:1c:
                    eb:25:80:02:66:20:67:56:46:5d:c4:aa:f8:7c:ca:
                    ce:84:4e:1e:64:e3:d9:b7:a6:2b:90:66:cd:6a:65:
                    66:22:6b:8b:c9:17:3d:8c:a6:be:13:c3:37:55:db:
                    2d:22:c3:7e:8c:4e:0f:e4:1a:2e:2c:7d:10:aa:e4:
                    f5:81:63:7d:d7:a3:2e:4a:cb:9c:6b:5f:11:cb:cf:
                    fe:ec:52:6b:e2:c7:7a:4c:09:98:58:60:97:1d:3e:
                    86:f4:80:a3:4c:b8:1b:08:c8:10:c4:42:79:2e:ec:
                    d5:c9:c9:4b:6c:34:79:0b:9f:3e:51:13:1e:4c:7b:
                    6e:0a:f1:72:45:17:78:f6:c6:20:f9:0f:cb:de:60:
                    35:39:68:24:c9:44:cc:15:55:a6:60:86:fa:a2:13:
                    7d:ff:84:de:61:6c:d3:db:35:5c:f7:5a:dd:65:4d:
                    9f:55:ba:d6:d3:54:f0:5e:bf:6b:f1:d0:5d:28:8a:
                    fb:dd:f7:5e:a4:fb:a1:a0:7b:83:37:ac:6e:aa:4a:
                    01:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:44:E1:3A:5F:E1:99:4B:2C:43:1E:B0:B2:A5:87:E9:DF:2C:63:D6
            X509v3 Authority Key Identifier:
                keyid:F5:FA:93:6C:D0:5B:26:5F:60:F3:33:40:A8:C6:3D:E7:68:2F:C3:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fqTbNBbJl9g8zNAqMY952gvw18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6e7670-631d-4787-aeda-f1586fbde81a/1/9fqTbNBbJl9g8zNAqMY952gvw18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:24:de:33:be:38:77:43:8a:1f:37:bd:9a:e3:24:c2:db:d9:
         9c:11:b6:6c:1f:84:eb:7a:f6:8c:4e:9d:1a:38:ed:88:5c:b9:
         70:d6:99:e0:26:2e:31:3f:34:64:5e:82:7d:8f:f5:df:69:ad:
         d0:c0:ee:25:00:97:f0:ca:b5:72:31:9f:0a:04:d4:d6:b9:bb:
         40:cc:a8:03:02:ab:59:3b:7a:06:99:e2:be:73:c3:ff:9e:ad:
         b3:e5:ee:8a:70:8a:12:0e:99:b1:b3:6d:d6:20:ae:04:8f:c0:
         06:a2:b3:e3:6d:0e:73:7e:d5:26:0f:ec:60:65:5a:13:99:8b:
         44:5d:0f:53:99:36:1c:33:36:25:f4:c3:6c:bd:10:cd:1a:4a:
         c8:67:53:c0:2f:bd:d3:a7:ba:21:10:e6:dc:7e:ca:cf:32:5d:
         35:02:61:00:f9:af:54:65:d3:a0:73:44:f8:90:42:68:a7:97:
         6d:23:e4:a3:f4:d7:6d:bd:a4:9f:fc:74:64:12:01:85:13:f9:
         33:d6:c7:6e:52:ac:e9:78:43:8e:4b:78:ac:ac:fd:62:c8:ca:
         52:e2:4d:c9:37:87:36:fd:ca:5c:8a:06:e4:12:0e:2e:75:54:
         9a:95:1c:3b:ab:7e:3b:6e:a4:91:15:27:a2:59:81:09:88:35:
         58:da:09:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuo0KWlAYlM9CTYA4QKpYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmE5MzZjZDA1YjI2NWY2MGYzMzM0MGE4YzYzZGU3Njgy
ZmMzNWYwHhcNMjYwMzAyMTMwMTAwWhcNMjYwMzAzMTMwMTAwWjAzMTEwLwYDVQQD
Eyg2NDQ0ZTEzYTVmZTE5OTRiMmM0MzFlYjBiMmE1ODdlOWRmMmM2M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqCEunVRi3GTOdTDmTXnxeXkWlAl
LPJ2frY8UblhM2+UzMQruozeSeW2jQzP+twk6mVLe1m+oN5ecxzrJYACZiBnVkZd
xKr4fMrOhE4eZOPZt6YrkGbNamVmImuLyRc9jKa+E8M3VdstIsN+jE4P5BouLH0Q
quT1gWN916MuSsuca18Ry8/+7FJr4sd6TAmYWGCXHT6G9ICjTLgbCMgQxEJ5LuzV
yclLbDR5C58+URMeTHtuCvFyRRd49sYg+Q/L3mA1OWgkyUTMFVWmYIb6ohN9/4Te
YWzT2zVc91rdZU2fVbrW01TwXr9r8dBdKIr73fdepPuhoHuDN6xuqkoBYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRE4Tpf4ZlLLEMesLKlh+nfLGPWMB8GA1UdIwQY
MBaAFPX6k2zQWyZfYPMzQKjGPedoL8NfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZxVGJOQmJKbDlnOHpOQXFNWTk1Mmd2dzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82ZTc2NzAtNjMxZC00Nzg3LWFlZGEt
ZjE1ODZmYmRlODFhLzEvOWZxVGJOQmJKbDlnOHpOQXFNWTk1Mmd2dzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82ZTc2NzAtNjMxZC00Nzg3LWFlZGEtZjE1ODZmYmRlODFh
LzEvOWZxVGJOQmJKbDlnOHpOQXFNWTk1Mmd2dzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPyTeM744
d0OKHze9muMkwtvZnBG2bB+E63r2jE6dGjjtiFy5cNaZ4CYuMT80ZF6CfY/132mt
0MDuJQCX8Mq1cjGfCgTU1rm7QMyoAwKrWTt6BpnivnPD/56ts+XuinCKEg6ZsbNt
1iCuBI/ABqKz420Oc37VJg/sYGVaE5mLRF0PU5k2HDM2JfTDbL0QzRpKyGdTwC+9
06e6IRDm3H7KzzJdNQJhAPmvVGXToHNE+JBCaKeXbSPko/TXbb2kn/x0ZBIBhRP5
M9bHblKs6XhDjkt4rKz9YsjKUuJNyTeHNv3KXIoG5BIOLnVUmpUcO6t+O26kkRUn
olmBCYg1WNoJ+g==
-----END CERTIFICATE-----