Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
File:                     owVfB71HqGR4w79HOSVzrNU9Y24.mft (raw, json)
Hash identifier:          fv84r0353aFQifUrdLHmHfL7WJdwexVfH+2nfNTsC6A=
Subject key identifier:   56:65:D8:66:BB:A2:22:5C:5B:B1:47:25:C2:FD:82:EA:85:3D:1F:DF
Authority key identifier: A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E
Certificate issuer:       /CN=a3055f07bd47a86478c3bf47392573acd53d636e
Certificate serial:       019CABD91B04ED5D93B4A6EBAA2338FD40DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 00:00:57 +0000
Manifest this update:     Mon 02 Mar 2026 00:00:57 +0000
Manifest next update:     Tue 03 Mar 2026 00:00:57 +0000
Files and hashes:         1: owVfB71HqGR4w79HOSVzrNU9Y24.crl (hash: LefU5EIIf5tA2G3SmmIujtE6cA11RQiG9VOlC6/5+gA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:1b:04:ed:5d:93:b4:a6:eb:aa:23:38:fd:40:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3055f07bd47a86478c3bf47392573acd53d636e
        Validity
            Not Before: Mar  2 00:00:57 2026 GMT
            Not After : Mar  3 00:00:57 2026 GMT
        Subject: CN=5665d866bba2225c5bb14725c2fd82ea853d1fdf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:c4:7d:e0:2d:2d:fa:24:8e:38:91:da:82:d0:
                    9d:9c:f4:1f:fb:ce:f9:ca:f8:57:27:25:4a:b5:d7:
                    c6:b2:8b:71:42:7e:9b:01:20:ae:ad:48:a1:fa:f5:
                    25:dd:4d:53:f8:8a:20:21:8d:ae:f9:3d:38:a6:c9:
                    21:3b:77:aa:d5:be:a5:a9:ac:2c:60:fa:f6:fa:c1:
                    b6:2f:35:a6:f9:bf:90:7e:4f:2f:7b:a7:9f:8d:0b:
                    f1:bc:22:23:33:e9:82:08:6e:9d:cb:bb:d0:be:f4:
                    b1:73:b6:fd:1d:c5:fb:65:22:e0:97:df:11:dc:29:
                    f9:90:d2:87:7e:28:93:54:a6:74:ce:d0:48:0d:0d:
                    b1:26:46:3a:c6:06:30:c0:d2:5f:bd:40:f8:b1:84:
                    0e:ee:e5:15:85:23:be:19:84:a6:d8:42:e6:b0:71:
                    0a:27:cc:30:2e:73:6b:a5:71:6d:d2:12:71:3a:fe:
                    a6:91:d6:3c:c3:98:ab:58:6c:e0:a0:64:94:61:49:
                    07:13:7b:be:8f:d9:2e:5d:66:c1:07:2b:aa:a2:39:
                    12:82:b6:87:62:46:15:6b:99:88:93:48:4a:99:fe:
                    ba:fd:87:7a:a9:b9:e7:6f:13:13:53:06:af:dc:bc:
                    19:29:34:12:a7:03:36:52:61:6e:34:65:a4:94:75:
                    bb:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:65:D8:66:BB:A2:22:5C:5B:B1:47:25:C2:FD:82:EA:85:3D:1F:DF
            X509v3 Authority Key Identifier:
                keyid:A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:a4:24:45:38:ad:68:c4:48:a3:4d:de:f3:a2:54:c6:72:23:
         ce:b7:10:e3:af:f0:1b:ac:b2:25:61:68:33:cc:0a:bf:2b:7a:
         9f:25:fe:8c:1b:04:1a:f4:fb:6c:cf:24:6a:5a:1b:d1:0f:b8:
         31:4e:bf:3b:11:4c:a1:16:29:cc:7d:e6:6c:eb:b6:72:0f:f9:
         3b:d4:9b:24:c3:b9:9d:7b:93:fc:e9:b1:9a:17:03:35:b4:35:
         67:58:cf:63:af:78:e9:00:4e:74:15:f3:58:3f:74:64:a4:f6:
         7e:29:18:fb:c8:64:b1:5e:99:a4:82:83:c7:97:ae:d9:ab:f2:
         63:81:17:99:8b:eb:c1:95:c0:cd:06:30:9a:d1:ff:a6:46:dc:
         54:f1:e9:5f:79:9a:3c:b1:7e:f2:c7:de:e5:f2:f0:4a:5c:e5:
         ab:dd:85:a5:28:31:ec:25:07:31:59:07:a6:d3:67:39:aa:ca:
         15:ba:4b:42:a8:5a:05:9b:4b:bb:40:0b:5f:85:bd:44:76:90:
         da:15:40:15:7a:58:09:58:ad:e3:9c:e2:80:bf:14:fe:fd:a4:
         b2:af:af:f9:6d:3e:c7:89:50:fd:42:92:d7:8f:58:ab:f8:8f:
         b9:28:bb:7f:10:ff:be:f3:82:d2:c1:d7:9e:80:13:20:58:ba:
         b9:61:c2:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2RsE7V2TtKbrqiM4/UDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDU1ZjA3YmQ0N2E4NjQ3OGMzYmY0NzM5MjU3M2FjZDUz
ZDYzNmUwHhcNMjYwMzAyMDAwMDU3WhcNMjYwMzAzMDAwMDU3WjAzMTEwLwYDVQQD
Eyg1NjY1ZDg2NmJiYTIyMjVjNWJiMTQ3MjVjMmZkODJlYTg1M2QxZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MR94C0t+iSOOJHagtCdnPQf+875
yvhXJyVKtdfGsotxQn6bASCurUih+vUl3U1T+IogIY2u+T04pskhO3eq1b6lqaws
YPr2+sG2LzWm+b+Qfk8ve6efjQvxvCIjM+mCCG6dy7vQvvSxc7b9HcX7ZSLgl98R
3Cn5kNKHfiiTVKZ0ztBIDQ2xJkY6xgYwwNJfvUD4sYQO7uUVhSO+GYSm2ELmsHEK
J8wwLnNrpXFt0hJxOv6mkdY8w5irWGzgoGSUYUkHE3u+j9kuXWbBByuqojkSgraH
YkYVa5mIk0hKmf66/Yd6qbnnbxMTUwav3LwZKTQSpwM2UmFuNGWklHW7QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFZl2Ga7oiJcW7FHJcL9guqFPR/fMB8GA1UdIwQY
MBaAFKMFXwe9R6hkeMO/Rzklc6zVPWNuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUt
YTNhYWQxMTc4Y2Q0LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUtYTNhYWQxMTc4Y2Q0
LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPKQkRTit
aMRIo03e86JUxnIjzrcQ46/wG6yyJWFoM8wKvyt6nyX+jBsEGvT7bM8kalob0Q+4
MU6/OxFMoRYpzH3mbOu2cg/5O9SbJMO5nXuT/OmxmhcDNbQ1Z1jPY6946QBOdBXz
WD90ZKT2fikY+8hksV6ZpIKDx5eu2avyY4EXmYvrwZXAzQYwmtH/pkbcVPHpX3ma
PLF+8sfe5fLwSlzlq92FpSgx7CUHMVkHptNnOarKFbpLQqhaBZtLu0ALX4W9RHaQ
2hVAFXpYCVit45zigL8U/v2ksq+v+W0+x4lQ/UKS149Yq/iPuSi7fxD/vvOC0sHX
noATIFi6uWHCLw==
-----END CERTIFICATE-----