Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
File:                     AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft (raw, json)
Hash identifier:          6b6OXafZslT9fd2lBO3BKT5tPwnU5fjSEIZORmft35c=
Subject key identifier:   DB:32:76:A1:66:B1:C9:7D:B0:90:30:B4:9F:95:3E:33:7B:E0:47:FC
Authority key identifier: 02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05
Certificate issuer:       /CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
Certificate serial:       019D2703ED4CCD8DACBD026B3D57E4262521
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 22:01:01 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:01 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:01 +0000
Files and hashes:         1: AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl (hash: oqdN6kQWNmfwlFe18psPW1ZYF5cCkLy/xGpaKrsI+qY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:ed:4c:cd:8d:ac:bd:02:6b:3d:57:e4:26:25:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
        Validity
            Not Before: Mar 25 22:01:01 2026 GMT
            Not After : Mar 26 22:01:01 2026 GMT
        Subject: CN=db3276a166b1c97db09030b49f953e337be047fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a0:03:3b:00:6c:57:f4:26:90:aa:7c:91:e0:
                    dd:ae:a5:a1:c8:ba:f5:96:11:59:86:51:ec:bf:61:
                    15:91:1e:47:15:59:73:de:de:53:be:82:c8:ce:30:
                    b5:79:d1:6f:81:e7:eb:1c:b0:b0:81:3c:cc:c4:b7:
                    cf:cf:0d:ea:85:58:58:28:2c:79:8d:7c:b4:2b:d3:
                    a1:af:f7:48:05:c0:02:8a:7d:76:12:76:7c:78:c4:
                    d8:1c:1e:30:75:fe:13:f1:ef:4c:dd:cd:1d:a9:21:
                    62:13:69:51:32:25:ba:3b:77:68:a0:b1:fe:4c:a9:
                    9f:d2:0d:d8:b2:08:42:09:c4:b0:5b:a9:d8:0d:e7:
                    e5:20:54:a4:1c:d1:00:f0:49:24:6f:a1:9d:cb:3d:
                    6f:91:29:a7:b6:51:ba:ed:38:53:63:d7:58:6a:1d:
                    fc:0c:21:c2:96:3d:4b:b6:77:13:a0:0a:ba:34:37:
                    38:51:b9:d3:7e:32:9f:47:57:9a:ed:43:a4:be:0e:
                    20:86:d3:63:b1:d4:af:0c:3e:73:d3:81:eb:ec:ba:
                    4b:ed:43:31:d7:e2:d4:95:74:0c:15:92:75:29:ea:
                    b7:39:6a:51:38:f0:ce:99:9a:9e:a4:d7:85:d9:30:
                    ec:68:db:08:1c:94:0f:71:ef:78:eb:ca:61:66:6c:
                    67:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:32:76:A1:66:B1:C9:7D:B0:90:30:B4:9F:95:3E:33:7B:E0:47:FC
            X509v3 Authority Key Identifier:
                keyid:02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d7:ad:b4:03:bf:07:20:f4:fa:15:91:5d:10:06:13:62:61:6b:
         0c:42:6f:5f:f0:2a:02:fc:92:a1:59:29:da:80:b5:19:4a:88:
         98:95:d6:55:55:a5:79:c6:51:0f:20:77:aa:60:0a:94:5a:ed:
         ff:2c:e4:49:12:77:d6:20:65:35:b8:e0:19:83:79:2b:03:6a:
         2d:d6:be:90:c2:c3:ae:a1:f1:78:12:2d:ba:32:c5:f2:95:c5:
         29:34:88:77:77:1f:dd:1b:94:8c:2a:da:59:91:c5:eb:ec:8a:
         6f:0a:fe:78:fc:98:8b:ac:98:ed:b0:81:e3:3f:33:3d:b1:da:
         ff:ea:a2:78:e5:54:e1:a4:a9:d8:6f:ea:62:39:9b:db:8d:ec:
         72:1a:5a:e2:5e:15:fb:e5:c4:81:b2:59:18:f9:53:e4:6e:ba:
         5f:72:d6:df:fe:67:7f:3d:1e:2e:8e:96:ac:84:ab:35:f7:89:
         a7:1f:2d:84:60:4d:0e:d6:64:2a:b2:89:05:45:01:20:06:21:
         2b:40:a8:d3:16:68:c8:e2:bf:45:fd:82:a1:6b:34:be:4f:b2:
         f0:ad:2e:fe:9d:8a:49:85:2c:d4:95:08:f4:bb:f8:1e:8b:e7:
         0d:23:6d:60:3b:20:36:61:e7:f9:da:dc:94:8b:60:4d:47:ee:
         c5:16:44:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA+1MzY2svQJrPVfkJiUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTFmNmFiZTBiYjI2YmZlNDg1OWU1NGRlZTBmZGM5YTVi
NzhhMDUwHhcNMjYwMzI1MjIwMTAxWhcNMjYwMzI2MjIwMTAxWjAzMTEwLwYDVQQD
EyhkYjMyNzZhMTY2YjFjOTdkYjA5MDMwYjQ5Zjk1M2UzMzdiZTA0N2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKADOwBsV/QmkKp8keDdrqWhyLr1
lhFZhlHsv2EVkR5HFVlz3t5TvoLIzjC1edFvgefrHLCwgTzMxLfPzw3qhVhYKCx5
jXy0K9Ohr/dIBcACin12EnZ8eMTYHB4wdf4T8e9M3c0dqSFiE2lRMiW6O3dooLH+
TKmf0g3YsghCCcSwW6nYDeflIFSkHNEA8Ekkb6Gdyz1vkSmntlG67ThTY9dYah38
DCHClj1LtncToAq6NDc4UbnTfjKfR1ea7UOkvg4ghtNjsdSvDD5z04Hr7LpL7UMx
1+LUlXQMFZJ1Keq3OWpROPDOmZqepNeF2TDsaNsIHJQPce9468phZmxneQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsydqFmscl9sJAwtJ+VPjN74Ef8MB8GA1UdIwQY
MBaAFAJR9qvguya/5IWeVN7g/cmlt4oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgt
MmY0ZWI5YzA2MDM1LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgtMmY0ZWI5YzA2MDM1
LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1620A78H
IPT6FZFdEAYTYmFrDEJvX/AqAvySoVkp2oC1GUqImJXWVVWlecZRDyB3qmAKlFrt
/yzkSRJ31iBlNbjgGYN5KwNqLda+kMLDrqHxeBItujLF8pXFKTSId3cf3RuUjCra
WZHF6+yKbwr+ePyYi6yY7bCB4z8zPbHa/+qieOVU4aSp2G/qYjmb243schpa4l4V
++XEgbJZGPlT5G66X3LW3/5nfz0eLo6WrISrNfeJpx8thGBNDtZkKrKJBUUBIAYh
K0Co0xZoyOK/Rf2CoWs0vk+y8K0u/p2KSYUs1JUI9Lv4HovnDSNtYDsgNmHn+drc
lItgTUfuxRZEQA==
-----END CERTIFICATE-----