Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
File:                     MAhC2wg32vMRozS3IjGOcLWIsAk.mft (raw, json)
Hash identifier:          OD0FC9HQpzhXLgd0WzkOurnlndRuTBkRJvrX1W+NjPo=
Subject key identifier:   AD:F9:D5:5B:CC:5C:26:B0:FF:AD:92:E2:35:A3:34:34:FE:A5:C6:97
Authority key identifier: 30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09
Certificate issuer:       /CN=300842db0837daf311a334b722318e70b588b009
Certificate serial:       019D2AE09FBDD51E5C2830DE792597497331
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 16:00:57 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:57 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:57 +0000
Files and hashes:         1: MAhC2wg32vMRozS3IjGOcLWIsAk.crl (hash: UgiU9A7H7x8d8XKngsObWtSuXwnHGnryd9DsDEVsKK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:9f:bd:d5:1e:5c:28:30:de:79:25:97:49:73:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=300842db0837daf311a334b722318e70b588b009
        Validity
            Not Before: Mar 26 16:00:57 2026 GMT
            Not After : Mar 27 16:00:57 2026 GMT
        Subject: CN=adf9d55bcc5c26b0ffad92e235a33434fea5c697
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e7:85:20:49:d9:4e:2e:90:aa:44:4a:a6:63:
                    bb:13:b1:38:13:c3:3c:62:fb:01:99:37:30:8b:03:
                    d9:39:04:b0:1c:50:35:cb:51:4e:79:38:4b:ab:ca:
                    16:00:85:81:32:ea:20:89:87:39:ed:df:21:e3:55:
                    dd:79:20:8a:bb:fc:89:b2:ac:cb:54:14:a9:32:44:
                    c2:cb:13:e3:36:06:52:a5:f1:79:09:c5:58:05:89:
                    e3:b2:83:52:da:19:f9:39:d5:be:25:a5:7c:03:87:
                    b4:14:c4:2e:fb:d5:26:a7:85:c4:4c:91:4f:8c:31:
                    01:d5:76:94:60:87:44:46:bf:21:4b:03:c8:ce:f8:
                    8b:30:73:c3:ac:86:08:ad:6c:6b:08:22:86:50:a7:
                    71:79:56:78:80:91:1b:94:eb:ce:c2:5a:bd:d8:de:
                    47:b5:ef:dc:b8:2f:79:ac:d9:b2:e4:b5:71:53:a4:
                    45:ea:71:67:73:d2:d4:75:c2:cf:da:c0:5d:4c:43:
                    8c:f5:6c:6d:f2:f8:6a:82:c2:73:e8:46:91:81:6c:
                    ad:51:9b:53:df:c4:9f:e5:67:40:ce:f2:07:86:50:
                    93:2b:c0:bc:4b:cf:d3:22:20:54:65:72:86:27:b4:
                    27:d2:af:ed:be:2f:25:8c:19:94:6a:3e:ce:1a:ac:
                    5f:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:F9:D5:5B:CC:5C:26:B0:FF:AD:92:E2:35:A3:34:34:FE:A5:C6:97
            X509v3 Authority Key Identifier:
                keyid:30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:69:fa:8c:91:50:e1:e3:12:29:93:41:db:1e:f3:fb:88:9f:
         08:ac:a9:3b:c7:63:12:0e:f1:cb:6b:5b:40:d3:1d:e2:0a:be:
         23:75:22:4d:e0:df:d0:5e:94:32:84:1e:07:28:73:b4:90:be:
         90:8a:ea:99:c3:ea:c4:97:e5:e9:4f:e1:17:54:1c:57:9c:e9:
         fa:f2:ea:ba:de:55:7f:f0:fb:df:f7:5b:16:6f:57:31:de:35:
         18:46:4d:12:62:5d:68:33:c8:61:0c:81:f3:2d:69:03:5b:77:
         c4:61:12:72:49:c9:79:c8:c0:b4:68:eb:a4:62:f1:8d:21:d4:
         3f:c2:93:c3:b9:6c:27:f5:9f:78:7c:74:b1:6e:c3:62:af:33:
         a2:87:12:9d:66:8d:f2:8e:05:2b:04:c2:00:78:f4:97:67:21:
         8c:ef:ed:8e:1b:3d:65:76:23:9f:ec:85:74:20:b4:f6:48:56:
         fe:0c:b8:b6:28:1a:66:4a:3e:0d:e5:6b:2c:54:29:13:01:9d:
         a5:53:27:cb:50:13:70:f5:41:38:4d:71:56:e6:ef:a2:8a:2b:
         5f:95:14:41:94:dd:50:f6:05:fc:15:15:f9:7c:4b:86:54:70:
         c9:ab:72:86:79:48:d0:3c:49:d9:5b:c0:b3:a5:9b:ef:a2:e5:
         26:89:5d:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4J+91R5cKDDeeSWXSXMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDg0MmRiMDgzN2RhZjMxMWEzMzRiNzIyMzE4ZTcwYjU4
OGIwMDkwHhcNMjYwMzI2MTYwMDU3WhcNMjYwMzI3MTYwMDU3WjAzMTEwLwYDVQQD
EyhhZGY5ZDU1YmNjNWMyNmIwZmZhZDkyZTIzNWEzMzQzNGZlYTVjNjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOeFIEnZTi6QqkRKpmO7E7E4E8M8
YvsBmTcwiwPZOQSwHFA1y1FOeThLq8oWAIWBMuogiYc57d8h41XdeSCKu/yJsqzL
VBSpMkTCyxPjNgZSpfF5CcVYBYnjsoNS2hn5OdW+JaV8A4e0FMQu+9Ump4XETJFP
jDEB1XaUYIdERr8hSwPIzviLMHPDrIYIrWxrCCKGUKdxeVZ4gJEblOvOwlq92N5H
te/cuC95rNmy5LVxU6RF6nFnc9LUdcLP2sBdTEOM9Wxt8vhqgsJz6EaRgWytUZtT
38Sf5WdAzvIHhlCTK8C8S8/TIiBUZXKGJ7Qn0q/tvi8ljBmUaj7OGqxf7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK351VvMXCaw/62S4jWjNDT+pcaXMB8GA1UdIwQY
MBaAFDAIQtsIN9rzEaM0tyIxjnC1iLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMt
NTMxMmExMzNiOTRlLzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMtNTMxMmExMzNiOTRl
LzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjmn6jJFQ
4eMSKZNB2x7z+4ifCKypO8djEg7xy2tbQNMd4gq+I3UiTeDf0F6UMoQeByhztJC+
kIrqmcPqxJfl6U/hF1QcV5zp+vLqut5Vf/D73/dbFm9XMd41GEZNEmJdaDPIYQyB
8y1pA1t3xGEScknJecjAtGjrpGLxjSHUP8KTw7lsJ/WfeHx0sW7DYq8zoocSnWaN
8o4FKwTCAHj0l2chjO/tjhs9ZXYjn+yFdCC09khW/gy4tigaZko+DeVrLFQpEwGd
pVMny1ATcPVBOE1xVubvooorX5UUQZTdUPYF/BUV+XxLhlRwyatyhnlI0DxJ2VvA
s6Wb76LlJoldWA==
-----END CERTIFICATE-----