Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File:                     Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier:          rrV8wJAhVf4ceBZ+NA25hebARIcZjj4vrmaxhQf0XDw=
Subject key identifier:   57:E8:C7:9E:65:3B:0F:8D:2D:AC:9A:F3:C9:72:36:9B:7D:CF:57:28
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer:       /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial:       019D27E056076BDB272173EFBB4DFFD5F964
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 02:01:46 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:46 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:46 +0000
Files and hashes:         1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: Rg3UuRQ6ZWngX7yXfdzvZ0LaKoMzze3CxbqBsiqzBB0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 02:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:56:07:6b:db:27:21:73:ef:bb:4d:ff:d5:f9:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
        Validity
            Not Before: Mar 26 02:01:46 2026 GMT
            Not After : Mar 27 02:01:46 2026 GMT
        Subject: CN=57e8c79e653b0f8d2dac9af3c972369b7dcf5728
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a4:7b:fd:90:c8:26:45:6d:06:0c:fa:b5:77:
                    84:cb:7c:ac:90:8e:4f:e3:40:94:87:a7:ce:2d:c0:
                    0d:ff:29:16:a6:8e:38:4b:92:69:01:2b:5e:8a:c8:
                    d8:15:f3:e3:f2:be:5d:fd:ca:0a:13:bb:6d:fa:97:
                    c7:31:33:06:77:35:7c:97:ad:ad:f0:af:c4:21:6b:
                    be:e4:16:4c:af:5a:37:2d:00:89:05:6a:54:9f:a0:
                    b7:f8:c5:a0:d0:79:e6:eb:fe:8f:83:af:7c:52:5b:
                    a0:ca:5f:e4:23:56:62:f9:5e:0e:6e:ea:1c:4b:ad:
                    ec:a6:bf:6a:04:00:d1:95:51:bd:dd:a5:07:78:35:
                    3e:86:d7:f7:14:9c:02:46:95:0c:b2:55:b1:22:5d:
                    fa:aa:3d:06:f2:3b:d9:18:d4:93:0d:10:19:18:dc:
                    34:8e:1f:c2:63:4f:79:38:23:0c:82:e5:3d:54:c3:
                    0a:b7:da:a0:c4:70:7d:70:83:83:91:0c:5f:32:92:
                    32:08:ac:77:6c:84:f7:fd:ac:5f:e2:b4:93:36:f4:
                    f8:25:1e:ac:77:40:ce:73:8f:93:f5:f4:71:da:54:
                    2b:d8:8c:e0:1d:ab:cd:c1:87:5e:6d:bd:8a:39:62:
                    ea:9e:1c:e4:c4:6d:55:f4:e4:fc:ef:58:16:ca:a2:
                    8f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:E8:C7:9E:65:3B:0F:8D:2D:AC:9A:F3:C9:72:36:9B:7D:CF:57:28
            X509v3 Authority Key Identifier:
                keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:74:8c:5f:40:09:ae:af:e2:3d:75:8a:a6:d8:7b:5e:8e:a5:
         2d:c4:c9:4c:83:fb:40:5e:35:81:fb:f8:5c:75:b7:39:dd:98:
         51:ad:d5:55:98:51:13:4c:c4:18:a5:47:41:65:55:de:73:6e:
         ad:a5:85:fe:0e:3f:f6:e8:df:54:f5:6f:33:3f:11:68:f7:94:
         6b:cd:15:03:b1:6f:70:50:c7:37:a1:81:73:71:01:b4:77:b8:
         0b:19:71:fa:82:d0:b2:53:61:0c:13:1f:d3:dd:86:74:f8:56:
         eb:93:19:a1:b8:de:3d:83:8f:0e:02:cc:40:50:97:b4:8b:ff:
         52:c4:7f:36:51:3c:3c:0f:9e:0e:2c:9f:be:f6:ad:89:13:72:
         6f:e1:12:17:3c:ac:06:f7:89:65:5a:fc:47:a1:84:ab:0d:56:
         88:14:2b:c9:6e:af:d5:4c:01:6a:3b:03:15:63:ca:64:4a:17:
         a2:a9:23:d8:cf:37:f8:05:67:86:fc:ee:c2:35:ac:ca:95:76:
         f2:12:ae:04:f9:1b:ac:47:73:db:1e:06:4a:ce:db:6d:db:5e:
         08:a0:1a:2c:7e:2c:56:59:bf:ae:7b:6c:94:80:a4:1e:9f:57:
         87:2f:e0:4e:39:d1:72:35:99:27:ea:3b:14:40:69:d4:6c:da:
         ce:3f:00:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4FYHa9snIXPvu03/1flkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjYwMzI2MDIwMTQ2WhcNMjYwMzI3MDIwMTQ2WjAzMTEwLwYDVQQD
Eyg1N2U4Yzc5ZTY1M2IwZjhkMmRhYzlhZjNjOTcyMzY5YjdkY2Y1NzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKR7/ZDIJkVtBgz6tXeEy3yskI5P
40CUh6fOLcAN/ykWpo44S5JpASteisjYFfPj8r5d/coKE7tt+pfHMTMGdzV8l62t
8K/EIWu+5BZMr1o3LQCJBWpUn6C3+MWg0Hnm6/6Pg698Ulugyl/kI1Zi+V4Obuoc
S63spr9qBADRlVG93aUHeDU+htf3FJwCRpUMslWxIl36qj0G8jvZGNSTDRAZGNw0
jh/CY095OCMMguU9VMMKt9qgxHB9cIODkQxfMpIyCKx3bIT3/axf4rSTNvT4JR6s
d0DOc4+T9fRx2lQr2IzgHavNwYdebb2KOWLqnhzkxG1V9OT871gWyqKPFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfox55lOw+NLaya88lyNpt9z1coMB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASHSMX0AJ
rq/iPXWKpth7Xo6lLcTJTIP7QF41gfv4XHW3Od2YUa3VVZhRE0zEGKVHQWVV3nNu
raWF/g4/9ujfVPVvMz8RaPeUa80VA7FvcFDHN6GBc3EBtHe4Cxlx+oLQslNhDBMf
092GdPhW65MZobjePYOPDgLMQFCXtIv/UsR/NlE8PA+eDiyfvvatiRNyb+ESFzys
BveJZVr8R6GEqw1WiBQryW6v1UwBajsDFWPKZEoXoqkj2M83+AVnhvzuwjWsypV2
8hKuBPkbrEdz2x4GSs7bbdteCKAaLH4sVlm/rntslICkHp9Xhy/gTjnRcjWZJ+o7
FEBp1Gzazj8AAg==
-----END CERTIFICATE-----