Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft
File:                     C86QcAXcPrBHC8PbRpCNoQkXuEo.mft (raw, json)
Hash identifier:          KGW0ORXYmGsGpBoGLTff9xmhxrMoUcd41wksfgkdLuI=
Subject key identifier:   14:AA:D8:13:E8:FC:65:EB:A5:97:AE:02:8B:2C:A4:8F:39:DF:3B:0D
Authority key identifier: 0B:CE:90:70:05:DC:3E:B0:47:0B:C3:DB:46:90:8D:A1:09:17:B8:4A
Certificate issuer:       /CN=0bce907005dc3eb0470bc3db46908da10917b84a
Certificate serial:       019D2703F82026B2070022890913D7C590AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C86QcAXcPrBHC8PbRpCNoQkXuEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft
Manifest number:          1235
Signing time:             Wed 25 Mar 2026 22:01:04 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:04 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:04 +0000
Files and hashes:         1: C86QcAXcPrBHC8PbRpCNoQkXuEo.crl (hash: /f5cJIiGmTwO3JKr3KfXWbroFYl0bqEHab8S3M39JvU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C86QcAXcPrBHC8PbRpCNoQkXuEo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:f8:20:26:b2:07:00:22:89:09:13:d7:c5:90:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0bce907005dc3eb0470bc3db46908da10917b84a
        Validity
            Not Before: Mar 25 22:01:04 2026 GMT
            Not After : Mar 26 22:01:04 2026 GMT
        Subject: CN=14aad813e8fc65eba597ae028b2ca48f39df3b0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:b5:5b:f3:86:3b:f8:0d:ec:16:ad:f2:af:6b:
                    a6:ff:ec:90:9d:7e:1c:3a:f3:74:2a:f2:af:1d:c1:
                    30:02:59:33:3c:9c:e5:73:e2:a7:6a:97:02:d0:9e:
                    92:3d:3b:45:0a:fd:1e:be:b4:bc:f9:e6:20:28:50:
                    71:3a:7c:eb:e5:7c:25:a3:1a:0d:3b:03:f0:5b:0c:
                    ad:95:28:28:8f:bc:de:20:aa:18:0c:7f:65:15:92:
                    8c:3d:73:82:8a:27:88:26:17:f3:95:4d:12:7d:9d:
                    08:44:96:2c:ae:91:ee:53:bf:be:5d:b9:0b:ae:ef:
                    1e:21:a3:94:bb:c5:85:00:2b:ae:99:72:b0:bb:7f:
                    5f:6d:eb:b8:77:de:71:f7:1e:90:a7:3e:f1:1d:1d:
                    dd:e9:4b:b8:e8:28:84:1c:60:d3:0c:dd:a9:8b:2b:
                    31:8a:d4:5b:9b:83:d7:42:25:27:52:15:86:6c:48:
                    89:9e:6f:13:ba:0a:a7:2d:bd:79:b6:aa:d5:c3:28:
                    5a:0e:f0:3b:5c:fd:dd:30:fc:61:f6:59:d3:9e:cb:
                    cd:f0:bb:bd:af:1a:68:02:f5:ea:ed:56:60:c1:97:
                    f3:f2:cc:6f:00:ca:11:3e:ff:75:83:c8:5a:60:7e:
                    92:fb:55:bd:8e:3a:af:d6:33:01:c8:86:ec:d7:14:
                    29:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:AA:D8:13:E8:FC:65:EB:A5:97:AE:02:8B:2C:A4:8F:39:DF:3B:0D
            X509v3 Authority Key Identifier:
                keyid:0B:CE:90:70:05:DC:3E:B0:47:0B:C3:DB:46:90:8D:A1:09:17:B8:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C86QcAXcPrBHC8PbRpCNoQkXuEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/635f75-616b-4b93-ab40-e3718998b184/1/C86QcAXcPrBHC8PbRpCNoQkXuEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:ff:fb:22:be:63:9b:0a:bf:94:0a:5f:1f:33:59:71:95:ff:
         2e:7d:ac:53:ee:18:94:24:01:24:a6:00:7c:67:46:62:4a:4f:
         95:ca:d3:18:d5:97:47:c9:ef:4b:28:a3:e6:f9:86:56:45:4d:
         db:83:02:52:4c:bf:34:c3:b6:26:70:f9:1a:ce:87:ea:31:ae:
         a0:52:9a:b8:f2:c0:ae:5a:70:54:b0:23:eb:6f:34:6a:3f:ab:
         99:7b:a0:26:c3:38:0e:e2:b6:78:88:9f:7c:2c:a8:18:8e:13:
         46:0c:ae:ea:96:56:d2:17:56:90:39:5f:2b:b5:64:15:80:d1:
         55:59:de:9c:ae:5d:8f:1b:aa:13:53:89:78:b0:a9:5c:55:c2:
         02:5b:3c:4f:bb:1e:38:a6:41:d4:23:00:c1:c3:78:b0:9a:8c:
         de:22:0a:e2:e2:ec:b3:f7:6a:da:3b:ab:24:41:dc:83:40:a1:
         da:b0:3d:b1:da:f8:39:de:39:1f:ce:b2:e1:47:d6:93:60:16:
         94:43:4a:8d:71:5e:a1:63:06:93:d5:38:4d:d8:68:41:64:d3:
         31:27:25:af:32:62:3c:2a:ce:bd:a1:db:7d:a7:25:be:30:17:
         36:c9:47:10:55:b9:40:91:f1:7f:18:b9:7f:5f:56:b9:36:34:
         77:6d:4c:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA/ggJrIHACKJCRPXxZCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiY2U5MDcwMDVkYzNlYjA0NzBiYzNkYjQ2OTA4ZGExMDkx
N2I4NGEwHhcNMjYwMzI1MjIwMTA0WhcNMjYwMzI2MjIwMTA0WjAzMTEwLwYDVQQD
EygxNGFhZDgxM2U4ZmM2NWViYTU5N2FlMDI4YjJjYTQ4ZjM5ZGYzYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrVb84Y7+A3sFq3yr2um/+yQnX4c
OvN0KvKvHcEwAlkzPJzlc+KnapcC0J6SPTtFCv0evrS8+eYgKFBxOnzr5XwloxoN
OwPwWwytlSgoj7zeIKoYDH9lFZKMPXOCiieIJhfzlU0SfZ0IRJYsrpHuU7++XbkL
ru8eIaOUu8WFACuumXKwu39fbeu4d95x9x6Qpz7xHR3d6Uu46CiEHGDTDN2piysx
itRbm4PXQiUnUhWGbEiJnm8TugqnLb15tqrVwyhaDvA7XP3dMPxh9lnTnsvN8Lu9
rxpoAvXq7VZgwZfz8sxvAMoRPv91g8haYH6S+1W9jjqv1jMByIbs1xQpDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBSq2BPo/GXrpZeuAosspI853zsNMB8GA1UdIwQY
MBaAFAvOkHAF3D6wRwvD20aQjaEJF7hKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzg2UWNBWGNQckJIQzhQYlJwQ05vUWtYdUVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82MzVmNzUtNjE2Yi00YjkzLWFiNDAt
ZTM3MTg5OThiMTg0LzEvQzg2UWNBWGNQckJIQzhQYlJwQ05vUWtYdUVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82MzVmNzUtNjE2Yi00YjkzLWFiNDAtZTM3MTg5OThiMTg0
LzEvQzg2UWNBWGNQckJIQzhQYlJwQ05vUWtYdUVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbv/7Ir5j
mwq/lApfHzNZcZX/Ln2sU+4YlCQBJKYAfGdGYkpPlcrTGNWXR8nvSyij5vmGVkVN
24MCUky/NMO2JnD5Gs6H6jGuoFKauPLArlpwVLAj6280aj+rmXugJsM4DuK2eIif
fCyoGI4TRgyu6pZW0hdWkDlfK7VkFYDRVVnenK5djxuqE1OJeLCpXFXCAls8T7se
OKZB1CMAwcN4sJqM3iIK4uLss/dq2jurJEHcg0Ch2rA9sdr4Od45H86y4UfWk2AW
lENKjXFeoWMGk9U4TdhoQWTTMSclrzJiPCrOvaHbfaclvjAXNslHEFW5QJHxfxi5
f19WuTY0d21MmA==
-----END CERTIFICATE-----