Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/1ca230-3b9f-445b-aa10-240d22f2f895/1/v88kiR7ioP_7jgeqJzq058-IDuI.mft
File:                     v88kiR7ioP_7jgeqJzq058-IDuI.mft (raw, json)
Hash identifier:          IrUvqPwyd2KzbyhE7gJJp01kZf9omEKYvCA7r0bTk/Y=
Subject key identifier:   B9:C3:A5:A5:F7:CC:08:C2:59:5D:E1:02:B9:29:A9:86:7B:FF:CA:EB
Authority key identifier: BF:CF:24:89:1E:E2:A0:FF:FB:8E:07:AA:27:3A:B4:E7:CF:88:0E:E2
Certificate issuer:       /CN=bfcf24891ee2a0fffb8e07aa273ab4e7cf880ee2
Certificate serial:       019D265F257611A90EA8C88CC36247463200
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v88kiR7ioP_7jgeqJzq058-IDuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/1ca230-3b9f-445b-aa10-240d22f2f895/1/v88kiR7ioP_7jgeqJzq058-IDuI.mft
Manifest number:          B1
Signing time:             Wed 25 Mar 2026 19:01:02 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:02 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:02 +0000
Files and hashes:         1: v88kiR7ioP_7jgeqJzq058-IDuI.crl (hash: mhrE/ba7KqhisnIgmGt7BFWxvqafH6CVNfOO4uo1dZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/1ca230-3b9f-445b-aa10-240d22f2f895/1/v88kiR7ioP_7jgeqJzq058-IDuI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/1ca230-3b9f-445b-aa10-240d22f2f895/1/v88kiR7ioP_7jgeqJzq058-IDuI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/v88kiR7ioP_7jgeqJzq058-IDuI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:25:76:11:a9:0e:a8:c8:8c:c3:62:47:46:32:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfcf24891ee2a0fffb8e07aa273ab4e7cf880ee2
        Validity
            Not Before: Mar 25 19:01:02 2026 GMT
            Not After : Mar 26 19:01:02 2026 GMT
        Subject: CN=b9c3a5a5f7cc08c2595de102b929a9867bffcaeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:7c:43:3b:da:92:2f:cf:05:23:58:df:ed:47:
                    1f:02:a0:3d:ef:58:66:54:62:54:f3:ce:4e:ff:77:
                    c3:61:6e:63:7e:9d:40:60:67:3b:98:0d:7f:5f:8a:
                    8d:dc:cc:bd:3c:31:af:33:0a:e1:2d:03:b9:99:80:
                    72:6f:d8:50:4d:4c:78:ee:31:8f:1d:90:ff:c2:47:
                    0b:6c:09:62:36:f8:a7:f1:66:4b:a9:95:ba:09:4b:
                    49:e6:12:93:d0:db:59:6f:b6:60:a6:bf:8c:ee:70:
                    13:43:47:74:24:9d:8c:a1:9e:f3:c2:28:91:4f:2f:
                    af:bb:a6:bb:02:e2:c4:3e:c9:9a:46:5e:cd:4e:fe:
                    a2:07:05:72:9f:7b:ba:99:6e:0e:21:81:f4:97:6a:
                    5d:7b:f4:81:37:ec:ef:6e:4f:ca:4d:fa:00:da:0e:
                    b4:d8:17:b7:30:f3:fc:8f:8f:3c:ea:3c:b1:1c:8f:
                    f0:de:e6:f6:94:92:d4:ed:a4:42:b2:4b:5b:85:e1:
                    88:cb:1d:cc:20:f7:f8:ec:fa:42:84:b7:8d:94:d2:
                    8d:f8:36:84:11:6c:aa:2c:d2:71:a3:cf:24:05:96:
                    14:4d:bb:52:96:23:8e:79:c0:9f:87:00:0d:a8:d8:
                    37:22:d3:2f:00:ba:2e:85:7e:7a:ef:0a:98:51:a4:
                    01:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:C3:A5:A5:F7:CC:08:C2:59:5D:E1:02:B9:29:A9:86:7B:FF:CA:EB
            X509v3 Authority Key Identifier:
                keyid:BF:CF:24:89:1E:E2:A0:FF:FB:8E:07:AA:27:3A:B4:E7:CF:88:0E:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v88kiR7ioP_7jgeqJzq058-IDuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1ca230-3b9f-445b-aa10-240d22f2f895/1/v88kiR7ioP_7jgeqJzq058-IDuI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/1ca230-3b9f-445b-aa10-240d22f2f895/1/v88kiR7ioP_7jgeqJzq058-IDuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:70:d9:25:7e:0b:c4:4f:61:de:56:ce:f3:99:5b:56:1b:0d:
         7e:2e:34:b6:ec:6b:21:89:95:a9:97:15:bf:c7:ae:48:04:4d:
         3e:94:38:3a:06:9f:b9:50:13:15:da:30:79:1f:be:21:fa:ee:
         fd:0c:36:37:91:8f:2a:11:7f:64:01:7f:63:19:29:9d:a9:6c:
         e2:c6:9f:26:c8:7e:30:79:89:35:3e:31:e1:fc:e8:7f:11:28:
         71:9a:e8:6a:d1:c4:90:bf:fc:aa:76:ab:23:5d:9a:66:ba:64:
         e3:31:16:13:73:98:63:91:72:5c:c3:77:bb:ef:38:d9:0a:57:
         f5:4b:20:69:2c:10:5c:e0:4a:2b:9d:93:95:b7:d9:ed:92:8a:
         1e:91:68:85:31:00:5c:7e:1d:84:9b:77:19:34:59:89:1e:16:
         44:e4:da:52:27:ea:37:5c:43:07:78:b4:d8:9d:8c:be:f4:95:
         e4:f8:7b:59:0e:a5:28:c7:93:1d:9a:0a:a3:24:23:8d:6c:1e:
         ae:64:01:d5:ad:1e:4d:97:93:59:9f:78:2a:02:83:58:b8:f0:
         d6:bb:f8:04:5e:cc:f3:43:b9:87:c7:f2:53:0e:a9:cf:74:05:
         0c:da:37:fc:64:c4:19:82:cf:98:44:d8:65:a4:7c:83:b7:49:
         e3:8b:a7:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXyV2EakOqMiMw2JHRjIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmY2YyNDg5MWVlMmEwZmZmYjhlMDdhYTI3M2FiNGU3Y2Y4
ODBlZTIwHhcNMjYwMzI1MTkwMTAyWhcNMjYwMzI2MTkwMTAyWjAzMTEwLwYDVQQD
EyhiOWMzYTVhNWY3Y2MwOGMyNTk1ZGUxMDJiOTI5YTk4NjdiZmZjYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXxDO9qSL88FI1jf7UcfAqA971hm
VGJU885O/3fDYW5jfp1AYGc7mA1/X4qN3My9PDGvMwrhLQO5mYByb9hQTUx47jGP
HZD/wkcLbAliNvin8WZLqZW6CUtJ5hKT0NtZb7Zgpr+M7nATQ0d0JJ2MoZ7zwiiR
Ty+vu6a7AuLEPsmaRl7NTv6iBwVyn3u6mW4OIYH0l2pde/SBN+zvbk/KTfoA2g60
2Be3MPP8j4886jyxHI/w3ub2lJLU7aRCsktbheGIyx3MIPf47PpChLeNlNKN+DaE
EWyqLNJxo88kBZYUTbtSliOOecCfhwANqNg3ItMvALouhX567wqYUaQBWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnDpaX3zAjCWV3hArkpqYZ7/8rrMB8GA1UdIwQY
MBaAFL/PJIke4qD/+44Hqic6tOfPiA7iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjg4a2lSN2lvUF83amdlcUp6cTA1OC1JRHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8xY2EyMzAtM2I5Zi00NDViLWFhMTAt
MjQwZDIyZjJmODk1LzEvdjg4a2lSN2lvUF83amdlcUp6cTA1OC1JRHVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8xY2EyMzAtM2I5Zi00NDViLWFhMTAtMjQwZDIyZjJmODk1
LzEvdjg4a2lSN2lvUF83amdlcUp6cTA1OC1JRHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ3DZJX4L
xE9h3lbO85lbVhsNfi40tuxrIYmVqZcVv8euSARNPpQ4OgafuVATFdoweR++Ifru
/Qw2N5GPKhF/ZAF/Yxkpnals4safJsh+MHmJNT4x4fzofxEocZroatHEkL/8qnar
I12aZrpk4zEWE3OYY5FyXMN3u+842QpX9UsgaSwQXOBKK52TlbfZ7ZKKHpFohTEA
XH4dhJt3GTRZiR4WROTaUifqN1xDB3i02J2MvvSV5Ph7WQ6lKMeTHZoKoyQjjWwe
rmQB1a0eTZeTWZ94KgKDWLjw1rv4BF7M80O5h8fyUw6pz3QFDNo3/GTEGYLPmETY
ZaR8g7dJ44un5Q==
-----END CERTIFICATE-----