Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
File:                     bP-QsXePU3Q_kng8rxdIouzWaKA.mft (raw, json)
Hash identifier:          dKq9OaJ4SwFvA4+2OfAJhcaPtaBwgsyziRGQvN+3hPM=
Subject key identifier:   5D:2B:B4:B6:DE:C7:8D:8A:CC:81:3E:BE:EB:11:4A:CA:87:C1:F6:8C
Authority key identifier: 6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0
Certificate issuer:       /CN=6cff90b1778f53743f92783caf1748a2ecd668a0
Certificate serial:       019D288471662F4BD4E89FC14F12D0CEDCCB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
Manifest number:          059B
Signing time:             Thu 26 Mar 2026 05:01:01 +0000
Manifest this update:     Thu 26 Mar 2026 05:01:01 +0000
Manifest next update:     Fri 27 Mar 2026 05:01:01 +0000
Files and hashes:         1: bP-QsXePU3Q_kng8rxdIouzWaKA.crl (hash: R8vDSslg1b4pne5vifvzZSRLxNF+XnuVXOykFjapkwY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 05:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:71:66:2f:4b:d4:e8:9f:c1:4f:12:d0:ce:dc:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cff90b1778f53743f92783caf1748a2ecd668a0
        Validity
            Not Before: Mar 26 05:01:01 2026 GMT
            Not After : Mar 27 05:01:01 2026 GMT
        Subject: CN=5d2bb4b6dec78d8acc813ebeeb114aca87c1f68c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:61:22:8f:f9:d0:29:5b:b5:44:5e:6b:4e:f9:
                    d7:15:58:43:05:54:9f:8b:d5:e0:f2:1b:38:b3:83:
                    17:42:10:0e:dd:8f:d2:38:01:bd:7a:50:91:2c:b8:
                    90:88:c0:ab:a1:87:53:4b:03:0b:0b:43:a9:d9:13:
                    7a:6a:ae:3d:d8:5f:f4:47:d7:7a:1e:c6:e2:12:fe:
                    ea:b4:6d:29:30:93:7e:c3:47:88:7a:46:24:14:90:
                    bf:4e:db:66:96:c2:1f:fd:2d:f1:16:cf:5a:ec:31:
                    f4:33:de:ab:d4:0e:08:c9:a9:f2:78:a0:da:89:c2:
                    69:bf:9c:01:54:b8:45:de:d2:c9:80:bd:71:8c:21:
                    8f:53:29:28:4a:c9:be:1d:0f:15:de:f2:24:0a:82:
                    ee:3d:ed:f2:c7:9b:cc:fa:34:12:c8:c0:b1:da:03:
                    20:c2:dc:84:db:9c:13:e5:e0:7d:94:e6:8c:dd:61:
                    8d:eb:09:12:c5:60:a2:e8:97:51:ba:de:3b:72:68:
                    02:e7:8a:e4:b7:26:44:3d:32:45:71:fb:57:48:33:
                    d5:0a:db:cb:d0:8a:cc:d2:05:f8:fe:11:69:a1:0a:
                    d8:8a:df:3e:2b:fd:55:88:24:81:f6:62:30:5e:07:
                    c6:99:8f:51:1c:73:75:f2:bb:a8:f9:db:c8:35:bc:
                    ed:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:2B:B4:B6:DE:C7:8D:8A:CC:81:3E:BE:EB:11:4A:CA:87:C1:F6:8C
            X509v3 Authority Key Identifier:
                keyid:6C:FF:90:B1:77:8F:53:74:3F:92:78:3C:AF:17:48:A2:EC:D6:68:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP-QsXePU3Q_kng8rxdIouzWaKA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dbb525-8ba5-40c3-8c12-7ded4d61e8d2/1/bP-QsXePU3Q_kng8rxdIouzWaKA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:e3:74:7e:5d:70:63:4e:57:17:51:56:f5:59:09:66:d4:89:
         a4:b9:fa:b9:28:47:d4:63:a7:9d:f2:16:35:27:c5:0c:e7:cc:
         eb:d0:78:15:1b:95:ea:4e:76:d5:ce:11:6f:47:fe:78:50:25:
         2e:9f:6d:53:08:26:8c:0c:72:bc:55:49:7c:04:e0:b1:56:19:
         16:68:92:89:6a:ec:2c:ae:41:8d:b1:66:42:ee:26:38:fd:09:
         0c:eb:47:77:1d:68:a8:50:b7:2b:42:30:0b:47:68:2d:eb:bc:
         fb:95:ef:f1:b9:9e:af:fd:09:22:2a:fc:f0:e7:75:c5:bc:99:
         ce:dd:04:04:9c:a0:82:fb:2f:cf:ab:ee:fc:a1:28:82:43:e2:
         c3:c0:00:4d:dd:e2:7c:2e:8d:90:c6:08:aa:5b:e5:63:c9:13:
         12:c3:22:5f:95:37:24:ad:58:d0:de:0a:4a:e9:1f:85:97:0d:
         45:8d:6c:dd:89:86:bd:f4:8e:55:26:70:d1:7c:4a:ab:ac:77:
         dc:7c:b8:b9:2f:d1:02:ed:8b:78:a0:5c:87:81:23:7f:6c:e8:
         e8:36:2f:8c:98:53:e0:0e:2c:26:bb:41:30:02:47:a9:6d:af:
         12:a0:fd:a3:51:72:46:96:74:9b:5e:cf:8c:5a:b6:f6:98:8a:
         10:29:04:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohHFmL0vU6J/BTxLQztzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmY5MGIxNzc4ZjUzNzQzZjkyNzgzY2FmMTc0OGEyZWNk
NjY4YTAwHhcNMjYwMzI2MDUwMTAxWhcNMjYwMzI3MDUwMTAxWjAzMTEwLwYDVQQD
Eyg1ZDJiYjRiNmRlYzc4ZDhhY2M4MTNlYmVlYjExNGFjYTg3YzFmNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2Eij/nQKVu1RF5rTvnXFVhDBVSf
i9Xg8hs4s4MXQhAO3Y/SOAG9elCRLLiQiMCroYdTSwMLC0Op2RN6aq492F/0R9d6
HsbiEv7qtG0pMJN+w0eIekYkFJC/TttmlsIf/S3xFs9a7DH0M96r1A4IyanyeKDa
icJpv5wBVLhF3tLJgL1xjCGPUykoSsm+HQ8V3vIkCoLuPe3yx5vM+jQSyMCx2gMg
wtyE25wT5eB9lOaM3WGN6wkSxWCi6JdRut47cmgC54rktyZEPTJFcftXSDPVCtvL
0IrM0gX4/hFpoQrYit8+K/1ViCSB9mIwXgfGmY9RHHN18ruo+dvINbztIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0rtLbex42KzIE+vusRSsqHwfaMMB8GA1UdIwQY
MBaAFGz/kLF3j1N0P5J4PK8XSKLs1migMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTIt
N2RlZDRkNjFlOGQyLzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kYmI1MjUtOGJhNS00MGMzLThjMTItN2RlZDRkNjFlOGQy
LzEvYlAtUXNYZVBVM1Ffa25nOHJ4ZElvdXpXYUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEuN0fl1w
Y05XF1FW9VkJZtSJpLn6uShH1GOnnfIWNSfFDOfM69B4FRuV6k521c4Rb0f+eFAl
Lp9tUwgmjAxyvFVJfATgsVYZFmiSiWrsLK5BjbFmQu4mOP0JDOtHdx1oqFC3K0Iw
C0doLeu8+5Xv8bmer/0JIir88Od1xbyZzt0EBJyggvsvz6vu/KEogkPiw8AATd3i
fC6NkMYIqlvlY8kTEsMiX5U3JK1Y0N4KSukfhZcNRY1s3YmGvfSOVSZw0XxKq6x3
3Hy4uS/RAu2LeKBch4Ejf2zo6DYvjJhT4A4sJrtBMAJHqW2vEqD9o1FyRpZ0m17P
jFq29piKECkEog==
-----END CERTIFICATE-----