Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
File:                     b_rHiuobz0OKYe-RUCRI9glkHS0.mft (raw, json)
Hash identifier:          ldwNntfT82PNyzm/puS3KJbD0re0I1xGkSs1Ujphh8g=
Subject key identifier:   50:D8:51:2B:50:B0:52:02:2B:B4:EA:42:F1:DE:9D:2A:95:D9:82:BB
Authority key identifier: 6F:FA:C7:8A:EA:1B:CF:43:8A:61:EF:91:50:24:48:F6:09:64:1D:2D
Certificate issuer:       /CN=6ffac78aea1bcf438a61ef91502448f609641d2d
Certificate serial:       019D265EED6202DBD808C6200B3B91077D0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
Manifest number:          1517
Signing time:             Wed 25 Mar 2026 19:00:48 +0000
Manifest this update:     Wed 25 Mar 2026 19:00:48 +0000
Manifest next update:     Thu 26 Mar 2026 19:00:48 +0000
Files and hashes:         1: b_rHiuobz0OKYe-RUCRI9glkHS0.crl (hash: n6sLo0XcmHyNtKBprzXU8gHBVwyfIcv6Hywo2sMEBL0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5e:ed:62:02:db:d8:08:c6:20:0b:3b:91:07:7d:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ffac78aea1bcf438a61ef91502448f609641d2d
        Validity
            Not Before: Mar 25 19:00:48 2026 GMT
            Not After : Mar 26 19:00:48 2026 GMT
        Subject: CN=50d8512b50b052022bb4ea42f1de9d2a95d982bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:3c:b5:c5:4f:77:8e:ed:42:fb:57:e8:32:eb:
                    cb:d8:8b:a8:7b:c3:96:d1:43:e0:07:00:d7:df:03:
                    a5:b7:67:c7:0e:3a:f1:b5:b9:78:8e:34:06:c4:98:
                    ee:b7:ab:33:51:c3:19:82:3f:49:8f:cb:11:1d:8f:
                    a4:85:28:53:92:e9:82:f5:e0:56:29:98:99:97:84:
                    df:5e:e2:70:e9:6f:61:99:12:d9:45:34:f6:37:ed:
                    0a:e9:c2:1d:54:3a:5b:1d:7d:e1:cc:a6:01:f6:d8:
                    e4:0b:73:e5:31:9e:6b:a8:cd:5e:29:60:d9:5e:93:
                    7c:69:f1:7d:4d:4d:70:30:de:6f:7c:1e:40:e7:83:
                    9e:43:3c:bb:3c:b2:a8:1d:f2:e1:67:14:46:e8:9f:
                    55:36:35:e7:f6:fe:29:96:f2:89:50:03:1c:0e:bc:
                    7b:b9:57:35:79:41:6a:48:fd:11:a1:ee:de:ff:71:
                    68:1e:0b:f6:35:2e:6c:79:d9:5a:4b:89:94:5d:11:
                    7f:c2:17:cf:10:c0:35:b3:00:43:33:95:d3:d3:fb:
                    37:59:41:ea:34:88:4a:7d:6a:74:87:35:df:f7:f9:
                    7d:b4:45:c0:7d:e6:a1:73:14:e1:dd:20:91:18:0c:
                    95:ce:77:9b:b1:da:0f:a8:90:25:6d:68:fb:53:08:
                    4c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:D8:51:2B:50:B0:52:02:2B:B4:EA:42:F1:DE:9D:2A:95:D9:82:BB
            X509v3 Authority Key Identifier:
                keyid:6F:FA:C7:8A:EA:1B:CF:43:8A:61:EF:91:50:24:48:F6:09:64:1D:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_rHiuobz0OKYe-RUCRI9glkHS0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/98e6a9-04d5-45a0-9710-0c343513ade3/1/b_rHiuobz0OKYe-RUCRI9glkHS0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:2f:a2:4c:85:d5:2f:66:f6:0a:d8:1c:4b:42:2f:79:be:1e:
         56:43:87:ba:2d:60:b5:36:84:d3:51:7c:c9:b6:bb:39:4e:f6:
         a5:31:89:f4:5f:dd:a3:51:ad:1f:2e:64:1b:7b:a8:db:21:74:
         6d:74:4d:1c:69:50:24:45:12:b7:11:06:93:ef:c1:b3:36:a5:
         7f:00:88:a6:97:b6:34:ce:45:6c:8f:1d:aa:1a:e7:ea:1b:ab:
         2d:25:ba:ea:f3:00:55:53:b4:42:b0:1e:35:cb:68:62:f4:31:
         17:a3:22:6a:77:47:17:38:de:ab:cc:bc:b3:66:89:55:49:5a:
         93:85:9a:dc:6f:16:e5:7c:b3:24:7e:d7:57:42:99:6b:ac:09:
         fa:9d:28:d3:90:af:51:e7:94:e3:c7:f8:8c:5c:1a:93:f1:d3:
         d1:ce:4d:c6:ba:af:c8:3d:ad:ca:5c:9f:e8:df:a1:ea:56:72:
         12:bb:65:50:59:08:d9:20:ab:79:ae:ae:c9:03:bf:ce:70:5a:
         e3:d2:cd:96:35:fe:9d:b3:11:db:a7:1b:ae:39:fd:21:49:de:
         fd:fa:70:ac:4b:f6:60:90:be:c6:ae:9b:f9:dd:46:a8:41:78:
         02:40:0e:8f:77:12:fb:f0:79:92:a3:de:77:27:c3:67:65:58:
         e3:ba:f7:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXu1iAtvYCMYgCzuRB30OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmFjNzhhZWExYmNmNDM4YTYxZWY5MTUwMjQ0OGY2MDk2
NDFkMmQwHhcNMjYwMzI1MTkwMDQ4WhcNMjYwMzI2MTkwMDQ4WjAzMTEwLwYDVQQD
Eyg1MGQ4NTEyYjUwYjA1MjAyMmJiNGVhNDJmMWRlOWQyYTk1ZDk4MmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Dy1xU93ju1C+1foMuvL2Iuoe8OW
0UPgBwDX3wOlt2fHDjrxtbl4jjQGxJjut6szUcMZgj9Jj8sRHY+khShTkumC9eBW
KZiZl4TfXuJw6W9hmRLZRTT2N+0K6cIdVDpbHX3hzKYB9tjkC3PlMZ5rqM1eKWDZ
XpN8afF9TU1wMN5vfB5A54OeQzy7PLKoHfLhZxRG6J9VNjXn9v4plvKJUAMcDrx7
uVc1eUFqSP0Roe7e/3FoHgv2NS5sedlaS4mUXRF/whfPEMA1swBDM5XT0/s3WUHq
NIhKfWp0hzXf9/l9tEXAfeahcxTh3SCRGAyVznebsdoPqJAlbWj7UwhMoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDYUStQsFICK7TqQvHenSqV2YK7MB8GA1UdIwQY
MBaAFG/6x4rqG89DimHvkVAkSPYJZB0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85OGU2YTktMDRkNS00NWEwLTk3MTAt
MGMzNDM1MTNhZGUzLzEvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85OGU2YTktMDRkNS00NWEwLTk3MTAtMGMzNDM1MTNhZGUz
LzEvYl9ySGl1b2J6ME9LWWUtUlVDUkk5Z2xrSFMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEy+iTIXV
L2b2CtgcS0Iveb4eVkOHui1gtTaE01F8yba7OU72pTGJ9F/do1GtHy5kG3uo2yF0
bXRNHGlQJEUStxEGk+/BszalfwCIppe2NM5FbI8dqhrn6hurLSW66vMAVVO0QrAe
NctoYvQxF6MiandHFzjeq8y8s2aJVUlak4Wa3G8W5XyzJH7XV0KZa6wJ+p0o05Cv
UeeU48f4jFwak/HT0c5NxrqvyD2tylyf6N+h6lZyErtlUFkI2SCrea6uyQO/znBa
49LNljX+nbMR26cbrjn9IUne/fpwrEv2YJC+xq6b+d1GqEF4AkAOj3cS+/B5kqPe
dyfDZ2VY47r3Cw==
-----END CERTIFICATE-----