Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
File:                     urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft (raw, json)
Hash identifier:          n5BN5KtsIVcVz5t3Lfd3HLcClZNXaNIv4qZbnFYa1CQ=
Subject key identifier:   40:03:6C:FF:6F:E5:8C:BA:78:3E:C2:8C:2D:D7:97:24:E7:D7:92:E2
Authority key identifier: BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B
Certificate issuer:       /CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
Certificate serial:       019D2703AF706D1E4DF051771AFC918863D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
Manifest number:          0DA3
Signing time:             Wed 25 Mar 2026 22:00:46 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:46 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:46 +0000
Files and hashes:         1: urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl (hash: Bhrh6Dsf+gvxw0A1FVAraCIBvvHobMvJwuct1f6wy50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:af:70:6d:1e:4d:f0:51:77:1a:fc:91:88:63:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
        Validity
            Not Before: Mar 25 22:00:46 2026 GMT
            Not After : Mar 26 22:00:46 2026 GMT
        Subject: CN=40036cff6fe58cba783ec28c2dd79724e7d792e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2b:ba:a0:16:d8:21:fa:41:55:d3:9e:ae:43:
                    ad:80:74:7c:70:23:93:4f:0a:8e:f2:18:8a:63:12:
                    40:db:94:73:4c:8e:9c:c5:6c:62:ef:f5:69:dd:15:
                    16:ca:59:f9:a3:7b:c4:12:bb:a9:25:c5:78:67:1b:
                    cb:e5:d8:85:4a:3d:95:33:38:c9:46:1b:f8:2d:17:
                    66:0b:d7:1e:08:f9:a0:ff:0d:19:1f:fc:97:3f:91:
                    25:0e:45:61:b3:4e:21:31:e7:71:51:44:22:dd:ae:
                    82:2c:3a:80:78:d4:d3:43:8e:3e:9e:ce:28:ab:42:
                    ad:73:fd:6c:6d:2c:ef:c5:2c:2d:4d:6a:d8:98:6a:
                    23:14:22:2f:48:57:a7:5e:98:fd:bc:f7:b4:64:35:
                    3a:e8:a9:b4:1d:a7:ec:61:8f:f8:90:1d:10:32:07:
                    dc:38:e7:24:d8:b3:56:57:d8:a5:2c:19:73:51:35:
                    96:56:2d:d1:eb:a6:ce:98:fc:68:ae:b0:7d:a0:b9:
                    1d:d5:9a:bf:0d:49:9d:48:99:33:95:f5:f1:f3:b8:
                    eb:9a:91:5c:65:28:b0:06:a5:b5:71:eb:c9:99:57:
                    e7:1c:ed:51:cf:b4:d5:23:5e:36:fb:7b:86:ef:da:
                    fb:76:0a:cd:a6:0a:64:22:4a:b5:a5:f7:99:db:5a:
                    b6:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:03:6C:FF:6F:E5:8C:BA:78:3E:C2:8C:2D:D7:97:24:E7:D7:92:E2
            X509v3 Authority Key Identifier:
                keyid:BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:69:b9:82:d4:dd:69:f9:14:3d:ce:c7:c4:ae:45:cc:05:5b:
         ae:3d:ef:76:d9:93:88:74:e0:7e:01:94:5f:3b:90:75:78:45:
         15:af:4d:cf:ee:b3:95:ca:ab:a8:94:6a:2e:cc:38:a3:2f:25:
         24:9b:aa:26:53:95:1a:39:2e:96:59:df:42:7f:07:7b:32:91:
         82:17:65:8c:dc:b9:82:89:b0:23:42:0f:4a:a7:12:5c:02:aa:
         66:b2:67:1b:8e:3f:12:28:1b:50:d0:cb:80:73:77:48:09:0e:
         f6:0d:ad:af:f6:70:11:c2:d3:f6:0f:78:6d:b9:1d:67:19:96:
         eb:c2:11:bf:e3:60:e0:ea:8c:38:56:82:ff:ae:06:6f:92:76:
         c6:32:3d:d4:d6:3b:f8:12:92:7f:a0:f1:c8:e8:27:34:46:55:
         8a:19:be:ed:71:20:9d:8c:17:d1:f3:c6:65:58:2c:80:30:5b:
         01:7a:6f:a8:6d:28:19:c3:24:0b:44:f8:ed:ab:b2:b5:83:eb:
         64:52:64:cd:2d:ef:0f:c1:04:b7:89:90:31:03:e5:5f:2d:58:
         7f:87:38:df:45:12:48:aa:8d:a3:9a:d2:52:a0:e2:f6:93:af:
         8c:da:68:06:74:5a:35:46:53:0e:db:23:4f:8a:ad:b7:27:bc:
         e2:a8:17:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA69wbR5N8FF3GvyRiGPRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjliYmMyNGU5YWMzZDllYzdlMTBiZjk1NzQ3ZGFiNWM0
NWRkMmIwHhcNMjYwMzI1MjIwMDQ2WhcNMjYwMzI2MjIwMDQ2WjAzMTEwLwYDVQQD
Eyg0MDAzNmNmZjZmZTU4Y2JhNzgzZWMyOGMyZGQ3OTcyNGU3ZDc5MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiu6oBbYIfpBVdOerkOtgHR8cCOT
TwqO8hiKYxJA25RzTI6cxWxi7/Vp3RUWyln5o3vEErupJcV4ZxvL5diFSj2VMzjJ
Rhv4LRdmC9ceCPmg/w0ZH/yXP5ElDkVhs04hMedxUUQi3a6CLDqAeNTTQ44+ns4o
q0Ktc/1sbSzvxSwtTWrYmGojFCIvSFenXpj9vPe0ZDU66Km0HafsYY/4kB0QMgfc
OOck2LNWV9ilLBlzUTWWVi3R66bOmPxorrB9oLkd1Zq/DUmdSJkzlfXx87jrmpFc
ZSiwBqW1cevJmVfnHO1Rz7TVI142+3uG79r7dgrNpgpkIkq1pfeZ21q20QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEADbP9v5Yy6eD7CjC3XlyTn15LiMB8GA1UdIwQY
MBaAFLq5u8JOmsPZ7H4Qv5V0fatcRd0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjIt
MmViYzY0NDhmNjAyLzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjItMmViYzY0NDhmNjAy
LzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARmm5gtTd
afkUPc7HxK5FzAVbrj3vdtmTiHTgfgGUXzuQdXhFFa9Nz+6zlcqrqJRqLsw4oy8l
JJuqJlOVGjkullnfQn8HezKRghdljNy5gomwI0IPSqcSXAKqZrJnG44/EigbUNDL
gHN3SAkO9g2tr/ZwEcLT9g94bbkdZxmW68IRv+Ng4OqMOFaC/64Gb5J2xjI91NY7
+BKSf6DxyOgnNEZVihm+7XEgnYwX0fPGZVgsgDBbAXpvqG0oGcMkC0T47auytYPr
ZFJkzS3vD8EEt4mQMQPlXy1Yf4c430USSKqNo5rSUqDi9pOvjNpoBnRaNUZTDtsj
T4qttye84qgX1w==
-----END CERTIFICATE-----