Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          +R9AN4AFKtGYUj+O8IoEpmbcgf9ekiImV3r4o5acNJY=
Subject key identifier:   95:78:38:A9:53:1E:F0:90:4F:EC:63:50:45:F3:CA:D0:17:0D:D3:2C
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       019D2772C526FA24C0488E3EE50BDBBFB40E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          0F2B
Signing time:             Thu 26 Mar 2026 00:02:06 +0000
Manifest this update:     Thu 26 Mar 2026 00:02:06 +0000
Manifest next update:     Fri 27 Mar 2026 00:02:06 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: mmanj+/x8CVgRd2/U3M4+kZClUXOl6x1wlSDAZXnTro=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:c5:26:fa:24:c0:48:8e:3e:e5:0b:db:bf:b4:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: Mar 26 00:02:06 2026 GMT
            Not After : Mar 27 00:02:06 2026 GMT
        Subject: CN=957838a9531ef0904fec635045f3cad0170dd32c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:e7:54:0e:32:28:a3:7c:d6:f8:7f:3f:9b:2d:
                    bf:71:f8:7b:4d:d1:2f:59:6e:27:59:75:ac:64:1f:
                    a3:14:bc:cf:4a:2c:dd:ec:b8:fb:a4:fa:da:be:76:
                    0d:6f:7e:85:d4:b9:60:99:9d:42:2b:ae:22:dc:7b:
                    55:8a:fa:a9:2f:7c:09:c1:7e:66:f6:78:3b:1b:0a:
                    37:25:fa:6b:ec:47:35:87:8b:a8:0c:74:28:ec:54:
                    8a:47:a0:3e:ba:a7:c0:22:76:c1:1c:0a:9d:65:dc:
                    2f:4c:35:c4:40:98:71:66:88:25:8d:fe:22:5a:ee:
                    84:ab:aa:20:c8:6e:36:01:02:08:a9:91:95:32:69:
                    73:24:25:d1:a2:b0:fe:c9:a6:b8:dd:70:45:f5:16:
                    75:3f:41:34:b7:ce:75:a6:7e:f9:3f:ca:e9:94:e0:
                    aa:e4:88:75:a1:55:01:b2:fa:a4:1f:86:43:d8:9a:
                    e3:e7:ec:0d:8f:b1:7c:6c:f9:0b:34:06:ef:7d:65:
                    bb:5c:b0:62:8b:10:18:d9:56:5a:9d:30:43:3c:30:
                    52:35:5c:36:4d:56:ce:3e:2d:41:74:45:81:78:af:
                    46:1d:c5:e1:14:5c:f4:0b:98:d1:13:5c:ba:d8:01:
                    2c:91:23:1a:4c:b3:88:c5:0e:e3:66:21:34:01:aa:
                    38:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:78:38:A9:53:1E:F0:90:4F:EC:63:50:45:F3:CA:D0:17:0D:D3:2C
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:64:90:fc:df:48:05:a4:93:1b:bc:d7:83:86:58:7d:95:ee:
         82:a5:95:14:ca:44:82:32:42:72:ce:b2:ff:9f:1c:c1:0d:59:
         5c:ee:10:4e:4f:6d:cd:7c:f6:47:3b:82:57:7f:18:fe:cd:ae:
         27:04:f6:0d:48:33:54:3f:18:07:62:2a:b4:4f:bf:cd:36:74:
         f0:91:08:32:56:2f:e8:b6:3a:a3:c8:29:57:a4:7c:75:90:78:
         00:04:b6:90:6b:fa:aa:03:d9:c7:03:e1:d5:da:16:48:4c:69:
         d4:cd:c4:09:2f:77:b4:c5:72:65:93:ca:72:fb:59:ad:1d:6e:
         18:ee:41:2d:63:4d:71:dc:ef:32:bd:97:60:b9:ed:53:22:6b:
         4a:10:e4:b0:7f:e9:f7:59:87:f0:a0:e3:63:db:c8:42:c1:66:
         22:0d:82:05:75:0d:c4:5f:66:3d:dc:0a:a4:ad:5e:50:e4:bd:
         cf:36:9a:f0:75:a6:99:c2:8d:bd:fc:2c:ff:fa:98:84:42:36:
         a2:18:f0:ca:e7:7f:fc:85:a1:9c:d2:31:d8:cb:e6:c8:da:af:
         9a:70:41:76:e0:13:52:48:bd:57:b5:56:75:06:10:f3:9f:39:
         8c:3e:15:27:e7:dc:d5:22:cb:a8:24:a2:55:e5:28:54:71:07:
         f9:a7:68:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncsUm+iTASI4+5Qvbv7QOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjYwMzI2MDAwMjA2WhcNMjYwMzI3MDAwMjA2WjAzMTEwLwYDVQQD
Eyg5NTc4MzhhOTUzMWVmMDkwNGZlYzYzNTA0NWYzY2FkMDE3MGRkMzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0udUDjIoo3zW+H8/my2/cfh7TdEv
WW4nWXWsZB+jFLzPSizd7Lj7pPravnYNb36F1LlgmZ1CK64i3HtVivqpL3wJwX5m
9ng7Gwo3Jfpr7Ec1h4uoDHQo7FSKR6A+uqfAInbBHAqdZdwvTDXEQJhxZogljf4i
Wu6Eq6ogyG42AQIIqZGVMmlzJCXRorD+yaa43XBF9RZ1P0E0t851pn75P8rplOCq
5Ih1oVUBsvqkH4ZD2Jrj5+wNj7F8bPkLNAbvfWW7XLBiixAY2VZanTBDPDBSNVw2
TVbOPi1BdEWBeK9GHcXhFFz0C5jRE1y62AEskSMaTLOIxQ7jZiE0Aao4IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJV4OKlTHvCQT+xjUEXzytAXDdMsMB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGSQ/N9I
BaSTG7zXg4ZYfZXugqWVFMpEgjJCcs6y/58cwQ1ZXO4QTk9tzXz2RzuCV38Y/s2u
JwT2DUgzVD8YB2IqtE+/zTZ08JEIMlYv6LY6o8gpV6R8dZB4AAS2kGv6qgPZxwPh
1doWSExp1M3ECS93tMVyZZPKcvtZrR1uGO5BLWNNcdzvMr2XYLntUyJrShDksH/p
91mH8KDjY9vIQsFmIg2CBXUNxF9mPdwKpK1eUOS9zzaa8HWmmcKNvfws//qYhEI2
ohjwyud//IWhnNIx2MvmyNqvmnBBduATUki9V7VWdQYQ8585jD4VJ+fc1SLLqCSi
VeUoVHEH+adonQ==
-----END CERTIFICATE-----