Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft
File:                     ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft (raw, json)
Hash identifier:          h7xP15iZQCNG4FMXi3UVd6yg0hplPSwR/ttE3ouNioQ=
Subject key identifier:   89:02:92:04:3A:4B:D3:23:4F:09:76:B0:D8:09:AB:19:79:67:0E:09
Authority key identifier: 01:14:63:FF:99:C2:4C:09:37:A4:06:5D:1F:CC:FE:B9:08:FC:3A:D2
Certificate issuer:       /CN=011463ff99c24c0937a4065d1fccfeb908fc3ad2
Certificate serial:       019D26CCF2E78447BE24F9B0E7020F93542A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ARRj_5nCTAk3pAZdH8z-uQj8OtI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft
Manifest number:          14BD
Signing time:             Wed 25 Mar 2026 21:00:58 +0000
Manifest this update:     Wed 25 Mar 2026 21:00:58 +0000
Manifest next update:     Thu 26 Mar 2026 21:00:58 +0000
Files and hashes:         1: ARRj_5nCTAk3pAZdH8z-uQj8OtI.crl (hash: i+wzrcvhOQ+XlnUZmOZLL3oiR7pcIIw9HbjhvODzDmA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ARRj_5nCTAk3pAZdH8z-uQj8OtI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 21:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:cc:f2:e7:84:47:be:24:f9:b0:e7:02:0f:93:54:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=011463ff99c24c0937a4065d1fccfeb908fc3ad2
        Validity
            Not Before: Mar 25 21:00:58 2026 GMT
            Not After : Mar 26 21:00:58 2026 GMT
        Subject: CN=890292043a4bd3234f0976b0d809ab1979670e09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:b0:37:c5:69:dd:16:5d:df:aa:33:22:e5:2e:
                    27:29:03:25:22:74:c9:ad:31:81:5f:78:73:a4:9c:
                    b5:48:33:df:94:24:af:97:95:1f:81:8f:32:a4:58:
                    97:d9:82:52:78:f7:03:47:ed:8f:fb:c4:d2:1d:0a:
                    89:9f:ac:ea:f8:0f:2f:be:87:e0:9f:e3:e0:73:de:
                    b3:d4:56:a7:f2:f5:ec:5b:8f:57:e0:da:07:79:cd:
                    a8:6a:4d:d8:38:01:b5:7e:21:25:66:5a:54:5f:a1:
                    b5:a1:bd:71:de:49:e7:ec:dd:ce:fc:43:65:16:42:
                    e0:fc:07:01:8d:1e:01:09:22:d3:ac:7c:58:83:6b:
                    c6:51:18:a0:4d:6b:29:7e:bc:f8:15:ab:82:b7:0f:
                    de:83:49:78:48:4b:c8:63:f7:b2:58:36:16:b6:6e:
                    ff:91:01:62:56:ca:75:f2:21:3e:68:1f:09:18:39:
                    a4:b4:87:60:e7:ab:a2:19:6f:37:dc:d1:3b:bc:cf:
                    a8:e3:b7:14:dc:18:c9:b2:f8:62:df:13:16:bc:9c:
                    be:22:73:cc:7e:5c:b5:9b:44:6e:ad:df:ed:3b:3c:
                    14:13:5b:1f:d9:99:bb:0b:08:66:2c:e2:53:a7:6a:
                    26:fe:49:ef:18:2d:3e:7d:17:6f:4b:78:50:61:47:
                    c3:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:02:92:04:3A:4B:D3:23:4F:09:76:B0:D8:09:AB:19:79:67:0E:09
            X509v3 Authority Key Identifier:
                keyid:01:14:63:FF:99:C2:4C:09:37:A4:06:5D:1F:CC:FE:B9:08:FC:3A:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ARRj_5nCTAk3pAZdH8z-uQj8OtI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:4d:4a:5a:9a:72:65:bb:a5:35:fc:f2:d9:7b:e9:70:91:f0:
         97:13:ab:6e:f1:b8:95:ab:c8:7b:35:e4:49:0b:45:46:b2:66:
         93:47:77:a1:05:97:76:08:31:3f:8d:07:2b:c4:86:96:ae:40:
         e5:ce:e3:d6:4c:df:36:fa:56:96:82:c6:1e:cd:1b:75:86:9d:
         62:2d:4f:ac:01:9e:f4:9b:95:d6:e3:38:b5:1c:61:e2:04:b3:
         3f:ae:82:06:83:3e:cc:c1:a9:88:0f:b3:ac:8c:80:cc:51:7d:
         ba:cd:4e:29:12:30:8d:d4:d6:e4:55:9e:22:97:76:f3:4d:52:
         6c:2a:fa:7e:0b:83:e6:c1:90:f0:4a:93:93:e2:f7:f1:d9:af:
         1e:d0:aa:2d:a3:07:8c:ce:5d:04:de:3e:45:75:0f:4c:b0:77:
         21:82:8d:df:5f:d0:34:83:d7:66:0d:75:ed:e9:f2:dd:7e:55:
         e5:29:39:26:d8:b7:a5:e4:02:a1:ce:30:15:29:b7:eb:29:37:
         6c:4d:c0:92:aa:ba:7f:ea:82:49:17:ca:7d:b4:eb:12:5e:70:
         7a:94:1b:5f:15:c6:bf:df:9a:43:f2:36:ef:1c:fb:5d:60:ff:
         ce:32:3c:d6:30:48:ba:74:9f:e2:8c:ea:06:4e:95:3b:e6:07:
         84:0b:af:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzPLnhEe+JPmw5wIPk1QqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMTQ2M2ZmOTljMjRjMDkzN2E0MDY1ZDFmY2NmZWI5MDhm
YzNhZDIwHhcNMjYwMzI1MjEwMDU4WhcNMjYwMzI2MjEwMDU4WjAzMTEwLwYDVQQD
Eyg4OTAyOTIwNDNhNGJkMzIzNGYwOTc2YjBkODA5YWIxOTc5NjcwZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrA3xWndFl3fqjMi5S4nKQMlInTJ
rTGBX3hzpJy1SDPflCSvl5UfgY8ypFiX2YJSePcDR+2P+8TSHQqJn6zq+A8vvofg
n+Pgc96z1Fan8vXsW49X4NoHec2oak3YOAG1fiElZlpUX6G1ob1x3knn7N3O/ENl
FkLg/AcBjR4BCSLTrHxYg2vGURigTWspfrz4FauCtw/eg0l4SEvIY/eyWDYWtm7/
kQFiVsp18iE+aB8JGDmktIdg56uiGW833NE7vM+o47cU3BjJsvhi3xMWvJy+InPM
fly1m0Rurd/tOzwUE1sf2Zm7CwhmLOJTp2om/knvGC0+fRdvS3hQYUfDDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIkCkgQ6S9MjTwl2sNgJqxl5Zw4JMB8GA1UdIwQY
MBaAFAEUY/+ZwkwJN6QGXR/M/rkI/DrSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVJSal81bkNUQWszcEFaZEg4ei11UWo4T3RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yNDAwMjQtZjQzMy00MjQxLWI0MGQt
ZDFlODRjZmE0NzhmLzEvQVJSal81bkNUQWszcEFaZEg4ei11UWo4T3RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yNDAwMjQtZjQzMy00MjQxLWI0MGQtZDFlODRjZmE0Nzhm
LzEvQVJSal81bkNUQWszcEFaZEg4ei11UWo4T3RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIk1KWppy
ZbulNfzy2XvpcJHwlxOrbvG4lavIezXkSQtFRrJmk0d3oQWXdggxP40HK8SGlq5A
5c7j1kzfNvpWloLGHs0bdYadYi1PrAGe9JuV1uM4tRxh4gSzP66CBoM+zMGpiA+z
rIyAzFF9us1OKRIwjdTW5FWeIpd2801SbCr6fguD5sGQ8EqTk+L38dmvHtCqLaMH
jM5dBN4+RXUPTLB3IYKN31/QNIPXZg117eny3X5V5Sk5Jti3peQCoc4wFSm36yk3
bE3Akqq6f+qCSRfKfbTrEl5wepQbXxXGv9+aQ/I27xz7XWD/zjI81jBIunSf4ozq
Bk6VO+YHhAuv4w==
-----END CERTIFICATE-----