Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
File:                     AkhBfH_pzOxbnarMCPznmdZzCIw.mft (raw, json)
Hash identifier:          StkbbBmjKZ5z9HR68V/cz5AWeUUShMrqYWnUJWBv/sA=
Subject key identifier:   2C:4B:DA:95:FE:09:D1:9F:72:19:D5:D7:DF:F1:43:63:FE:78:EA:D2
Authority key identifier: 02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C
Certificate issuer:       /CN=0248417c7fe9ccec5b9daacc08fce799d673088c
Certificate serial:       019D28F3101EF588707C953BEF75BF9ECAAC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
Manifest number:          10BD
Signing time:             Thu 26 Mar 2026 07:01:51 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:51 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:51 +0000
Files and hashes:         1: AkhBfH_pzOxbnarMCPznmdZzCIw.crl (hash: yNjx1bbQsgcGUulPVwUhFTPK6l9uOjrYgHYc22zq1Wk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:10:1e:f5:88:70:7c:95:3b:ef:75:bf:9e:ca:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0248417c7fe9ccec5b9daacc08fce799d673088c
        Validity
            Not Before: Mar 26 07:01:51 2026 GMT
            Not After : Mar 27 07:01:51 2026 GMT
        Subject: CN=2c4bda95fe09d19f7219d5d7dff14363fe78ead2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e3:32:f8:5c:6f:d9:99:7c:0c:7c:6a:3b:63:
                    28:ac:cf:56:c5:9c:b8:70:e0:41:24:84:24:b9:69:
                    e2:03:bc:dd:58:eb:97:7e:46:f4:c6:8e:92:94:0b:
                    23:27:e8:df:f4:e9:0f:63:ad:36:22:b0:09:36:ef:
                    e9:36:92:4c:89:74:eb:ba:91:d9:7f:d0:09:fd:28:
                    35:7f:d6:46:9e:14:b9:c7:d6:08:0a:60:04:97:57:
                    cb:01:7f:b0:bc:4c:27:04:7d:2e:6e:2f:ae:a0:0a:
                    94:f6:a7:e9:1d:66:db:1c:e1:02:f3:a7:47:c3:52:
                    95:bf:e5:b3:2b:8d:73:e8:9e:88:74:3b:16:71:f9:
                    9b:4b:de:ce:86:9e:c3:09:7b:7b:47:e2:86:b3:38:
                    d9:e8:5b:10:1a:3e:7c:33:0c:a5:2b:b3:79:7e:c3:
                    d3:d7:ea:be:fa:2c:69:23:86:67:d5:2a:3f:55:7f:
                    66:6f:18:7f:e4:9a:e6:44:26:3c:b1:ad:03:5d:aa:
                    68:17:bf:3d:28:eb:22:f8:2d:22:1a:f9:43:30:3a:
                    67:fc:21:92:31:f4:53:8d:5c:6b:39:7d:88:ff:24:
                    95:cf:a4:63:f9:c1:40:e4:ba:32:df:27:80:25:5c:
                    50:e8:98:52:63:7e:2d:2e:2c:fc:32:2f:b1:d8:fb:
                    1e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:4B:DA:95:FE:09:D1:9F:72:19:D5:D7:DF:F1:43:63:FE:78:EA:D2
            X509v3 Authority Key Identifier:
                keyid:02:48:41:7C:7F:E9:CC:EC:5B:9D:AA:CC:08:FC:E7:99:D6:73:08:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkhBfH_pzOxbnarMCPznmdZzCIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/f1678c-ddcc-4253-8595-63c707441ba6/1/AkhBfH_pzOxbnarMCPznmdZzCIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:72:83:b5:68:f1:6f:fb:e3:51:4c:90:00:1d:9e:ae:bb:3d:
         47:3b:7d:7c:a4:3a:59:ed:d0:6d:3a:93:75:fd:2e:72:cb:47:
         46:65:3b:3b:aa:64:19:fb:22:d0:7d:75:c0:18:7f:42:87:6d:
         15:a1:c4:78:31:a6:17:f2:06:46:29:e2:72:da:09:e9:70:10:
         f6:3b:18:6b:f5:1f:4f:de:0e:94:0c:88:aa:c2:f7:6d:92:26:
         3b:20:f5:b4:24:cc:dd:91:8d:42:5f:c0:1c:34:53:db:ea:44:
         98:45:3a:05:2a:98:54:48:2a:12:b5:46:96:dd:ab:a5:4c:03:
         58:f7:57:bf:75:d4:3f:c3:ae:40:67:a5:49:04:3a:cc:0a:1c:
         6d:f3:fb:32:3d:58:26:63:f7:ad:16:3a:63:d9:e4:72:fd:f8:
         87:0e:33:33:7d:c0:8e:bf:06:86:e9:d6:95:f6:c4:9d:02:91:
         a8:fb:3a:99:52:e5:28:54:66:44:92:a5:6b:89:12:53:d8:de:
         c2:11:d3:1e:db:56:d0:b9:3f:2b:87:e3:b1:e8:b8:af:e8:a2:
         e3:36:a3:f2:da:59:98:61:88:4a:74:50:50:21:bf:44:c1:2e:
         da:bb:bd:27:fa:17:b1:f9:05:d9:26:ed:da:cf:30:55:39:a2:
         9b:d0:51:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8xAe9YhwfJU773W/nsqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDg0MTdjN2ZlOWNjZWM1YjlkYWFjYzA4ZmNlNzk5ZDY3
MzA4OGMwHhcNMjYwMzI2MDcwMTUxWhcNMjYwMzI3MDcwMTUxWjAzMTEwLwYDVQQD
EygyYzRiZGE5NWZlMDlkMTlmNzIxOWQ1ZDdkZmYxNDM2M2ZlNzhlYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+My+Fxv2Zl8DHxqO2MorM9WxZy4
cOBBJIQkuWniA7zdWOuXfkb0xo6SlAsjJ+jf9OkPY602IrAJNu/pNpJMiXTrupHZ
f9AJ/Sg1f9ZGnhS5x9YICmAEl1fLAX+wvEwnBH0ubi+uoAqU9qfpHWbbHOEC86dH
w1KVv+WzK41z6J6IdDsWcfmbS97Ohp7DCXt7R+KGszjZ6FsQGj58MwylK7N5fsPT
1+q++ixpI4Zn1So/VX9mbxh/5JrmRCY8sa0DXapoF789KOsi+C0iGvlDMDpn/CGS
MfRTjVxrOX2I/ySVz6Rj+cFA5Loy3yeAJVxQ6JhSY34tLiz8Mi+x2PseQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCxL2pX+CdGfchnV19/xQ2P+eOrSMB8GA1UdIwQY
MBaAFAJIQXx/6czsW52qzAj855nWcwiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUt
NjNjNzA3NDQxYmE2LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mMTY3OGMtZGRjYy00MjUzLTg1OTUtNjNjNzA3NDQxYmE2
LzEvQWtoQmZIX3B6T3hibmFyTUNQem5tZFp6Q0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIXKDtWjx
b/vjUUyQAB2errs9Rzt9fKQ6We3QbTqTdf0ucstHRmU7O6pkGfsi0H11wBh/Qodt
FaHEeDGmF/IGRinictoJ6XAQ9jsYa/UfT94OlAyIqsL3bZImOyD1tCTM3ZGNQl/A
HDRT2+pEmEU6BSqYVEgqErVGlt2rpUwDWPdXv3XUP8OuQGelSQQ6zAocbfP7Mj1Y
JmP3rRY6Y9nkcv34hw4zM33Ajr8GhunWlfbEnQKRqPs6mVLlKFRmRJKla4kSU9je
whHTHttW0Lk/K4fjsei4r+ii4zaj8tpZmGGISnRQUCG/RMEu2ru9J/oXsfkF2Sbt
2s8wVTmim9BRVg==
-----END CERTIFICATE-----