Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
File:                     bLm_6TNtoFV5BgineljMq8SWhpQ.mft (raw, json)
Hash identifier:          NWnlStHyEp16/vMvVgC9Whjas53f33r72cn7qmH28B4=
Subject key identifier:   34:43:79:AF:48:D0:06:7A:D8:BB:64:A0:2A:DE:24:79:34:3E:D2:B2
Authority key identifier: 6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94
Certificate issuer:       /CN=6cb9bfe9336da055790608a77a58ccabc4968694
Certificate serial:       019D277216F3D5470ABC692BCBE43DE04224
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
Manifest number:          0F2B
Signing time:             Thu 26 Mar 2026 00:01:21 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:21 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:21 +0000
Files and hashes:         1: bLm_6TNtoFV5BgineljMq8SWhpQ.crl (hash: /gENbzFW/so9tTIS+at0+kmksSk6a9S+2bczjs4VOPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:16:f3:d5:47:0a:bc:69:2b:cb:e4:3d:e0:42:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb9bfe9336da055790608a77a58ccabc4968694
        Validity
            Not Before: Mar 26 00:01:21 2026 GMT
            Not After : Mar 27 00:01:21 2026 GMT
        Subject: CN=344379af48d0067ad8bb64a02ade2479343ed2b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:b8:14:05:5a:ee:02:4a:57:db:ff:26:6b:e5:
                    3e:25:44:92:91:36:d1:0c:a6:1a:5f:38:79:ea:9b:
                    af:02:00:6b:17:2f:74:46:fe:01:41:0a:24:b1:f6:
                    af:cc:01:8d:c0:91:54:36:08:c2:aa:75:79:70:19:
                    11:bd:7d:47:f0:39:a1:fc:b9:12:8c:58:40:4a:fe:
                    bb:68:ff:2e:cc:e8:b5:de:09:ba:be:c4:7f:b9:39:
                    3b:d6:58:76:cf:7f:34:9b:6d:b6:76:9b:97:8c:48:
                    16:64:17:5d:f3:a6:97:46:24:b5:8e:1b:b2:30:93:
                    96:d6:f5:11:bc:64:6c:ae:8a:3c:a6:ef:67:11:72:
                    6b:16:da:5f:2e:ff:77:b0:2b:6a:7b:08:af:6b:17:
                    29:c1:59:77:71:3c:61:79:30:4f:2f:b6:d6:fa:df:
                    3e:52:71:03:52:39:64:e6:9e:1e:46:e7:58:5e:21:
                    c0:15:9f:c9:14:04:56:a7:4e:84:9c:94:73:32:35:
                    fd:db:8f:9f:28:95:9e:29:56:ef:91:3d:a1:b8:ac:
                    d7:76:66:e6:f2:80:8a:14:4c:e3:e9:44:fd:45:af:
                    37:68:98:77:d3:86:e1:4d:32:e2:49:41:76:49:67:
                    69:ec:6c:d2:63:58:b0:ce:3c:8e:0a:bf:29:fd:58:
                    23:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:43:79:AF:48:D0:06:7A:D8:BB:64:A0:2A:DE:24:79:34:3E:D2:B2
            X509v3 Authority Key Identifier:
                keyid:6C:B9:BF:E9:33:6D:A0:55:79:06:08:A7:7A:58:CC:AB:C4:96:86:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLm_6TNtoFV5BgineljMq8SWhpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6fe3fa-9682-4807-9272-cfd00dd827ee/1/bLm_6TNtoFV5BgineljMq8SWhpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:95:c9:d2:b1:f4:6e:d3:dc:35:20:90:45:85:bd:ab:26:05:
         b6:03:d4:ea:cc:d2:b0:b8:56:68:af:4d:8e:d9:b5:5a:5b:2f:
         05:71:67:0a:d3:92:9e:0c:29:8f:bd:d9:ee:f5:3c:ff:c9:e9:
         2a:f6:9d:08:fb:50:ca:8d:6c:64:90:3a:5b:28:10:32:fa:b6:
         8c:ab:86:7b:5c:3e:29:3a:54:62:36:82:3f:3a:87:c4:ff:ce:
         da:24:92:9f:f1:b8:38:10:75:9a:0f:b8:ed:6d:02:8c:d8:75:
         09:7a:cc:59:a2:86:bb:01:83:dc:22:3f:e8:a8:de:4b:bd:57:
         4c:2e:92:04:c5:b3:13:3c:d4:a4:57:f2:7f:9b:37:fa:db:ae:
         e0:73:71:c1:a8:b5:1c:4c:a5:c2:fd:07:c5:b6:01:b9:46:07:
         55:85:6c:2e:57:e6:75:28:80:c5:3d:41:c9:3d:f1:70:d9:21:
         b1:c3:13:e7:91:3d:4a:d9:ef:be:f9:53:72:37:d7:0c:08:d9:
         42:d4:20:8a:43:56:81:82:cb:5c:22:41:53:69:ce:d3:46:df:
         27:56:45:ef:40:77:fb:17:b5:21:67:f0:88:b4:aa:99:21:b6:
         54:5a:75:04:d3:83:bf:6a:e7:30:85:9c:5e:10:f7:fd:eb:3b:
         30:2d:81:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nchbz1UcKvGkry+Q94EIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjliZmU5MzM2ZGEwNTU3OTA2MDhhNzdhNThjY2FiYzQ5
Njg2OTQwHhcNMjYwMzI2MDAwMTIxWhcNMjYwMzI3MDAwMTIxWjAzMTEwLwYDVQQD
EygzNDQzNzlhZjQ4ZDAwNjdhZDhiYjY0YTAyYWRlMjQ3OTM0M2VkMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bgUBVruAkpX2/8ma+U+JUSSkTbR
DKYaXzh56puvAgBrFy90Rv4BQQoksfavzAGNwJFUNgjCqnV5cBkRvX1H8Dmh/LkS
jFhASv67aP8uzOi13gm6vsR/uTk71lh2z380m222dpuXjEgWZBdd86aXRiS1jhuy
MJOW1vURvGRsroo8pu9nEXJrFtpfLv93sCtqewivaxcpwVl3cTxheTBPL7bW+t8+
UnEDUjlk5p4eRudYXiHAFZ/JFARWp06EnJRzMjX924+fKJWeKVbvkT2huKzXdmbm
8oCKFEzj6UT9Ra83aJh304bhTTLiSUF2SWdp7GzSY1iwzjyOCr8p/VgjfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDRDea9I0AZ62LtkoCreJHk0PtKyMB8GA1UdIwQY
MBaAFGy5v+kzbaBVeQYIp3pYzKvEloaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzIt
Y2ZkMDBkZDgyN2VlLzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82ZmUzZmEtOTY4Mi00ODA3LTkyNzItY2ZkMDBkZDgyN2Vl
LzEvYkxtXzZUTnRvRlY1QmdpbmVsak1xOFNXaHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJpXJ0rH0
btPcNSCQRYW9qyYFtgPU6szSsLhWaK9Njtm1WlsvBXFnCtOSngwpj73Z7vU8/8np
KvadCPtQyo1sZJA6WygQMvq2jKuGe1w+KTpUYjaCPzqHxP/O2iSSn/G4OBB1mg+4
7W0CjNh1CXrMWaKGuwGD3CI/6KjeS71XTC6SBMWzEzzUpFfyf5s3+tuu4HNxwai1
HEylwv0HxbYBuUYHVYVsLlfmdSiAxT1ByT3xcNkhscMT55E9StnvvvlTcjfXDAjZ
QtQgikNWgYLLXCJBU2nO00bfJ1ZF70B3+xe1IWfwiLSqmSG2VFp1BNODv2rnMIWc
XhD3/es7MC2B/g==
-----END CERTIFICATE-----