Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft
File:                     8A5uimGIP2gBZbX0FUhfjw1PWo0.mft (raw, json)
Hash identifier:          +cWlGWPW8zsknaw2FcKgbSvc3qp+g6zxjbUOHR34chk=
Subject key identifier:   FB:8B:10:E7:86:CD:92:85:00:CD:5F:89:0B:B4:5D:8E:80:F6:EE:20
Authority key identifier: F0:0E:6E:8A:61:88:3F:68:01:65:B5:F4:15:48:5F:8F:0D:4F:5A:8D
Certificate issuer:       /CN=f00e6e8a61883f680165b5f415485f8f0d4f5a8d
Certificate serial:       019D277241EC654428CCAEC5EE2C789D4B47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8A5uimGIP2gBZbX0FUhfjw1PWo0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft
Manifest number:          157F
Signing time:             Thu 26 Mar 2026 00:01:32 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:32 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:32 +0000
Files and hashes:         1: 8A5uimGIP2gBZbX0FUhfjw1PWo0.crl (hash: x7XgLn1y1kNQ1vVFXs0s42GXKBEfv8lxQAI42UbkS8o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8A5uimGIP2gBZbX0FUhfjw1PWo0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:41:ec:65:44:28:cc:ae:c5:ee:2c:78:9d:4b:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f00e6e8a61883f680165b5f415485f8f0d4f5a8d
        Validity
            Not Before: Mar 26 00:01:32 2026 GMT
            Not After : Mar 27 00:01:32 2026 GMT
        Subject: CN=fb8b10e786cd928500cd5f890bb45d8e80f6ee20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:86:6c:3f:a2:ec:55:ac:68:58:03:5d:fb:f7:
                    ba:f4:76:95:fb:85:5f:e5:42:ea:f3:73:34:79:70:
                    b9:df:0a:8f:cb:1f:ab:d0:37:d7:5e:29:46:31:ac:
                    16:7b:83:e7:c3:d6:97:a5:69:53:59:37:52:fe:25:
                    57:f0:0b:93:c1:cd:fc:fd:24:0a:92:29:72:91:a0:
                    72:b4:4c:c4:33:39:da:ae:3b:42:14:a4:57:00:55:
                    44:cb:c6:c2:0c:bb:21:ea:36:39:f7:be:93:a8:1d:
                    f5:2d:8a:3a:44:22:58:77:83:04:74:4c:ec:db:5e:
                    7c:76:4a:bf:ba:fe:94:55:c8:5d:c8:3d:e0:61:c9:
                    d0:27:16:be:05:6a:04:f3:e5:90:35:af:30:62:f4:
                    e1:30:76:ae:7d:df:0a:a3:66:fe:53:27:7c:d6:ef:
                    1c:7e:52:44:8a:51:dc:1d:61:42:9c:2a:53:19:4b:
                    51:ab:72:44:1a:94:f6:65:3c:a9:ea:b1:2a:03:96:
                    97:4e:1f:70:96:19:80:09:9c:91:72:a4:c6:60:6c:
                    02:86:fe:32:10:24:59:7b:6e:68:c0:a8:67:4e:2d:
                    f1:cf:70:5d:37:db:d8:65:24:4a:44:36:ab:ed:fb:
                    cc:b1:cc:90:c1:cf:de:c8:42:7c:db:b9:85:36:ce:
                    04:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:8B:10:E7:86:CD:92:85:00:CD:5F:89:0B:B4:5D:8E:80:F6:EE:20
            X509v3 Authority Key Identifier:
                keyid:F0:0E:6E:8A:61:88:3F:68:01:65:B5:F4:15:48:5F:8F:0D:4F:5A:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8A5uimGIP2gBZbX0FUhfjw1PWo0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/842815-138a-43da-872c-3cff14828dfd/1/8A5uimGIP2gBZbX0FUhfjw1PWo0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:72:f6:b7:33:a7:f6:bd:cc:ee:4f:6a:db:05:f6:76:75:06:
         3f:ce:e8:c9:8a:3f:48:30:62:e3:25:e5:8a:a1:db:6b:f0:b5:
         d3:7d:e1:e8:92:67:9f:dd:3d:d5:33:62:2b:19:6d:24:28:8a:
         b0:bd:3e:6c:0d:b3:cf:f9:13:61:10:85:43:b4:85:56:01:f5:
         4a:62:43:2b:d1:83:8d:a0:ae:2a:88:b3:8a:45:46:9e:3c:8c:
         05:98:55:b9:bf:6b:7c:ed:1b:85:9d:b1:cf:bd:b4:32:ce:37:
         3c:51:10:96:59:dd:10:b8:a9:2a:6c:23:d0:e5:92:63:4a:47:
         2c:ab:77:89:8b:ff:a5:20:43:c4:94:8b:77:fb:36:34:c0:47:
         62:07:41:25:a3:39:e5:d6:57:84:48:d2:44:2b:72:81:e8:ea:
         7e:9e:9f:84:a8:9a:82:d1:e4:ba:3c:2b:11:1e:27:d1:97:60:
         3d:42:a4:57:a1:74:0c:93:1e:b1:3c:71:fb:fa:ad:c2:b0:92:
         87:18:c4:2d:eb:a7:dc:84:fc:87:8d:4f:df:7d:a2:18:3c:0b:
         8b:2c:13:c2:39:52:89:50:83:80:4c:3c:b2:53:08:a5:d7:b7:
         c4:05:5f:88:de:33:93:84:9e:b2:47:f2:39:a1:25:7b:a3:0c:
         0d:19:10:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nckHsZUQozK7F7ix4nUtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMGU2ZThhNjE4ODNmNjgwMTY1YjVmNDE1NDg1ZjhmMGQ0
ZjVhOGQwHhcNMjYwMzI2MDAwMTMyWhcNMjYwMzI3MDAwMTMyWjAzMTEwLwYDVQQD
EyhmYjhiMTBlNzg2Y2Q5Mjg1MDBjZDVmODkwYmI0NWQ4ZTgwZjZlZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYZsP6LsVaxoWANd+/e69HaV+4Vf
5ULq83M0eXC53wqPyx+r0DfXXilGMawWe4Pnw9aXpWlTWTdS/iVX8AuTwc38/SQK
kilykaBytEzEMznarjtCFKRXAFVEy8bCDLsh6jY5976TqB31LYo6RCJYd4MEdEzs
2158dkq/uv6UVchdyD3gYcnQJxa+BWoE8+WQNa8wYvThMHaufd8Ko2b+Uyd81u8c
flJEilHcHWFCnCpTGUtRq3JEGpT2ZTyp6rEqA5aXTh9wlhmACZyRcqTGYGwChv4y
ECRZe25owKhnTi3xz3BdN9vYZSRKRDar7fvMscyQwc/eyEJ827mFNs4EmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuLEOeGzZKFAM1fiQu0XY6A9u4gMB8GA1UdIwQY
MBaAFPAObophiD9oAWW19BVIX48NT1qNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEE1dWltR0lQMmdCWmJYMEZVaGZqdzFQV28wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS84NDI4MTUtMTM4YS00M2RhLTg3MmMt
M2NmZjE0ODI4ZGZkLzEvOEE1dWltR0lQMmdCWmJYMEZVaGZqdzFQV28wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS84NDI4MTUtMTM4YS00M2RhLTg3MmMtM2NmZjE0ODI4ZGZk
LzEvOEE1dWltR0lQMmdCWmJYMEZVaGZqdzFQV28wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA3L2tzOn
9r3M7k9q2wX2dnUGP87oyYo/SDBi4yXliqHba/C1033h6JJnn9091TNiKxltJCiK
sL0+bA2zz/kTYRCFQ7SFVgH1SmJDK9GDjaCuKoizikVGnjyMBZhVub9rfO0bhZ2x
z720Ms43PFEQllndELipKmwj0OWSY0pHLKt3iYv/pSBDxJSLd/s2NMBHYgdBJaM5
5dZXhEjSRCtygejqfp6fhKiagtHkujwrER4n0ZdgPUKkV6F0DJMesTxx+/qtwrCS
hxjELeun3IT8h41P332iGDwLiywTwjlSiVCDgEw8slMIpde3xAVfiN4zk4Seskfy
OaEle6MMDRkQpQ==
-----END CERTIFICATE-----