Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft
File:                     68Xg5EXZRzFUru10Rpss-6NmTjU.mft (raw, json)
Hash identifier:          sSFg1nLZ7ARDJ+P0ighOdfTlvPKUPWxXZM3QxoECp6U=
Subject key identifier:   42:41:33:BE:3E:E9:E0:7A:1A:ED:E3:43:54:BE:DB:53:32:30:C8:E4
Authority key identifier: EB:C5:E0:E4:45:D9:47:31:54:AE:ED:74:46:9B:2C:FB:A3:66:4E:35
Certificate issuer:       /CN=ebc5e0e445d9473154aeed74469b2cfba3664e35
Certificate serial:       019D28F308850B0F50BC85674D40DE21246F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/68Xg5EXZRzFUru10Rpss-6NmTjU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft
Manifest number:          0BCB
Signing time:             Thu 26 Mar 2026 07:01:49 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:49 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:49 +0000
Files and hashes:         1: 68Xg5EXZRzFUru10Rpss-6NmTjU.crl (hash: WNG6rESdSUHFjoUdK1Gt7rNb3L0yMriR/Mod2LqRTYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/68Xg5EXZRzFUru10Rpss-6NmTjU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:08:85:0b:0f:50:bc:85:67:4d:40:de:21:24:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ebc5e0e445d9473154aeed74469b2cfba3664e35
        Validity
            Not Before: Mar 26 07:01:49 2026 GMT
            Not After : Mar 27 07:01:49 2026 GMT
        Subject: CN=424133be3ee9e07a1aede34354bedb533230c8e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c2:c1:43:6c:02:bd:22:c9:e3:db:a4:50:72:
                    62:2b:9e:b9:16:14:cd:96:25:54:1c:cc:39:4d:8c:
                    b9:e8:f9:c1:d1:17:6c:8c:15:25:79:55:4e:6b:ab:
                    1c:1a:6d:7f:35:93:bd:25:c2:70:0e:e9:2e:ef:c1:
                    bb:4d:a4:0f:81:8a:dc:5f:19:f5:b9:ff:c0:39:7d:
                    79:99:93:a2:5d:46:1e:23:a9:05:98:dd:b9:bb:c3:
                    0e:42:56:62:82:14:e9:c9:a3:6d:d6:98:f5:17:6a:
                    03:5b:d6:74:ad:18:2e:c4:9c:7e:c5:0e:b5:15:1d:
                    8a:9b:67:14:57:5a:db:f7:98:2e:72:c0:03:7c:64:
                    4a:d1:d0:c6:74:59:89:dc:32:a7:55:5a:17:de:b0:
                    e1:d6:b2:87:9a:91:1b:f6:f6:ca:7a:86:1a:c5:74:
                    30:12:32:8a:16:83:50:5d:30:57:6b:78:26:2c:f0:
                    a5:e7:53:12:5c:d7:4f:61:3e:13:ca:65:7e:f2:84:
                    9c:88:65:07:ad:ec:8c:99:01:bb:6e:68:33:eb:7b:
                    a6:5e:0f:32:59:7c:f5:92:f2:35:d1:73:48:ab:29:
                    a3:09:64:82:71:d9:b3:4f:01:30:08:09:ed:eb:e7:
                    46:ae:5b:67:e2:c0:08:34:4b:79:87:59:8e:48:72:
                    00:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:41:33:BE:3E:E9:E0:7A:1A:ED:E3:43:54:BE:DB:53:32:30:C8:E4
            X509v3 Authority Key Identifier:
                keyid:EB:C5:E0:E4:45:D9:47:31:54:AE:ED:74:46:9B:2C:FB:A3:66:4E:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/68Xg5EXZRzFUru10Rpss-6NmTjU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/32abee-cf7a-44f9-8765-8dec2e163a86/1/68Xg5EXZRzFUru10Rpss-6NmTjU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:05:f4:1a:3d:f1:2a:a3:43:23:dc:b2:8f:97:10:1c:d0:63:
         ec:88:ec:bc:b4:0f:cf:b4:74:ef:8f:6d:92:98:23:2d:65:a6:
         0e:66:bf:aa:f5:b5:1b:30:6f:e4:c6:1c:ea:89:e6:a3:60:8f:
         4b:49:ba:34:67:af:1b:8f:45:bf:3b:66:71:a3:89:e3:c4:6f:
         db:36:8f:8f:f6:3f:3e:82:d5:08:bf:5c:be:73:55:72:32:8b:
         84:fd:26:32:c7:ad:1f:f9:1a:d9:26:02:a7:0f:40:77:9a:b3:
         c7:67:30:5e:4a:38:87:49:2c:ef:b9:bd:70:18:2f:1f:f3:ce:
         3a:c5:39:ef:67:5a:f3:c6:55:6e:95:a4:e0:23:5a:16:0e:ed:
         8b:a8:13:31:a5:63:25:70:da:34:37:b3:0f:c9:9e:0e:8d:c5:
         4f:0d:14:8c:b8:f8:f6:39:f2:9c:00:2c:6b:a1:1d:55:4b:72:
         11:fd:ef:03:b1:13:21:5d:61:51:7b:c2:4b:fe:e7:8b:01:e8:
         af:37:1b:cf:37:ee:96:6a:39:77:47:65:e9:07:5e:3f:56:ae:
         ca:20:20:5a:99:94:56:09:d2:e9:00:0d:55:70:81:45:62:49:
         db:18:4c:27:62:a4:ea:d7:5b:2d:a7:b0:6f:af:f4:be:e0:d2:
         3f:5c:9b:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8wiFCw9QvIVnTUDeISRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYzVlMGU0NDVkOTQ3MzE1NGFlZWQ3NDQ2OWIyY2ZiYTM2
NjRlMzUwHhcNMjYwMzI2MDcwMTQ5WhcNMjYwMzI3MDcwMTQ5WjAzMTEwLwYDVQQD
Eyg0MjQxMzNiZTNlZTllMDdhMWFlZGUzNDM1NGJlZGI1MzMyMzBjOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8LBQ2wCvSLJ49ukUHJiK565FhTN
liVUHMw5TYy56PnB0RdsjBUleVVOa6scGm1/NZO9JcJwDuku78G7TaQPgYrcXxn1
uf/AOX15mZOiXUYeI6kFmN25u8MOQlZighTpyaNt1pj1F2oDW9Z0rRguxJx+xQ61
FR2Km2cUV1rb95gucsADfGRK0dDGdFmJ3DKnVVoX3rDh1rKHmpEb9vbKeoYaxXQw
EjKKFoNQXTBXa3gmLPCl51MSXNdPYT4TymV+8oSciGUHreyMmQG7bmgz63umXg8y
WXz1kvI10XNIqymjCWSCcdmzTwEwCAnt6+dGrltn4sAINEt5h1mOSHIARwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEJBM74+6eB6Gu3jQ1S+21MyMMjkMB8GA1UdIwQY
MBaAFOvF4ORF2UcxVK7tdEabLPujZk41MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjhYZzVFWFpSekZVcnUxMFJwc3MtNk5tVGpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zMmFiZWUtY2Y3YS00NGY5LTg3NjUt
OGRlYzJlMTYzYTg2LzEvNjhYZzVFWFpSekZVcnUxMFJwc3MtNk5tVGpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8zMmFiZWUtY2Y3YS00NGY5LTg3NjUtOGRlYzJlMTYzYTg2
LzEvNjhYZzVFWFpSekZVcnUxMFJwc3MtNk5tVGpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApAX0Gj3x
KqNDI9yyj5cQHNBj7IjsvLQPz7R0749tkpgjLWWmDma/qvW1GzBv5MYc6onmo2CP
S0m6NGevG49FvztmcaOJ48Rv2zaPj/Y/PoLVCL9cvnNVcjKLhP0mMsetH/ka2SYC
pw9Ad5qzx2cwXko4h0ks77m9cBgvH/POOsU572da88ZVbpWk4CNaFg7ti6gTMaVj
JXDaNDezD8meDo3FTw0UjLj49jnynAAsa6EdVUtyEf3vA7ETIV1hUXvCS/7niwHo
rzcbzzfulmo5d0dl6QdeP1auyiAgWpmUVgnS6QANVXCBRWJJ2xhMJ2Kk6tdbLaew
b6/0vuDSP1yb9A==
-----END CERTIFICATE-----