Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File:                     bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier:          RzQqBzkdB+U7kfFFhk3xbmeDVkyyE40JVqRNNC8smDg=
Subject key identifier:   86:72:17:F9:C3:B8:6E:77:F7:4C:B4:42:55:74:83:38:42:04:69:23
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer:       /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial:       019D28F270BB3A6DE5871C19D72F88FF0996
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number:          1014
Signing time:             Thu 26 Mar 2026 07:01:10 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:10 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:10 +0000
Files and hashes:         1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: HwE6h4bsgiXgiYjj34Yxe07gQMcZYNhlLIlCqgNDDpc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:70:bb:3a:6d:e5:87:1c:19:d7:2f:88:ff:09:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
        Validity
            Not Before: Mar 26 07:01:10 2026 GMT
            Not After : Mar 27 07:01:10 2026 GMT
        Subject: CN=867217f9c3b86e77f74cb4425574833842046923
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1e:61:80:e4:3d:83:13:84:9b:4d:20:e2:ec:
                    1c:73:20:65:31:eb:25:e4:ab:59:c3:6c:78:71:4b:
                    23:79:2a:53:49:4b:0b:01:f6:91:9c:5c:8f:db:54:
                    2f:c3:76:15:74:ca:dc:86:66:dd:80:27:a8:19:82:
                    51:f1:35:ba:55:d1:c9:26:7b:61:26:f6:fd:d6:d8:
                    fc:69:d9:7a:18:41:d2:b5:a5:49:65:a6:15:2d:84:
                    da:91:c7:f7:39:f7:c3:10:50:ac:be:18:f4:a0:9a:
                    31:44:f5:73:2f:b8:91:bf:53:b2:f8:a8:d2:05:07:
                    c5:15:4c:2d:6c:cb:f1:5f:7b:5c:ec:b7:8f:2b:6e:
                    c4:32:5f:27:76:f2:af:e8:a9:05:3c:0a:c0:14:86:
                    f0:df:b8:95:4e:f0:67:38:bc:32:ce:18:d3:55:6e:
                    40:a7:ed:ea:94:be:ee:f9:d7:fd:6e:13:57:30:9a:
                    35:1f:0c:60:88:23:19:f1:5d:5f:05:e0:6b:f1:23:
                    e8:14:ea:21:2a:96:c9:60:1d:29:ec:84:b9:54:ab:
                    c2:c7:13:bb:0c:61:94:45:83:65:5a:a5:3f:92:cf:
                    3e:c9:f5:0e:02:94:46:98:bd:51:9c:04:2c:6a:51:
                    e4:ac:d8:b2:04:8f:8d:06:0b:68:5c:37:24:d3:74:
                    c6:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:72:17:F9:C3:B8:6E:77:F7:4C:B4:42:55:74:83:38:42:04:69:23
            X509v3 Authority Key Identifier:
                keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:97:1e:a0:9a:df:b9:69:e2:3f:2a:0b:b6:3e:5b:c5:d2:40:
         48:05:60:ae:f5:04:20:a7:eb:cc:7d:b6:ff:62:5f:02:bc:f7:
         81:27:a7:82:d9:21:a0:6e:12:5b:a7:d2:3c:a3:cd:3b:af:e4:
         69:c6:7f:4e:06:5a:c9:28:70:f4:3f:29:a5:b5:bd:95:b7:42:
         51:2b:58:31:e5:5a:4f:2f:bf:3a:75:8b:ad:37:ed:49:28:8c:
         89:3b:89:c1:4b:b7:b1:68:a5:88:61:85:d5:cf:a7:a1:9e:b4:
         de:15:5a:f0:48:f0:44:7e:8c:7e:de:69:0a:91:b3:b3:a5:dd:
         51:58:bb:50:c9:e9:d5:ed:e0:45:c3:eb:50:6f:b3:e4:68:4c:
         79:d2:c8:16:ee:82:df:53:ff:a5:04:34:81:03:76:33:b5:cf:
         3a:a9:40:6b:db:da:22:99:f6:f6:2d:9e:0e:d0:80:f2:aa:bd:
         0e:ae:44:91:d9:04:d7:eb:ee:0f:02:3a:50:75:e7:7d:d1:63:
         0f:33:07:88:c4:c1:6d:6f:29:cb:2c:e4:99:23:0f:37:86:43:
         73:f8:cb:46:7c:6c:4b:ed:e5:35:2f:e2:49:b1:f3:2d:ce:ec:
         56:51:e8:70:e6:3b:03:e9:a1:57:7f:c5:4a:52:0d:cc:c5:a0:
         3c:f8:6f:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8nC7Om3lhxwZ1y+I/wmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjYwMzI2MDcwMTEwWhcNMjYwMzI3MDcwMTEwWjAzMTEwLwYDVQQD
Eyg4NjcyMTdmOWMzYjg2ZTc3Zjc0Y2I0NDI1NTc0ODMzODQyMDQ2OTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB5hgOQ9gxOEm00g4uwccyBlMesl
5KtZw2x4cUsjeSpTSUsLAfaRnFyP21Qvw3YVdMrchmbdgCeoGYJR8TW6VdHJJnth
Jvb91tj8adl6GEHStaVJZaYVLYTakcf3OffDEFCsvhj0oJoxRPVzL7iRv1Oy+KjS
BQfFFUwtbMvxX3tc7LePK27EMl8ndvKv6KkFPArAFIbw37iVTvBnOLwyzhjTVW5A
p+3qlL7u+df9bhNXMJo1HwxgiCMZ8V1fBeBr8SPoFOohKpbJYB0p7IS5VKvCxxO7
DGGURYNlWqU/ks8+yfUOApRGmL1RnAQsalHkrNiyBI+NBgtoXDck03TGiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZyF/nDuG5390y0QlV0gzhCBGkjMB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl5ceoJrf
uWniPyoLtj5bxdJASAVgrvUEIKfrzH22/2JfArz3gSengtkhoG4SW6fSPKPNO6/k
acZ/TgZayShw9D8ppbW9lbdCUStYMeVaTy+/OnWLrTftSSiMiTuJwUu3sWiliGGF
1c+noZ603hVa8EjwRH6Mft5pCpGzs6XdUVi7UMnp1e3gRcPrUG+z5GhMedLIFu6C
31P/pQQ0gQN2M7XPOqlAa9vaIpn29i2eDtCA8qq9Dq5EkdkE1+vuDwI6UHXnfdFj
DzMHiMTBbW8pyyzkmSMPN4ZDc/jLRnxsS+3lNS/iSbHzLc7sVlHocOY7A+mhV3/F
SlINzMWgPPhvFg==
-----END CERTIFICATE-----